Christian Mayer's Weblog

Mach-O

I’m very interested to reverse engineer and crack programs. This is an interesting thing because you need to deal with Assembly. When you understand Assembly you can think like a computer. And you can read every binary of almost every CPU architecture.

I created a PHP script for manipulating Mach-O binaries. This is useful to manipulate dynamically Mach-O files. It’s like a Hex Editor for PHP programmers, if you like. But it doesn’t matter if you are using a real Hex Editor or just a script — you need to know what you’re doing. You need do understand Assembly. Why with PHP? — Why not? I like PHP.

Overwriting the right values is easy. Especially when you overwrite an existing function or subroutine of a program with NOPs. But appending new functionality to an existing program is very hard because you need to change the size and offset values in the Mach-O header informations.

Update, 2015-02-18: I removed the arrays and made objects. This is prettier.

More Resources

Posted on .
Categories: Project
Tags: MachO, Mach, O, OS X, Mac, App, Apple, Executable, MachOView, HopperApp, OllyDbg, nm, otool, gdb, GNU, Debugger, LLDB, LLVM, PHP, Hex, Editor, Reverse Engineering, NOP, No Operation, Head, Header, CPU

Categories | RSS Feed | Usage | Imprint
Copyright © 2006 by