tweak | 易学教程

iOS逆向之TheOS

阅读更多关于 iOS逆向之TheOS

TheOS 被设计为一个在基于 Unix 平台 (Mac OS X、IOS…) 和大多数的Linux 平台下开发 iOS 程序的集成开发环境。说是集成开发环境，其实就是给我们准备好了一些代码模板、预置一些基本的 Makefile 脚本，我们还是要在终端命令行中完成一些关键操作。 1.安装dpkg和LDID 执行如下指令： brew install dpkg ldid 2.安装Theos 执行如下指令： sudo git clone --recursive https://github.com/theos/theos.git /opt/theos 3.配置权限 sudo chown $(id -u):$(id -g) /opt/theos 4.配置环境变量 vim .bash_profile 添加如下两行： export THEOS=/opt/theos export PATH=/opt/theos/bin/:$PATH 【说明】：环境变量配置，可以查看 OS X修改环境变量 5.使用Theos 5.1创建工程在终端输入如下指令： nic.pl 如果提示如下错误：执行以下指令即可： source .bash_profile 执行完“nic.pl”指令后，会出现如下选择模板的界面：在逆向工程的初级阶段，所开发程序的主要类型是tweak，因此输入15，按Enter键继续

iOS逆向系列-theos

阅读更多关于 iOS逆向系列-theos

概述 theos 是GitHub开源的一个项目，通过 nic.pl 创建 tweak 项目。通过编写我们注入代码，然后执行编译、打包、安装等操作将代码注入iPhone安装的制定程序。 theos环境配置安装签名工具ldid 确保安装了 brew /usr/bin/ruby -e "$(curl -fsSL https://raw.githubusercontent.com/Homebrew/install/master/install)" 利用brew安装ldid $ brew install ldid 下载theos $ git clone --recursive https://github.com/theos/theos.git 由于theos依赖于其它的库所以我们使用 recursive 递归方式去clone自动下载锁依赖的库。我这里下载了~/目录下。配置环境变量为了是theos/bin目录下的命令全局有效，配置环境变量。 theos theos创建工程 cd到一个存放项目代码的文件夹(比如桌面) $ cd ~/Desktop $ nic.pl 选择【11.】iphone/tweak 填写项目信息项目名称项目ID(随便写) Author/Maintainer Name 作者直接敲回车按照默认的做法就行(默认是Mac上的用户名) [iphone/tweak

Can't play a sound with a space in the (NSURL *)sound_url

阅读更多关于 Can't play a sound with a space in the (NSURL *)sound_url

问题 I want to play a sound like this: #define url(x) [NSURL URLWithString:x] .... AVAudioPlayer *myFatBeat; myFatBeat = [[AVAudioPlayer alloc] initWithContentsOfURL:url(@"/Library/Ringtones/Bell% Tower.m4r") error:nil]; [myFatBeat setNumberOfLoops:-1]; [myFatBeat play]; but it fails. I think it's due to the space between Bell and Tower , as it works if the sound name is Àlarm . Then, I tried to escape the sound name like this Bell\ Tower , but I get error: unknown escape sequence: '\040' when

Error compiling tweak in theos

阅读更多关于 Error compiling tweak in theos

问题 I set a simple tweak using theos following the tutorial here. However when I run make with the headers from here, I get Making all for tweak WelcomeWagon... Preprocessing Tweak.xm... Compiling Tweak.xm... In file included from Tweak.xm:1: /opt/theos//include/SpringBoard/SpringBoard.h:7:26: error: UIApplication.h: No such file or directory cc1objplus: warnings being treated as errors In file included from /opt/theos//include/SpringBoard/UIApplicationDelegate-Protocol.h:7, from /opt/theos/

可以使用哪些技术在JavaScript中定义类，它们的权衡是什么？

阅读更多关于可以使用哪些技术在JavaScript中定义类，它们的权衡是什么？

【推荐】2019 Java 开发者跳槽指南.pdf(吐血整理) >>> 我喜欢在目前正在从事的大型项目中使用OOP。我需要用JavaScript创建几个类，但是，如果我没记错的话，至少有两种方法可以做到这一点。语法是什么，为什么要用这种方式呢？我想避免使用第三方库-至少在一开始。在寻找其他答案时，我找到了文章“ 使用JavaScript进行面向对象的编程”，第I部分：继承-文档JavaScript ，该文章讨论了 JavaScript 中的面向对象的编程。有更好的继承方法吗？ #1楼 var Animal = function(options) { var name = options.name; var animal = {}; animal.getName = function() { return name; }; var somePrivateMethod = function() { }; return animal; }; // usage var cat = Animal({name: 'tiger'}); #2楼以下是迄今为止我在javascript中使用过的创建对象的方法范例1： obj = new Object(); obj.name = 'test'; obj.sayHello = function() { console.log('Hello

Is there a path every app can write files in the jailbreak iPhone?

阅读更多关于 Is there a path every app can write files in the jailbreak iPhone?

问题 I should hook UIResponder of every app, including SpringBoard and any others. In the hooking, I will write something to the specified file. If I set the path to /var/mobile/Library/MyApp , recommended by Cydia, I found that only the SpringBoard and MyApp could write successfully. So is there a place every app can write and read? 回答1: I admit that I'm not 100% sure on this one, but my guess would be no, there is not a path that every app can writes files to on a jailbroken iPhone . Certainly,

How to get task port of SpringBoard in iOS7 (Jailbroken)?

阅读更多关于 How to get task port of SpringBoard in iOS7 (Jailbroken)?

问题 I know we can use contextIdAtPosition and taskPortOfContextId to get the mach_port_t of the front top app, but when inside some app, we can not use contextIdAtPosition to get the context id of SpringBoard (it's at background), so how can we get the mach_port_t of SpringBoard ? Thank you! 回答1: according to http://theiphonewiki.com/wiki//System/Library/LaunchDaemons/com.apple.SpringBoard.plist, the SpringBoard has exposed a lot of services. two of them might (or might not) be of your interests:

Errors while running the Code?

阅读更多关于 Errors while running the Code?

问题 I am trying to compile and use the following code in a background daemon on a jailbroken iphone. #import <AudioToolbox/AudioToolbox.h> #import <libkern/OSAtomic.h> //CoreTelephony.framework extern "C" CFStringRef const kCTCallStatusChangeNotification; extern "C" CFStringRef const kCTCallStatus; extern "C" id CTTelephonyCenterGetDefault(); extern "C" void CTTelephonyCenterAddObserver(id ct, void* observer, CFNotificationCallback callBack, CFStringRef name, void *object,

Errors while running the Code?

阅读更多关于 Errors while running the Code?

if basic, sample GWT app takes 30sec to load in browser, is that normal? will real apps take 2 mins?

阅读更多关于 if basic, sample GWT app takes 30sec to load in browser, is that normal? will real apps take 2 mins?

问题 I have a decent machine capable of running 64 bit Windows 7. So how come any time I stop a small sample GWT app in "development mode", edit it and restart it it takes 30 sec to become responsive in the browser, both in latest Firefox and latest Chrome? Is that sort of molasses-based edit-compile cycle just the normal, expected thing for GWT developers nowadays? Will it get much worse for more realistic apps or is the whole of those 30 sec just the framework overhead, and my own code would not

订阅 tweak