We’ve been very hard at work improving the experience for our iOS and macOS reverse engineers. You’ll want to keep an eye out for our upcoming 4.2 feature release announcement stream which includes some even juicier bits. In the meantime, hopefully this will tide you over.
This blog is a short summary of the current state of Objective-C analysis in Binary Ninja.
Automatic Analysis
As mentioned in our 4.1 release notes, we have changed the Objective-C analysis so that no manual workflow/plugin loading is required. Instead, all changes are now implemented as an open source plugin and changes in our open source MachO BinaryView.
You can disable this via User Settings or on a per-view basis in Open with Options.
Automatic Stub Inlining
More recent versions of apple’s compiler will automatically outline _objc_msgSend calls automatically, placing the outlined functions in the __objc_stubs section.
While providing some space savings, this has resulted in these binaries being much more laborious to analyze.
Binary Ninja can now automatically detect and analyze these outlined functions and fully reverse the optimization, allowing the rest of our suite to work better than ever.
Call Rewrites
As seen in the above comparison, we also try to trace down msgSend calls and rewrite them to the appropriate function if it is located within the binary.
Ivar Recovery
Objective-C Class instance variables are automatically recovered and names/types applied accordingly, making things easier to read through.
CFString Support
Binary Ninja has full support for the CFString spec and will automatically annotate CFString metadata, and name them accordingly, so parsing them in our IL views is easier.
Category Support
Binary Ninja has full support for category methods and parses them like any other Objective-C method.
Architecture Improvements
We’ve added full support for ARMv7/Thumb2 binaries in addition to our existing Aarch64 support, meaning regardless of your target OS and architecture, you’re getting our full suite of analysis.
We’re always working to improve our Objective-C analysis, and looking forward to shipping more powerful new tools to enable better capabilities for analyzing binaries from Apple platforms.