The process of collecting the source code from a binary is called reverse engineering. It is a combination of system analysis and static code analysis. It is the art of deducing the app implementation and design details of a given target app. In this section, we will walk through a step-by-step process for reverse engineering a given iOS app by extracting the class information and understand any leakage through comments, hardcoded message as well as memory protection.
In order to gain better understanding of the target app regarding any kind of information that can be potentially exploited and also understand if there are any vulnerable classes, we will use class-dump (32 bit) or class-dump-z (64 bit). This will work only on unsigned apps and we will be able to extract complete class information in a human-readable form. The following screenshot showcases the running of the class-dump-z
on iGoat app, which can be done even for a DVIA app...