error: failed to launch process debugserver: Security

I jailbroken my iPhone 4s with iOS 8.2 and tried to ran debugserver, then I met this error:

Google doesn’t help.

Just because, the App I’m trying to crack is an In-House app, not from AppStore, I have to ran it after installation and choose to trust the developer.

error: failed to launch process debugserver: Security by @sskaje: https://sskaje.me/2016/01/failed-launch-process-debugserver-security/

Incoming search terms:

Set up DebugServer on iOS 7

I had my iPhone 4 jailbroken, so I can debug/crack apps on iPhone.

Server: iPhone 4 + debugserver
Client: Mac OS X + lldb

Server

DebugServer

Debugserver can be found on iOS: /Developer/usr/bin/debugserver
Just follow instructions: debugserver on iPhone Wiki

Save following content as a plist like dbg.plist

Apply the entitlement

If entitlement above is not applied, debugserver won’t be able to listen to a TCP port.

Remove FairPlay

FairPlay is Apple’s DRM applied to apps on AppStore.
If you see cryptid 1 like below, try Clutch!

Disable ASLR

Try otool -hv to your App, if you see PIE flags, you have to disable ASLR.

See: Mach-O Disable ASLR/PIE

Make sure you have python installed on your iPhone.

Find your target app.

Client

Copy a decrypted and de-aslr-ed app binary to your OS X and:

Set up DebugServer on iOS 7 by @sskaje: https://sskaje.me/2016/01/set-up-debugserver-ios-7/

Incoming search terms:

OS X 下采集程序调用:sample

之前在看某个软件,一直没找到注册算法的位置。然后就发现了这个命令行工具:https://developer.apple.com/library/mac/documentation/Darwin/Reference/ManPages/man1/sample.1.html

sample — Profile a process during a time interval

sample is a command-line tool for gathering data about the running behavior of a process. It suspends
the process at specified intervals (by default, every 1 millisecond), records the call stacks of all
threads in the process at that time, then resumes the process. The analysis done by sample is called
sampling” because it only checks the state of the program at the sampling points. The analysis may
miss execution of some functions that are not executing during one of the samples, but sample still
provides useful data about commonly executing functions.

Profile的工具,作为逆向调试来说,再好用不过。

OS X 下采集程序调用:sample by @sskaje: https://sskaje.me/2015/04/os-%e4%b8%8b%e9%87%87%e9%9b%86%e7%a8%8b%e5%ba%8f%e8%b0%83%e7%94%a8%ef%bc%9asample/

FernFlower inside IDEA

IntelliJ IDEA 14 has FernFlower integrated.

To use:

FernFlower inside IDEA by @sskaje: https://sskaje.me/2014/11/fernflower-inside-idea/

Incoming search terms:

Base Convert and Base Encode

Base Convert

Base conversion is a very basic skill in programming.
I was taught converting between decimal(base-10) and binary(base-2), decimal(base-10) and octal(base-8), decimal(base-10) and hexadecimal(base-16), and of course among base 2-powered numbers(pow(2,n)).

The conversion is quite simple, division is the only arithmetic operation we need.
If we want to convert a base-m number to a base-n number by our hands, the common way is:
1 Convert base-m number A to base-10 number B;
2 Convert base-10 number B to base-n number C.
just because the base-10 is the most familiar base to humans.

Continue reading “Base Convert and Base Encode” »

Base Convert and Base Encode by @sskaje: https://sskaje.me/2014/01/base-convert-base-encode/

Incoming search terms: