# 12.去符号与恢复符号 ## 一、去符号 我们在做逆向的时候,App的符号都被去掉了,所以我们需要对符号进行符号恢复。 去符号会使应用包更小。 > 动态库:保留全局符号 ### 1.1 设置去符号的类型 ![1](/files/-M_uxpsGSMJWqM6JJVXG) * `Deployment Postprocessing` * YES: 编译也去符号 * NO: 只在打包时去符号 * `Strip Style` * `All Symbols` * 所有符号 * `Non-Global Symbols` * 除了全局符号 * `Debugging Symbols` * 调试符号 ### 1.2 去符号前后的MachO #### a.去符号之前 ![0](/files/-M_uxpsHRaaDd0KPHAez) #### b.去符号之后 ![1](/files/-M_uxpsI11smtVbXLI_Y) ![1](/files/-M_uxpsJHQtQnXbunR_k) 只剩下`间接符号`和`一个全局`、`一个本地` ### 1.3 函数的实现地址 ![1](/files/-M_uxpsKi0GsuFuaMl0W) * 这里是函数的实现地址 * 间接符号的地址这里全是0,调用的时候会先去找桩 * [详情参考](/wiki/ni-xiang/08.hook.md) * 去符号之前可以看到全局符和本地符号的地址 ## 二、符号类型 ### 3.1 全局符号 我们定义的基本都是全集符号 ### 3.2 本地符号 static 是本地符号 ### 3.3 命令查看类型 ![](/files/-M_uxpsLqjGkPFx_S4Tr) `objdump --macho -t 你的macho文件名` ``` SymbolBind: SYMBOL TABLE: 0000000100005f18 l F __TEXT,__text -[ViewController viewDidLoad] 0000000100005f88 l F __TEXT,__text -[ViewController test] 0000000100005fd0 l F __TEXT,__text -[AppDelegate application:didFinishLaunchingWithOptions:] 000000010000604c l F __TEXT,__text -[AppDelegate application:configurationForConnectingSceneSession:options:] 000000010000614c l F __TEXT,__text -[AppDelegate application:didDiscardSceneSessions:] 000000010000625c l F __TEXT,__text -[SceneDelegate scene:willConnectToSession:options:] 00000001000062f8 l F __TEXT,__text -[SceneDelegate sceneDidDisconnect:] 0000000100006344 l F __TEXT,__text -[SceneDelegate sceneDidBecomeActive:] 0000000100006390 l F __TEXT,__text -[SceneDelegate sceneWillResignActive:] 00000001000063dc l F __TEXT,__text -[SceneDelegate sceneWillEnterForeground:] 0000000100006428 l F __TEXT,__text -[SceneDelegate sceneDidEnterBackground:] 0000000100006474 l F __TEXT,__text -[SceneDelegate window] 0000000100006498 l F __TEXT,__text -[SceneDelegate setWindow:] 00000001000064d4 l F __TEXT,__text -[SceneDelegate .cxx_destruct] 00000001000080c0 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_NSObject 00000001000080c8 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_UIApplicationDelegate 00000001000080d0 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_UISceneDelegate 00000001000080d8 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_UIWindowSceneDelegate 000000010000c068 l O __DATA,__objc_const __OBJC_METACLASS_RO_$_ViewController 000000010000c0b0 l O __DATA,__objc_const __OBJC_$_INSTANCE_METHODS_ViewController 000000010000c0e8 l O __DATA,__objc_const __OBJC_CLASS_RO_$_ViewController 000000010000c130 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000c300 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000c320 l O __DATA,__objc_const __OBJC_$_PROP_LIST_NSObject 000000010000c368 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000c408 l O __DATA,__objc_const __OBJC_$_PROTOCOL_REFS_UIApplicationDelegate 000000010000c420 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIApplicationDelegate 000000010000c938 l O __DATA,__objc_const __OBJC_$_PROP_LIST_UIApplicationDelegate 000000010000c950 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_UIApplicationDelegate 000000010000cb00 l O __DATA,__objc_const __OBJC_CLASS_PROTOCOLS_$_AppDelegate 000000010000cb18 l O __DATA,__objc_const __OBJC_METACLASS_RO_$_AppDelegate 000000010000cb60 l O __DATA,__objc_const __OBJC_$_INSTANCE_METHODS_AppDelegate 000000010000cbb0 l O __DATA,__objc_const __OBJC_$_PROP_LIST_AppDelegate 000000010000cc08 l O __DATA,__objc_const __OBJC_CLASS_RO_$_AppDelegate 000000010000cc50 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000ce20 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000ce40 l O __DATA,__objc_const __OBJC_$_PROP_LIST_NSObject 000000010000ce88 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000cf28 l O __DATA,__objc_const __OBJC_$_PROTOCOL_REFS_UISceneDelegate 000000010000cf40 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UISceneDelegate 000000010000d068 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_UISceneDelegate 000000010000d0c8 l O __DATA,__objc_const __OBJC_$_PROTOCOL_REFS_UIWindowSceneDelegate 000000010000d0e0 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIWindowSceneDelegate 000000010000d160 l O __DATA,__objc_const __OBJC_$_PROP_LIST_UIWindowSceneDelegate 000000010000d178 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_UIWindowSceneDelegate 000000010000d1a0 l O __DATA,__objc_const __OBJC_CLASS_PROTOCOLS_$_SceneDelegate 000000010000d1b8 l O __DATA,__objc_const __OBJC_METACLASS_RO_$_SceneDelegate 000000010000d200 l O __DATA,__objc_const __OBJC_$_INSTANCE_METHODS_SceneDelegate 000000010000d2e0 l O __DATA,__objc_const __OBJC_$_INSTANCE_VARIABLES_SceneDelegate 000000010000d308 l O __DATA,__objc_const __OBJC_$_PROP_LIST_SceneDelegate 000000010000d360 l O __DATA,__objc_const __OBJC_CLASS_RO_$_SceneDelegate 000000010000d3e0 l O __DATA,__objc_ivar _OBJC_IVAR_$_SceneDelegate._window 000000010000d4d8 l O __DATA,__data __dyld_private 000000010000d4e0 w O __DATA,__data __OBJC_PROTOCOL_$_NSObject 000000010000d540 w O __DATA,__data __OBJC_PROTOCOL_$_UIApplicationDelegate 000000010000d5a0 w O __DATA,__data __OBJC_PROTOCOL_$_UISceneDelegate 000000010000d600 w O __DATA,__data __OBJC_PROTOCOL_$_UIWindowSceneDelegate 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* ViewController.m 0000000060a0b161 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/ViewController.o 0000000100005f18 d *UND* 0000000100005f18 d *UND* -[ViewController viewDidLoad] 0000000000000070 d *UND* 0000000000000070 d *UND* 0000000100005f88 d *UND* 0000000100005f88 d *UND* -[ViewController test] 000000000000002c d *UND* 000000000000002c d *UND* 0000000100005fb4 d *UND* 0000000100005fb4 d *UND* _testLocalFunction 000000000000001c d *UND* 000000000000001c d *UND* 000000010000c068 d *UND* __OBJC_METACLASS_RO_$_ViewController 000000010000c0b0 d *UND* __OBJC_$_INSTANCE_METHODS_ViewController 000000010000c0e8 d *UND* __OBJC_CLASS_RO_$_ViewController 0000000000000000 d *UND* _OBJC_CLASS_$_ViewController 0000000000000000 d *UND* _OBJC_METACLASS_$_ViewController 0000000000000000 d *UND* 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* AppDelegate.m 0000000060a0b161 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/AppDelegate.o 0000000100005fd0 d *UND* 0000000100005fd0 d *UND* -[AppDelegate application:didFinishLaunchingWithOptions:] 000000000000007c d *UND* 000000000000007c d *UND* 000000010000604c d *UND* 000000010000604c d *UND* -[AppDelegate application:configurationForConnectingSceneSession:options:] 0000000000000100 d *UND* 0000000000000100 d *UND* 