Highlights
During my LDM prezo pancake asked if I was also scanning Swift strings when searching for uses of LDM (these are strings that the compiler 'encodes' and puts into registers in the ASM)... NOW I am! 😁:+1:
❯ cat test.swiftpublic func charArray(_ i: Int) -> [Character] {
return [ "a", "b", "c", "d" ]
}
public func singleChar() -> Character {
return "a"
}
public func singleNonAsciiChar() -> Character {
return "日"
}
public func singleNonSmolChar() -> Character {
return "👩👩👦👦"
}
let myString = String("LDMGlobalEnable")
print(myString)❯ xcrun swiftc -O test.swiftNow we can dump them via 'light' emulation
❯ ipsw macho info test --strings
0x100003f60: "👩\u200d👩\u200d👦\u200d👦"
Swift Strings
-------------
0x100003d94: "LDMGlobalEnable"
0x100003df0: " "
0x100003e8c: "a"
0x100003eb8: "a"
0x100003ec4: "日"NOTE: this is not a perfect solution as I only get the first char from the func
charArrayI am also getting an extra space from the 'terminator' introduced by the call toprint()in the ASM.
AND to answer your question MANY months later pancake the magic string LDMGlobalEnabled is 1 char too long to be optimized so I WAS finding all the instances due to the Swift string struct requiring 4 bits for the discriminator and 4 bits for the count meaning 15 chars is the max length. 😅
Changelog
New Features
- 30baa86: feat: add
--valflag toipsw entcommand to search for entitlement values and add 🌈 (@blacktop) - d24f94a: feat: add ability to dump llvm optimized Swift string structures via
ipsw macho info --strings(thanks to my RE brothers @radare and @mrmacete) (@blacktop)
Documentation updates
Summary
Full Changelog: v3.1.394...v3.1.395
What to do next?
- Read the documentation
- Join our Discord server
- Follow us on Twitter
- Follow us on Mastodon