Mach-O binary index

The following posts will introduce you to the binary format used by Apple, Mach-O. We first learn the basic format (1), then diving deeper into the import and export tables, and how the loader (dyld) binds these symbols (2). We continue to explore how Apple signs the binary (3) and how Apple prevents copying apps (4).

I will keep the posts updated with what I’ve researched. Readers can see the list below for my current research target.

  • methods to inject into the Mach-O binary by either modifying the binary or using tools such as Frida (5).
  • Obj-C class-dump
  • Obj-C runtime
  • Swift and Obj-C and C
  • __cstring encryption (future work)

Series index:

  1. Overview of Mach-O binary
  2. Mach-O linker information
  3. Mach-O codesign data
  4. Apple Fairplay protection in Mach-O
  5. Injecting code into Mach-O

References will be updated here


Official sourcecode of Apple:

Novel research:

Redback, introduced in Blackhat Asia 2020, but no public source-code release:

Worth checking out:

I will probably do some jailbreak research to answer questions such as what is performed during jailbreak.

The list below is auto-generated, please refer to the list above.