ida调试ios应用

 收集,整理http://www.cnblogs.com/fply/p/8488842.html

这个文章讲了ios上debugserver相关配置

http://iphonedevwiki.net/index.php/Debugserver#Debugging_through_USB_instead_of_WiFi

以下是实操

环境: ida 7.0

　　 ios 7

　　mac

1.

scp -P 2222   root@localhost:/var/root/debugserver ~/

 

2.这里，我是iphone5s 写arm64

lipo -thin arm64 ~/debugserver -output ~/debugserver1

 

3.

新建ent.xml写入以下内容:

<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
	<key>com.apple.springboard.debugapplications</key>
	<true/>
	<key>get-task-allow</key>
	<true/>
	<key>task_for_pid-allow</key>
	<true/>
	<key>run-unsigned-code</key>
	<true/>
</dict>
</plist>

4.

ldid -Sent.xml debugserver1

 

5. 将debugserver1拷贝到ios设备,添加运行权限

 

6.用debugserver启动备忘录 ,注意不同的debugserver后面命令可能不同，

debugserver  *:1234 --attach="MobileNotes"

debugserver-310.2 for arm64.

Attaching to process MobileNotes...

Listening to port 1234 for a connection from *...

 

7.测试lldb连接 

mac上运行lldb

process connect connect://localhost:1234

lldb) process connect connect://localhost:1234

Process 1252 stopped

* thread #1, queue = 'com.apple.main-thread', stop reason = signal SIGSTOP

    frame #0: 0x00000001993e9ca0 libsystem_kernel.dylib`mach_msg_trap + 8

libsystem_kernel.dylib`mach_msg_trap:

->  0x1993e9ca0 <+8>: ret    

 

libsystem_kernel.dylib`mach_msg_overwrite_trap:

    0x1993e9ca4 <+0>: mov    x16, #-0x20

    0x1993e9ca8 <+4>: svc    #0x80

    0x1993e9cac <+8>: ret    

Target 0: (MobileNotes) stopped.

(lldb) process connect connect://localhost:1234

error: Process 1252 is currently being debugged, kill the process before connecting.

(lldb) dis

libsystem_kernel.dylib`mach_msg_trap:

    0x1993e9c98 <+0>: mov    x16, #-0x1f

    0x1993e9c9c <+4>: svc    #0x80

->  0x1993e9ca0 <+8>: ret    

 

ida调试器选择

 

ida设置 debugger->Processoptions

 

 附加进程,到迟成功

 

android gdbserver路径　　NDK的prebuilt\android-arm\gdbserver