Vault7: CIA Hacking Tools Revealed
Navigation: » Latest version
iOS Debugging
Set Up
- GDB does not work on device, so use debugserver
- El_ssh will install an appropriate version of debugserver and cdhash it. Find it in /private/var/root/bin (note that this is also on PATH).
- Run the debugserver on target (can leave process to debug out)
- debugserver *:8888 <process to debug>
- From your host computer, run tcprelay (part of the usbmuxd project under the python-client directory)
- python tcprelay.py -t 8888
- Get debug symbols and shared cache using XCode. (without this, you will see "<redacted>" in LLDB where it attempts to print the names of functions in shared cache)
- Have device plugged in.
- Start XCode.
- Go to "Window->Devices".
- Select the device from the screen that appears.
- Run lldb in another window and in it run the command.
- gdb-remote localhost:8888