1
00:00:00,570 --> 00:00:02,880
‫Instructor: Hi, within this lecture,

2
00:00:02,880 --> 00:00:05,460
‫we are going to understand what is assembly

3
00:00:05,460 --> 00:00:10,460
‫and how we can actually use it in iOS reverse engineering.

4
00:00:11,070 --> 00:00:15,660
‫So over here I have my DetectJailSwift folder.

5
00:00:15,660 --> 00:00:17,820
‫So I'm going to hide it for a while

6
00:00:17,820 --> 00:00:21,210
‫because we are going to focus on Objective-C first.

7
00:00:21,210 --> 00:00:25,350
‫And I have my DetectJail.ipa over here as well.

8
00:00:25,350 --> 00:00:29,940
‫And I have installed it in my jailbroken device, right?

9
00:00:29,940 --> 00:00:32,040
‫So you have done the same thing.

10
00:00:32,040 --> 00:00:34,950
‫And let me open the launchpad

11
00:00:34,950 --> 00:00:37,320
‫and you will see that I have something called

12
00:00:37,320 --> 00:00:40,260
‫Hopper Disassembler over here.

13
00:00:40,260 --> 00:00:43,680
‫We're going to use this software in a little bit

14
00:00:43,680 --> 00:00:47,430
‫so that we can disassemble the IPA

15
00:00:47,430 --> 00:00:49,530
‫and get its source code,

16
00:00:49,530 --> 00:00:52,290
‫get its assembly code.

17
00:00:52,290 --> 00:00:54,510
‫And before we do that,

18
00:00:54,510 --> 00:00:56,370
‫we have to understand

19
00:00:56,370 --> 00:00:58,110
‫what is assembly

20
00:00:58,110 --> 00:01:02,400
‫and why do we get assembly code out of IPAs.

21
00:01:02,400 --> 00:01:05,640
‫And in order to do that we have to understand

22
00:01:05,640 --> 00:01:07,140
‫what is machine language,

23
00:01:07,140 --> 00:01:10,830
‫what is assembly, and what is high-level language.

24
00:01:10,830 --> 00:01:15,830
‫So maybe you have heard that our processors

25
00:01:16,170 --> 00:01:20,430
‫have some kind of electrical circuits,

26
00:01:20,430 --> 00:01:22,290
‫and they're called bits

27
00:01:22,290 --> 00:01:27,290
‫and they actually perceive everything like ones and zeros.

28
00:01:28,410 --> 00:01:31,440
‫So whether we write as a program

29
00:01:31,440 --> 00:01:34,710
‫as a software in our computers

30
00:01:34,710 --> 00:01:36,150
‫are actually compiled

31
00:01:36,150 --> 00:01:39,810
‫or turned into machine language eventually

32
00:01:39,810 --> 00:01:43,050
‫and they will be processed as machine language like

33
00:01:43,050 --> 00:01:46,830
‫with ones and zeros in our processors.

34
00:01:46,830 --> 00:01:49,380
‫And we don't have to know about that.

35
00:01:49,380 --> 00:01:53,340
‫We don't write softwares in ones and zeros

36
00:01:53,340 --> 00:01:56,940
‫because it would be so much complicated, okay?

37
00:01:56,940 --> 00:02:00,570
‫No human being would be able to understand it

38
00:02:00,570 --> 00:02:04,440
‫and write as software regarding to this.

39
00:02:04,440 --> 00:02:08,550
‫And actually we can represent text and images

40
00:02:08,550 --> 00:02:10,440
‫and sounds and everything,

41
00:02:10,440 --> 00:02:13,200
‫every data in ones and zeros.

42
00:02:13,200 --> 00:02:18,090
‫So I have Googled how to represent images with binary,

43
00:02:18,090 --> 00:02:19,860
‫which is ones and zeros.

44
00:02:19,860 --> 00:02:23,610
‫And as you can see there is a documentation over here

45
00:02:23,610 --> 00:02:26,100
‫showing that how we can actually

46
00:02:26,100 --> 00:02:28,650
‫represent some image with ones and zeros

47
00:02:28,650 --> 00:02:33,060
‫and how processors perceive those numbers

48
00:02:33,060 --> 00:02:36,510
‫and how they process it.

49
00:02:36,510 --> 00:02:40,080
‫So there is actually a way

50
00:02:40,080 --> 00:02:44,520
‫to represent your image, your photo with ones and zeros,

51
00:02:44,520 --> 00:02:47,430
‫and processors do that for us.

52
00:02:47,430 --> 00:02:49,590
‫So it's called machine language.

53
00:02:49,590 --> 00:02:53,310
‫As I said before, you don't have to know about this.

54
00:02:53,310 --> 00:02:57,090
‫However, there is a middle step in this section

55
00:02:57,090 --> 00:02:59,250
‫and it's called assembly.

56
00:02:59,250 --> 00:03:02,970
‫So when you write a software in, write a program,

57
00:03:02,970 --> 00:03:05,460
‫it's converted into assembly first

58
00:03:05,460 --> 00:03:08,610
‫and then into machine language.

59
00:03:08,610 --> 00:03:10,770
‫And by high-level language,

60
00:03:10,770 --> 00:03:14,370
‫I mean the modern programming languages

61
00:03:14,370 --> 00:03:17,460
‫like Swift or Python or Java.

62
00:03:17,460 --> 00:03:19,410
‫So this is easy to understand.

63
00:03:19,410 --> 00:03:21,960
‫It's almost plain English.

64
00:03:21,960 --> 00:03:24,120
‫However, in assembly,

65
00:03:24,120 --> 00:03:28,410
‫it's actually closer to the machine language.

66
00:03:28,410 --> 00:03:29,850
‫It's hard to understand.

67
00:03:29,850 --> 00:03:32,970
‫It's hard to read, but it can be done.

68
00:03:32,970 --> 00:03:35,100
‫You can write some programs.

69
00:03:35,100 --> 00:03:39,660
‫You can write some tools using assembly if you want.

70
00:03:39,660 --> 00:03:42,030
‫And there are a couple of versions,

71
00:03:42,030 --> 00:03:45,090
‫there are a couple of types for assembly as well.

72
00:03:45,090 --> 00:03:50,090
‫It depends on the processor type like Intel or ARM or AMD,

73
00:03:51,570 --> 00:03:56,280
‫but most of the time the principles would be the same.

74
00:03:56,280 --> 00:03:59,880
‫So for example, you see a code over here

75
00:03:59,880 --> 00:04:01,230
‫which is assembly code

76
00:04:01,230 --> 00:04:03,660
‫and this is high-level language code.

77
00:04:03,660 --> 00:04:05,760
‫So this is very easy to understand.

78
00:04:05,760 --> 00:04:08,430
‫A equals to B plus C.

79
00:04:08,430 --> 00:04:10,800
‫And the assembly thing

80
00:04:10,800 --> 00:04:12,684
‫is kind of easy to understand as well,

81
00:04:12,684 --> 00:04:17,190
‫but machine language is not very easy to understand.

82
00:04:17,190 --> 00:04:19,830
‫It consists ones and zeros,

83
00:04:19,830 --> 00:04:23,490
‫and it's very hard to write in that language.

84
00:04:23,490 --> 00:04:28,170
‫So what we can get out of IPAs

85
00:04:28,170 --> 00:04:30,330
‫is the assembly code,

86
00:04:30,330 --> 00:04:34,800
‫and we can make sense out of assembly codes as well.

87
00:04:34,800 --> 00:04:39,360
‫Maybe in order to change it, in order to edit it,

88
00:04:39,360 --> 00:04:42,090
‫then you should master the assembly language.

89
00:04:42,090 --> 00:04:46,080
‫That's not what we are looking for, at least in this course.

90
00:04:46,080 --> 00:04:50,220
‫Because this is a course it's on its own, okay?

91
00:04:50,220 --> 00:04:52,950
‫You have to learn it from scratch

92
00:04:52,950 --> 00:04:56,130
‫and you have to spend so much time learning

93
00:04:56,130 --> 00:04:58,590
‫how to code in assembly.

94
00:04:58,590 --> 00:05:01,020
‫However, there are a couple of ways

95
00:05:01,020 --> 00:05:02,790
‫to leverage assembly code

96
00:05:02,790 --> 00:05:06,930
‫and we are going to see how to do that during this section.

