diff --git a/iblessing/iblessing/main.cpp b/iblessing/iblessing/main.cpp index e50a68c..0d3b67f 100644 --- a/iblessing/iblessing/main.cpp +++ b/iblessing/iblessing/main.cpp @@ -38,7 +38,7 @@ int main(int argc, const char *argv[]) { \n"); // hello text - printf("[***] iblessing iOS Security Exploiting Toolkit Beta 0.6.4 (http://blog.asm.im)\n"); + printf("[***] iblessing iOS Security Exploiting Toolkit Beta 0.6.5 (http://blog.asm.im)\n"); printf("[***] Author: Soulghost (高级页面仔) @ (https://github.com/Soulghost)\n"); #ifdef IB_CSR_ENABLED diff --git a/iblessing/iblessing/scanner/ObjcMethodXrefScanner.cpp b/iblessing/iblessing/scanner/ObjcMethodXrefScanner.cpp index 63e726f..01e8a54 100644 --- a/iblessing/iblessing/scanner/ObjcMethodXrefScanner.cpp +++ b/iblessing/iblessing/scanner/ObjcMethodXrefScanner.cpp @@ -52,7 +52,7 @@ //#define SkipPreScannerDriver //#define Stalker //#define UsingSet -//#define DebugMethod "mlist" +//#define DebugMethod "retrievePersistedAnonymousID" //#define DebugTrackCall //#define DebugClass "AFCXbsManager" //#define ThreadCount 8 diff --git a/iblessing/iblessing/scanner/context/ScannerContext.cpp b/iblessing/iblessing/scanner/context/ScannerContext.cpp index b0928b3..e0ba18a 100644 --- a/iblessing/iblessing/scanner/context/ScannerContext.cpp +++ b/iblessing/iblessing/scanner/context/ScannerContext.cpp @@ -498,6 +498,16 @@ scanner_err ScannerContext::setupWithBinaryPath(string binaryPath, bool reentry) if (ks_asm(ks, fixup.c_str(), targetAddr, &encode, &size, &count) == KS_ERR_OK) { needFix = true; }; + } else if (strcmp(insn->mnemonic, "add") == 0) { + string text = StringUtils::format("%s %s", insn->mnemonic, insn->op_str); + uint64_t relocPage = symtab->relocQuery(targetAddr); + uint64_t pageoff = relocPage & 0xfff; + vector parts = StringUtils::split(text, ','); + string fixup = parts[0] + ", " + parts[1]; + fixup += StringUtils::format(", #0x%llx", pageoff); + if (ks_asm(ks, fixup.c_str(), targetAddr, &encode, &size, &count) == KS_ERR_OK) { + needFix = true; + }; } if (needFix) {