One of the reasons I have not been posting as regularly is because of a big project I am currently working on. I have delved into the world of Objective-C, and have been enjoying it a ton. One of the pleasant surprises I found was the XCode utilizes GCC and GDB to do its compilation and debugging. Although they provide a nice GUI to interact with the debugger (create breakpoints, etc), it still will give you the normal ASM dump on errors. I imagine many developers out there just glaze over when they see this, but I got very excited! After doing some research and reading, I found some very useful Phrack articles to help me with my debugging.
If you are brand new to ASM I would recommend you go over to SecurityTube and check out their ASM primer. For those who know some ASM, you should be able to understand mostly.
Useful Commands
Identify Selector
When a message fails it is important to know which exactly selector threw the error. That selector can be found referenced within $ecx. The following is the command to display the value of $ecx, as well as a GDB command to display every call and selector made:
Single Command:
x/s $ecx
Script:
break
commands
x/s $ecx
c
end
The script works by creating designating a command to print out the value of $ecx as a string, then continue the process. See the above Phrack article for more details.
Identify Class Name
When an object is going to execute a method the method pointer is loaded into $ecx (as seen above) and the pointer to the id/object is loaded into $eax.The class name can be found within a struct that exists within each object. It exists as a pointer (4-bytes) 8-bytes into the struct. We can access it in two ways:
printf:
printf "%s\n", *(long*)($eax+8)
call getName method:
call (char *)class_getName($eax)
That is just the basics, but I hope you will find it helpful.