2

iOS App Reverse Engineering

442 Pages · 2015 · 16.41 MB · English

  • iOS App Reverse Engineering


    xa0




    s n a k e n i n n y , h a n g c o m


    Translated by Ziqi Wu, 0xBBC, tianqing and Fei Cheng





    iOS App Reverse Engineering




    xa0



    Table of Contents



    Recommendation xa0..................................................................................................................................................... xa01 xa0


    Preface. xa0...................................................................................................................................................................... xa02 xa0


    Foreword xa0................................................................................................................................................................... xa07 xa0


    Part 1 Concepts xa0....................................................................................................................................................... xa012 xa0


    Chapter 1 Introduction to iOS reverse engineering xa0............................................................................................. xa013 xa0


    1.1 xa0 Prerequisites xa0of xa0iOS xa0reverse xa0engineering xa0.......................................................................................................... xa013 xa0


    1.2 xa0 What xa0does xa0iOS xa0reverse xa0engineering xa0do xa0............................................................................................................ xa013 xa0


    1.2.1 xa0 Security xa0related xa0iOS xa0reverse xa0engineering xa0...................................................................................................... xa016 xa0


    1.2.2 xa0 Development xa0related xa0iOS xa0reverse xa0engineering xa0............................................................................................. xa017 xa0


    1.3 xa0 The xa0process xa0of xa0iOS xa0reverse xa0engineering xa0............................................................................................................ xa019 xa0


    1.3.1 xa0 System xa0Analysis xa0............................................................................................................................................ xa019 xa0


    1.3.2 xa0 Code xa0Analysis xa0................................................................................................................................................ xa020 xa0


    1.4 xa0 Tools xa0for xa0iOS xa0reverse xa0engineering xa0..................................................................................................................... xa020 xa0


    1.4.1 xa0 Monitors xa0....................................................................................................................................................... xa021 xa0


    1.4.2 xa0 Disassemblers xa0............................................................................................................................................... xa021 xa0


    1.4.3 xa0 Debuggers xa0.................................................................................................................................................... xa023 xa0


    1.4.4 xa0 Development xa0kit xa0........................................................................................................................................... xa023 xa0


    1.5 xa0 Conclusion xa0........................................................................................................................................................ xa023 xa0


    Chapter 2 Introduction to jailbroken iOS xa0.............................................................................................................. xa024 xa0


    2.1 xa0 iOS xa0System xa0Hierarchy xa0........................................................................................................................................ xa024 xa0


    2.1.1 xa0 iOS xa0filesystem xa0............................................................................................................................................... xa026 xa0


    2.1.2 xa0 iOS xa0file xa0permission xa0........................................................................................................................................ xa032 xa0


    2.2 xa0 iOS xa0file xa0types xa0..................................................................................................................................................... xa033 xa0


    2.2.1 xa0 Application xa0.................................................................................................................................................... xa033 xa0


    2.2.2 xa0 Dynamic xa0Library xa0............................................................................................................................................ xa037 xa0


    2.2.3 xa0 Daemon xa0........................................................................................................................................................ xa038 xa0


    2.3 xa0 Conclusion xa0........................................................................................................................................................ xa039 xa0


    Part 2 Tools xa0.............................................................................................................................................................. xa040 xa0


    Chapter 3 OSX toolkit xa0............................................................................................................................................ xa041 xa0


    3.1 xa0 class-xad‐dump xa0........................................................................................................................................................ xa041 xa0


    3.2 xa0 Theos xa0................................................................................................................................................................ xa043 xa0


    3.2.1 xa0 Introduction xa0to xa0Theos xa0................................................................................................................................... xa043 xa0


    3.2.2 xa0 Install xa0and xa0configure xa0Theos xa0........................................................................................................................... xa044 xa0


    3.2.3 xa0 Use xa0Theos xa0..................................................................................................................................................... xa046 xa0


    3.2.4 xa0 An xa0example xa0tweak xa0........................................................................................................................................ xa067 xa0


    3.3 xa0 Reveal xa0............................................................................................................................................................... xa070 xa0


    3.4 xa0 IDA xa0.................................................................................................................................................................... xa076 xa0





    3.4.1 xa0 Introduction xa0to xa0IDA xa0....................................................................................................................................... xa076 xa0


    3.4.2 xa0 Use xa0IDA xa0......................................................................................................................................................... xa077 xa0


