【逆向】class-dump導出頭文件

鏈接地址：class-dump

簡介

這是一個命令行實用程序，用於檢查存儲在Mach-O文件中的Objective-C運行時信息。它爲類、類別和協議生成聲明。這與使用“otool-ov”提供的信息相同，但作爲普通的Objective-C聲明提供，因此它更加緊湊和可讀。

This is a command-line utility for examining the Objective-C runtime information stored in Mach-O files. It generates declarations for the classes, categories and protocols. This is the same information provided by using ‘otool -ov’, but presented as normal Objective-C declarations, so it is much more compact and readable.

Why use class-dump?

It’s a great tool for the curious. You can look at the design of closed source applications, frameworks, and bundles. Watch the interfaces evolve between releases. Experiment with private frameworks, or see what private goodies are hiding in the AppKit. Learn about the plugin API lurking in Mail.app.

對好奇的人來說這是個很好的工具。您可以查看封閉源代碼應用程序、框架和捆綁包的設計。觀察不同版本之間的接口演變。嘗試使用私有框架，或者查看AppKit中隱藏的私有優點。瞭解隱藏在Mail.app中的插件API。

用法

class-dump 3.5 (64 bit)
Usage: class-dump [options] <mach-o-file>

  where options are:
        -a             show instance variable offsets
        -A             show implementation addresses
        --arch <arch>  choose a specific architecture from a universal binary (ppc, ppc64, i386, x86_64)
        -C <regex>     only display classes matching regular expression
        -f <str>       find string in method name
        -H             generate header files in current directory, or directory specified with -o
        -I             sort classes, categories, and protocols by inheritance (overrides -s)
        -o <dir>       output directory used for -H
        -r             recursively expand frameworks and fixed VM shared libraries
        -s             sort classes and categories by name
        -S             sort methods by name
        -t             suppress header in output, for testing
        --list-arches  list the arches in the file, then exit
        --sdk-ios      specify iOS SDK version (will look in /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS<version>.sdk
        --sdk-mac      specify Mac OS X version (will look in /Developer/SDKs/MacOSX<version>.sdk
        --sdk-root     specify the full SDK root path (or use --sdk-ios/--sdk-mac for a shortcut)

• class-dump AppKit:

class-dump /System/Library/Frameworks/AppKit.framework

• class-dump UIKit:

class-dump /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk/System/Library/Frameworks/UIKit.framework

• class-dump UIKit and all the frameworks it uses:

class-dump /Developer/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS4.3.sdk/System/Library/Frameworks/UIKit.framework -r --sdk-ios 4.3

• class-dump UIKit (and all the frameworks it uses) from developer tools that have been installed in /Dev42 instead of /Developer:

class-dump /Dev42/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk/System/Library/Frameworks/UIKit.framework -r --sdk-root /Dev42/Platforms/iPhoneOS.platform/Developer/SDKs/iPhoneOS5.0.sdk

微信實操

1、將下載ipa包轉爲.zip包
2、解壓，進去看到如下內容

3、查看包內容，找到Mach-O文件

4、使用class-dump進行處理
class-dump -H Mach-O的名字 -o 目錄名字

5、恭喜你💐