000000010000614c d *UND* 000000010000614c d *UND* -[AppDelegate application:didDiscardSceneSessions:] 0000000000000074 d *UND* 0000000000000074 d *UND* 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_NSObject 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_UIApplicationDelegate 000000010000c130 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000c300 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000c320 d *UND* __OBJC_$_PROP_LIST_NSObject 000000010000c368 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000c408 d *UND* __OBJC_$_PROTOCOL_REFS_UIApplicationDelegate 000000010000c420 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIApplicationDelegate 000000010000c938 d *UND* __OBJC_$_PROP_LIST_UIApplicationDelegate 000000010000c950 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_UIApplicationDelegate 000000010000cb00 d *UND* __OBJC_CLASS_PROTOCOLS_$_AppDelegate 000000010000cb18 d *UND* __OBJC_METACLASS_RO_$_AppDelegate 000000010000cb60 d *UND* __OBJC_$_INSTANCE_METHODS_AppDelegate 000000010000cbb0 d *UND* __OBJC_$_PROP_LIST_AppDelegate 000000010000cc08 d *UND* __OBJC_CLASS_RO_$_AppDelegate 0000000000000000 d *UND* _OBJC_METACLASS_$_AppDelegate 0000000000000000 d *UND* _OBJC_CLASS_$_AppDelegate 0000000000000000 d *UND* __OBJC_PROTOCOL_$_NSObject 0000000000000000 d *UND* __OBJC_PROTOCOL_$_UIApplicationDelegate 0000000000000000 d *UND* 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* main.m 0000000060a0b161 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/main.o 00000001000061c0 d *UND* 00000001000061c0 d *UND* _main 000000000000009c d *UND* 000000000000009c d *UND* 0000000000000000 d *UND* 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* SceneDelegate.m 0000000060a0b161 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/SceneDelegate.o 000000010000625c d *UND* 000000010000625c d *UND* -[SceneDelegate scene:willConnectToSession:options:] 000000000000009c d *UND* 000000000000009c d *UND* 00000001000062f8 d *UND* 00000001000062f8 d *UND* -[SceneDelegate sceneDidDisconnect:] 000000000000004c d *UND* 000000000000004c d *UND* 0000000100006344 d *UND* 0000000100006344 d *UND* -[SceneDelegate sceneDidBecomeActive:] 000000000000004c d *UND* 000000000000004c d *UND* 0000000100006390 d *UND* 0000000100006390 d *UND* -[SceneDelegate sceneWillResignActive:] 000000000000004c d *UND* 000000000000004c d *UND* 00000001000063dc d *UND* 00000001000063dc d *UND* -[SceneDelegate sceneWillEnterForeground:] 000000000000004c d *UND* 000000000000004c d *UND* 0000000100006428 d *UND* 0000000100006428 d *UND* -[SceneDelegate sceneDidEnterBackground:] 000000000000004c d *UND* 000000000000004c d *UND* 0000000100006474 d *UND* 0000000100006474 d *UND* -[SceneDelegate window] 0000000000000024 d *UND* 0000000000000024 d *UND* 0000000100006498 d *UND* 0000000100006498 d *UND* -[SceneDelegate setWindow:] 000000000000003c d *UND* 000000000000003c d *UND* 00000001000064d4 d *UND* 00000001000064d4 d *UND* -[SceneDelegate .cxx_destruct] 000000000000003c d *UND* 000000000000003c d *UND* 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_UISceneDelegate 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_UIWindowSceneDelegate 000000010000cc50 