97
00:05:06,930 --> 00:05:08,310
‫We are going to take hints.

98
00:05:08,310 --> 00:05:09,810
‫We are going to make sense out

99
00:05:09,810 --> 00:05:12,600
‫of some assembly code

100
00:05:12,600 --> 00:05:15,390
‫and then we are going to manipulate our apps

101
00:05:15,390 --> 00:05:18,000
‫using those information

102
00:05:18,000 --> 00:05:20,850
‫that we gather from assembly code.

103
00:05:20,850 --> 00:05:24,450
‫And we are not gonna deal with machine language.

104
00:05:24,450 --> 00:05:26,040
‫However, we are going to see

105
00:05:26,040 --> 00:05:29,160
‫how it's used and how binary,

106
00:05:29,160 --> 00:05:34,160
‫or how hexadecimal works in real life as well.

107
00:05:34,200 --> 00:05:37,140
‫And we are going to see a lot of assembly code.

108
00:05:37,140 --> 00:05:39,210
‫Don't be surprised with it,

109
00:05:39,210 --> 00:05:41,250
‫just don't be scared of it.

110
00:05:41,250 --> 00:05:45,510
‫I'm going to explain everything you should know about this.

111
00:05:45,510 --> 00:05:49,230
‫So in order to get the assembly code out of an IPA,

112
00:05:49,230 --> 00:05:51,513
‫we're going to use this Hopper Disassembler.

113
00:05:52,440 --> 00:05:55,650
‫And of course, there are some other tools as well,

114
00:05:55,650 --> 00:05:59,400
‫but Hopper Disassembler actually works very well.

115
00:05:59,400 --> 00:06:02,550
‫It's actually a paid tool.

116
00:06:02,550 --> 00:06:03,990
‫It's a paid software,

117
00:06:03,990 --> 00:06:08,990
‫but there is a trial version of this Hopper Disassembler.

118
00:06:09,480 --> 00:06:11,580
‫So that's what we are going to use.

119
00:06:11,580 --> 00:06:15,690
‫So if you go to hopperapp.com or you can just Google it,

120
00:06:15,690 --> 00:06:18,990
‫okay, you can just Google Hopper Disassembler,

121
00:06:18,990 --> 00:06:21,570
‫you will see that you can download it for free

122
00:06:21,570 --> 00:06:23,400
‫and try it for free.

123
00:06:23,400 --> 00:06:27,180
‫So this is macOS and Linux Disassembler.

124
00:06:27,180 --> 00:06:32,180
‫You can try to just disassemble the IPAs in macOS

125
00:06:33,420 --> 00:06:35,820
‫and make sense out of those.

126
00:06:35,820 --> 00:06:40,820
‫You can try to disassemble EXE files or DMG files as well.

127
00:06:40,860 --> 00:06:42,180
‫So what we're gonna do,

128
00:06:42,180 --> 00:06:43,290
‫we're going to work

129
00:06:43,290 --> 00:06:48,290
‫and focus on our IPAs, our iOS final products.

130
00:06:48,990 --> 00:06:52,080
‫So you have to go over here to download.

131
00:06:52,080 --> 00:06:53,400
‫And as you can see

132
00:06:53,400 --> 00:06:56,370
‫there is a free version over here.

133
00:06:56,370 --> 00:06:57,900
‫You can just download it.

134
00:06:57,900 --> 00:07:00,720
‫Of course, it comes with kind of limits

135
00:07:00,720 --> 00:07:03,270
‫like you can only use it for 30 minutes

136
00:07:03,270 --> 00:07:04,440
‫and it will shut down,

137
00:07:04,440 --> 00:07:07,530
‫and then you're gonna have to open it one more time,

138
00:07:07,530 --> 00:07:09,780
‫but it's no biggie for us.

139
00:07:09,780 --> 00:07:12,240
‫I'm going to talk about restrictions

140
00:07:12,240 --> 00:07:13,740
‫and I'm going to talk about

141
00:07:13,740 --> 00:07:16,410
‫overcoming those restrictions as well.

