stackoom
  简体   繁体   中英

Interpreting Mach-O Data

 原文  2016-07-25 08:07:12       macos/ osx-elcapitan/ decompiling/ dock/ mach-o

Question

I am trying to tinker with the appearance of the Dock in OS X.

I have the raw data from the Dock's Mach-O executable, but I do not know much about them. I am trying to figure out where I might find the segments/sections where the Dock actually gets drawn. For example, I see all kinds of sections, such as __DATA,__mod_init_func and __DATA,__cfstring , and I am just wondering if there is an easy way to tell which of these sections (or even particular segments) has the data I'm looking for, or a way decompile the data into a more readable format.

1 answers

solution1
 1  2017-05-21 01:09:24

You can't really "decompile" a mach-o file unless you understand everything about them. You can get some "human-readable" contents from the raw data like its methods and instances eg. 

-[AClass anInstance:]

would be something like: 

-(id)anInstance:(id)arg1;

I would suggest some other tool for understanding this. There are a few command lines that could use: 

nm /path/to/mach-o   // Prints all the strings of a Mach-O Executable

hexdump -C /path/to/mach-o    // Shows the Hexadecimal Code of a Mach-O Executable

otool -t /path/to/mach-o    // Outputs the raw (Hexadecimal) "_TEXT,__text" section of a Mach-O Executable (Compare this with the hexdump -C command)
otool -tV /path/to/mach-o    // Outputs the converted (Human Readable-ish) "__TEXT,__text" section of a Mach-O Executable

But if you really want to understand everything about Mach-O

I suggest downloading Hopper at: https://www.hopperapp.com Which is good for showing you bytes of a mach-o binary and what they're for. Then you can have a look here: https://www3.nd.edu/~dthain/courses/cse40243/fall2015/intel-intro.html which will teach you how to understand how the mach-o is compiled and how you can read the execution methods.

eg. 

1. Open Hopper and drag and drop in the Mach-O executable then wait for it to load.

2. Execute "otool -tV /path/to/mach-o" in Terminal.app

You can notice the difference between hopper and terminal's output and begin to piece the differences together. You can then open the website I provided and learn what all the output functions are for.

I hope this helped you a little and gets you started on a search for knowledge.

Your Welcome.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question Mach-O arm64 accessing .data seciont Xcode 4 mach-o error Mach-O Linker Error in Xcode Minimal Mach-o 64 binary otool -L: Not a Mach-O filetype Make a small mach-o executable with C Build Mach-o file as encrypted Library versioning on Mach-O platforms Apple Mach-O Linker(id) Error What encoding do strings found in the Mach-O __DATA segment, __cfstring section use?
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM