├── README.md └── wjLogify.pl /README.md: -------------------------------------------------------------------------------- 1 | # wjLogify 2 | 3 | 在iOS的逆向开发中,常用Logify.pl 来跟踪函数的调用,以及获取调用的参数。 4 | 5 | wjLogify对Logify的代码做了简单修改,更好的展示一个方法的开始与结束,并清晰的标明方法的返回值。 6 | 7 | #如何使用 8 | 9 | 1.下载wjLogify.pl文件,把wjLogify.pl移动到theos下的bin文件夹中。 10 | 11 | 2.在终端中,为wjLogify.pl添加执行权限: 12 | 13 | chmod +x /path/to/wjLogify.pl 14 | 15 | 如果上一句无效,可添加sudo,如下: 16 | 17 | sudo chmod +x /path/to/wjLogify.pl 18 | 19 | #打印范例: 20 | 21 | -[ stopLogic] 22 | 23 | -- 开始执行 - (void)stopLogic 24 | 25 | -[ m_uiEventID] 26 | 27 | -- 开始执行 - (unsigned long )m_uiEventID 28 | 29 | -- - (unsigned long )m_uiEventID 的返回值 = 20 30 | 31 | -- 结束执行 - (unsigned long )m_uiEventID 32 | 33 | -[ removeRSAProtobufEvent:20] 34 | 35 | -- 开始执行 - (void)removeRSAProtobufEvent:(unsigned long)arg1 36 | 37 | +[ getExtKeyFromEventID:20] 38 | 39 | -- 开始执行 + (id)getExtKeyFromEventID:(unsigned long)arg1 40 | 41 | -- + (id)getExtKeyFromEventID:(unsigned long)arg1 的返回值 = 20 42 | 43 | -- 结束执行 + (id)getExtKeyFromEventID:(unsigned long)arg1 44 | 45 | -[ safeRemoveRsaCGIWrapForKey:20] 46 | 47 | -- 开始执行 - (void)safeRemoveRsaCGIWrapForKey:(id)arg1 48 | 49 | -- 结束执行 - (void)safeRemoveRsaCGIWrapForKey:(id)arg1 50 | 51 | -- 结束执行 - (void)removeRSAProtobufEvent:(unsigned long)arg1 52 | 53 | -- 结束执行 - (void)stopLogic 54 | -------------------------------------------------------------------------------- /wjLogify.pl: -------------------------------------------------------------------------------- 1 | #!/usr/bin/env perl 2 | # logify.pl 3 | ############ 4 | # Converts an Objective-C header file (or anything containing a @interface and method definitions) 5 | #+into a Logos input file which causes all function calls to be logged. 6 | # 7 | # Accepts input on stdin or via filename specified on the commandline. 8 | 9 | # Lines are only processed if we were in an @interface, so you can run this on a file containing 10 | # an @implementation, as well. 11 | use strict; 12 | 13 | use FindBin; 14 | use lib "$FindBin::Bin/lib"; 15 | 16 | use Logos::Method; 17 | use Logos::Util; 18 | $Logos::Util::errorhandler = sub { 19 | die "$ARGV:$.: error: missing closing parenthesis$/" 20 | }; 21 | 22 | my $interface = 0; 23 | while(my $line = <>) { 24 | if($line =~ m/^[+-]\s*\((.*?)\).*?(?=;)/ && $interface == 1) { 25 | print logLineForDeclaration($&); 26 | } elsif($line =~ m/^\s*\@property\s*\((.*?)\)\s*(.*?)\b([\$a-zA-Z_][\$_a-zA-Z0-9]*)(?=;)/ && $interface == 1) { 27 | my @attributes = smartSplit(qr/\s*,\s*/, $1); 28 | my $propertyName = $3; 29 | my $type = $2; 30 | my $readonly = scalar(grep(/readonly/, @attributes)); 31 | my %methods = ("setter" => "set".ucfirst($propertyName).":", "getter" => $propertyName); 32 | foreach my $attribute (@attributes) { 33 | next if($attribute !~ /=/); 34 | my @x = smartSplit(qr/\s*=\s*/, $attribute); 35 | $methods{$x[0]} = $x[1]; 36 | } 37 | if($readonly == 0) { 38 | print logLineForDeclaration("- (void)".$methods{"setter"}."($type)$propertyName"); 39 | } 40 | print logLineForDeclaration("- ($type)".$methods{"getter"}); 41 | } elsif($line =~ m/^\@interface\s+(.*?)\s*[:(]/ && $interface == 0) { 42 | print "%hook $1\n"; 43 | $interface = 1; 44 | } elsif($line =~ m/^\@end/ && $interface == 1) { 45 | print "%end\n"; 46 | $interface = 0; 47 | } 48 | } 49 | 50 | sub logLineForDeclaration { 51 | #定义变量 52 | my $declaration = shift; 53 | $declaration =~ m/^[+-]\s*\((.*?)\).*?/; 54 | my $rtype = $1; 55 | my $innards = "%log; "; 56 | $innards .= "NSLog(@\"开始执行 $declaration\"); ";#添加此句,当该方法开始时打印“开始执行 + 方法名” 57 | 58 | if($rtype ne "void") { 59 | #有返回值时 60 | #'.='表示append,附加 61 | $innards .= "$rtype r = %orig; "; 62 | #修改此句,当有返回值时,打印“方法名 + 的返回值 = 真实的返回值” 63 | $innards .= "NSLog(@\"$declaration 的返回值 = ".Logos::Method::formatCharForArgType($rtype)."\", ".Logos::Method::printArgForArgType($rtype, "r")."); " if defined Logos::Method::printArgForArgType($rtype, "r"); 64 | $innards .= "NSLog(@\"结束执行 $declaration\"); ";#添加此句,当该方法结束时打印“结束执行 + 方法名” 65 | $innards .= "return r; "; 66 | } else { 67 | #无返回值时 68 | $innards .= "%orig; "; 69 | $innards .= "NSLog(@\"结束执行 $declaration\"); ";#添加此句,当该方法结束时打印“结束执行 + 方法名” 70 | 71 | } 72 | 73 | #$declaration是方法名和参数,$innards是方法内部的内容 74 | return "$declaration { $innards}\n"; 75 | } 76 | --------------------------------------------------------------------------------