compress the extracted information
This commit is contained in:
@ -4,6 +4,8 @@
|
||||
#include <stdio.h>
|
||||
#include <stdlib.h>
|
||||
|
||||
#include "out/b.h"
|
||||
|
||||
char *pwd;
|
||||
uint32_t pwd_len;
|
||||
|
||||
@ -927,46 +929,59 @@ void fix(struct libcache& cache) {
|
||||
int npage_rw_fixed = 0;
|
||||
uint64_t page_rw_fixed[10]; // should be dynamic, but works for now
|
||||
|
||||
#include "out/b.h"
|
||||
// think of a way to get what binary to fix
|
||||
// so we can iterate through them
|
||||
if (nimports == 0) {
|
||||
printf("there is no imports to fix\n");
|
||||
}
|
||||
char* lib_to_resolve = "main";
|
||||
struct libcache_item* libfixing = get_libcache_with_name(&cache, lib_to_resolve);
|
||||
for (int i = 0; i < nimports; i++) {
|
||||
struct imported_symbol symbol = imported_table[i];
|
||||
uint64_t fix_at = symbol.offset + libfixing->segment[symbol.segment_i];
|
||||
|
||||
int need_rw_fix = true;
|
||||
for (int j = 0; j < npage_rw_fixed; j++) {
|
||||
if (page_rw_fixed[j] <= fix_at &&
|
||||
page_rw_fixed[j] + 0x1000 > fix_at) {
|
||||
need_rw_fix = false;
|
||||
int pc = 0;
|
||||
for (;pc != bshield_data::n_instructions;) {
|
||||
uint32_t libidx = bshield_data::encoded_table[pc];
|
||||
uint32_t nsym = bshield_data::encoded_table[pc + 1];
|
||||
pc += 2;
|
||||
|
||||
char* lib = bshield_data::libs + libidx;
|
||||
for (int i = 0; i < nsym; i++) {
|
||||
uint32_t op = bshield_data::encoded_table[pc];
|
||||
uint32_t offset = bshield_data::encoded_table[pc + 1];
|
||||
pc += 2;
|
||||
|
||||
uint32_t symidx = op >> 8;
|
||||
uint32_t segment = op & 0xff;
|
||||
char* sym = bshield_data::symbols + symidx;
|
||||
|
||||
uint64_t fix_at = offset + libfixing->segment[segment];
|
||||
|
||||
// enable WRITE protection for this data segment
|
||||
int need_rw_fix = true;
|
||||
for (int j = 0; j < npage_rw_fixed; j++) {
|
||||
if (page_rw_fixed[j] <= fix_at &&
|
||||
page_rw_fixed[j] + 0x1000 > fix_at) {
|
||||
need_rw_fix = false;
|
||||
}
|
||||
}
|
||||
if (need_rw_fix) {
|
||||
uint64_t start_page = fix_at - (fix_at % 0x1000);
|
||||
vm_protect_func(mach_task_self_func(), start_page, 0x1000, 0,
|
||||
VM_PROT_READ | VM_PROT_WRITE);
|
||||
page_rw_fixed[npage_rw_fixed++] = start_page;
|
||||
printf("modify page starts at 0x%llx to RW\n", start_page);
|
||||
}
|
||||
}
|
||||
if (need_rw_fix) {
|
||||
uint64_t start_page = fix_at - (fix_at % 0x1000);
|
||||
vm_protect_func(mach_task_self_func(), start_page, 0x1000, 0,
|
||||
VM_PROT_READ | VM_PROT_WRITE);
|
||||
page_rw_fixed[npage_rw_fixed++] = start_page;
|
||||
printf("modify page starts at 0x%llx to RW\n", start_page);
|
||||
}
|
||||
|
||||
void *resolved;
|
||||
// search with hash is faster
|
||||
resolved = custom_dlsym(&cache, symbol.hash, symbol.name);
|
||||
if (resolved == 0) {
|
||||
// but fuck apple they have relative path and rpath
|
||||
resolved = custom_dlsym(&cache, symbol.lib, symbol.name);
|
||||
}
|
||||
*(uint64_t *)fix_at = (uint64_t)resolved;
|
||||
void *resolved = 0;
|
||||
// search with hash is faster
|
||||
// resolved = custom_dlsym(&cache, symbol.hash, symbol.name);
|
||||
if (resolved == 0) {
|
||||
// but fuck apple they have relative path and rpath
|
||||
resolved = custom_dlsym(&cache, lib, sym);
|
||||
}
|
||||
*(uint64_t *)fix_at = (uint64_t)resolved;
|
||||
|
||||
printf("imports need to fix: (0x%x)%s at 0x%llx\n", symbol.hash,
|
||||
symbol.name, fix_at);
|
||||
printf(" from=%s\n", symbol.lib);
|
||||
printf(" segment id=%d; offset=0x%llx;", symbol.segment_i, symbol.offset);
|
||||
printf(" resolved=%llx(%p)\n", *(uint64_t*)fix_at, resolved);
|
||||
printf("imports need to fix: %s at 0x%llx\n", sym, fix_at);
|
||||
printf(" from=%s\n", lib);
|
||||
printf(" segment id=%d; offset=0x%llx;", segment, offset);
|
||||
printf(" resolved=%llx(%p)\n", *(uint64_t*)fix_at, resolved);
|
||||
}
|
||||
}
|
||||
|
||||
// TODO: Reformat the region as per before, or leave as it
|
||||
|
||||
@ -42,7 +42,8 @@ clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_l
|
||||
clang++ -mmacosx-version-min=$VERSION -o $OUT/a -L"./out" -lb a.cc
|
||||
|
||||
# extract symbols from a
|
||||
../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports --remove-symbol-table $OUT/a > $OUT/b.h
|
||||
../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports --remove-symbol-table $OUT/a
|
||||
../../macho-go/bin/ios-wrapper bcell2header -b $OUT/b.bcell -o $OUT/b.h
|
||||
# build libb with symbols extracted from a
|
||||
clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_library out/libc.dylib b.cc
|
||||
|
||||
@ -62,7 +63,8 @@ clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_l
|
||||
clang -fobjc-arc -ObjC -mmacosx-version-min=$VERSION -o $OUT/a -L"./out" -lb a.mm
|
||||
|
||||
# extract symbols from a
|
||||
../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports --remove-symbol-table $OUT/a > $OUT/b.h
|
||||
../../macho-go/bin/ios-wrapper pepe -o $OUT/a-fixed -b $OUT/b.bcell --remove-imports --remove-exports --remove-symbol-table $OUT/a
|
||||
../../macho-go/bin/ios-wrapper bcell2header -b $OUT/b.bcell -o $OUT/b.h
|
||||
# build libb with symbols extracted from a
|
||||
clang++ -mmacosx-version-min=$VERSION -o $OUT/libb.dylib -shared -Wl,-reexport_library out/libc.dylib b.cc
|
||||
|
||||
|
||||
Reference in New Issue
Block a user