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000ce20 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000ce40 d *UND* __OBJC_$_PROP_LIST_NSObject 000000010000ce88 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000cf28 d *UND* __OBJC_$_PROTOCOL_REFS_UISceneDelegate 000000010000cf40 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UISceneDelegate 000000010000d068 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_UISceneDelegate 000000010000d0c8 d *UND* __OBJC_$_PROTOCOL_REFS_UIWindowSceneDelegate 000000010000d0e0 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIWindowSceneDelegate 000000010000d160 d *UND* __OBJC_$_PROP_LIST_UIWindowSceneDelegate 000000010000d178 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_UIWindowSceneDelegate 000000010000d1a0 d *UND* __OBJC_CLASS_PROTOCOLS_$_SceneDelegate 000000010000d1b8 d *UND* __OBJC_METACLASS_RO_$_SceneDelegate 000000010000d200 d *UND* __OBJC_$_INSTANCE_METHODS_SceneDelegate 000000010000d2e0 d *UND* __OBJC_$_INSTANCE_VARIABLES_SceneDelegate 000000010000d308 d *UND* __OBJC_$_PROP_LIST_SceneDelegate 000000010000d360 d *UND* __OBJC_CLASS_RO_$_SceneDelegate 0000000000000000 d *UND* _OBJC_IVAR_$_SceneDelegate._window 0000000000000000 d *UND* _OBJC_METACLASS_$_SceneDelegate 0000000000000000 d *UND* _OBJC_CLASS_$_SceneDelegate 0000000000000000 d *UND* __OBJC_PROTOCOL_$_UISceneDelegate 0000000000000000 d *UND* __OBJC_PROTOCOL_$_UIWindowSceneDelegate 0000000000000000 d *UND* 000000010000d460 g O __DATA,__objc_data _OBJC_CLASS_$_AppDelegate 000000010000d4b0 g O __DATA,__objc_data _OBJC_CLASS_$_SceneDelegate 000000010000d3e8 g O __DATA,__objc_data _OBJC_CLASS_$_ViewController 000000010000d438 g O __DATA,__objc_data _OBJC_METACLASS_$_AppDelegate 000000010000d488 g O __DATA,__objc_data _OBJC_METACLASS_$_SceneDelegate 000000010000d410 g O __DATA,__objc_data _OBJC_METACLASS_$_ViewController 0000000100000000 g F __TEXT,__text __mh_execute_header 00000001000061c0 g F __TEXT,__text _main 0000000100005fb4 g F __TEXT,__text _testLocalFunction 0000000000000000 *UND* _NSLog 0000000000000000 *UND* _NSStringFromClass 0000000000000000 *UND* _OBJC_CLASS_$_UIResponder 0000000000000000 *UND* _OBJC_CLASS_$_UISceneConfiguration 0000000000000000 *UND* _OBJC_CLASS_$_UIViewController 0000000000000000 *UND* _OBJC_METACLASS_$_NSObject 0000000000000000 *UND* _OBJC_METACLASS_$_UIResponder 0000000000000000 *UND* _OBJC_METACLASS_$_UIViewController 0000000000000000 *UND* _UIApplicationMain 0000000000000000 *UND* ___CFConstantStringClassReference 0000000000000000 *UND* __objc_empty_cache 0000000000000000 *UND* _objc_alloc 0000000000000000 *UND* _objc_autoreleasePoolPop 0000000000000000 *UND* _objc_autoreleasePoolPush 0000000000000000 *UND* _objc_autoreleaseReturnValue 0000000000000000 *UND* _objc_msgSend 0000000000000000 *UND* _objc_msgSendSuper2 0000000000000000 *UND* _objc_opt_class 0000000000000000 *UND* _objc_release 0000000000000000 *UND* _objc_retainAutoreleasedReturnValue 0000000000000000 *UND* _objc_storeStrong 0000000000000000 *UND* dyld_stub_binder ➜ 11 clear ➜ 11 objdump --macho -t SymbolBind SymbolBind: SYMBOL TABLE: 0000000100005f10 l F __TEXT,__text -[ViewController viewDidLoad] 0000000100005f80 l F __TEXT,__text -[ViewController test] 0000000100005fc8 l F __TEXT,__text -[AppDelegate application:didFinishLaunchingWithOptions:] 0000000100006044 l F __TEXT,__text -[AppDelegate application:configurationForConnectingSceneSession:options:] 0000000100006144 l F __TEXT,__text -[AppDelegate application:didDiscardSceneSessions:] 0000000100006254 l F __TEXT,__text -[SceneDelegate scene:willConnectToSession:options:] 00000001000062f0 l F __TEXT,__text -[SceneDelegate sceneDidDisconnect:] 000000010000633c l F __TEXT,__text -[SceneDelegate sceneDidBecomeActive:] 0000000100006388 l F __TEXT,__text -[SceneDelegate sceneWillResignActive:] 00000001000063d4 l F __TEXT,__text -[SceneDelegate sceneWillEnterForeground:] 0000000100006420 l F __TEXT,__text -[SceneDelegate sceneDidEnterBackground:] 000000010000646c l F __TEXT,__text -[SceneDelegate window] 0000000100006490 l F __TEXT,__text -[SceneDelegate setWindow:] 00000001000064cc l F __TEXT,__text -[SceneDelegate .cxx_destruct] 00000001000080c0 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_NSObject 00000001000080c8 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_UIApplicationDelegate 00000001000080d0 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_UISceneDelegate 00000001000080d8 w O __DATA_CONST,__objc_protolist __OBJC_LABEL_PROTOCOL_$_UIWindowSceneDelegate 000000010000c068 l O __DATA,__objc_const __OBJC_METACLASS_RO_$_ViewController 000000010000c0b0 l O __DATA,__objc_const __OBJC_$_INSTANCE_METHODS_ViewController 000000010000c0e8 l O __DATA,__objc_const __OBJC_CLASS_RO_$_ViewController 000000010000c130 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000c300 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000c320 l O __DATA,__objc_const __OBJC_$_PROP_LIST_NSObject 000000010000c368 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000c408 l O __DATA,__objc_const __OBJC_$_PROTOCOL_REFS_UIApplicationDelegate 000000010000c420 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIApplicationDelegate 000000010000c938 l O __DATA,__objc_const __OBJC_$_PROP_LIST_UIApplicationDelegate 000000010000c950 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_UIApplicationDelegate 000000010000cb00 l O __DATA,__objc_const __OBJC_CLASS_PROTOCOLS_$_AppDelegate 000000010000cb18 l O __DATA,__objc_const __OBJC_METACLASS_RO_$_AppDelegate 000000010000cb60 l O __DATA,__objc_const __OBJC_$_INSTANCE_METHODS_AppDelegate 000000010000cbb0 l O __DATA,__objc_const __OBJC_$_PROP_LIST_AppDelegate 000000010000cc08 l O __DATA,__objc_const __OBJC_CLASS_RO_$_AppDelegate 000000010000cc50 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000ce20 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000ce40 l O __DATA,__objc_const __OBJC_$_PROP_LIST_NSObject 000000010000ce88 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000cf28 l O __DATA,__objc_const __OBJC_$_PROTOCOL_REFS_UISceneDelegate 000000010000cf40 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UISceneDelegate 000000010000d068 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_UISceneDelegate 000000010000d0c8 l O __DATA,__objc_const __OBJC_$_PROTOCOL_REFS_UIWindowSceneDelegate 000000010000d0e0 l O __DATA,__objc_const __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIWindowSceneDelegate 000000010000d160 l O __DATA,__objc_const __OBJC_$_PROP_LIST_UIWindowSceneDelegate 000000010000d178 l O __DATA,__objc_const __OBJC_$_PROTOCOL_METHOD_TYPES_UIWindowSceneDelegate 000000010000d1a0 l O __DATA,__objc_const __OBJC_CLASS_PROTOCOLS_$_SceneDelegate 000000010000d1b8 l O __DATA,__objc_const __OBJC_METACLASS_RO_$_SceneDelegate 000000010000d200 l O __DATA,__objc_const __OBJC_$_INSTANCE_METHODS_SceneDelegate 000000010000d2e0 l O __DATA,__objc_const __OBJC_$_INSTANCE_VARIABLES_SceneDelegate 000000010000d308 l O __DATA,__objc_const __OBJC_$_PROP_LIST_SceneDelegate 000000010000d360 l O __DATA,__objc_const __OBJC_CLASS_RO_$_SceneDelegate 000000010000d3e0 l O __DATA,__objc_ivar _OBJC_IVAR_$_SceneDelegate._window 000000010000d4d8 l O __DATA,__data __dyld_private 000000010000d4e0 w O __DATA,__data __OBJC_PROTOCOL_$_NSObject 000000010000d540 w O __DATA,__data __OBJC_PROTOCOL_$_UIApplicationDelegate 000000010000d5a0 w O __DATA,__data __OBJC_PROTOCOL_$_UISceneDelegate 000000010000d600 w O __DATA,__data __OBJC_PROTOCOL_$_UIWindowSceneDelegate 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* ViewController.m 0000000060a0b259 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/ViewController.o 0000000100005f10 d *UND* 0000000100005f10 d *UND* -[ViewController viewDidLoad] 0000000000000070 d *UND* 0000000000000070 d *UND* 0000000100005f80 d *UND* 0000000100005f80 d *UND* -[ViewController test] 000000000000002c d *UND* 000000000000002c d *UND* 0000000100005fac d *UND* 0000000100005fac d *UND* _testGlobalFunction 000000000000001c d *UND* 000000000000001c d *UND* 000000010000c068 d *UND* __OBJC_METACLASS_RO_$_ViewController 000000010000c0b0 d *UND* __OBJC_$_INSTANCE_METHODS_ViewController 000000010000c0e8 d *UND* __OBJC_CLASS_RO_$_ViewController 0000000000000000 d *UND* _OBJC_CLASS_$_ViewController 0000000000000000 d *UND* _OBJC_METACLASS_$_ViewController 0000000000000000 d *UND* 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* AppDelegate.m 0000000060a0b259 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/AppDelegate.o 0000000100005fc8 d *UND* 0000000100005fc8 d *UND* -[AppDelegate application:didFinishLaunchingWithOptions:] 000000000000007c d *UND* 000000000000007c d *UND* 0000000100006044 d *UND* 0000000100006044 d *UND* -[AppDelegate application:configurationForConnectingSceneSession:options:] 0000000000000100 d *UND* 0000000000000100 d *UND* 0000000100006144 d *UND* 0000000100006144 d *UND* -[AppDelegate application:didDiscardSceneSessions:] 0000000000000074 d *UND* 0000000000000074 d *UND* 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_NSObject 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_UIApplicationDelegate 000000010000c130 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000c300 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000c320 d *UND* __OBJC_$_PROP_LIST_NSObject 000000010000c368 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000c408 d *UND* __OBJC_$_PROTOCOL_REFS_UIApplicationDelegate 000000010000c420 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIApplicationDelegate 000000010000c938 d *UND* __OBJC_$_PROP_LIST_UIApplicationDelegate 000000010000c950 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_UIApplicationDelegate 000000010000cb00 d *UND* __OBJC_CLASS_PROTOCOLS_$_AppDelegate 