Stack Overflow
Stack Overflow

Questions tagged [hopper]

Hopper is a tool that will assist you in your static analysis of executable files.

From Hopper's tutorial page:

The idea behind Hopper is to transform a set of bytes (the binary you want to analyze) into something that could be read by a human.

To do so, Hopper will try to associate a type to each byte of the file. Because it would be too much expensive to do it manually, Hopper proceeds to an automatic analysis as soon as you loaded a file.

The various types that can be used in hopper are:

  • Data: an area is set to the data type when Hopper thinks it is an area that represents a constant, like an array of int for instance.
  • ASCII: a NULL terminated C string.
  • Code: an instruction
  • Procedure: a byte receives this type once it has been determinate that it is part of a method that has been successfully reconstructed by Hopper.
  • Undefined: this is an area that has not yet been explored by Hopper.
15 questions
12
votes
2 answers

Not able to disassemble iOS Banking app

I use hopper disassembler to disassemble iOS apps. It works fine for most of the apps. However today I just got curious to understand a banking app so I tried to disassemble it. So, I moved the app from my jailbroken device to my mac and when I…
Jaffer Sheriff
  • 1,444
  • 13
  • 33
7
votes
1 answer

Hopper to disassemble the UIKit.framework from Xcode

I use Hopper Disassembler to disassemble the UIKit.framework. I usually select the binary from…
ricardopereira
  • 11,118
  • 5
  • 63
  • 81
4
votes
1 answer

How to change the qword memory offset in Hopper Assembler v3?

So I got the following (as an example): 0x00000001000022c4 db "Apple", 0 0x0000000100002347 db "Ducks", 0 In a procedure it refers to Apple as such: lea rcx, qword [ds:0x1000022c4] ; "Apple" Now I like this string to say Ducks and…
Mark
  • 16,906
  • 20
  • 84
  • 117
3
votes
0 answers

Hopper Disassembler v4, Cannot launch debugger. Not Found LLDB

I run Hopper Disassembler v4 Debugger execute a program, but tooltip Cannot Launch debugger. Detail Error Content is: "Please make sure that LLDB is installed, and that the binary can be launched on the targeted computer." I am Macos 10.14.6,…
paul hu
  • 31
  • 1
3
votes
2 answers

Swift mangled function name mapping

How does the Hopper disassembler understand what is the function's name? For example, I have a simple Swift function named function(), and after disassembling the executable with that function Hopper shows me that it's mangled name is…
alexk
  • 131
  • 1
  • 6
3
votes
2 answers

Not understanding Hopper decompiler output

I know some C and a little bit of assembly and wanted to start learning about reverse engineering, so I downloaded the trial of Hopper Disassembler for Mac. I created a super basic C program: int main() { int a = 5; return 0; } And compiled…
Austin
  • 6,921
  • 12
  • 73
  • 138
2
votes
1 answer

Why are all symbol names visible in compiled MacOS Swift Application (Xcode 10) via Hopper disassembler?

Hope someone can help! I'm compiling an application with Xcode 10 + Swift 5, I've set all the options I've found online for mangle, stripping, reflection metadata, debug symbols, postprocessing etc. Yet when I drop my compiled (release build)…
TheHoliestRoger
  • 21
  • 1
2
votes
1 answer

How to find objective-c methods at runtime for any Application on Mac?

For ex- You have TextEdit Application, when you save the file , I want to know which objective-c methods get called. I have headers file of Textedit using class-dump. Is there any is way to know which of these methods (which we output from…
hrishikesh chaudhari
  • 908
  • 1
  • 8
  • 15
0
votes
0 answers

"Syntax Error" in Hopper Disassembler while assembling instruction

I am trying to follow this tutorial https://dhiyaneshgeek.github.io/mobile/security/2021/12/25/hopper-disassembler/ which shows how to bypass the jailbreak detection in a sample demo app named "SecureStoreV1.ipa". The idea is to break the tbz (test…
node_analyser
  • 1,502
  • 3
  • 17
  • 34
0
votes
0 answers

How to modify instruction to return 0x0 instead of 0x1 in Hopper

How do I modify #0x1 to #0x0 of the and instruction in any of the dissassembler? 00000001005c3fc0 and w0, w8, #0x1 00000001005c3fc4 ldp x29, x30, [sp, #0x10] 00000001005c3fc8 ldp x20, x19, [sp],…
A O
  • 1
  • 3
0
votes
0 answers

Understanding iOS string formatting in assembly code

I am new to assembly code and am learning a lot through examining disassembled iOS code through Hopper. One thing I cannot figure out is how to determine the variables that are being used in a formatted string. Here is a code snippet. r0 = [var_60…
MillerMedia
  • 3,651
  • 17
  • 71
  • 150
0
votes
1 answer

Hopper disassembler ASM

I am using the Hopper Disassembler to reverse engineer an iOS library. In principle, in the beginning, everything is clear and logical. But I can't find information about asm. What does asm mean? Is this a function call? If this is a function, what…
Michil Khabarov
  • 1
  • 2
0
votes
0 answers

Implement an ObjC protocol in Swift with pointer to incomplete type as a return value

I'm trying to implement the HopperPlugin Objective-C protocol from the Hopper SDK in a Swift class. The compiler fails with an "Type 'MyPlugin' cannot conform to protocol 'HopperPlugin' because it has requirements that cannot be satisfied" error. I…
stiabhan
  • 381
  • 1
  • 5
0
votes
0 answers

Hiding debugger from isDebuggerAtached () in binary executable

I'm trying to understand the work flow of a mac app from its executable. I'm using Hopper disassembler to disassemble the binary executable. I'm not able to execute the binary executable of this mac app through hopper, as this app keeps on…
Jaffer Sheriff
  • 1,444
  • 13
  • 33
0
votes
1 answer

What's the principle of class dump and hopper

What's the principle of class dump and hopper? Why can they dump out objc's method? And why can't they dump out the function that written in C style?
wkx
  • 431
  • 1
  • 4
  • 7