    3.4.3 xa0 An xa0analysis xa0example xa0of xa0IDA xa0.......................................................................................................................... xa090 xa0


    3.5 xa0 iFunBox xa0............................................................................................................................................................. xa095 xa0


    3.6 xa0 dyld_decache xa0.................................................................................................................................................... xa096 xa0


    3.7 xa0 Conclusion xa0........................................................................................................................................................ xa097 xa0


    Chapter 4 iOS toolkit xa0.............................................................................................................................................. xa098 xa0


    4.1 xa0 CydiaSubstrate xa0.................................................................................................................................................. xa098 xa0


    4.1.1 xa0 MobileHooker xa0............................................................................................................................................... xa098 xa0


    4.1.2 xa0 MobileLoader xa0.............................................................................................................................................. xa0109 xa0


    4.1.3 xa0 Safe xa0mode xa0................................................................................................................................................... xa0109 xa0


    4.2 xa0 Cycript xa0............................................................................................................................................................. xa0111 xa0


    4.3 xa0 LLDB xa0and xa0debugserver xa0.................................................................................................................................... xa0115 xa0


    4.3.1 xa0 Introduction xa0to xa0LLDB xa0................................................................................................................................... xa0115 xa0


    4.3.2 xa0 Introduction xa0to xa0debugserver xa0....................................................................................................................... xa0116 xa0


    4.3.3 xa0 Configure xa0debugserver xa0............................................................................................................................... xa0116 xa0


    4.3.4 xa0 Process xa0launching xa0and xa0attaching xa0using xa0debugserver xa0.................................................................................. xa0118 xa0


    4.3.5 xa0 Use xa0LLDB xa0..................................................................................................................................................... xa0119 xa0


    4.3.6 xa0 Miscellaneous xa0LLDB xa0.................................................................................................................................... xa0133 xa0


    4.4 xa0 dumpdecrypted xa0.............................................................................................................................................. xa0134 xa0


    4.5 xa0 OpenSSH xa0......................................................................................................................................................... xa0137 xa0


    4.6 xa0 usbmuxd xa0......................................................................................................................................................... xa0138 xa0


    4.7 xa0 iFile xa0.................................................................................................................................................................. xa0140 xa0


    4.8 xa0 MTerminal xa0...................................................................................................................................................... xa0141 xa0


    4.9 xa0 syslogd xa0to xa0/var/log/syslog xa0............................................................................................................................... xa0142 xa0


    4.10 xa0 Conclusion xa0...................................................................................................................................................... xa0142 xa0


    Part 3 Theories xa0...................................................................................................................................................... xa0143 xa0


    Chapter 5 Objective-C related iOS reverse engineering xa0.................................................................................. xa0144 xa0


    5.1 xa0 How xa0does xa0a xa0tweak xa0work xa0in xa0Objective-xad‐C xa0.......................................................................................................... xa0144 xa0


    5.2 xa0 Methodology xa0of xa0writing xa0a xa0tweak xa0.................................................................................................................... xa0147 xa0


    5.2.1 xa0 Look xa0for xa0inspiration xa0..................................................................................................................................... xa0147 xa0


    5.2.2 xa0 Locate xa0target xa0files xa0....................................................................................................................................... xa0150 xa0


    5.2.3 xa0 Locate xa0target xa0functions xa0............................................................................................................................... xa0156 xa0


    5.2.4 xa0 Test xa0private xa0methods xa0.................................................................................................................................. xa0158 xa0


    5.2.5 xa0 Analyze xa0method xa0arguments xa0........................................................................................................................ xa0160 xa0


    5.2.6 xa0 Limitations xa0of xa0class-xad‐dump xa0........................................................................................................................... xa0162 xa0


    5.3 xa0 An xa0example xa0tweak xa0using xa0the xa0methodology xa0.................................................................................................... xa0163 xa0


    5.3.1 xa0 Get xa0inspiration xa0............................................................................................................................................ xa0164 xa0


    5.3.2 xa0 Locate xa0files xa0.................................................................................................................................................. xa0165 xa0


    5.3.3 xa0 Locate xa0methods xa0and xa0functions xa0.................................................................................................................... xa0172 xa0


    5.3.4 xa0 Test xa0methods xa0and xa0functions xa0....................................................................................................................... xa0174 xa0


    5.3.5 xa0 Write xa0tweak xa0................................................................................................................................................ xa0175 xa0


    5.4 xa0 Conclusion xa0...................................................................................................................................................... xa0176 xa0


