debugme issues #3
Comments
|
Error in choose.py $ lldb[traceOC]: trace ObjectC function call
|
traceOC还没完成… |
|
你那是什么app,我这边测试下 |
不论什么app,一连上lldb就会报这个错误,xbr完全用不了 |
|
使用的最新的xia0LLDB吗,我这边测了下没有复现这个问题。从错误上看起来像是Python文件解析错误,是不是用的Python3? |
默认要用python3么? |
|
用python2 |
|
看起来应该是python环境造成的,没安装python3之前是正常的。安装python3之后就出现这个问题了,但实际上mac默认用的是python2。还在摸索该怎么解决! |
|
This error is done with bellow command:
The newest xcode11 use python3 defaultly, so this command change the python version from 3 to 2 |
|
thanks! I will update xia0LLDB with python3 soon. |
|
[-] failed to get text segment:["rror: warning: format specifies type 'unsigned long' but the argument has type 'uint64_t' (aka 'unsigned long long')\nwarning: format specifies type 'unsigned long' but the argument has type 'uint64_t' (aka 'unsigned long long')\nwarning: ISO C++11 does not allow conversion from string literal to 'char *'\nerror: Couldn't lookup symbols:\n _sprint"] Couldn't lookup symbols:\n _sprint,这个bug解了吗 |
什么app,我这边测下看看 |
kwai_gif,6.9.1 |
|
执行时机的问题,因为lldb attach以后,还没加载各个模块。参考这篇文章 不过需要说明的一点在于,debugme主要针对ptrace以及恶心的svc内联汇编的反调试,其他方式的话debugme暂时没解决 另外补充一点在于某手的可执行文件里面并不包含关键代码,都在另一个dylib里面。所以需要手动分析 |
哈哈,谢谢 |
(lldb) debugme
[] start patch ptrace funtion to bypass antiDebug
[+] success ptrace funtion to bypass antiDebug
[] start patch svc ins to bypass antiDebug
[-] failed to get text segment:["rror: warning: format specifies type 'unsigned long' but the argument has type 'uint64_t' (aka 'unsigned long long')\nwarning: format specifies type 'unsigned long' but the argument has type 'uint64_t' (aka 'unsigned long long')\nwarning: ISO C++11 does not allow conversion from string literal to 'char *'\nerror: Couldn't lookup symbols:\n _sprint"]
[x] happy debugging~ kill antiDebug by xia0@2019
The text was updated successfully, but these errors were encountered: