我最近浏览了这篇文章( www.splinter.au/2014/09/16/storing-secret-keys/),讨论iOS上的混淆.我引用:
I recently came around this article (www.splinter.au/2014/09/16/storing-secret-keys/) that talks about obfuscation on iOS. I quote:
为在某种程度上减轻破解者用调试器(LLDB或GDB)攻击您的应用程序的风险,您可以在应用程序中插入一些代码,使其在检测到调试器时立即崩溃.iTunes应用程序使用了这种技术,您可以在这里阅读有关它的信息.
To somewhat mitigate the risk of crackers attacking your app with a debugger (LLDB or GDB), you can insert some code in your app that makes it crash as soon as it detects a debugger attached. The iTunes app uses this technique, you can read about it here.
这是通过在 main()
#import <dlfcn.h> #import <sys/types.h> typedef int (*ptrace_ptr_t)(int _request, pid_t _pid, caddr_t _addr, int _data); #if !defined(PT_DENY_ATTACH) #define PT_DENY_ATTACH 31 #endif // !defined(PT_DENY_ATTACH) void disable_gdb() { void* handle = dlopen(0, RTLD_GLOBAL | RTLD_NOW); ptrace_ptr_t ptrace_ptr = dlsym(handle, "ptrace"); ptrace_ptr(PT_DENY_ATTACH, 0, 0, 0); dlclose(handle); }我了解这些代码行会使调试器在附加到进程时崩溃,但是它如何实现此行为?
I understand that these lines of code make the debugger crash when attached to the process but how does it achieve this behaviour?
还,这是否会以某种方式损害应用程序的稳定性?
Also, would that be impairing the stability of the app in any way?
推荐答案似乎已经在OS X上回答了类似的问题:实施PT_DENY_ATTACH反盗版代码.
Seems like a similar question on OS X has already been answered here: Implementing the PT_DENY_ATTACH anti-piracy code.
TL; DR-正如吉姆·英厄姆(Jim Ingham)在评论中指出的那样,这是浪费时间.
TL;DR - As Jim Ingham points out in the comments, it's a waste of time.
更多推荐
在iOS上禁用调试会话
发布评论