Friday, March 16, 2012

Resolving of true method via objc_msgSend and within IDA for arm binaries

As you know Objective-C is full (80%+) of calls which are made through the help of  the internal objc_msgSend method.
This is not a problem unless you would like to make some reversing for a good reasons :)
and at this point, knowing what method is actually called - kind of a key.

Not a problem any more, just have a look on helper IDC script for IDA which makes situation more transparent and works directly over arm binaries, so it makes from kind of unknown:
__text:000036B8 02 F0 92 EC                       BLX             _objc_msgSend

something more obvious for the method call name:
__text:000036B8 02 F0 92 EC                       BLX             _objc_msgSend ; @selector(getVertexSize)

Just note method name where app will land at.

IDC script in sources available at: https://github.com/x264msna/dearm_msgSend

No comments:

Post a Comment