000000010000cb18 d *UND* __OBJC_METACLASS_RO_$_AppDelegate 000000010000cb60 d *UND* __OBJC_$_INSTANCE_METHODS_AppDelegate 000000010000cbb0 d *UND* __OBJC_$_PROP_LIST_AppDelegate 000000010000cc08 d *UND* __OBJC_CLASS_RO_$_AppDelegate 0000000000000000 d *UND* _OBJC_METACLASS_$_AppDelegate 0000000000000000 d *UND* _OBJC_CLASS_$_AppDelegate 0000000000000000 d *UND* __OBJC_PROTOCOL_$_NSObject 0000000000000000 d *UND* __OBJC_PROTOCOL_$_UIApplicationDelegate 0000000000000000 d *UND* 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* main.m 0000000060a0b259 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/main.o 00000001000061b8 d *UND* 00000001000061b8 d *UND* _main 000000000000009c d *UND* 000000000000009c d *UND* 0000000000000000 d *UND* 0000000000000000 d *UND* /Users/RyukieW/RyukieSamaProject/Study/逆向/Code/SymbolBind/SymbolBind/ 0000000000000000 d *UND* SceneDelegate.m 0000000060a0b259 d *UND* /Users/RyukieW/Library/Developer/Xcode/DerivedData/SymbolBind-bhluvjpsukewfxgsouyiwqlmcntk/Build/Intermediates.noindex/SymbolBind.build/Debug-iphoneos/SymbolBind.build/Objects-normal/arm64/SceneDelegate.o 0000000100006254 d *UND* 0000000100006254 d *UND* -[SceneDelegate scene:willConnectToSession:options:] 000000000000009c d *UND* 000000000000009c d *UND* 00000001000062f0 d *UND* 00000001000062f0 d *UND* -[SceneDelegate sceneDidDisconnect:] 000000000000004c d *UND* 000000000000004c d *UND* 000000010000633c d *UND* 000000010000633c d *UND* -[SceneDelegate sceneDidBecomeActive:] 000000000000004c d *UND* 000000000000004c d *UND* 0000000100006388 d *UND* 0000000100006388 d *UND* -[SceneDelegate sceneWillResignActive:] 000000000000004c d *UND* 000000000000004c d *UND* 00000001000063d4 d *UND* 00000001000063d4 d *UND* -[SceneDelegate sceneWillEnterForeground:] 000000000000004c d *UND* 000000000000004c d *UND* 0000000100006420 d *UND* 0000000100006420 d *UND* -[SceneDelegate sceneDidEnterBackground:] 000000000000004c d *UND* 000000000000004c d *UND* 000000010000646c d *UND* 000000010000646c d *UND* -[SceneDelegate window] 0000000000000024 d *UND* 0000000000000024 d *UND* 0000000100006490 d *UND* 0000000100006490 d *UND* -[SceneDelegate setWindow:] 000000000000003c d *UND* 000000000000003c d *UND* 00000001000064cc d *UND* 00000001000064cc d *UND* -[SceneDelegate .cxx_destruct] 000000000000003c d *UND* 000000000000003c d *UND* 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_UISceneDelegate 0000000000000000 d *UND* __OBJC_LABEL_PROTOCOL_$_UIWindowSceneDelegate 000000010000cc50 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_NSObject 000000010000ce20 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_NSObject 000000010000ce40 d *UND* __OBJC_$_PROP_LIST_NSObject 000000010000ce88 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_NSObject 000000010000cf28 d *UND* __OBJC_$_PROTOCOL_REFS_UISceneDelegate 000000010000cf40 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UISceneDelegate 000000010000d068 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_UISceneDelegate 000000010000d0c8 d *UND* __OBJC_$_PROTOCOL_REFS_UIWindowSceneDelegate 000000010000d0e0 d *UND* __OBJC_$_PROTOCOL_INSTANCE_METHODS_OPT_UIWindowSceneDelegate 000000010000d160 d *UND* __OBJC_$_PROP_LIST_UIWindowSceneDelegate 