Is it possible to edit and recompile an iOS Binary?

About

Asked 14/5, 2012 at 4:10 Answered 14/5, 2012 at 7:44

Solved ios reverse-engineering ida otool

I have an application and posted to Cydia recently. It has been cracked by someone else and posted it in torrent sites. I have a binary checksum verification mechanism inside and they were able to create a new checksum file based on the changes they have made to the binary. They have edited two functions and decompiled it and posted it to torrents.

I saw that it's possible to see the actual implementation of functions and classes. But in order to edit the functions they have to find the address of that function and edit it via HEX EDITOR. I don’t want to make it "unhackable", but I really want to find out how they hack.

How can I edit a function in an iOS binary and re-compile it? For example I have a following method in one of my classes.

- (id) getSomething {

   return @"Something";
}

I want to edit the return value of this function. Is that possible?

Domitian answered 14/5, 2012 at 4:10 Comment(0)

Usually, you don't "re-compile" it. Just feed the file to IDA, look for strings, function calls or whatever you are looking for and then use a hex editor or similar to edit the file on assembly level. In most cases it's enough to simply change a conditional jump into an unconditional jump or a nop (no operation). If you want to change return values, you have to put a little more effort into it, but in my experience you either edit the char sequence right inside the binary file, if it's specified as a constant or initial value - or you just write a completely new function and "copy" the assembler code of it into the original file. You just have to make sure your new function does not take more space than the original - or everything's getting a lot more complex. I hope that's what you were asking for, otherwise just tell us which app you are talking about and we can look deeper into it :)

Microwave answered 14/5, 2012 at 7:44 Comment(4)

Thanking for spending some time on this page to answer my question..:) So I cannot reveal its name as am working in a company and product is developed for the company. Sorry about that..I have one more question regarding replacing the assembler code..I was using IDA Pro trial version, so you are talking about the full version can be used for replacing the code? – Domitian 14/5, 2012 at 8:35

Or is it using any other application? – Domitian 14/5, 2012 at 8:42

Don't know about the differences between trial/full, but I never used IDA for editing binary files. On Windows, I'm using Hiew. – Microwave 14/5, 2012 at 8:53

Thanks a lot jimpic..:)..So as a summary we can edit the iOS binary files without re-compiling it..I am happy that now I know the way they hacked my app...:) – Domitian 14/5, 2012 at 9:14

Hot tags

Godot Unity Godot Help Programming Godot 4.X GUI GDScript 3D 2D Physics CSharp Godot 3.X VR XR Projects C++

Recommended topics

Hot tags