We’ve been very hard at work improving the experience for our iOS and macOS reverse engineers. You’ll want to keep an eye out for our upcoming 4.2 feature release announcement stream which includes some even juicier bits. In the meantime, hopefully this will tide you over.
This blog is a short summary of the current state of Objective-C analysis in Binary Ninja.
As mentioned in our 4.1 release notes, we have changed the Objective-C analysis so that no manual workflow/plugin loading is required. Instead, all changes are now implemented as an open source plugin and changes in our open source MachO BinaryView.
You can disable this via User Settings or on a per-view basis in Open with Options.
More recent versions of apple’s compiler will automatically outline _objc_msgSend
calls automatically, placing the outlined functions in the __objc_stubs
section.
While providing some space savings, this has resulted in these binaries being much more laborious to analyze.
Binary Ninja can now automatically detect and analyze these outlined functions and fully reverse the optimization, allowing the rest of our suite to work better than ever.
As seen in the above comparison, we also try to trace down msgSend calls and rewrite them to the appropriate function if it is located within the binary.
Objective-C Class instance variables are automatically recovered and names/types applied accordingly, making things easier to read through.
Binary Ninja has full support for the CFString spec and will automatically annotate CFString metadata, and name them accordingly, so parsing them in our IL views is easier.
Binary Ninja has full support for category methods and parses them like any other Objective-C method.
We’ve added full support for ARMv7/Thumb2 binaries in addition to our existing Aarch64 support, meaning regardless of your target OS and architecture, you’re getting our full suite of analysis.
We’re always working to improve our Objective-C analysis, and looking forward to shipping more powerful new tools to enable better capabilities for analyzing binaries from Apple platforms.