binaryninja-api support for dyld shared cache

See: http://iphonedevwiki.net/index.php/Dyld_shared_cache for more info.

Jun 07 '16 04:06 psifertex

If you need to get copies of a dyld_shared_cache_ file then you can follow the steps here (http://newosxbook.com/articles/OTA.html) to extract one for yourself from one of the updates here (https://www.theiphonewiki.com/wiki/OTA_Updates)

Note that the files taken from actual phones are a) encrypted (I believe?) and b) have some form of ASLR pre-applied to them.

Jun 07 '16 04:06 cornejo

Blocking on #133

Dec 16 '20 19:12 psifertex

Apple OSS'ed their latest version of dyld, plus you could probably look at how the Ghidra loader works. https://github.com/apple-oss-distributions/dyld

Feb 08 '22 19:02 brinlyau

Thanks -- we've got some other references for this too I thought I posted on this issue but it must have been a different one. I did at least tag this for 3.3 which is when we expect to be working on it again.

Feb 08 '22 20:02 psifertex

In the meantime, this works for arm64 shared caches: https://github.com/cxnder/bn-dyldsharedcache

Feb 27 '22 11:02 0cyn

Resolved in dev builds >= 4.2.6279

We've shipped a preview 'alpha version' of our SharedCache processing plugin which you can start to work with now 🎉

It currently has first class support for iOS 11-17, partial support for iOS 18 (missing objc selector optimizations) It has partial support for macOS x86_64 and arm64e caches as well.

It should be usable for RE in all cases.

Support for other arches/formats, misc features, and bugs (which will exist) will be tracked in separate issues, and we look forward to feedback as we continue working on this.

Oct 24 '24 13:10 0cyn

For future reference, the current version is here: https://github.com/Vector35/binaryninja-api/tree/dev/view/sharedcache

Apr 17 '25 15:04 psifertex