Skip to content
/ IDAObjcTypes Public

A collection of types & functions definitions useful for iOS/macOS binaries analysis.

License

View license
375 stars 39 forks Branches Tags Activity
Star

PoomSmart/IDAObjcTypes

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

262 Commits
.vscode
.vscode
 
 
AVFCapture
AVFCapture
 
 
AVFoundation
AVFoundation
 
 
AppSupport
AppSupport
 
 
AssetsLibraryServices
AssetsLibraryServices
 
 
AudioToolbox
AudioToolbox
 
 
CommonCrypto
CommonCrypto
 
 
CoreAnimation
CoreAnimation
 
 
CoreAudio
CoreAudio
 
 
CoreFoundation
CoreFoundation
 
 
CoreGraphics
CoreGraphics
 
 
CoreMedia
CoreMedia
 
 
CoreServices
CoreServices
 
 
CoreText
CoreText
 
 
CoreVideo
CoreVideo
 
 
CydiaSubstrate
CydiaSubstrate
 
 
Darwin
Darwin
 
 
Foundation
Foundation
 
 
GraphicsServices
GraphicsServices
 
 
IOKit
IOKit
 
 
IOMobileFramebuffer
IOMobileFramebuffer
 
 
IOSurface
IOSurface
 
 
Kernel
Kernel
 
 
MediaRemote
MediaRemote
 
 
MobileGestalt
MobileGestalt
 
 
PowerLog
PowerLog
 
 
QuartzCore
QuartzCore
 
 
Security
Security
 
 
SoftLinking
SoftLinking
 
 
SpringBoard
SpringBoard
 
 
SpringBoardHome
SpringBoardHome
 
 
Swift
Swift
 
 
System
System
 
 
SystemConfiguration
SystemConfiguration
 
 
UIKit
UIKit
 
 
dyld
dyld
 
 
fishhook
fishhook
 
 
icu
icu
 
 
objc
objc
 
 
os
os
 
 
pthread
pthread
 
 
sandbox
sandbox
 
 
sqlite
sqlite
 
 
xpc
xpc
 
 
.clang-format
.clang-format
 
 
.gitattributes
.gitattributes
 
 
.gitignore
.gitignore
 
 
BaseTypes.h
BaseTypes.h
 
 
IDA.h
IDA.h
 
 
IDA.til
IDA.til
 
 
IDA32.til
IDA32.til
 
 
LICENSE
LICENSE
 
 
README.md
README.md
 
 
Types.h
Types.h
 
 

Repository files navigation

IDAObjcTypes

A collection of (public and private) types and functions definitions useful for iOS/macOS binaries analysis.

Why even?

Would you rather re-define the same functions or types over and over as you work with different binaries?

Usage (IDA Pro 8+)

  1. Go to File > Load file > Parse C header file then choose IDA.h to import everything at once. Or, run this IDA command: idaapi.idc_parse_types("/path/to/IDAObjcTypes/IDA.h", idc.PT_FILE).
  2. Copy IDA.til and IDA32.til to til folder inside IDA application directory.
  3. In IDA Pro, open Type Libraries window via View > Open subviews > Type libraries or press Shift + F11.
  4. Right-click the type list and select Load type library....
  5. Select IDA (or IDA32 if you target 32-bit binaries) and click OK button.

TIL created via this command:

tilib -c -hIDA.h IDA.til -D__EA64__ -P -tIDAObjcTypes
tilib -c -hIDA.h IDA32.til -P -tIDAObjcTypes32

Usage (IDA Pro 7)

Go to File > Load file > Parse C header file then choose IDA.h to import everything at once.

Or, run this IDA command: idaapi.idc_parse_types("/path/to/IDAObjcTypes/IDA.h", idc.PT_FILE)

Usage (Binary Ninja)

  1. Go to Analysis > Import Header File....
  2. In Header File(s), browse for IDA.h in this project.
  3. In Compiler Flag(s), add -D__EA64__ -D__BINJA__.
  4. Click Import button.

Usage (Ghidra)

  1. Go to File > Parse C Source.
  2. (Go to 6. if it's not the first time you do this) Clone objc_mac_carbon.prf profile into a new profile, called OBJC.prf, for example.
  3. Remove everything in Source files to parse, and add IDA.h in this project to the list.
  4. Add two additional flags: -D__EA64__ -DGHIDRA to Parse Options.
  5. Save OBJC.prf profile as you might use it later.
  6. Click Parse to Program, click Proceed if anything pops up.
  7. Check Data Type Manager window (at bottom-left), (long) right-click at <your-binary-name> and select Apply Function Data Types.

Ghidra limitation

You have to manually specify the size of enum members if what you get is incorrect.

iOS version-specific analysis

Uncomment // #define IOS14 inside IDA.h before you import it if you are reversing iOS 14 or lower binaries.

Included Frameworks/Libraries

More to be added as the owner reverses more binaries.

  • AppSupport
  • AssetsLibraryServices
  • AudioToolbox
  • AVFCapture
  • AVFoundation
  • CommonCrypto
  • CoreAnimation
  • CoreAudio
  • CoreFoundation
  • CoreGraphics
  • CoreMedia
  • CoreServices
  • CoreText
  • CoreVideo
  • CydiaSubstrate (if you ever want to RE tweaks)
  • Darwin
  • Foundation
  • GraphicsServices
  • IOMobileFramebuffer
  • IOKit
  • IOSurface
  • Kernel
  • MediaRemote
  • MobileGestalt
  • PowerLog
  • Security
  • SoftLinking
  • SpringBoard
  • SpringBoardHome
  • Swift (WIP, PRs welcome)
  • System (libSystem)
  • SystemConfiguration
  • UIKit
  • dyld
  • icu
  • objc
  • os
  • pthread
  • sandbox
  • sqlite
  • xpc
  • fishhook

About

A collection of types & functions definitions useful for iOS/macOS binaries analysis.

Topics

types binaries analysis functions ida-pro headers objc definitions ghidra

Resources

Readme

License

View license
Activity

Stars

375 stars

Watchers

6 watching

Forks

39 forks
Report repository

Contributors 6

Languages