Skip to content

Add detailed usage instructions for Radare2 in static analysis on iOS #3290

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Draft
wants to merge 6 commits into
base: master
Choose a base branch
from
Draft

Add detailed usage instructions for Radare2 in static analysis on iOS #3290

wants to merge 6 commits into from

Conversation

cpholguera
Copy link
Collaborator

@cpholguera cpholguera commented May 28, 2025
edited
Loading

This pull request adds a detailed guide on using Radare2 (r2) for static analysis of iOS applications in the MASTG-TECH-0066.md file. The guide focuses on identifying relevant functions, analyzing strings, inspecting disassembly, and finding cross-references to enhance reverse engineering capabilities.

This section aligns with the way we're currently using r2 in the MASTG demos.

  • Introduction to Radare2: Added an overview of Radare2 as a reverse engineering framework and instructions for using its visual mode for interactive analysis.

  • Identifying Relevant Functions:

    • Explained the use of the afl command for listing and filtering functions by name, with examples for cryptographic functions like SecKeyCreateRandomKey.
    • Provided alternative methods for locating dynamically resolved or obfuscated functions using flags (f), string searches (/, /z, iz~), and cross-references (axt).

  • Analyzing Strings: Detailed the use of iz and izz commands to list strings in the binary and / for direct string searches, with filtering options for precision.

  • Analyzing Cross-References: Added guidance on using the axt command to find cross-references to functions or strings, helping trace their usage in the

@cpholguera cpholguera mentioned this pull request May 28, 2025
Open
trufae
trufae reviewed May 28, 2025
View reviewed changes
trufae
trufae reviewed May 28, 2025
View reviewed changes
trufae
trufae reviewed May 28, 2025
View reviewed changes
@cpholguera cpholguera self-assigned this May 29, 2025
@cpholguera cpholguera marked this pull request as draft June 8, 2025 06:11
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
1 more reviewer

@trufae trufae trufae left review comments

Reviewers whose approvals may not affect merge requirements

At least 1 approving review is required to merge this pull request.

Assignees

@cpholguera cpholguera

Labels
iOS techniques
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
2 participants
@cpholguera @trufae