7/26/2023 0 Comments Otx disassembler![]() ![]() Since I had an idea why otool was failing, I quickly checked its source code to be sure that was the problem ( otool is part of cctools package available at Apple Developer Program, if you are interested in checking it). The difference is that breakpoints aren’t enforced! IDA is able to disassemble the binary directly (else we could point it to the right place taking the EIP as our starting point). Otool isn’t able to disassemble this binary ( otx uses otool) but this time GDB is able to run. tiny.asm for Mac OS X (Mach-O Object File Format)ĭb 0, 0, 0, 0, 0, 0, 0, 0, 0, 0 segname The posted code for tiny.asm doesn’t work in Snow Leopard (I remember it works in Leopard), so here is the working version (we just need to specify nsects and flags – the kernel parser must have been updated in Snow Leopard). After searching my bookmarks I found Amit Singh’s post about this here (have I told you that his book rocks? buy it!). ![]() From other projects I know this is possible and there are at least two articles about this. The binary has only 2 commands and there is no _text section. ![]()
0 Comments
Leave a Reply. |