Introduction to MonkeyDev
Although it is my operating system developed by Apple in the United States, in terms of jailbreaking iPhones and reverse analysis, China is far better than the United States. It may be a lot of related gray industry chains in China. Before, when we wanted to dynamically debug an application without source code, we usually had to use THEOS to operate LLVM to dynamically connect to the application, and then use LLVM's debugging commands. The whole process was very time-consuming and cumbersome.
However, in 2017, AloneMonkey, a rising star of iOS reverse engineering, integrated these commonly used tools and created a very convenient reverse debugging platform , MonkeyDev , which integrates commonly used libraries and tools, and can also use pods more conveniently. library to integrate third-party libraries. Using this tool, reverse engineering is suddenly easy.
MonkeyDev mainly consists of four modules:
Logos Tweak
Use the logify.pl tool provided by theos to convert the .xm file into a .mm file for compilation, integrate CydiaSubstrate, and use MSHookMessageEx and MSHookFunction to Hook OC functions and specify addresses.
CaptainHook Tweak
Use the header file provided by CaptainHook to get hooks of OC functions and properties.
Command-line Tool
You can directly create command line tools that run on jailbroken devices.
MonkeyApp
This is a module that automatically integrates Reveal, Cycript and dylib for third-party applications, supports debugging of dylib and third-party applications, and supports Pod to integrate SDK for third-party applications. You only need to prepare a smashed ipa or app file.
Install MonkeyDev
For installation and use, you can view the official Wiki documentation . This article follows the following steps to install the MonkeyDev environment.
1. Install the latest theos, the installation command is as follows:
sudo git clone --recursive https://github.com/theos/theos.git /opt/theos2. Install LDID (if LDID is installed during the installation of theos, skip it), the command is as follows:
brew install ldid3. Configure password-free login to jailbroken device (if there is no jailbroken device, skip it)
ssh-keygen -t rsa -P ''
ssh-copy-id -i /Users/username/.ssh/id_rsa root@ipInstall or sshpass to set your own password:
brew install https://raw.githubusercontent.com/kadwanev/bigboybrew/master/Library/Formula/sshpass.rbYou can select the specified Xcode to install by the following command:
sudo xcode-select -s /Applications/Xcode-beta.appThe default installation is:
xcode-select -pThen execute the installation command:
it clone https://github.com/AloneMonkey/MonkeyDev.git
cd MonkeyDev/bin
sudo ./md-installOf course, no, run the following command to uninstall:
sudo ./md-uninstallIf no special instructions are issued, use the following command to update:
sudo /bin/sh -c "$(curl -fsSL https://raw.githubusercontent.com/AloneMonkey/MonkeyDev/master/bin/md-update)"