Skip to content

A macOS dylib project based on the Dobby Hook framework, aimed at enhancing and extending the functionality of target software.

License

Notifications You must be signed in to change notification settings

marlkiller/dylib_dobby_hook

Repository files navigation

About

English | 中文 |Others..TODO

This project is a macOS dylib project that integrates the Dobby Hook framework, aiming to enhance software through the use of the Dobby Hook framework.

Development Environment:

  • macOS (SIP disabled & allow any source)
  • Xcode 15.2 | CLion
  • Hopper | IDA

Directory Structure:

  1. dylib_dobby_hook: Source code
  2. libs: Libraries that the project depends on
  3. release: Built product libraries
  4. script:
    • auto_hack.sh: One-click script sudo bash auto_hack.sh
  5. tools:
    • insert_dylib: Open-source static injection tool
    • dynamic_inject: Dynamic injection tool [SIP OFF]
    • process_inject: Process injection tool [BETA][SIP OFF]

Feat

  1. Cross-platform [intel/apple] HOOK
  2. Integrated development and debugging environment with Xcode|CLion|VSCode
  3. Signature code search

Check the full list of supported apps here.

Usage

download latest release

tar -xzvf dylib_dobby_hook.tar.gz
cd script 
sudo bash auto_hack.sh

Develop

0x0

The basic code has been completed. To be compatible with more app patches, the adapter pattern is used for extension.

0x1 Define Implementation Class (taking current XXX as an example)

#import <Foundation/Foundation.h>
#import <objc/runtime.h>
#import "HackProtocolDefault.h"


@interface XXXHack : HackProtocolDefault

@end

@implementation XXXHack

- (NSString *)getAppName {
return @"com.dev.xxx";
}

- (NSString *)getSupportAppVersion {
return @"1.0";
}


- (BOOL)hack {

#if
defined(__arm64__) || defined(__aarch64__)
// do arm something..
#elif
defined(__x86_64__)
// do x86 something..
#endif
return YES;
}
@end

0x2 Build & Inject

After compilation, we will get our dylib patch. Then write a shell script to inject.

## Static Injection
cp -f source_bin source_bin_backup 
"${insert_dylib}" --weak --all-yes "${YOUR_BUILD_PATH}/libdylib_dobby_hook.dylib" "source_bin_backup" "source_bin"

## Dynamic Injection [SIP OFF]
./dynamic_inject "xxx.app" "${YOUR_BUILD_PATH}/libdylib_dobby_hook.dylib"

## Process Injection [SIP OFF]
./process_inject "$pid" "${YOUR_BUILD_PATH}/libdylib_dobby_hook.dylib"

Sponsor

JetBrains

WARN

For research and learning purposes only. Please do not use for illegal purposes.
Note: If reprinted, please indicate the source (link to this post) and author information.

About

A macOS dylib project based on the Dobby Hook framework, aimed at enhancing and extending the functionality of target software.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published