Need help with SwiftDump?
Click the “chat” button below for chat support from the developer who created it, or find similar developers for support.

About the developer

neil-wu
224 Stars 37 Forks Other 3 Commits 0 Opened issues

Description

SwiftDump is a command-line tool for retriving the Swift Object info from Mach-O file.

Services available

!
?

Need anything else?

Contributors list

# 113,759
Objecti...
Swift
3 commits

SwiftDump

中文文档

SwiftDump is a command-line tool for retriving the Swift Object info from Mach-O file. Similar to class-dump, but the difference is that SwiftDump focus on swift 5 objects. For Mach-O files mixed with Objective-C and swift, you can combine class-dump with SwiftDump.

There is alos a Frida version named FridaSwiftDump.

You can either use

SwiftDump
for a Mach-O file or
FridaSwiftDump
for a foreground running app.

If you are curious about the Mach-O format, check the image at the bottom of this article.

demo

Usage

USAGE: SwiftDump [--debug] [--arch ]  [--version]

ARGUMENTS: MachO File

OPTIONS: -d, --debug Show debug log. -a, --arch Choose architecture from a fat binary (only support x86_64/arm64). (default: arm64) -v, --version Version -h, --help Show help information.

  • SwiftDump ./TestMachO > result.txt
  • SwiftDump -a x86_64 ./TestMachO > result.txt

Features

  • Written entirely in swift, the project is tiny
  • Dump swift 5 struct/class/enum/protocol
  • Parse enum with payload case
  • Support inheritance and protocol
  • Since it is written in swift, the mangled names are demangled by swift's runtime function, such as
    swift_getTypeByMangledNameInContext
    and
    swift_demangle_getDemangledName
    .

Thanks to the runtime function, SwiftDump can demangle complex type, such as RxSwift variable. For example,

RxSwift.Queue)>

TODO

  • Parse swift function address
  • More

Compile

  1. Clone the repo
  2. Open SwiftDump.xcodeproj with Xcode
  3. Modify 'Signing & Capabilities' to use your own id
  4. Build & Run

The default Mach-O file path is

Demo/test
, you can change it in
Xcode - Product - Scheme - Edit Scheme - Arguments

(Tested on Xcode Version 11.5 (11E608c), MacOS 10.15.5)

Credit

  • Machismo : Parsing of Mach-O binaries using swift.
  • swift-argument-parser : Straightforward, type-safe argument parsing for Swift.
  • Swift metadata : High level description of all the Swift 5 sections that can show up in a Swift binary.

License

MIT

Mach-O File Format

The following image shows how SwiftDump parse swift types from file

Demo/test
. You can open this file with MachOView.

demo

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.