ningkong 发表于 2022-11-16 18:52:14

(换设备用unC0ver)学习动态调试,LLDB总是加载未知dylib,导致调试iThunder失败

本帖最后由 ningkong 于 2023-1-2 21:03 编辑

debugserver启动 iThunder

iPhone:~ root# debugserver -x backboard *:8888 /var/containers/Bundle/Application/E03DA66B-813A-4B2D-88DB-FB10F68C15B0/iThunder.app/iThunder
debugserver-@(#)PROGRAM:debugserverPROJECT:debugserver-360.0.26.1
for arm64.
Listening to port 8888 for a connection from *...

以下包含了这个 cy-fxQTdl.dylib


$con
Process 4617 stopped
* thread #1, stop reason = signal SIGSTOP
    frame #0: 0x0000000107149000 cy-fxQTdl.dylib`_dyld_start
cy-fxQTdl.dylib`_dyld_start:
->0x107149000 <+0>:mov    x28, sp
    0x107149004 <+4>:and    sp, x28, #0xfffffffffffffff0
    0x107149008 <+8>:mov    x0, #0x0
    0x10714900c <+12>: mov    x1, #0x0
Target 0: (iThunder) stopped.
$image list -f -o
/private/var/containers/Bundle/Application/E03DA66B-813A-4B2D-88DB-FB10F68C15B0/iThunder.app/iThunder 0x0000000004738000(0x0000000104738000)
/Library/Caches/cy-fxQTdl.dylib 0x0000000107148000(0x0000000107148000)


调试VoiceMemo

iPhone:~ root# debugserver -x backboard *:8888 /var/containers/Bundle/Application/68CB0597-127D-48B6-AE68-9269EE966D99/VoiceMemos.app/VoiceMemos
debugserver-@(#)PROGRAM:debugserverPROJECT:debugserver-360.0.26.1
for arm64.
Listening to port 8888 for a connection from *...



以下包含了这个 cy-fxQTdl.dylib

$con
Process 4633 stopped
* thread #1, stop reason = signal SIGSTOP
    frame #0: 0x0000000100989000 cy-fxQTdl.dylib`_dyld_start
cy-fxQTdl.dylib`_dyld_start:
->0x100989000 <+0>:mov    x28, sp
    0x100989004 <+4>:and    sp, x28, #0xfffffffffffffff0
    0x100989008 <+8>:mov    x0, #0x0
    0x10098900c <+12>: mov    x1, #0x0
Target 0: (VoiceMemos) stopped.
$image list -f -o
/private/var/containers/Bundle/Application/68CB0597-127D-48B6-AE68-9269EE966D99/VoiceMemos.app/VoiceMemos 0x000000000075c000(0x000000010075c000)
/Library/Caches/cy-fxQTdl.dylib 0x0000000100988000(0x0000000100988000)
$

再次导致调试失败

寻找这个动态库, 没有踪迹, find/ - namecy-fxQTdl.dylib


drwxrwxrwt2 root admin64 Nov 15 23:39 ./
drwxr-xr-x 27 root staff 864 Nov 16 02:31 ../
iPhone:/Library/Caches root# ls -alh /Library/Caches/cy-fxQTdl.dylib
ls: cannot access '/Library/Caches/cy-fxQTdl.dylib': No such file or directory
iPhone:/Library/Caches root#



飘云 发表于 2022-11-16 19:05:38

看起来是这个dylib有调试器检测? 可以是其他插件动态释放的,逐个删除插件看看情况

ningkong 发表于 2022-11-16 23:48:58

买的是游戏机,用过的 Tigger 绕hello,激活,用过紫屏工具还原, 是不是 Tigger 写入了动态库,禁止 分析。 用 LLDB 加载 任何app 都被 sigal stop 停止

ningkong 发表于 2022-11-16 23:49:43

没钱所有买个测试机

飘云 发表于 2022-11-17 10:15:22

ningkong 发表于 2022-11-16 23:48
买的是游戏机,用过的 Tigger 绕hello,激活,用过紫屏工具还原, 是不是 Tigger 写入了动态库,禁止 分析 ...

不了解这个工具,你可以逆向分析下看看

ningkong 发表于 2023-1-2 21:02:59

购买新的测试机,iOS14, iPhone7p, unC0ver ,越狱解决!
页: [1]
查看完整版本: (换设备用unC0ver)学习动态调试,LLDB总是加载未知dylib,导致调试iThunder失败