    Chapter 6 ARM related iOS reverse engineering xa0............................................................................................... xa0178 xa0


    6.1 xa0 Introduction xa0to xa0ARM xa0assembly xa0....................................................................................................................... xa0178 xa0


    6.1.1 xa0 Basic xa0concepts xa0............................................................................................................................................ xa0179 xa0


    6.1.2 xa0 Interpretation xa0of xa0ARM/THUMB xa0instructions xa0............................................................................................... xa0184 xa0


    6.1.3 xa0 ARM xa0calling xa0conventions xa0............................................................................................................................ xa0191 xa0


    6.2 xa0 Advanced xa0methodology xa0of xa0writing xa0a xa0tweak xa0.................................................................................................... xa0193 xa0





    6.2.1 xa0 Cut xa0into xa0the xa0target xa0App xa0and xa0find xa0the xa0UI xa0function xa0........................................................................................ xa0195 xa0


    6.2.2 xa0 Locate xa0the xa0target xa0function xa0from xa0the xa0UI xa0function xa0......................................................................................... xa0207 xa0


    6.3 xa0 Advanced xa0LLDB xa0usage xa0..................................................................................................................................... xa0241 xa0


    6.3.1 xa0 Look xa0for xa0a xa0function’s xa0caller xa0......................................................................................................................... xa0241 xa0


    6.3.2 xa0 Change xa0process xa0execution xa0flow xa0.................................................................................................................. xa0247 xa0


    6.4 xa0 Conclusion xa0...................................................................................................................................................... xa0249 xa0


    Part 4 Practices xa0..................................................................................................................................................... xa0250 xa0


    Chapter 7 Practice 1: Characount for Notes 8 xa0................................................................................................... xa0251 xa0


    7.1 xa0 Notes xa0............................................................................................................................................................... xa0251 xa0


    7.2 xa0 Tweak xa0prototyping xa0.......................................................................................................................................... xa0252 xa0


    7.2.1 xa0 Locate xa0Notes’ xa0executable xa0............................................................................................................................ xa0255 xa0


    7.2.2 xa0 class-xad‐dump xa0MobileNotes’ xa0headers xa0.............................................................................................................. xa0256 xa0


    7.2.3 xa0 Find xa0the xa0controller xa0of xa0note xa0browsing xa0view xa0using xa0Cycript xa0............................................................................. xa0257 xa0


    7.2.4 xa0 Get xa0the xa0current xa0note xa0object xa0from xa0NoteDisplayController xa0........................................................................... xa0258 xa0


    7.2.5 xa0 Find xa0a xa0method xa0to xa0monitor xa0note xa0text xa0changes xa0in xa0real xa0time xa0.......................................................................... xa0261 xa0


    7.3 xa0 Result xa0interpretation xa0...................................................................................................................................... xa0265 xa0


    7.4 xa0 Tweak xa0writing xa0................................................................................................................................................. xa0266 xa0


    7.4.1 xa0 Create xa0tweak xa0project xa0"CharacountforNotes8" xa0using xa0Theos xa0........................................................................ xa0266 xa0


    7.4.2 xa0 Compose xa0CharacountForNotes8.h xa0.............................................................................................................. xa0266 xa0


    7.4.3 xa0 xa0Edit xa0Tweak.xm xa0................................................................................................................................................ xa0267 xa0


    7.4.4 xa0 xa0Edit xa0Makefile and xa0control xa0files xa0...................................................................................................................... xa0267 xa0


    7.4.5 xa0 xa0Test xa0................................................................................................................................................................ xa0268 xa0


    7.5 xa0 Conclusion xa0...................................................................................................................................................... xa0272 xa0


    Chapter 8 Practice 2: Mark user specific emails as read automatically xa0........................................................... xa0273 xa0


    8.1 xa0 Mail xa0................................................................................................................................................................. xa0273 xa0


    8.2 xa0 Tweak xa0prototyping xa0.......................................................................................................................................... xa0274 xa0


    8.2.1 xa0 xa0Locate xa0and xa0class-xad‐dump xa0Mail’s xa0executable xa0..................................................................................................... xa0278 xa0


    8.2.2 xa0 xa0Import xa0headers xa0into xa0Xcode xa0............................................................................................................................. xa0279 xa0


    8.2.3 xa0 xa0Find xa0the xa0controller xa0of xa0“Mailboxes” xa0view xa0using xa0Cycript xa0................................................................................... xa0280 xa0


