Blacklist selectors used by libobjc

kam800 / MachObfuscator

MachObfuscator is a programming-language-agnostic Mach-O apps obfuscator for Apple platforms.

MIT License

521 stars 78 forks source link

Blacklist selectors used by libobjc #69

Closed kjamroz-bt closed 5 years ago

kjamroz-bt commented 5 years ago

Explicitly blacklist selectors used by libobjc. Currently some of them may blacklisted because they occur in system dependencies (like .cxx_destruct) and some are probably rarely used or do not occur in binaries. Hovever, any attempt to obfuscate them may have unpredictable consequences. See sel_init in https://opensource.apple.com/source/objc4/objc4-750.1/runtime/objc-sel.mm.auto.html - list of internal selectors.

kam800 commented 5 years ago

I don't understand when does this issue occur. When the app uses Obj-C – it usually has LC_LOAD_DYLIB (libobjc.A.dylib). I checked contents of libobjc.A.dylib – it contains all explicitly blacklisted selectors. Could you explain me why do we need them to be blacklisted explicitly?

kjamroz-bt commented 5 years ago

You are right. This is only necessary when system dependencies (libobjc.A.dylib in particular) are not analysed. On the other hand, additional selectors on blacklist do not break anything.

kam800 commented 5 years ago

So what is the use case? Is this only needed for xx-no-analyze-dependencies? Or any other scenario?

kjamroz-bt commented 5 years ago

Yes, it looks like it is only important when using xx-no-analyze-dependencies.

kam800 commented 5 years ago

Ok, now I understand :)