Targeting the iOS Kernel - Reverse Engineering Mac OS X
Targeting the iOS Kernel - Reverse Engineering Mac OS X
Targeting the iOS Kernel - Reverse Engineering Mac OS X
Create successful ePaper yourself
Turn your PDF publications into a flip-book with our unique Google optimized e-Paper software.
Getting <strong>the</strong> <strong>i<strong>OS</strong></strong> <strong>Kernel</strong>cache (III)<br />
• decrypting and unpacking reveals an ARMv7 MACH-O binary<br />
• all MACH-O tools will work out of <strong>the</strong> box with <strong>the</strong> kernelcache<br />
• this includes IDA but also otool and <strong>Mac</strong>hOView<br />
00000000 ce fa ed fe 0c 00 00 00 09 00 00 00 02 00 00 00 |................|<br />
00000010 0b 00 00 00 d8 07 00 00 01 00 00 00 01 00 00 00 |................|<br />
00000020 d0 01 00 00 5f 5f 54 45 58 54 00 00 00 00 00 00 |....__TEXT......|<br />
00000030 00 00 00 00 00 10 00 80 00 d0 27 00 00 00 00 00 |..........'.....|<br />
00000040 00 d0 27 00 05 00 00 00 05 00 00 00 06 00 00 00 |..'.............|<br />
00000050 00 00 00 00 5f 5f 74 65 78 74 00 00 00 00 00 00 |....__text......|<br />
00000060 00 00 00 00 5f 5f 54 45 58 54 00 00 00 00 00 00 |....__TEXT......|<br />
00000070 00 00 00 00 00 20 00 80 dc 00 21 00 00 10 00 00 |..... ....!.....|<br />
00000080 0c 00 00 00 00 00 00 00 00 00 00 00 00 04 00 80 |................|<br />
00000090 00 00 00 00 00 00 00 00 5f 5f 63 73 74 72 69 6e |........__cstrin|<br />
000000a0 67 00 00 00 00 00 00 00 5f 5f 54 45 58 54 00 00 |g.......__TEXT..|<br />
Stefan Esser • <strong>Targeting</strong> <strong>the</strong> <strong>i<strong>OS</strong></strong> <strong>Kernel</strong> • April 2011 •<br />
14