iPhone Decompilation & Obfuscation

The tools to decompile iPhone apps are quite well-known:

  • Otx, an advanced disassembler based on otool
  • class_dump_z, an updated version of the old class-dump for the iPhoneOS, to extract Objective‑C class interfaces
  • Hex-Rays, the most advanced decompiler ever, also supports ARM binaries (based on Datarescue’s IDA Pro)

Unfortunately, there’s no easy way to obfuscate iPhone apps, even if the iPhone is 4 years old. The easiest approach would be to take advantage of the LLVM source-to-source feature to recompile the mobile apps to an intermediate high level-language and transform the source code using a specialized tool like TXL to modify the control flow before generating the final binaries. Delving into the LLVM route, it would be ideal for using more sophisticated obfuscation techniques to bring the superb DynInst into play, but it doesn’t support the ARM instruction set. As a final point, there is a commercial tool to obfuscate Objective‑C, Morpher, although there are not outside reviews about its value.

Leave a Reply

Your email address will not be published. Required fields are marked *