jtool - an alternative to otool

jtool comes with a capability of running on Linux environment. Some ipa scanning tools are created to run on Linux environment where mac environment is not available. In such cases tools such as otool and class-dump-z will not work. So jtool can be an alternative to otool. For more information on jtool please refer to http://www.newosxbook.com/tools/jtool.html . It lists down various commands which have same output as otool or a equivalent. There are several commands mentioned in link.

But for our customized requirements and basis checks I have listed down the below ones after running on many binaries. The outputs are similar or equivalent to otool and class-dump-z:

Commands for checking PIE flag (ASLR) in jTool
jtool -d -v -arch | grep stack

·         Automatic Reference Counting (ARC) protection:
jtool -d -v -arch | grep _objc_release

·         To check if the device is jailbroken:
jtool -d -v -arch | grep jail

·         Dyldinfo compatible options:
jtool -function_starts  -v -arch -d objc arm64 --- prints the classes and interfaces with start addresses, not as compact and clean as class-dump-z output

·         Signtaure:
jtool --sig -arch arm64 --provides info about flag/ version/ Identifier, CDHash, CA information

·         Entitlements:
jtool --ent   -arch  arm64

·         Dumping the binary:
jtool -d


Narayan said…
These dont seem to work,

Commands for checking PIE flag (ASLR) in jTool
jtool -d -v -arch | grep stack

· Automatic Reference Counting (ARC) protection:
jtool -d -v -arch | grep _objc_release

Popular posts from this blog

SQL Injection in search field

File Upload through Null Byte Injection