17

I am performing a review on an iOS application for which I do not have the source code. In order to gain more control over the environment, I am running the application on a jailbroken iPad.

I'd like to be able to monitor the API calls that the application is making...ideally I'd like to find something like Rohitab's MS Windows based API Monitor, but instead for iOS.

I have done some research and found a project by KennyTM called "Subjective-C" that seems that it may do what I need. I actually have been using a cycript script, along with the libsubjc.dylib available on the Google code site.

However, I have been unable to figure out how to correctly get it to start logging calls for an app. Here's the link to the cycript script, written by the author of Subjective-C (libsubjc). I pasted the script below as well.

/*

libsubjc.cy ... Use libsubjc in cycript.
Copyright (C) 2009  KennyTM~ <kennytm@gmail.com>

[...GPL3...]
*/

dlopen("libsubjc.dylib", 10);
if (!dlfun) {
    function dlfun(fn, encoding, altname) { var f = new Functor(dlsym(RTLD_DEFAULT, fn), encoding); if (f) this[altname || fn] = f; return f; }
}

dlfun("SubjC_start", "v");
dlfun("SubjC_end", "v");

dlfun("SubjC_set_file", "v^{sFILE=}");
dlfun("SubjC_set_maximum_depth", "vI");
dlfun("SubjC_set_print_arguments", "vB");
dlfun("SubjC_set_print_return_value", "vB");
dlfun("SubjC_set_print_timestamp", "vB");

SubjC_Deny = 0, SubjC_Allow = 1;

dlfun("SubjC_clear_filters", "v");
dlfun("SubjC_filter_method", "vi#:");
dlfun("SubjC_filter_class", "vi#");
dlfun("SubjC_filter_selector", "vi:");
dlfun("SubjC_default_filter_type", "vi");
dlfun("SubjC_filter_class_prefixes", "viI^*");
dlfun("SubjC_filter_class_prefix", "vi*");

dlfun("fopen", "^{sFILE=}**");
dlfun("fclose", "i^{sFILE=}");

I have been able to load the libsubjc cycript script, and call the SubjC_start function. However, how do I specify an input filehandle for the line starting with dlfun("SubjC_set_file", "v^{sFILE=}");

Has anyone successfully used the "libsubjc.cy" cycript script with the Subjective-C library (libsubjc.dylib) to monitor an app's API calls?

UPDATE

This is at least generating the output file, but I don't see any information populated within the output file (/tmp/test.txt).

cycript -p SpringBoard libsubjc.cy; cycript -p SpringBoard
f = fopen("/tmp/test.txt", "w");

SubjC_set_file(f);
SubjC_set_maximum_depth(15);
SubjC_set_print_arguments(YES);
SubjC_set_print_return_value(YES);
SubjC_set_print_timestamp(YES);
SubjC_default_filter_type(SubjC_Deny);
SubjC_start();
//do stuff
SubjC_end();

Or, if anyone knows of another way to monitor API calls (w/o source code) on a jailbroken device, please let me know!

Mick
  • 12,760
  • 9
  • 61
  • 118
  • 3
    related: [logging objc_msgSend on iOS](http://stackoverflow.com/questions/4640036/logging-objc-msgsend-on-iphone) –  Oct 15 '12 at 20:59
  • The author of the tool, @KennyTM, is on stack overflow. Maybe he'll wander by this post and have some ideas? – Nate Nov 02 '12 at 08:14

1 Answers1

-1

Set up a proxy server on your computer to redirect and track all the API calls. This is a common way to peak into iOS web traffic and you don't need a jailbroken device.

Bhargav Rao
  • 41,091
  • 27
  • 112
  • 129
Mudkip Hacker
  • 117
  • 6
  • Please avoid asking questions (clarification or rhetorical) in answers. Conisder phrasing a conditional answer like "If your problem is ... then the solution is to ...". – Yunnosch Aug 11 '20 at 07:02
  • This is not a web api. I'm referring to native syscalls. – Mick Aug 12 '20 at 17:19