MachOView | MachOView fork - _____ | Reverse Engineering library

 by   gdbinit PHP Version: Capstone License: No License

kandi X-RAY | MachOView Summary

kandi X-RAY | MachOView Summary

MachOView is a PHP library typically used in Utilities, Reverse Engineering applications. MachOView has no bugs, it has no vulnerabilities and it has medium support. You can download it from GitHub.

_____ .__ ____________ . / \ _____ ____ | | _____ \ \ / /|| ______ _ __ / \ / \ \ / | | \ / | \ y / | |/ __ \ / / / / y / __ \ _| y / | \ / | \ /\ / _| (____ /___ >| /____ /_/ ||___ >/_/ / / / / / /. a fork from machoview to update and fix some bugs, mostly mountain lion & ios 6 related. also some small changes to the original behaviour. original machoview by psaghelyi at thanks to psaghelyi for his great work :-). latest versions are lion+ only. the llvm disassembler was replaced with capstone. this eliminates clang/llvm packages requirements. the downside is that capstone stops disassembling on bad instructions which means that for now data in code and jump tables data will create problems and __text section disassembly might be incomplete in binaries that contain such data. capstone improved disassembly on error but data in code locations are available in header so this can and should be improved. a static capstone
Support
    Quality
      Security
        License
          Reuse

            kandi-support Support

              MachOView has a medium active ecosystem.
              It has 2284 star(s) with 638 fork(s). There are 71 watchers for this library.
              OutlinedDot
              It had no major release in the last 6 months.
              There are 8 open issues and 2 have been closed. On average issues are closed in 3 days. There are 10 open pull requests and 0 closed requests.
              It has a neutral sentiment in the developer community.
              The latest version of MachOView is Capstone

            kandi-Quality Quality

              MachOView has 0 bugs and 0 code smells.

            kandi-Security Security

              MachOView has no vulnerabilities reported, and its dependent libraries have no vulnerabilities reported.
              MachOView code analysis shows 0 unresolved vulnerabilities.
              There are 0 security hotspots that need review.

            kandi-License License

              MachOView does not have a standard license declared.
              Check the repository for any license declaration and review the terms closely.
              OutlinedDot
              Without a license, all rights are reserved, and you cannot use the library in your applications.

            kandi-Reuse Reuse

              MachOView releases are not available. You will need to build from source code and install.

            Top functions reviewed by kandi - BETA

            kandi's functional review helps you automatically verify the functionalities of the libraries and avoid rework.
            Currently covering the most popular Java, JavaScript and Python libraries. See a Sample of MachOView
            Get all kandi verified functions for this library.

            MachOView Key Features

            No Key Features are available at this moment for MachOView.

            MachOView Examples and Code Snippets

            No Code Snippets are available at this moment for MachOView.

            Community Discussions

            QUESTION

            How does pointer data stored in MachO __objc_classlist section rebased when run a iOS app?
            Asked 2021-Apr-15 at 21:25

            In MachOView, I can see that in a iOS binary file, class pointers are stored in section __objc_classlist. They are absolute address values which point to class Data in section __objc_data. But we known that iOS use ASLR, so when loaded, the real address must be different.

            I checked the "getsectiondata" method, can not found any rebase logic.

            So the question is:

            1. when and how does the pointer Data rebased?
            2. Is the rebased data dirty?
            ...

            ANSWER

            Answered 2021-Apr-15 at 21:25

            dyld handles rebasing as part of loading the binary, long before you call getsectiondata. The LC_DYLD_INFO_ONLY load command within the binary points to the rebase opcodes which contain information about which addresses to update and how.

            You can use xcrun dyldinfo -rebase to see the list of addresses that dyld will rebase. You'll see entries for each class within __DATA,__objc_classlist. You can set DYLD_PRINT_REBASINGS=1 in the environment prior to launch to have dyld print out each address it rebases.

            And yes, since dyld modifies data as it rebases it, the page no longer matches the underlying storage and is dirty. Avoiding dirtying pages during load has been a motivation for switching some Objective-C data structures from using pointers to relative offsets.

            Source https://stackoverflow.com/questions/67108312

            QUESTION

            Where Debug info stored in Framework?
            Asked 2020-Dec-24 at 09:15

            As the title mentioned, I'm confusing about where is the debug info stored in .Framework file.

            I googled for serval days, what I gots are:

            Framework binary compiled by debug mode will include a debug info segment, to indicate the symbol location. Release mode compiling will move it to a dSYM file.

            But, what confused me is, I build a framework with ninja, and it doesn't generate dSYM file. Meanwhile I can't find the symbol location by dwarfdump command or MachOView app. As Regards strings command can get some relative file path results, like ../../flutter/fml/memory/task_runner_checker.cc.

            Here dwarfdump prints:

            ...

            ANSWER

            Answered 2020-Dec-24 at 09:15

            Debug information on Darwin systems exists in one of two places: In the .o files, and later after dsymutil is run to create a .dSYM, it exists in the .dSYM bundle, all collected together, relocated to the actual binary's addresses.

            This was a build-link-debug performance enhancement. Linking all of the debug information -- updating all the symbol addresses, copying it all around -- is very slow, so leaving the debug information in the .o files for this common iterative development cycle, and having the debugger locate the .o files and update the addresses of the functions internally, allows for rapid development.

            Leaving all of the debug information in the .o files requires that they all be present, of course! And at the same file paths. So it is not good when you need to move a binary between computers, or save it for later debugging. For these cases, you link the debug information with dsymutil and you get a .dSYM bundle.

            Source https://stackoverflow.com/questions/65406574

            Community Discussions, Code Snippets contain sources that include Stack Exchange Network

            Vulnerabilities

            No vulnerabilities reported

            Install MachOView

            You can download it from GitHub.
            PHP requires the Visual C runtime (CRT). The Microsoft Visual C++ Redistributable for Visual Studio 2019 is suitable for all these PHP versions, see visualstudio.microsoft.com. You MUST download the x86 CRT for PHP x86 builds and the x64 CRT for PHP x64 builds. The CRT installer supports the /quiet and /norestart command-line switches, so you can also script it.

            Support

            For any new features, suggestions and bugs create an issue on GitHub. If you have any questions check and ask questions on community page Stack Overflow .
            Find more information at:

            Find, review, and download reusable Libraries, Code Snippets, Cloud APIs from over 650 million Knowledge Items

            Find more libraries
            CLONE
          • HTTPS

            https://github.com/gdbinit/MachOView.git

          • CLI

            gh repo clone gdbinit/MachOView

          • sshUrl

            git@github.com:gdbinit/MachOView.git

          • Stay Updated

            Subscribe to our newsletter for trending solutions and developer bootcamps

            Agree to Sign up and Terms & Conditions

            Share this Page

            share link

            Explore Related Topics

            Consider Popular Reverse Engineering Libraries

            ghidra

            by NationalSecurityAgency

            radare2

            by radareorg

            ILSpy

            by icsharpcode

            bytecode-viewer

            by Konloch

            ImHex

            by WerWolv

            Try Top Libraries by gdbinit

            lldbinit

            by gdbinitPython

            readmem

            by gdbinitC

            rootfool

            by gdbinitC

            EFISwissKnife

            by gdbinitC++