IOT>> dsdump>> 返回
项目作者: DerekSelander

项目描述 :
An improved nm + Objective-C & Swift class-dump
高级语言: Objective-C++
项目地址: git://github.com/DerekSelander/dsdump.git
创建时间: 2019-03-10T03:10:41Z
项目社区:https://github.com/DerekSelander/dsdump
开源协议:
下载


NOTE: around ~2021 Apple introduced new binding opcodes which I haven’t gotten around to updating yet for dsdump. This results in bad output for objc class dumps.
I recommend you check out @blacktop‘s ipsw instead

dsdump

An improved nm + objc/swift class-dump (writeup)

Works great on Objective-C classes
img

… and Swift types
img

man

  1. dsdump(1)                 BSD General Commands Manual                dsdump(1)
  3. NAME
  4.      dsdump -- An improved nm + objc/swift class-dump
  6. SYNOPSIS
  7.      dsdump [option...] <mach-o-file>
  9. DESCRIPTION
  10.      Provides an "nm-improved" experience when working with Mach-O executa-
  11.      bles. dsdump has 3 "primary" modes: Symbol table (--sym), Objective-C
  12.      (--objc), and Swift (--swift, -s). Omitting all of these options will
  13.      default to the Swift mode.
  15. OPTIONS
  16.      -c, --color
  17.              Adds color to output
  19.      -d, --demangle
  20.              Demangle Swift and C++ symbols in print symbol mode
  22.      -l, --library
  23.              Instead of dumping symbols, search all procs for library
  25.      -O, --opcs
  26.              Dump the DYLD opcodes used to bind external symbols at load time
  28.      -f, --filter FilterWord
  29.              Specify classes to filter by (case insensitive, can be used mul-
  30.              tiple times)
  32.      -a, --arch architecture
  33.              Specify the arichtecture if file is FAT. Understands x86_64h,
  34.              x86_64, arm64, arm64e
  36.      -u, --undefined
  37.              Only display undefined (externally referenced) symbols or classes
  39.      -U, --defined
  40.              Only display defined (internally implemented) symbols or classes
  42.      -v, --verbose
  43.              Specifies the verbosity level. The -v option can be used multiple
  44.              times, while the long argument sets the exact level 0-5. Kind of
  45.              like codesign(1)'s verbosity that everyone complains about...
  47.      --objc  Dump the Objective-C classes
  49.      -o      Sets mode to Objective-C mode and verbosity to level 4
  51.      --swift
  52.              Dump the Swift type descriptors (classes, structs, enums)
  54.      -s      Sets mode to Swift mode and verbosity to level 4
  56.      -h, --help
  57.              Print out this beautiful, helpful document
  59. EXAMPLES
  60.      List ObjC internal/external classes referenced/implemented by vmmap:
  61.            dsdump --objc $(which vmmap)
  63.      List all alive processes that have the MobileDevice loaded
  64.            sudo dsdump -l /S*/L*/P*/MobileDevice.framework/MobileDevice
  66.      List the Objective-C external classes called by vmmap:
  67.            dsdump --objc $(which vmmap) -u
  69.      List the Objective-C internal classes implemented by vmmap:
  70.            dsdump --objc $(which vmmap) -U
  72.      Perform an Objective-C "class-dump" in color of vmmap
  73.            dsdump --objc $(which vmmap) -U -vvvc
  75.      Thoroughly dump the Swift content in color in the Console app
  76.            dsdump --swift
  77.            /Applications/Utilities/Console.app/Contents/MacOS/Console -cvvvv
  79. VERBOSITY
  80.      dsdump can output a range of verbosity between the 3 different modes
  81.      (--sym, --swift, --objc). The verbosity level can be set by the long form
  82.      (--verbose=3) or by specifying a count via short form (-vvv). The break-
  83.      down of these levels are shown below:
  85.      --sym:
  86.            0. Print symbol
  87.            1. 0 + library path or Mach-O section
  88.            2. 1 + fullpath to library
  89.            3. 2 + nlist struct output
  90.            4. Same as 3... for now
  91.            5. Same as 3... for now
  93.      --swift:
  94.            0. List swift types
  95.            1. 0 + Parent classes
  96.            2. 1 + Protocols
  97.            3. 2 + Swift type dump
  98.            4. 3 + Extended type dump, ObjC bridge methods
  99.            5. 4 + Commenting in methods
  101.      --objc:
  102.            0. List Objective-C classes
  103.            1. 0 + Parent classes & library basename for external
  104.            2. 1 + Fullpath to libraries for external + protocols
  105.            3. 2 + Objective-C class dump
  106.            4. 3 + Print properties
  107.            5. 4 + Print ivars & offsets
  109. ENVIRONMENT
  110.      DSCOLOR Enables color. Alternatively, use -c
  112.      ARCH <arch> Specify the architecture if inspecting a FAT executable,
  113.      Alternatively use --arch
  115. SEE ALSO
  116.      nm(1), objdump(1), vmmap(1)
  118. BUGS
  119.      There's a situation where occassionally dsdump will think the parent
  120.      class is a RO_ROOT where it will in fact won't be. I'll print this out
  121.      for now so I can hunt it down
  123.      ARM64e still needs some luv, especially on the Swift side, especially
  124.      with Protocols... and not crashing
  126. AUTHORS
  127.      Derek Selander @LOLgrep
  129. Darwin                          March 26, 2020                          Darwin

Compiling

Compiling this will be a bit of a pain in the butt on your end. You’ll need to clone the Swift language in the same directory. Swift can’t be a submodule to this repo since some of their git cloning scripts won’t work :| 

  1. # cd into the dsdump repo
  2. cd dsdump/
  4. # make a directory called swift-source, yes, name it exactly that
  5. mkdir swift-source
  7. cd swift-source/
  9. # clone the Swift repository into swift-source
  10. git clone https://github.com/apple/swift.git
  12. # checkout 
  13. cd swift
  14. git checkout 75670c17272a993ed798cee7e31c20590e94118b
  16. # Use the Swift update helper script to grab everything else 
  17.  ./swift/utils/update-checkout --clone-with-ssh   --tag swift-5.1.4-RELEASE

Comment out any remaining problematic code after a build, remove methods in Metadata.h as needed (i.e. problematic ARC bridging code on line 700)

I’ve included the libSwiftDemangling.a static lib that I built into dsdump/dsdump. If you want to build entirely from Swift source, you’ll need to build this yourself. Otherwise you should be good to go to build dsdump via Xcode.

Alternatively, you can skip all of this by simply grabbing the compiled dsdump version in the compiled directory found here. Make sure the SHA256 matches below if you’re paranoid.

Compiled SHA256

  1. SHA256: 83eebd025b43b58a486235e1bec70a3239995be409605e3ff19bdae07adff917

Credits

TODO list for v1

  • Full ARM64e support
  • M1 support
  • Crashes
  • iOS 15/Monterey support
  • In process support (TODO TODO guess that means a libdsdump.a)
    • Basic dsc listing with options to dlopen from cmdline
  • header files