作者:Proteas@360 Nirvan Team

苹果大概从 2013 年开始就不再维护 iOS 版的 GDB,iOS 平台一直没有好用的本地调试器,造成调试 iOS 应用相对繁琐。为了解决本地调试的问题,2015 年我们将 lldb 移植到了 iOS 平台,在一定程度上提高了工作效率。现在,360 Nirvan Team 决定将 iOS 版的 LLDB 公开,也算为行业做点小贡献。

项目地址:https://github.com/Proteas/native-lldb-for-ios

2017 ISC 大会演讲 PPT 下载: 《手把手教你突破iOS9.x的用户空间防护》

Warning: !!! ON YOUR OWN RISK !!!

  1. Only tested on iOS 8.4/9.0.2, ARM64, untethered jailbreak.
  2. Do not use it on tethered jailbreak device, it may break the system, and cause white apple.
  3. If you do want to use it on tethered jailbreak device, I suggest that unpacking the deb and install it manually, make sure not overriding any system library(libncurses.5.4.dylib, libpanel.5.4.dylib).

Install

  1. dpkg -i python-v2.7.6-proteas-2015-11-30.deb
  2. dpkg -i lldb-v3.8.0-proteas-2016-05-06.deb

Uninstall

  1. dpkg -r python
  2. dpkg -r lldb

Known Issues

discard messages which outputting to stdout & stderr.

Hash

  • python-v2.7.6-proteas-2015-11-30.deb: 50d3fa7d260e2d5f5fab071bfff3e7e4
  • lldb-v3.8.0-proteas-2015-12-16.deb: 27b951e2464746227dd9f984832afa97
  • lldb-v3.8.0-proteas-2016-05-06.deb: 01de06f36baaf7b484a7c2080c74b3cf

Note

  • Python: you should first install Python in Cydia, then install the deb from cmd.
  • Any dylib loaded by lldb should be codesigned.
  • My lldb compiling env is broken, so I can't fix any issue.
  • You can write your debugger or security tools based on lldb in Python, demo: https://github.com/llvm-mirror/lldb/blob/master/examples/python/process_events.py
  • The deb contains: armv7, armv7s, arm64, so you can thin it to use less storage.

Contact

Paper 本文由 Seebug Paper 发布,如需转载请注明来源。本文地址:https://paper.seebug.org/419/