142
00:07:16,410 --> 00:07:19,530
‫Just make sure you download it and open it like this.

143
00:07:19,530 --> 00:07:20,980
‫And once you open it,

144
00:07:20,980 --> 00:07:23,490
‫it'll be very easy to install

145
00:07:23,490 --> 00:07:24,560
‫because all you have to do

146
00:07:24,560 --> 00:07:27,300
‫is just take this and drag and drop

147
00:07:27,300 --> 00:07:29,040
‫into Applications folder

148
00:07:29,040 --> 00:07:31,800
‫and it'll be ready to use.

149
00:07:31,800 --> 00:07:33,270
‫So once you do that,

150
00:07:33,270 --> 00:07:35,730
‫you can come over here and click on it

151
00:07:35,730 --> 00:07:39,060
‫and just open the Hopper Disassembler.

152
00:07:39,060 --> 00:07:41,790
‫It will ask you if you wanna go for a license

153
00:07:41,790 --> 00:07:43,200
‫or try the demo.

154
00:07:43,200 --> 00:07:45,000
‫Just say try the demo,

155
00:07:45,000 --> 00:07:48,000
‫and it will open the dashboard for you.

156
00:07:48,000 --> 00:07:51,240
‫So this is our Hopper Disassembler,

157
00:07:51,240 --> 00:07:54,120
‫and all you have to do is just drag the IPA

158
00:07:54,120 --> 00:07:58,440
‫and drop it on the disassembler, okay?

159
00:07:58,440 --> 00:08:00,720
‫So that's what I'm going to do actually.

160
00:08:00,720 --> 00:08:04,710
‫And make sure you have your DetectJail.ipa,

161
00:08:04,710 --> 00:08:08,250
‫and just drag and drop it.

162
00:08:08,250 --> 00:08:11,730
‫And then we are going to see how it looks like.

163
00:08:11,730 --> 00:08:13,980
‫So if I manage to drag and drop it,

164
00:08:13,980 --> 00:08:16,410
‫we are going to see, yep, like this.

165
00:08:16,410 --> 00:08:18,190
‫And once you do that,

166
00:08:18,190 --> 00:08:22,140
‫it'll ask you if you wanna continue, just say yes.

167
00:08:22,140 --> 00:08:25,260
‫And over here you can choose ARM v7

168
00:08:25,260 --> 00:08:29,100
‫and you can choose FAT archive, and say Next.

169
00:08:29,100 --> 00:08:31,020
‫And then it will ask you

170
00:08:31,020 --> 00:08:33,150
‫for the options one more time.

171
00:08:33,150 --> 00:08:37,350
‫Default options would be fine for you at the stage

172
00:08:37,350 --> 00:08:40,410
‫so make sure you don't change anything over here

173
00:08:40,410 --> 00:08:41,460
‫and say OK.

174
00:08:41,460 --> 00:08:42,900
‫And here you go.

175
00:08:42,900 --> 00:08:45,780
‫Now it disassembled it.

176
00:08:45,780 --> 00:08:50,250
‫Now this is assembly code for our IPA file.

177
00:08:50,250 --> 00:08:51,450
‫So as you can see,

178
00:08:51,450 --> 00:08:54,090
‫it looks a little bit complicated

179
00:08:54,090 --> 00:08:55,650
‫when you first see it,

180
00:08:55,650 --> 00:08:58,800
‫but I'm going to take you over this one by one

181
00:08:58,800 --> 00:09:02,040
‫so that you can understand it in a better way.

182
00:09:02,040 --> 00:09:04,830
‫So make sure you get the screen

183
00:09:04,830 --> 00:09:08,130
‫and then make sure you try to make sense out of it

184
00:09:08,130 --> 00:09:11,160
‫by looking at the descriptions or something.

185
00:09:11,160 --> 00:09:13,620
‫But most probably, you won't

186
00:09:13,620 --> 00:09:16,830
‫because you will need some kind of guidance

187
00:09:16,830 --> 00:09:18,360
‫in order to understand it

188
00:09:18,360 --> 00:09:21,810
‫if you have never worked with assembly before.

189
00:09:21,810 --> 00:09:25,563
‫And that's what we are going to do within the next lecture.