    8.2.4 xa0 xa0Find xa0the xa0delegate xa0of xa0“All xa0Inboxes” xa0view xa0using xa0Reveal xa0and xa0Cycript xa0................................................................. xa0282 xa0


    8.2.5 xa0 xa0Locate xa0the xa0refresh xa0completion xa0callback xa0method xa0in xa0MailboxContentViewController xa0...................................... xa0284 xa0


    8.2.6 xa0 xa0Get xa0all xa0emails xa0from xa0MessageMegaMall xa0......................................................................................................... xa0288 xa0


    8.2.7 xa0 xa0Get xa0sender xa0address xa0from xa0MFLibraryMessage xa0and xa0mark xa0email xa0as xa0read xa0using xa0MessageMegaMall xa0................ xa0290 xa0


    8.3 xa0 Result xa0interpretation xa0...................................................................................................................................... xa0295 xa0


    8.4 xa0 Tweak xa0writing xa0................................................................................................................................................. xa0296 xa0


    8.4.1 xa0 xa0Create xa0tweak xa0project xa0“iOSREMailMarker” xa0using xa0Theos xa0................................................................................. xa0296 xa0


    8.4.2 xa0 xa0Compose xa0iOSREMailMarker.h xa0........................................................................................................................ xa0297 xa0


    8.4.3 xa0 xa0Edit xa0Tweak.xm xa0................................................................................................................................................ xa0297 xa0


    8.4.4 xa0 xa0Edit xa0Makefile xa0and xa0control xa0files xa0....................................................................................................................... xa0298 xa0


    8.4.5 xa0 xa0Test xa0................................................................................................................................................................ xa0299 xa0


    8.5 xa0 Conclusion xa0...................................................................................................................................................... xa0301 xa0


    Chapter 9 Practice 3: Save and share Sight in WeChat xa0.................................................................................... xa0302 xa0


    9.1 xa0 WeChat xa0........................................................................................................................................................... xa0302 xa0


    9.2 xa0 Tweak xa0prototyping xa0.......................................................................................................................................... xa0304 xa0


    9.2.1 xa0 xa0Observe xa0Sight xa0view xa0and xa0look xa0for xa0cut-xad‐in xa0points xa0................................................................................................ xa0304 xa0


    9.2.2 xa0 xa0Get xa0WeChat xa0headers xa0using xa0class-xad‐dump xa0......................................................................................................... xa0305 xa0


    9.2.3 xa0 xa0Import xa0WeChat xa0headers xa0into xa0Xcode xa0............................................................................................................... xa0306 xa0


    9.2.4 xa0 xa0Locate xa0the xa0Sight xa0view xa0using xa0Reveal xa0................................................................................................................ xa0307 xa0


    9.2.5 xa0 xa0Find xa0the xa0long xa0press xa0action xa0selector xa0................................................................................................................ xa0308 xa0





    9.2.6 xa0 xa0Find xa0the xa0controller xa0of xa0Sight xa0view xa0using xa0Cycript xa0............................................................................................... xa0314 xa0


    9.2.7 xa0 xa0Find xa0the xa0Sight xa0object xa0in xa0WCTimeLineViewController xa0...................................................................................... xa0316 xa0


    9.2.8 xa0 xa0Get xa0a xa0WCDataItem xa0object xa0from xa0WCContentItemViewTemplateNewSight xa0.................................................... xa0321 xa0


    9.2.9 xa0 xa0Get xa0target xa0information xa0from xa0WCDataItem xa0.................................................................................................... xa0324 xa0


    9.3 xa0 Result xa0interpretation xa0...................................................................................................................................... xa0333 xa0


    9.4 xa0 Tweak xa0writing xa0................................................................................................................................................. xa0333 xa0


    9.4.1 xa0 xa0Create xa0tweak xa0project xa0“ xa0iOSREWCVideoDownloader” xa0using xa0Theos xa0................................................................. xa0333 xa0


    9.4.2 xa0Compose xa0iOSREWCVideoDownloader.h xa0.......................................................................................................... xa0334 xa0


    9.4.3 xa0 xa0Edit xa0Tweak.xm xa0................................................................................................................................................ xa0335 xa0


    9.4.4 xa0 xa0Edit xa0Makefile xa0and xa0control xa0files xa0....................................................................................................................... xa0336 xa0


    9.4.5 xa0 xa0Test xa0................................................................................................................................................................ xa0337 xa0


