Skip to content
  • About Me
  • Books
  • Photography
  • Papers
  • Security
  • Forensics
  • Essays
  • Christianity

Calendar

May 2023
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031  
« Feb    

Archives

  • May 2023
  • February 2023
  • December 2022
  • November 2022
  • July 2022
  • March 2022
  • January 2022
  • December 2021
  • November 2021
  • September 2021
  • July 2021
  • December 2020
  • November 2020
  • March 2020
  • September 2019
  • August 2019
  • November 2018
  • August 2018
  • March 2018
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • June 2015
  • March 2015
  • February 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • January 2014
  • October 2013
  • September 2013
  • June 2013
  • May 2013
  • April 2013
  • December 2012
  • May 2012
  • September 2011
  • June 2011
  • August 2010
  • July 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • July 2009
  • May 2008
  • March 2008
  • January 2008
  • June 2007
  • August 2006
  • February 2006

Categories

  • Apple
  • Christianity
  • Essays
  • Forensics
  • General
  • Machine Learning
  • Music
  • Opinion
  • Photography
  • Politics
  • Security











ZdziarskiDFIR, security, reverse engineering, photography, theology, funky bass guitar. All opinions are my own.
  • About Me
  • Books
  • Photography
  • Papers
  • Security
  • Forensics
  • Essays
  • Christianity
Apple

Injecting Reveal With MobileSubstrate

On June 3, 2013 by Jonathan Zdziarski

Reveal is a cool prototyping tool allowing you to perform runtime inspection of an iOS application. At the moment, its functionality revolved primarily around user interface design, allowing you to manage user interface objects and their behavior. It is my hope that in the future, Reveal will expand to be a full featured debugging tool, allowing pen-testers to inspect and modify instance variables in memory, instantiate new objects, invoke methods, and generally hack on the runtime of an iOS application. At the moment, it’s still a pretty cool user interface design aid. Reveal is designed to be linked with your project, meaning you have to have the source code of the application you want to inspect. This is a quick little instructional on how to link the reveal framework with any existing application on your iOS device, so that you can inspect it without source.

The approach is very straight forward, and uses MobileSubstrate. If you don’t already have MS installed on your iOS device, install it through Cydia, or if you’re using the command-line, simply run:

# apt-get install mobilesubstrate

Once installed, you’ll need to copy the iOS framework over from Reveal. Right click on the app, and select Show Package Contents from the Finder menu. Navigate to Contents/SharedSupport/iOS-Libraries. Now copy the Reveal framework and the supporting library over to the phone using scp:

$ scp -r Reveal.framework root@x.x.x.x:/System/Library/Frameworks

$ scp libReveal.dylib root@x.x.x.x:/Library/MobileSubstrate/DynamicLibraries

As shown above, you’ll want to copy the libReveal.dylib library into the DynamicLibraries directory within /Library/MobileSubstrate, and stick the framework in its usual place inside /System/Library/Frameworks.

Now all you’ll need is a simple MS property list to specify which application(s) you want libReveal to inject into. I would advise against injecting Reveal into every application on the device, as it’s still in beta, and could potentially cause some issues. Create the file /Library/MobileSubstrate/DynamicLibraries/libReveal.plist and edit it with the following contents:

{ Filter = { Bundles = ( "com.yourdomain.yourapp" ); }; }

For example, if you wish to inject Reveal into Pandora, use:

{ Filter = { Bundles = ( "com.pandora" ); }; }

You can get the bundle identifier from the Info.plist file inside the application you are targeting. Once you’ve made this change, give SpringBoard a swift kick and run your application as normal. It should now show up on Reveal’s list. Make sure, of course, that your device is connected to your desktop machine.

 

Archives

  • May 2023
  • February 2023
  • December 2022
  • November 2022
  • July 2022
  • March 2022
  • January 2022
  • December 2021
  • November 2021
  • September 2021
  • July 2021
  • December 2020
  • November 2020
  • March 2020
  • September 2019
  • August 2019
  • November 2018
  • August 2018
  • March 2018
  • March 2017
  • February 2017
  • January 2017
  • November 2016
  • October 2016
  • July 2016
  • May 2016
  • April 2016
  • March 2016
  • February 2016
  • June 2015
  • March 2015
  • February 2015
  • December 2014
  • November 2014
  • October 2014
  • September 2014
  • August 2014
  • July 2014
  • June 2014
  • May 2014
  • April 2014
  • March 2014
  • January 2014
  • October 2013
  • September 2013
  • June 2013
  • May 2013
  • April 2013
  • December 2012
  • May 2012
  • September 2011
  • June 2011
  • August 2010
  • July 2010
  • May 2010
  • April 2010
  • March 2010
  • February 2010
  • July 2009
  • May 2008
  • March 2008
  • January 2008
  • June 2007
  • August 2006
  • February 2006

Calendar

May 2023
M T W T F S S
1234567
891011121314
15161718192021
22232425262728
293031  
« Feb    

Categories

  • Apple
  • Christianity
  • Essays
  • Forensics
  • General
  • Machine Learning
  • Music
  • Opinion
  • Photography
  • Politics
  • Security

All Content Copyright (c) 2000-2023 by Jonathan Zdziarski, All Rights Reserved