1. Write reverse code

1.1 Writing reverse code

After the above, we can write code from Tweak. X, %hook %end belongs to Logos syntax

% hook ViewController - (void) btnClick {UIAlertController * alert = [UIAlertController alertControllerWithTitle: @ "hello" message:@"laile " preferredStyle:(UIAlertControllerStyleAlert)]; [[[%c(ViewController) alloc ] init] presentViewController:alert animated:YES completion:nil]; %orig; NSLog(@"teak 111 111"); NSLog(@"teak 111 222"); NSLog(@"teak 111 333"); } %endCopy the code
1.2 Editing the MakeFile file

Add environment variables to the Makefile to specify which IP and port is used to access the phone, as shown below. Since the interface is forwarded to local port 2222, it can be written like this:

THOS_DEVICE_IP mobile IP

THOS_DEVICE_PORT Port number to be accessed

Export THEOS_DEVICE_IP = 127.0.0.1 export THEOS_DEVICE_PORT = 2222Copy the code

If you don’t want to write IP and port environment variables for every project Makefile, you can also add them to the user profile as follows:

Export THEOS_DEVICE_IP = 127.0.0.1 export THEOS_DEVICE_PORT = 10010Copy the code

2. Compile – Package – Install

Access project Directory

2.1 compiled intodylibThe dynamic library

 make

Copy the code
2.2 Package the dynamic library intodebfile

 make package

Copy the code
2.3 Installing it on a Mobile phone

 make install

Copy the code

The last two can go together

To install a

The installation is successful, but I don’t have a box here, this problem still needs to continue to study, there are gods know can give advice, thank you

However, you can debug the real machine and see that the code injection has been successful

But be careful:

** This step requires iOS device, USB connection to computer!! **

Enter iProxy 2222. 22 Map port 22 (SSH port) on the device to port 2222 on the PC.

You can use iProxy by brew install usbMUxd


Creating listening port 2222 for device port 22

waiting for connection

New connection for 2222->22, fd = 5

Copy the code

This page can not be closed, or the installation failed, ah experience

Problems encountered during installation:

  1. This is the port problem mentioned above

kex_exchange_identification: read: Connection reset by peer

make: *** [internal-install] Error 255

Copy the code

On the new terminal page, enter SSH -p 2222 [email protected] to connect to the iOS device. The default password is alpine

Password-free login, see the previous article

  1. If the phone doesn’t start

$ killall -9 SpringBoard

Copy the code

End