debugserver *:12345 -a "Aweme"
tcprelay.py -t 12345:12345
process connect connect://127.0.0.1:12345
po [MMServiceCenter _shortMethodDescription]
b 0x100bd04f0
backtrace all
backtrace //Show the stack backtrace for the current thread
bt
next
step in
continue
finish
//基地址
(lldb) image list -o -f Aweme
[ 0] 0x0000000000080000 /var/mobile/Containers/Bundle/Application/5CC411F6-166D-439F-8001-577BC4CA99FB/Aweme.app/Aweme(0x0000000100080000)
breakpoint list
breakpoint help
process interrupt
register read/x
po $x1
Read memory from address 0xbffff3c0 and show 4 hex uint32_t values.
(gdb) x/4xw 0xbffff3c0
(lldb) memory read --size 4 --format x --count 4 0xbffff3c0
(lldb) me r -s4 -fx -c4 0xbffff3c0
(lldb) x -s4 -fx -c4 0xbffff3c0
LLDB now supports the GDB shorthand format syntax but there can't be space after the command:
(lldb) memory read/4xw 0xbffff3c0
(lldb) x/4xw 0xbffff3c0
(lldb) memory read --gdb-format 4xw 0xbffff3c0
https://lldb.llvm.org/lldb-gdb.html
打印.
(lldb) thread backtrace
(lldb) bt
10分钟入门arm64汇编 http://blackteachinese.com/2017/07/12/arm64/
/System/Library/CoreServices/SystemVersion.plist https://www.theiphonewiki.com/wiki//System/Library/CoreServices/SystemVersion.plist
从lldb 中动态追踪调用
0x1009E5750 address - image base = ida_file_address