Created
August 11, 2024 11:39
-
-
Save 52617365/435d0e0f58acc1915009370f006e55a6 to your computer and use it in GitHub Desktop.
This script gets all the stub functions from the __objc_stubs section and renames them depending on the function it's calling
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| # Example stub caller function that this binary ninja script renames would be like this: | |
| # 1001dc540 int64_t sub_8282828818(void* arg1) | |
| # 1001dc550 return _objc_msgSend(self: arg1, cmd: "_finalRestoreBlock") __tailcall | |
| # Result will be: | |
| # 1001dc540 int64_t objc_stub_caller__finalRestoreBlock(void* arg1) | |
| # 1001dc550 return _objc_msgSend(self: arg1, cmd: "_finalRestoreBlock") __tailcall | |
| from binaryninja import * | |
| objc_stub_section = bv.get_section_by_name("__objc_stubs") | |
| objc_stub_section_start = objc_stub_section.start | |
| objc_stub_section_end = objc_stub_section.end | |
| all_functions = bv.functions | |
| functions_in_objc_stub_section = [] | |
| for f in all_functions: | |
| if f.start > objc_stub_section_start and f.start < objc_stub_section_end: | |
| functions_in_objc_stub_section.append(f) | |
| for f in functions_in_objc_stub_section: | |
| insts = list(f.high_level_il.instructions) | |
| if len(insts) == 1: | |
| tokens = insts[0].tokens | |
| rename_function_name = f"objc_stub_caller_{tokens[6]}" | |
| f.name = rename_function_name | |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If someone knows a better way to get the second argument in binja please tell me since I need it.