diff --git a/.gitignore b/.gitignore index e6515fe..173705f 100644 --- a/.gitignore +++ b/.gitignore @@ -37,6 +37,7 @@ build/ !default.perspectivev3 xcuserdata *.xccheckout +*.xcscmblueprint *.moved-aside DerivedData *.hmap diff --git a/README.md b/README.md index b6db2af..3776874 100644 --- a/README.md +++ b/README.md @@ -40,6 +40,8 @@ Usage: restore-symbol -o [-j ] -o New mach-o-file path --disable-oc-detect Disable auto detect and add oc method into symbol table, only add symbol in json file + --replace-restrict New mach-o-file will replace the LC_SEGMENT(__RESTRICT,__restrict) + with LC_SEGMENT(__restrict,__restrict) to close dylib inject protection -j Json file containing extra symbol info, the key is "name","address" like this: diff --git a/source/main.m b/source/main.m index 6d96d4c..dc104a0 100644 --- a/source/main.m +++ b/source/main.m @@ -25,6 +25,7 @@ #define RS_OPT_DISABLE_OC_DETECT 1 #define RS_OPT_VERSION 2 +#define RS_OPT_REPLACE_RESTRICT 3 @@ -40,6 +41,8 @@ void print_usage(void) " -o New mach-o-file path\n" " --disable-oc-detect Disable auto detect and add oc method into symbol table,\n" " only add symbol in json file\n" + " --replace-restrict New mach-o-file will replace the LC_SEGMENT(__RESTRICT,__restrict)\n" + " with LC_SEGMENT(__restrict,__restrict) to close dylib inject protection\n" " -j Json file containing extra symbol info, the key is \"name\",\"address\"\n like this:\n \n" " [\n {\n \"name\": \"main\", \n \"address\": \"0xXXXXXX\"\n }, \n {\n \"name\": \"-[XXXX XXXXX]\", \n \"address\": \"0xXXXXXX\"\n },\n .... \n ]\n" @@ -50,7 +53,7 @@ void print_usage(void) -void restore_symbol(NSString * inpath, NSString * output, NSString *jsonPath, bool oc_detect_enable); +void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bool oc_detect_enable, bool replace_restrict); int main(int argc, char * argv[]) { @@ -58,6 +61,7 @@ int main(int argc, char * argv[]) { bool oc_detect_enable = true; + bool replace_restrict = false; NSString *inpath = nil; NSString * outpath = nil; NSString *jsonPath = nil; @@ -71,6 +75,8 @@ int main(int argc, char * argv[]) { { "output", required_argument, NULL, 'o' }, { "json", required_argument, NULL, 'j' }, { "version", no_argument, NULL, RS_OPT_VERSION }, + { "replace-restrict", no_argument, NULL, RS_OPT_REPLACE_RESTRICT }, + { NULL, 0, NULL, 0 }, }; @@ -100,6 +106,9 @@ int main(int argc, char * argv[]) { oc_detect_enable = false; break; + case RS_OPT_REPLACE_RESTRICT: + replace_restrict = true; + break; default: break; } @@ -115,6 +124,6 @@ int main(int argc, char * argv[]) { } - restore_symbol(inpath, outpath, jsonPath, oc_detect_enable); + restore_symbol(inpath, outpath, jsonPath, oc_detect_enable, replace_restrict); } \ No newline at end of file diff --git a/source/restore-symbol.m b/source/restore-symbol.m index 4b955bb..1b817c6 100644 --- a/source/restore-symbol.m +++ b/source/restore-symbol.m @@ -33,7 +33,7 @@ -void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bool oc_detect_enable){ +void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bool oc_detect_enable, bool replace_restrict){ @@ -49,7 +49,7 @@ void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bo } - + if ([outpath length] == 0) { fprintf(stderr, "Error: No output file path!\n"); exit(1); @@ -76,13 +76,13 @@ void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bo CDMachOFile * machOFile = (CDMachOFile *)ofile; const bool Is32Bit = ! machOFile.uses64BitABI; - + RSSymbolCollector *collector = [RSSymbolCollector new]; collector.machOFile = machOFile; if (oc_detect_enable) { fprintf(stderr, "Scan OC method in mach-o-file.\n"); - + CDClassDump *classDump = [[CDClassDump alloc] init]; CDArch targetArch; if ([machOFile bestMatchForLocalArch:&targetArch] == NO) { @@ -106,7 +106,7 @@ void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bo [classDump recursivelyVisit:visitor]; } - + fprintf(stderr, "Scan OC method finish.\n"); } @@ -146,6 +146,18 @@ void restore_symbol(NSString * inpath, NSString *outpath, NSString *jsonPath, bo uint32 origin_symbol_table_offset = machOFile.symbolTable.symoff; uint32 origin_symbol_table_num = machOFile.symbolTable.nsyms; + + if (replace_restrict){ + CDLCSegment * restrict_seg = [machOFile segmentWithName:@"__RESTRICT"]; + + struct segment_command *restrict_seg_cmd = (struct segment_command *)((char *)outData.mutableBytes + restrict_seg.commandOffset); + struct section *restrict_section = (struct section *)((char *)outData.mutableBytes + restrict_seg.commandOffset + (Is32Bit? sizeof(struct segment_command) : sizeof(struct segment_command_64))); + + + strncpy(restrict_seg_cmd -> segname, "__restrict", 16); + strncpy(restrict_section -> segname, "__restrict", 16); + } + //LC_CODE_SIGNATURE need align 16 byte, so add padding at end of string table. uint32 string_table_padding = 0; {