Debugging
r2lldb
Installation
- From radare2 git
-
Dependencies: jail broken iOS device
Pre built binaries
Use Cydia
-
Most likely out of date
Building from Git
-
Dependencies: ios-sdk-gcc
- Clone r2 from git
- Run
sys/ios-cydia.sh
- Copy over
radare2/sys/cydia/radare2/radare2...dev
to device - Install with
dpkg -i radare2...deb
- Add correct entitlements (inside iOS device)
ldid -S radare.xml /usr/bin/radare2
- video
Resources
- Documentation from radare2 git
- Loading iOS binaries
- Handling encrypted iOS files
- Struct type of encrpyted iOS binaries with
pf
.pf macho0_cmd_enc=didid cmd cmdsize cryptoff cryptsize cryptid
- Steps to decrypt a binary
- Struct type of encrpyted iOS binaries with
- Use
rabin2 -x [file]
to extract the Mach-O file from the package.
Plugins
- r2clutch
- r2clutch is used to decrypt an iOS binary
- Dependencies
- Needs r2 in iOS device
- Python in iOS device (not tested)
Videos
r2clutch r2con 2016 How to Start iOS Hacking | Reverse Engineering With Radare2 Nowsecure top OSS Mobile testing