000000010000d178 d *UND* __OBJC_$_PROTOCOL_METHOD_TYPES_UIWindowSceneDelegate 000000010000d1a0 d *UND* __OBJC_CLASS_PROTOCOLS_$_SceneDelegate 000000010000d1b8 d *UND* __OBJC_METACLASS_RO_$_SceneDelegate 000000010000d200 d *UND* __OBJC_$_INSTANCE_METHODS_SceneDelegate 000000010000d2e0 d *UND* __OBJC_$_INSTANCE_VARIABLES_SceneDelegate 000000010000d308 d *UND* __OBJC_$_PROP_LIST_SceneDelegate 000000010000d360 d *UND* __OBJC_CLASS_RO_$_SceneDelegate 0000000000000000 d *UND* _OBJC_IVAR_$_SceneDelegate._window 0000000000000000 d *UND* _OBJC_METACLASS_$_SceneDelegate 0000000000000000 d *UND* _OBJC_CLASS_$_SceneDelegate 0000000000000000 d *UND* __OBJC_PROTOCOL_$_UISceneDelegate 0000000000000000 d *UND* __OBJC_PROTOCOL_$_UIWindowSceneDelegate 0000000000000000 d *UND* 000000010000d460 g O __DATA,__objc_data _OBJC_CLASS_$_AppDelegate 000000010000d4b0 g O __DATA,__objc_data _OBJC_CLASS_$_SceneDelegate 000000010000d3e8 g O __DATA,__objc_data _OBJC_CLASS_$_ViewController 000000010000d438 g O __DATA,__objc_data _OBJC_METACLASS_$_AppDelegate 000000010000d488 g O __DATA,__objc_data _OBJC_METACLASS_$_SceneDelegate 000000010000d410 g O __DATA,__objc_data _OBJC_METACLASS_$_ViewController 0000000100000000 g F __TEXT,__text __mh_execute_header 00000001000061b8 g F __TEXT,__text _main 0000000100005fac g F __TEXT,__text _testGlobalFunction 0000000000000000 *UND* _NSLog 0000000000000000 *UND* _NSStringFromClass 0000000000000000 *UND* _OBJC_CLASS_$_UIResponder 0000000000000000 *UND* _OBJC_CLASS_$_UISceneConfiguration 0000000000000000 *UND* _OBJC_CLASS_$_UIViewController 0000000000000000 *UND* _OBJC_METACLASS_$_NSObject 0000000000000000 *UND* _OBJC_METACLASS_$_UIResponder 0000000000000000 *UND* _OBJC_METACLASS_$_UIViewController 0000000000000000 *UND* _UIApplicationMain 0000000000000000 *UND* ___CFConstantStringClassReference 0000000000000000 *UND* __objc_empty_cache 0000000000000000 *UND* _objc_alloc 0000000000000000 *UND* _objc_autoreleasePoolPop 0000000000000000 *UND* _objc_autoreleasePoolPush 0000000000000000 *UND* _objc_autoreleaseReturnValue 0000000000000000 *UND* _objc_msgSend 0000000000000000 *UND* _objc_msgSendSuper2 0000000000000000 *UND* _objc_opt_class 0000000000000000 *UND* _objc_release 0000000000000000 *UND* _objc_retainAutoreleasedReturnValue 0000000000000000 *UND* _objc_storeStrong 0000000000000000 *UND* dyld_stub_binder ``` * `l` * 本地符号 * `g` * 全局符号 ## 三、恢复符号表的线索 虽然符号表中没有了符号,但是在MachO中的类的方法列表中还是有的! ### 3.1 类名 在`TEXT`段`__objc_classname`中: ![](/files/-M_uxpsPZPJqUc7v8p9b) ### 3.2 方法名 在`TEXT`段`__objc_methname`中: ![](/files/-M_uxpsRnBAKtFdm2E61) ## 四、符号表恢复 ### 4.1 脚本 [GitHub: restore-symbol](https://github.com/tobefuturer/restore-symbol) * 将MachO文件放入目录中 * 执行脚本`./restore-symbol MachO文件名 -o MachO输出文件名` ``` =========== Start ============= 2021-05-16 15:11:40.712 restore-symbol[97858:6671327] Unknown load command: 0x00000032 Scan OC method in mach-o-file. Scan OC method finish. =========== Finish ============ ``` * 在用MachOView查看符号表,发现在后面已经恢复了! * 严谨的说是添加了符号 * 由于是基于Runtime的,动态派发的可以恢复。 * 对比发现文件大小也增大了 ![1](/files/-M_uxpsSxkHLfHpLse07) --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://ryukiedev.gitbook.io/wiki/ni-xiang/12.-qu-fu-hao-yu-hui-fu-fu-hao.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.