ceair_iOS_branch中也有一个ali vmp，属于是0003开头的那种，经测试报错

`import logging
import os
import urllib.request
from pathlib import Path

from chomper import Chomper
from chomper.const import ARCH_ARM64, OS_IOS
from chomper.objc import ObjC
from chomper.utils import pyobj2nsobj

base_path = os.path.abspath(os.path.dirname(__file__))

log_format = "%(asctime)s - %(name)s - %(levelname)s: %(message)s"
logging.basicConfig(
    format=log_format,
    level=logging.INFO,
)

logger = logging.getLogger()


def main():
    binary_path = "binaries/ios/com.ceair.b2m/ceair_iOS_branch"
    binary_filepath = os.path.join(base_path, binary_path)

    emu = Chomper(
        arch=ARCH_ARM64,
        os_type=OS_IOS,
        rootfs_path=os.path.join(base_path, "rootfs/ios"),
        enable_ui_kit=True,
    )
    objc = ObjC(emu)

    emu.load_module(binary_filepath)

    with objc.autorelease_pool():
        # Initialize
        ali_tiger_tally_instance = objc.msg_send("AliTigerTally", "sharedInstance")

        app_key = pyobj2nsobj(emu, "ypWt5wEEQwOEgLM4e12Gl26wHlW6Qj_XOG0-l7p3ju05wOt2jZ0tNkr5he6ei73A2AQQUH2QbJfvfJoKU_rKkdwvHEn75U6xYNgpgVYUVSjxZt1Ks5MdUQoZY_SK-ETAArxOUW1Mhf8uTnvvLUOB9vvT6atg_PEjEf0Svu8KOn8=")
        objc.msg_send(ali_tiger_tally_instance, "initialize:", app_key)

        # vmpSign
        data = pyobj2nsobj(emu, b'{"biClassId":["2","3","4"]}')
        vmp_sign = objc.msg_send(ali_tiger_tally_instance, "vmpSign:", data)
        vmp_sign_str = emu.read_string(objc.msg_send(vmp_sign, "cStringUsingEncoding:", 4))

        logger.info("AliTigerTally vmpSign: %s", vmp_sign_str)