    9.5 xa0 Easter xa0eggs xa0...................................................................................................................................................... xa0339 xa0


    9.5.1 xa0 xa0Find xa0the xa0Sight xa0in xa0UIMenuItem xa0........................................................................................................................ xa0339 xa0


    9.5.2 xa0 xa0Historical xa0transition xa0of xa0WeChat’s xa0headers xa0count xa0........................................................................................... xa0340 xa0


    9.6 xa0 Conclusion xa0...................................................................................................................................................... xa0343 xa0


    Chapter 10 Practice 4: Detect And Send iMessages xa0.......................................................................................... xa0345 xa0


    10.1 xa0 iMessage xa0......................................................................................................................................................... xa0345 xa0


    10.2 xa0 Detect xa0if xa0a xa0number xa0or xa0email xa0address xa0supports xa0iMessage xa0............................................................................... xa0345 xa0


    10.2.1 xa0 xa0Observe xa0MobileSMS xa0and xa0look xa0for xa0cut-xad‐in xa0points xa0............................................................................................ xa0345 xa0


    10.2.2 xa0 xa0Find xa0placeholder xa0using xa0Cycript xa0..................................................................................................................... xa0348 xa0


    10.2.3 xa0 xa0Find xa0the xa01st xa0data xa0source xa0of xa0placeholderText xa0using xa0IDA xa0and xa0LLDB xa0................................................................ xa0356 xa0


    10.2.4 xa0 xa0Find xa0the xa0Nth xa0data xa0source xa0of xa0placeholderText xa0using xa0IDA xa0and xa0LLDB xa0............................................................... xa0359 xa0


    10.2.5 xa0 xa0Restore xa0the xa0process xa0of xa0the xa0original xa0data xa0source xa0becoming xa0placeholderText xa0............................................... xa0390 xa0


    10.3 xa0 Send xa0iMessages xa0............................................................................................................................................... xa0391 xa0


    10.3.1 xa0 xa0Observe xa0MobileSMS xa0and xa0look xa0for xa0cut-xad‐in xa0points xa0............................................................................................ xa0391 xa0


    10.3.2 xa0 xa0Find xa0response xa0method xa0of xa0“Send” xa0button xa0using xa0Cycript xa0................................................................................ xa0393 xa0


    10.3.3 xa0 xa0Find xa0suspicious xa0sending xa0action xa0in xa0response xa0method xa0.................................................................................... xa0394 xa0


    10.4 xa0 Result xa0Interpretation xa0...................................................................................................................................... xa0422 xa0


    10.5 xa0 Tweak xa0writing xa0................................................................................................................................................. xa0424 xa0


    10.5.1 xa0 xa0Create xa0tweak xa0project xa0“iOSREMadridMessenger” xa0using xa0Theos xa0..................................................................... xa0424 xa0


    10.5.2 xa0 xa0Compose xa0iOSREMadridMessenger.h xa0............................................................................................................ xa0425 xa0


    10.5.3 xa0 xa0Edit xa0Tweak.xm xa0.............................................................................................................................................. xa0425 xa0


    10.5.4 xa0 xa0Edit xa0Makefile xa0and xa0control xa0files xa0..................................................................................................................... xa0426 xa0


    10.5.5 xa0 xa0Test xa0with xa0Cycript xa0.......................................................................................................................................... xa0427 xa0


    10.6 xa0 Conclusion xa0...................................................................................................................................................... xa0427 xa0


    Jailbreaking for Developers, An Overview xa0......................................................................................................... xa0429 xa0


    Evading the Sandbox xa0........................................................................................................................................... xa0432 xa0


    Tweaking is the new-age hacking xa0....................................................................................................................... xa0434


    xa0







    Recommendation




    In our lives, we pay very little attention to things that work. Everything we interact with


    hides a fractal of complexity—hundreds of smaller components, all of which serve a vital role,


    each disappearing into its destined form and function. Every day, millions of people take to the


    streets with phones in their hands, and every day hardware, firmware, and software blend into


    one contiguous mass of games, photographs, phone calls, and text messages.


    It holds, then, that each component retains leverage over the


    others. Hardware owns firmware, firmware loads and reins in software, and software


    in turn directs hardware. If you could take control of one of them, could you influence


    a device to enact your own desires?


    iOS App Reverse Engineering provides a unique view inside the software running on iOS™,


    the operating system that powers the Apple iPhone® and iPad®. Within, you will learn what


    makes up application code and how each component fits into the software ecosystem at large.


