Help/Support arm64 Hacking Questions

[xiaov 6.6k iPhone 6 8.3]

  On 5/24/2017 at 11:15 PM, shmoo said:

since I have to accept that 64 bit hacking is the future, I need to learn arm64. But first I have a few questions:

 

1. Every time you want to breakpoint, do you have to add the ASLR bias to the offset?

2. Do watchpoints work on arm64?

3. Do you have to wait for LLDB to process a 64 bit binary?

4. What is the 64 bit equivalent to r7?

@ZahirSher @Goggwell

Expand  

1. Every time you want to breakpoint, do you have to add the ASLR bias to the offset?

YES, arm64 no method to disable ASLR.. so you must type "image list" to list out the ASLR..

 

2. Do watchpoints work on arm64?

YES, with lldb.

 

3. Do you have to wait for LLDB to process a 64 bit binary?

YES, sometime takes few mins.

 

4. What is the 64 bit equivalent to r7?

w23

[Guest]

Awesome thanks everyone  Adding the bias every time will be annoying so I'll make an application for mac (maybe for windows in java ?)

  On 5/25/2017 at 12:37 AM, cz1993 said:

 @ZahirSher

 1. Every time you want to breakpoint, do you have to add the ASLR bias to the offset?

yes like a armv7

2. Do watchpoints work on arm64?

yes.  most of times works

3. Do you have to wait for LLDB to process a 64 bit binary?

what mean wait lldb?  but i know not need to thin the arm64 binary. i tried.  works too but if armv7 install the hack will not works because we hack the arm64 binary.

4. What is the 64 bit equivalent to r7?

this better read the register.   sometimes is x13,w13,w15,w15.

 

all my hack i use your mod menu @shmoo .  but sometimes got some issue with 2-byte hex. if you have some new version let me know thx!!

Expand  

arm64 doesn't allow 2 byte instructions

[cz1993 22.2k iPhone 7 Plus 10.1.1]

  On 5/25/2017 at 2:04 PM, shmoo said:

Awesome thanks everyone  Adding the bias every time will be annoying so I'll make an application for mac (maybe for windows in java ?)

arm64 doesn't allow 2 byte instructions

Expand  

Yeah.. works fine with arm64... only have some i ssue with armv7

[i0s_tweak3r 12.3k iPhone X 13.5]

  On 5/24/2017 at 11:51 PM, ZahirSher said:

1. Every time you want to breakpoint, do you have to add the ASLR bias to the offset?
No clue sorry Dont do lldb hacking

2. Do watchpoints work on arm64?
They should, @cz1993 does em.

3. Do you have to wait for LLDB to process a 64 bit binary?
No clue but you will need to thin it (arm64 binary only) ? So it should process it logically?

4. What is the 64 bit equivalent to r7?
I use w23, x23

Expand  

3. If you download the app on an arm64 device, you don't need to thin the binary because it is already just the arm64 portion. If you download on computer through iTunes then it will be a fat file, and need to be thinned. Right? 

Updated May 26, 2017 by i0s_tweak3r
Sorry I shouldn't have questioned an idol of mine....

[CorruptedHxR 99 iPhone 6 9.0.2]

  On 5/25/2017 at 2:38 AM, Bossx2 said:

Boi you just copied and pasted

Expand  

Uh no I didnt, I didn't even look at others posts. I just know this from previous challenges