I rewrote the IDAPython script named objc2_xrefs_helper.py and developed a python script for the Hopper Disassembler. I named this Hopper python script objc2_xrefs_helper_hopper.py. Some background regarding Objective-C can be found from here. As mentioned in that article, the function call is implemented by the message sending mechanism in Objective-C. Unfortunately, this message sending mechanism causes problems when trying to follow cross-references for selectors in Hopper Disassembler. Before rewriting the python script for Hopper, therefore, we need to walk through the codes in IDAPython script objc2_xrefs_helper.py and understand all the details. It’s important that we figure out the data structures of Class in low level in Objective-C, as well as the relationship between these data structures. The relationship between these related data structures of class in Objective-C I have included a figure showing the relationship between these related data structures, as shown below.įigure 1. To verify the functionality of objc2_xrefs_helper_hopper.py, I wrote a simple Cocoa application. The demo application can be downloaded from here. Loading the demo application’s executable file into Hopper Disassembler We load the executable mach-o file of the demo application into Hopper Disassembler, as shown below.įigure 2.
#Hopper disassembler python scripts code#
If you prefer to read C code, you can get a C-like decompilation of the procedure by pressing Option-Return, or clicking Pseudo Code in the toolbar.Print 'xreffrom: ' + hex(x) ,'xrefto: ' + hex(namePtr) NamePtr = doc.readUInt64LE(classMethodsVA) #get name field in struct _objc_method, it's selector #author: Kai getRefPtr(doc,classMethodsVA,objcSelRefs, objcMsgRefs, objcConst): The following is the python script objc2_xrefs_helper_hopper.py. You can scroll around, zoom in and out, and even drag the components to different places to get the best view of what's going on. Press the space bar or click Show CFG while in the procedure, and Hopper breaks it into its component pieces and shows it in a separate window: HopperScripts - Python Scripts for use with Hopper Disassembler.
If control flow is what we're interested in, we can get a really nifty graph view of the procedure. Datalog Disassembly - Fast disassembler which is accurate enough for the resulting. Such patcher could be easily coded with Python. Hopper inserts arrows like these to show control flow, which makes it much easier to follow code. For disassembling you can use Capstone library which has Python binding. If you scroll down a bit, you'll notice a blue arrow pointing from the je 0x10000197A instruction to its target. Select either the symbol name or the first byte underneath it and mark it as a procedure by pressing the P key (again, no Command key) or clicking Mark As Procedure in the toolbar. The contents of this method start off as "unexplored", so they're displayed as raw bytes. The one that starts with objc_sel_ is a symbol for the selector, which is less interesting. The one which starts with methImpl_ is the one we want. Press shift-N (no Command key here, Hopper's key commands are a bit eccentric) to get a symbol search window. It's annoying to scroll around searching for it, but of course Hopper knows all about the symbols in your app. Let's find the initWithName:number: method.
#Hopper disassembler python scripts how to#
Fortunately, it's really easy to tell it how to interpret something. In particular, it doesn't identify Objective-C methods as code. It makes some effort to pick out code and treat it as code, but doesn't get everything right. Fundamentally, some sections of the executable are code and some are data, but you can have Hopper interpret any part in any way.
Hopper fundamentally treats all bytes in the executable equally. Tell Hopper to open the executable created from the above code, and it will load it and perform some preliminary analysis: These documents can be saved separately, preserving any comments or annotations you've added from one session to the next.Ĭlick Read Executable in the toolbar or select it from the File menu to get started. Hopper has a concept of documents separate from the binaries you inspect.
When you first start Hopper, you get a blank document window. As I am getting into Python scripting and it seems fairly easy/understandable compared to VB and C (at least to me), I was wondering if Python will be supported in a future Grasshopper release It is my understanding that Python will be supported in Rhino 5.0, so maybe. clang -framework Cocoa -fobjc-arc test.m #import M圜lass : NSObject I seem to remember an old version of grasshopper supporting Python script.
0 kommentar(er)
