如果您拥有dSYM,可以对.ipa文件进行反向工程吗?
[英]Can .ipa file be reverse engineered if you have the dSYM?
问题描述
Some code analysis tools require you to submit your .ipa along with your .dSYM file. 
某些代码分析工具要求您将.ipa与.dSYM文件一起提交。
Is sending the .dSYM file along with the .ipa a risk for reverse-engineering of the app? 将.dSYM文件与.ipa一起发送是否会对应用程序进行反向工程设计带来风险? I mean, can someone get to the source code if he has both the .ipa and the .dSYM? 我的意思是,如果某人同时拥有.ipa和.dSYM,可以获取源代码吗?
2 个解决方案
解决方案1
4 已采纳 2013-01-24 14:07:21
It's not that hard to reverse-engineer applications even without symbols. 即使没有符号,对应用程序进行反向工程也不难。
Here's what recent versions of IDA can show you without the .dSYM: 以下是最新版本的IDA在没有 .dSYM的情况下可以向您显示的内容:
And if you have the Hex-Rays decompiler, you can get something like: 而且,如果您具有Hex-Rays反编译器,则可以得到以下内容:
// CKMessagesController - (void)mailComposeController:(id) didFinishWithResult:(int) error:(id)
void __cdecl -[CKMessagesController mailComposeController:didFinishWithResult:error:](struct CKMessagesController *self, SEL a2, id a3, int a4, id a5)
{
struct CKMessagesController *v5; // r4@1
v5 = self;
objc_msgSend(self, "dismissViewControllerAnimated:completion:", 1, 0);
objc_msgSend((void *)v5->_mailComposeController, "release");
v5->_mailComposeController = 0;
}
Having the .dSYM will definitely make the task even easier: not only ALL the function and variable names will be there (including private ones), but probably the full types as well (structures, classes and enums). 拥有.dSYM无疑将使任务变得更加轻松:不仅所有函数和变量名都将存在(包括私有名称),而且可能还有完整类型(结构,类和枚举)。 You won't be able to get the source code, but probably something pretty close to it. 您将无法获得源代码,但可能很接近它。
解决方案2
2 2013-01-24 13:19:17
不,他不会获得源代码,但是知道符号名称可能有助于理解编译/反编译的代码。
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.