r3ggi
commented
2 months ago Thanks for the help, I have just accepted your PR :-)
Open p-x9 opened 2 months ago
r3ggi
commented
2 months ago Thanks for the help, I have just accepted your PR :-)
If the symbols given to denyFishHook are defined in binaries targeting iOS14 or later, it may not work.
Currently, symbols are searched based on binding information obtained from LC_DYLD_INFO. However, if targeting iOS14 or later, by default, it must be obtained from LC_DYLD_CHAINED_FIXUPS. https://github.com/qyang-nj/llios/blob/main/dynamic_linking/chained_fixups.md
Here is an example of a tried and tested implementation. https://github.com/p-x9/swift-anti-fishhook
I tried to fix it to send a pull request to this repository, but I noticed that the existing FishHook and exports trie parsing also needed some fixes. (When the official fishhook was used, it succeeded, but in some cases it failed in the current implementation.)
I will add more information as soon as I have it. Thank you