ExternalVendorCode/AFLplusplus
1
0
Fork 0
mirror of https://github.com/AFLplusplus/AFLplusplus.git synced 2025-06-08 16:21:32 +00:00
Code Issues Packages Projects Releases Wiki Activity

Merge branch 'ios-cross' into ios

Browse Source
This commit is contained in:
Vincent Andrae 2025-02-26 17:51:07 +01:00
commit c22b06a27d
3 changed files with 47 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
GNUmakefile
View File

@ -72,7 +72,7 @@ endif
IS_IOS:=$(findstring ios, $(shell $(CC) --version 2>/dev/null)) IS_IOS:=$(findstring ios, $(shell $(CC) --version 2>/dev/null))
ifdef IS_IOS ifdef IS_IOS
override CFLAGS += -DTARGET_OS_IPHONE -DTARGET_OS_IOS override CFLAGS += -DTARGET_OS_IPHONE -DTARGET_OS_IOS -isysroot $(IOS_SDK_PATH)
endif endif
ifeq "$(findstring android, $(shell $(CC) --version 2>/dev/null))" "" ifeq "$(findstring android, $(shell $(CC) --version 2>/dev/null))" ""

42
docs/INSTALL.md
View File

@ -169,3 +169,45 @@ and definitely don't look POSIX-compliant. This means two things:
User emulation mode of QEMU does not appear to be supported on macOS, so User emulation mode of QEMU does not appear to be supported on macOS, so
black-box instrumentation mode (`-Q`) will not work. However, FRIDA mode (`-O`) black-box instrumentation mode (`-Q`) will not work. However, FRIDA mode (`-O`)
works on both x86 and arm64 macOS boxes. works on both x86 and arm64 macOS boxes.
## iOS on arm64 and arm64e
**Option 1: Compilation on jailbroken iOS (recommended)**
To compile directly on a jailbroken iOS device, it is recommended to use a jailbreak that supports Procursus,
as Procursus provides up-to-date pre-built packages for the required tools.
Ensure `openssh` is installed on your iOS device, then SSH into it.
Install the following packages:
```shell
sudo apt install wget git make cmake clang gawk llvm ldid coreutils build-essential xz-utils
```
Configure the environment for compilation:
```shell
export IOS_SDK_PATH="/usr/share/SDKs/iPhoneOS.sdk"
export CC=clang
export CXX=clang++
```
Then build following the general Linux instructions.
**Option 2: Cross-Compilation on macOS for Jailbroken iOS**
In addition to the packages required for a macOS build, install `ldid` for signing binaries:
```shell
brew install ldid-procursus
```
Configure the environment for compilation:
```shell
export IOS_SDK_PATH="$(xcrun --sdk iphoneos --show-sdk-path)"
export CC="$(xcrun --sdk iphoneos -f clang) -target arm64-apple-ios14.0"
export CXX="$(xcrun --sdk iphoneos -f clang++) -target arm64-apple-ios14.0"
export HOST_CC=cc
```
Then build following the general Linux instructions.
Finally, transfer the binaries to your iOS device.

4
frida_mode/GNUmakefile
View File

@ -114,6 +114,8 @@ ifdef IS_IOS
ARCH := arm64 ARCH := arm64
endif endif
endif endif
override CFLAGS += -isysroot $(IOS_SDK_PATH)
override LDFLAGS += -L$(IOS_SDK_PATH)/usr/lib
else ifeq "$(shell uname)" "Darwin" else ifeq "$(shell uname)" "Darwin"
OS:=macos OS:=macos
AFL_CFLAGS:=$(AFL_CFLAGS) -Wno-deprecated-declarations AFL_CFLAGS:=$(AFL_CFLAGS) -Wno-deprecated-declarations
@ -402,8 +404,10 @@ $(AFL_PERFORMANCE_OBJ): $(AFL_PERFORMANCE_SRC)
$(BIN2C): $(BIN2C_SRC) $(BIN2C): $(BIN2C_SRC)
$(HOST_CC) -D_GNU_SOURCE -o $@ $< $(HOST_CC) -D_GNU_SOURCE -o $@ $<
ifdef IS_IOS ifdef IS_IOS
ifeq ($(HOST_CC),$(TARGET_CC))
@ldid -S../entitlements.plist $@ && echo "[+] Signed $@" || { echo "[-] Failed to sign $@"; } @ldid -S../entitlements.plist $@ && echo "[+] Signed $@" || { echo "[-] Failed to sign $@"; }
endif endif
endif
$(JS_SRC): $(JS) $(BIN2C)| $(BUILD_DIR) $(JS_SRC): $(JS) $(BIN2C)| $(BUILD_DIR)
cd $(JS_DIR) && $(BIN2C) api_js $(JS) $@ cd $(JS_DIR) && $(BIN2C) api_js $(JS) $@