    You will explore the hidden second life your phone leads, wherein it is a full-fledged computer


    and software development platform and there is no practical limit to its functionality.


    So, young developer, break free of restricted software and find out exactly what makes your


    phone tick!


    Dustin L. Howett


    iPhone Tweak Developer



    xa0 xa0


    1 xa0



    Preface




    I’m a man who loves traveling by myself. On every vacation in university, I spent about 7 to


    10 days as a backpacker, traveling around China. Since it was self-guiding tours, no guide would


    come to help me arrange anything. As a result, before traveling, my friends and I had to prepare


    everything by ourselves, such as scheduling, confirming the routes and buying tickets. We also


    needed to put deep thought into our plans, and thought about their dangers.


    It’s a commonly held belief that traveling, especially backpacking, is a great way to expand


    one’s horizons. What I see during my trips can make me more knowledgeable about the world


    around me. More importantly, before start traveling, I need to get everything prepared for this


    journey. My mind has arrived at the destination, even if my body is still at the starting point.


    This way of thinking is good for cultivating a holistic outlook as well as making us think about


    problems from a wider, longer term perspective.


    Before pursuing my master degree in 2009, I thought deeply about what I wanted to study.


    My major was computer science. From the beginning of undergraduate year, most of my


    classmates engaged in the study of Windows. As a student who wasn’t good at programming


    then, there were two alternatives for me to choose—one was to continue the study of


    Windows, and the other was to explore something else. If I chose the former, there were at least


    two benefits for me. Firstly, there were lots of documents for reference. The second one was


    that there were numerous people engaging in the study of Windows. When I met problems, I


    could consult and discuss with them. However, from the other side, there were also some


    disadvantages. More references possibly led to less creativity, and the more people engaged in


    studying Windows, the more competition I would face.


    In a nutshell, if I engaged in Windows related work, I could start my career very easily.


    However, there was no guarantee that I could be outstanding among the researchers. If I chose


    to do something else, it might be very difficult at the beginning. But as long as I persist with my


    goal, I could make something different.


    2


    Fortunately, my mentor had the same idea. He recommended me to work on mobile


    development. At that time, there were very few people engaging in this area in China and I had


    no idea about smart phones. My mobile phone was an out of date Philips phone, so that it was


    very hard for me to start to develop applications. Despite the difficulties, I trusted my mentor


    and myself. Not only because I had only chosen him after careful research and


    recommendations by my senior fellow students, but also that we shared the same opinions. So I


    started to search online for mobile development related information. After learning only a few


    concepts about smart phones and mobile Internet, I faintly found that this industry was


    conductive to the theory that computers and Internet would become smaller, faster and more


    tightly related with our lives. Many things could be done in this area. So I chose to study iOS.


    Everything was hard in the beginning. There were lots of differences between iOS and


    Windows. For example, iOS was an UNIX-like operating system, which was a complete, but


    closed, ecosystem. Its main programming language Objective-C, and jailbreak, were all strange


    fields lacking of information at that point. So I learned by myself, week by week, in a


    hackintosh. And this lasted for almost a year. During this period of time, I read the book “Learn


    Objective-C on the Mac”, input the code on the book into Xcode and checked the result by


    running the simulator. However, the code and the UI were hard to be associated with each


    other. Besides, I searched those half-UNIX concepts like backgrounding on Google and tried to


    understand them, but they were really hard to understand. When my classmates published their


    papers, I even wondered what I was doing during these several months. When they went out


    and party all night, I decided to code alone in the dormitory. When they had fallen asleep, I had


    to keep on working in the lab. Although these things made me feel lonely, they benefitted me a


    lot. I learnt a lot and became more informative during this period. As well, it made me become


    confident. The more knowledge I got, the less lonely I felt. A man can be excellent when he can


    bear the loneliness. What you pay will finally return and enrich yourself. After one-year of


    practice, in March 2011, the obscure code suddenly became understandable. The meaning of


    every word and the relationship of every sentence became clearer. All fragmented knowledge


    appeared to be organized in my head and the logic of the whole system became explicit.


    So I sped up my research. In April 2011, I finished the prototype of my master thesis and got


    high praise from my mentor who didn’t keep high expectation on my iOS research. Since then, I


    changed from a person who felt good to a man who was really good, which signified my pass of


    entry level of iOS research.


