shadow icon indicating copy to clipboard operation
shadow copied to clipboard

Published 20 hours ago verified publisher icon jjolano

More Anti Debugging Checks.

Open Rednick16 opened this issue 11 months ago • 0 comments

Sources:

  • https://github.com/vtky/ios-antidebugging/blob/master/antidebugging/main.m#L27
  • https://github.com/PojavLauncherTeam/PojavLauncher_iOS/blob/a100785d68fdef2edb36b6439908ac2dde57796c/Natives/utils.m#L31C6-L31C6

I have successfully bypassed most of the anti-debugging checks mentioned in the provided sources while running in the Xcode debugger and under LLDB. However, I have not included a patch for the svc stuff; it might be possible to implement some kind of pattern scan for that.

I also implemented a hook for the task_get_exception_ports function and set *masksCnt to 0, effectively bypassing its behavior.

btw for the ptrace checks, they can still retrieve the function address from dlsym, and it ignores the current hook you have implemented.

Syntax errors have been fixed in the code.

Rednick16 avatar Aug 01 '23 00:08 Rednick16