iosreverse-engineeringidaotool

Is it possible to edit and recompile an iOS Binary?


I have an application and posted to Cydia recently. It has been cracked by someone else and posted it in torrent sites. I have a binary checksum verification mechanism inside and they were able to create a new checksum file based on the changes they have made to the binary. They have edited two functions and decompiled it and posted it to torrents.

I saw that it's possible to see the actual implementation of functions and classes. But in order to edit the functions they have to find the address of that function and edit it via HEX EDITOR. I don’t want to make it "unhackable", but I really want to find out how they hack.

How can I edit a function in an iOS binary and re-compile it? For example I have a following method in one of my classes.

- (id) getSomething {

   return @"Something";
}

I want to edit the return value of this function. Is that possible?


Solution

  • Usually, you don't "re-compile" it. Just feed the file to IDA, look for strings, function calls or whatever you are looking for and then use a hex editor or similar to edit the file on assembly level. In most cases it's enough to simply change a conditional jump into an unconditional jump or a nop (no operation). If you want to change return values, you have to put a little more effort into it, but in my experience you either edit the char sequence right inside the binary file, if it's specified as a constant or initial value - or you just write a completely new function and "copy" the assembler code of it into the original file. You just have to make sure your new function does not take more space than the original - or everything's getting a lot more complex. I hope that's what you were asking for, otherwise just tell us which app you are talking about and we can look deeper into it :)