    3


    In the past few years, I made friends with the author of Theos, DHowett, consulted


    questions with the father of Activator, rpetrich and quarreled with the admin of TheBigBoss


    repo, Optimo. They were the people who solved most of my problems along the way. During


    the development of SMSNinja, I met Hangcom, the second author of this book. As research


    continues, I met a group of people who was doing excellent things but keeping low profile and


    finally I realized I’m not alone—We stand alone together.


    Taking a look back at the past five years, I’m glad that I made the right choice. It’s hard to


    imagine that you can publish a book related to Windows with only 5-years of research.


    However, this dream comes true with iOS. The fierce competition among Apple, Microsoft and


    Google and the feedback from market both prove that this industry will definitely play a leading


    role in the next 10 years. I feel very lucky that I can be a witness and participant. So, iOS fans,


    don’t hesitate, come and join us, right now!


    When received the invitation from Hangcom to write this book, I was a bit hesitant. Due to


    the large population of China, there were fierce competitions in all walks of life. I summarized


    all accumulated knowledge from countless failures and if I shared all of them in details, would it


    result in more competitors? Would my advantages be handed over to others? But throughout


    the history of jailbreak, from Cydia and CydiaSubstrate to Theos, all these pieces of software


    were open source and impressed me a lot. It was because these excellent engineers shared their


    “advantages” that we could absorb knowledge from and then gradually grew better.


    ‘TweakWeek’ led by rpetrich and ‘OpenJailbreak’ led by posixninja also shared their valuable


    core source code so that more fans could participate in building up the ecosystem of jailbroken


    iOS. They were the top developers in this area and their advantages didn’t get reduced by


    sharing. I was a learner who benefitted a lot from this sharing chain. Moreover, I intended to


    continue my research. If I didn’t stop, my advantage would stay and the only competitor was


    myself. I believed sharing would help a lot of developers who were stuck at the entry level


    where I used to be. And sharing could also combine all wisdom together to make science and


    technology serve people better. Meanwhile, I could make more friends. From this point of view,


    writing this book can be regarded as a long term thought, just like what I did as a backpacker.


    Ok, What I said above is too serious for the preface. Let me say something about this book.


    The content of the book is suitable for the majority of iOS developers who are not satisfied with


    developing Apps. To be honest, this book is techinically better than my master thesis. And if you


    4


    want to follow up, please focus on our official website http://bbs.iosre.com and our IRC


    channel #Theos on irc.saurik.com. Together, let us build the jailbreak community!


    Here, I want to say thank you to my mother. Without her support, I cannot focus on my


    research and study. Thanks to my grandpa for the enlightenment of my English studying,


    having good command of the English language is essential for communicating internationally.


    Thanks to my mentor for his guidance that helped me grew fast during the three-year master


    career. Thanks to DHowett, rpetrich, Optimo and those who gave me much help as well as


    sharp criticism. They helped me grew fast and made me realized that I still had a lot to do.


    Thanks to britta, Codyd51, DHowett, Haifisch, Tyilo, uroboro and yrp for suggestions and


    review. Also, I would like to say thank you to my future girlfriend. It is the absence of you that


    makes me focus on my research. So, I will share half of this book’s royalty with you :)


    Career, family, friendship, love are life-long pursuits of ordinary people. However, most of


    us would fail to catch them all, we have to partly give up. If that offends someone, I would like


    to sincerely apologize for my behaviors and thank you for your forgiveness.


    At last, I want to share a poem that I like very much. Despite regrets, life is amazing.



    The Road Not Taken


    Robert Frost, 1874 – 1963



    Two roads diverged in a yellow wood,


    And sorry I could not travel both


    And be one traveler, long I stood


    And looked down one as far as I could


    To where it bent in the undergrowth;



    Then took the other, as just as fair,


    And having perhaps the better claim,


    Because it was grassy and wanted wear;


    Though as for that the passing there


    Had worn them really about the same,



    And both that morning equally lay


    In leaves no step had trodden black.


    Oh, I kept the first for another day!


    Yet knowing how way leads on to way,


    I doubted if I should ever come back.



    I shall be telling this with a sigh


    Somewhere ages and ages hence:


    Two roads diverged in a wood, and I--


    I took the one less traveled by,


    5


    Please note: To fully download this free PDF,EBook files you need know All free.
    Found by internet command,site not saved pdf file
You May Also Like

Related PPT Template in the same category.