{"id":503,"date":"2011-03-03T01:38:08","date_gmt":"2011-03-03T00:38:08","guid":{"rendered":"http:\/\/cerezo.name\/blog\/?p=503"},"modified":"2024-10-14T14:26:03","modified_gmt":"2024-10-14T12:26:03","slug":"iphone-decompilation-obfuscation","status":"publish","type":"post","link":"http:\/\/cerezo.name\/blog\/2011\/03\/03\/iphone-decompilation-obfuscation\/","title":{"rendered":"iPhone Decompilation <span class=\"amp\">&amp;<\/span> Obfuscation"},"content":{"rendered":"<p>The tools to decompile iPhone apps are quite well-known:<\/p>\n<ul>\n<li><a href=\"http:\/\/otx.osxninja.com\" target=\"_blank\" rel=\"noopener\">Otx<\/a>, an advanced disassembler based on&nbsp;otool<\/li>\n<li><a href=\"http:\/\/code.google.com\/p\/networkpx\/wiki\/class_dump_z\" target=\"_blank\" rel=\"noopener\">class_dump_z<\/a>, an updated version of the old class-dump for the iPhoneOS, to extract Objective\u2011C class interfaces<\/li>\n<li style=\"text-align: justify;\"><a href=\"http:\/\/www.hex-rays.com\" target=\"_blank\" rel=\"noopener\">Hex-Rays<\/a>, the most advanced decompiler ever, also supports <span class=\"caps\">ARM<\/span> binaries (based on Datarescue\u2019s <span class=\"caps\">IDA<\/span>&nbsp;Pro)<\/li>\n<\/ul>\n<p style=\"text-align: justify;\">Unfortunately, there\u2019s no easy way to obfuscate iPhone apps, even if the iPhone is 4 years old. The easiest approach would be to take advantage of the <span class=\"caps\">LLVM<\/span> source-to-source feature to recompile the mobile apps to an intermediate high level-language and transform the source code using a specialized tool like <a href=\"http:\/\/www.txl.ca\" target=\"_blank\" rel=\"noopener\"><span class=\"caps\">TXL<\/span><\/a> to modify the control flow before generating the final binaries. Delving into the <span class=\"caps\">LLVM<\/span> route, it would be ideal for using more sophisticated obfuscation techniques to bring the superb&nbsp;<a href=\"http:\/\/www.dyninst.org\/\" target=\"_blank\" rel=\"noopener\" class=\"broken_link\">DynInst<\/a> into play,&nbsp;but it doesn\u2019t support the <span class=\"caps\">ARM<\/span> instruction set. As a final point, there is a commercial tool to obfuscate Objective\u2011C, <a href=\"http:\/\/morpher.com\" target=\"_blank\" rel=\"noopener\">Morpher<\/a>, although there are not outside reviews about its&nbsp;value.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>The tools to decompile iPhone apps are quite well-known: Otx, an advanced disassembler based on&nbsp;otool class_dump_z, an updated version of the old class-dump for the iPhoneOS, to extract Objective\u2011C class interfaces Hex-Rays, the most advanced decompiler ever, also supports <span class=\"caps\">ARM<\/span> binaries (based on Datarescue\u2019s <span class=\"caps\">IDA<\/span>&nbsp;Pro) Unfortunately, there\u2019s no easy way to obfuscate iPhone apps,&nbsp;even&nbsp;[\u2026]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"ngg_post_thumbnail":0},"categories":[17,3],"tags":[],"_links":{"self":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts\/503"}],"collection":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/comments?post=503"}],"version-history":[{"count":7,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts\/503\/revisions"}],"predecessor-version":[{"id":1667,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts\/503\/revisions\/1667"}],"wp:attachment":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/media?parent=503"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/categories?post=503"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/tags?post=503"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}