if __name__ == "__main__":
    main()
`

2024-12-20 13:46:59,302 - chomper.file - INFO: Monitor 'opendir' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m'
2024-12-20 13:46:59,302 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs/ios\private\var\containers\Bundle\Application\43E5FB44-22FC-4DC2-9D9E-E2702A988A2E\com.yourcompany.ProductName'
2024-12-20 13:46:59,302 - chomper.file - INFO: Monitor 'opendir' return: 134219320
2024-12-20 13:46:59,302 - chomper.file - INFO: Monitor 'readdir' call: dirp=134219320
2024-12-20 13:46:59,302 - chomper.file - INFO: Monitor 'readdir' return: 134748160
2024-12-20 13:46:59,303 - chomper.file - INFO: Monitor 'readdir' call: dirp=134219320
2024-12-20 13:46:59,303 - chomper.file - INFO: Monitor 'readdir' return: 0
2024-12-20 13:46:59,303 - chomper.file - INFO: Monitor 'closedir' call: dirp=134219320
2024-12-20 13:46:59,303 - chomper.file - INFO: Monitor 'closedir' return: 0
2024-12-20 13:46:59,305 - chomper.core - INFO: System call 0x152 invoked from libsystem_kernel.dylib!0x1ac331304
2024-12-20 13:46:59,305 - chomper.file - INFO: Monitor 'stat' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m/Wrapper'
2024-12-20 13:46:59,305 - chomper.file - INFO: Map path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m/Wrapper' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs\ios\private\var\containers\Bundle\Application\9A5D67E5-5DBF-429A-9000-473A2AE73C69\com.ceair.b2m\Wrapper'
2024-12-20 13:46:59,306 - chomper.core - INFO: System call 0x152 invoked from libsystem_kernel.dylib!0x1ac331304
2024-12-20 13:46:59,306 - chomper.file - INFO: Monitor 'stat' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m'
2024-12-20 13:46:59,307 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs/ios\private\var\containers\Bundle\Application\43E5FB44-22FC-4DC2-9D9E-E2702A988A2E\com.yourcompany.ProductName'
2024-12-20 13:46:59,307 - chomper.file - INFO: Monitor 'stat' return
2024-12-20 13:46:59,308 - chomper.file - INFO: Monitor 'opendir' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m'
2024-12-20 13:46:59,308 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs/ios\private\var\containers\Bundle\Application\43E5FB44-22FC-4DC2-9D9E-E2702A988A2E\com.yourcompany.ProductName'
2024-12-20 13:46:59,308 - chomper.file - INFO: Monitor 'opendir' return: 134219320
2024-12-20 13:46:59,308 - chomper.file - INFO: Monitor 'readdir' call: dirp=134219320
2024-12-20 13:46:59,308 - chomper.file - INFO: Monitor 'readdir' return: 134748160
2024-12-20 13:46:59,309 - chomper.file - INFO: Monitor 'readdir' call: dirp=134219320
2024-12-20 13:46:59,309 - chomper.file - INFO: Monitor 'readdir' return: 0
2024-12-20 13:46:59,309 - chomper.file - INFO: Monitor 'closedir' call: dirp=134219320
2024-12-20 13:46:59,309 - chomper.file - INFO: Monitor 'closedir' return: 0
2024-12-20 13:46:59,311 - chomper.core - INFO: System call 0x152 invoked from libsystem_kernel.dylib!0x1ac331304
2024-12-20 13:46:59,311 - chomper.file - INFO: Monitor 'stat' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m/ceair_iOS_branch'
2024-12-20 13:46:59,311 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m/ceair_iOS_branch' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\binaries/ios/com.ceair.b2m/ceair_iOS_branch'
2024-12-20 13:46:59,311 - chomper.file - INFO: Monitor 'stat' return
2024-12-20 13:46:59,311 - chomper.core - INFO: System call 0x5 invoked from libsystem_kernel.dylib!0x1ac32e2f0
2024-12-20 13:46:59,311 - chomper.file - INFO: Monitor 'open' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m/ceair_iOS_branch', flags=32768
2024-12-20 13:46:59,311 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m/ceair_iOS_branch' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\binaries/ios/com.ceair.b2m/ceair_iOS_branch'
2024-12-20 13:46:59,311 - chomper.file - INFO: Monitor 'open' return: 3
2024-12-20 13:46:59,311 - chomper.core - INFO: System call 0x3 invoked from libsystem_kernel.dylib!0x1ac330cc4
2024-12-20 13:46:59,311 - chomper.file - INFO: Monitor 'read' call: fd=3, size=512
2024-12-20 13:46:59,311 - chomper.file - INFO: Monitor 'read' return
2024-12-20 13:46:59,312 - chomper.core - INFO: System call 0x6 invoked from libsystem_kernel.dylib!0x1ac32f89c
2024-12-20 13:46:59,312 - chomper.file - INFO: Monitor 'close' call: fd=3
2024-12-20 13:46:59,312 - chomper.file - INFO: Monitor 'close' return: 0
2024-12-20 13:46:59,314 - chomper.core - INFO: Call symbol "__CFBundleCreateInfoDictFromData"
2024-12-20 13:46:59,315 - chomper.core - INFO: Start emulate at CoreFoundation!0x180454814
2024-12-20 13:46:59,354 - chomper.core - INFO: System call 0x154 invoked from libsystem_kernel.dylib!0x1ac330544
2024-12-20 13:46:59,355 - chomper.file - INFO: Monitor 'lstat' call: path='/private'
2024-12-20 13:46:59,356 - chomper.core - INFO: System call 0x152 invoked from libsystem_kernel.dylib!0x1ac331304
2024-12-20 13:46:59,356 - chomper.file - INFO: Monitor 'stat' call: path='/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m'
2024-12-20 13:46:59,357 - chomper.file - INFO: Map path '/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs\ios\var\containers\Bundle\Application\9A5D67E5-5DBF-429A-9000-473A2AE73C69\com.ceair.b2m'
2024-12-20 13:46:59,358 - chomper.core - INFO: System call 0x152 invoked from libsystem_kernel.dylib!0x1ac331304
2024-12-20 13:46:59,358 - chomper.file - INFO: Monitor 'stat' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m'
2024-12-20 13:46:59,358 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs/ios\private\var\containers\Bundle\Application\43E5FB44-22FC-4DC2-9D9E-E2702A988A2E\com.yourcompany.ProductName'
2024-12-20 13:46:59,358 - chomper.file - INFO: Monitor 'stat' return
2024-12-20 13:46:59,359 - chomper.core - INFO: System call 0x21 invoked from libsystem_kernel.dylib!0x1ac32f52c
2024-12-20 13:46:59,359 - chomper.file - INFO: Monitor 'access' call: path='/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m', mode=4
2024-12-20 13:46:59,359 - chomper.file - INFO: Forward path '/private/var/containers/Bundle/Application/9A5D67E5-5DBF-429A-9000-473A2AE73C69/com.ceair.b2m' -> 'D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\rootfs/ios\private\var\containers\Bundle\Application\43E5FB44-22FC-4DC2-9D9E-E2702A988A2E\com.yourcompany.ProductName'
2024-12-20 13:46:59,359 - chomper.file - INFO: Monitor 'access' return: 0
2024-12-20 13:46:59,372 - chomper.core - INFO: Call symbol "_sel_registerName"
2024-12-20 13:46:59,373 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x1948074a4
2024-12-20 13:46:59,373 - chomper.core - INFO: Call symbol "_objc_msgSend"
2024-12-20 13:46:59,373 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x1947ec460
2024-12-20 13:46:59,375 - chomper.core - INFO: Call symbol "_sel_registerName"
2024-12-20 13:46:59,376 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x1948074a4
2024-12-20 13:46:59,376 - chomper.core - INFO: Call symbol "_objc_msgSend"
2024-12-20 13:46:59,376 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x1947ec460
2024-12-20 13:46:59,378 - chomper.core - INFO: Call symbol "_sel_registerName"
2024-12-20 13:46:59,379 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x1948074a4
2024-12-20 13:46:59,379 - chomper.core - INFO: Call symbol "_objc_msgSend"
2024-12-20 13:46:59,380 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x1947ec460
2024-12-20 13:46:59,384 - chomper.core - INFO: Call symbol "_CFDataCreate"
2024-12-20 13:46:59,385 - chomper.core - INFO: Start emulate at CoreFoundation!0x1803ae524
2024-12-20 13:46:59,398 - chomper.core - ERROR: Emulator crashed from: libcorecrypto.dylib!0x1c0071d54 <- libc++abi.dylib!0x1948eeba0 <- libobjc.A.dylib!0x1947f0c78 <- Foundation!0x1816afdf4 <- Foundation!0x181684fe4 <- Foundation!0x18160f098 <- Foundation!0x181658538 <- Foundation!0x181658b0c <- ceair_iOS_branch!0x10299d404 <- ceair_iOS_branch!0x1029b7da8 <- ceair_iOS_branch!0x1029b5390 <- ceair_iOS_branch!0x1029b51b8 <- ceair_iOS_branch!0x1029e08f4
2024-12-20 13:46:59,398 - chomper.core - INFO: Call symbol "_objc_autoreleasePoolPop"
2024-12-20 13:46:59,399 - chomper.core - INFO: Start emulate at libobjc.A.dylib!0x19480f380
Traceback (most recent call last):
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\chomper\core.py", line 215, in _start_emulate
    self.uc.emu_start(address, stop_addr)
  File "C:\Users\Administrator\AppData\Local\Programs\Python\Python39\lib\site-packages\unicorn\unicorn_py3\unicorn.py", line 626, in emu_start
    raise UcError(status)
unicorn.unicorn_py3.unicorn.UcError: Invalid memory fetch (UC_ERR_FETCH_UNMAPPED)

