Support for debug binaries / libraries

[rec0de]

Hi!

Just stumbled upon this tool and I have to say it looks really cool! I'm currently teaching mobile reversing to students and was thinking I could add malimite to the toolkit we present them ✨

One of the sample challenges we provide them is a debug build of a custom iOS app, so that was the first thing I tried with your tool.

It seems that recent versions of xcode pack all of the app's actual code into a separate *.debug.dylib for debug builds, meaning that the main binary only contains a tiny bit of wrapper code. Perhaps I just haven't found out how yet, but it looks like there is currently no way to have the ghidra analysis / decompilation include these libraries (or app extensions, etc) - could be a useful feature to add?

Either way, thanks for making this!

[LaurieWired]

Seems like a great idea. It's similar to a feature I was considering adding already but didn't make it into the first release. Let me see what I can do! Got any sample IPAs to help me test support on?

[rec0de]

Sure! Any debug app built with xcode 16 should have them, but here's a sample - can't pack it into an IPA currently because ✨ apple ✨ but I hope a plain zip works for you?
Test.zip

[LaurieWired]

Thanks! Should be fine :)

[LaurieWired]

Basic functionality for this has been added now if you build from source (it'll be part of the next release too which I'm doing soon). I added it so that you can right-click on files and you get a "Decompile" option now. This allows you to dynamically decompile debug dylibs or any executable file inside that's not part of the main initial macho:

Also altered it so you can drop in .app files instead of enforcing only .ipas. There's still a few parts to clean up like having it not lock the UI during decompilation that I'll add soon.

Lmk if you see any issues with this approach, otherwise hope it helps :)