The above exception was the direct cause of the following exception:

Traceback (most recent call last):
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\example_ios_ali_vmp_sign.py", line 52, in <module>
    main()
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\example_ios_ali_vmp_sign.py", line 41, in main
    objc.msg_send(ali_tiger_tally_instance, "initialize:", app_key)
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\chomper\objc.py", line 62, in msg_send
    return self.emu.call_symbol(
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\chomper\core.py", line 765, in call_symbol
    return self._start_emulate(address, *args, va_list=va_list)
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\chomper\core.py", line 218, in _start_emulate
    self.crash("Unknown reason", exc=e)
  File "D:\iRabbitProject\irabbit_project\ibox-wtoken-server-master-dongfanghangkong\ceair_server\chomper\core.py", line 369, in crash
    raise EmulatorCrashed(f"{message} at {self.debug_symbol(address)}") from exc
chomper.exceptions.EmulatorCrashed: Unknown reason at libcorecrypto.dylib!0x1c0071d54



Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Uh oh!

ceair_iOS_branch中也有一个ali vmp，属于是0003开头的那种，经测试报错 #117

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

ceair_iOS_branch中也有一个ali vmp，属于是0003开头的那种，经测试报错 #117

Description

Metadata

Metadata

Assignees

Labels

Projects

Milestone

Relationships

Development

Issue actions