A CLI for extracting libraries from Apple's dyld shared cache file

Related tags

CLI dyld-shared-cache-extractor
Overview

dyld-shared-cache-extractor

As of macOS Big Sur, instead of shipping the system libraries with macOS, Apple ships a generated cache of all built in dynamic libraries and excludes the originals. This tool allows you to extract these libraries from the cache for reverse engineering.

Usage

Extract the default shared cache to /tmp/libraries:

dyld-shared-cache-extractor /System/Library/dyld/dyld_shared_cache_arm64e /tmp/libraries

Installation

Homebrew:

brew install keith/formulae/dyld-shared-cache-extractor

Manually:

cmake -B build
cmake --build build
cmake --install build

More details

There are a few different ways you can interact with these shared caches.

  1. Depending on what you're doing inspecting them in Hopper is the easiest option
  2. For a bit more functionality you can build the dyld_shared_cache_util target from the latest dyld source dump, but this requires some modifications

The problem with the 2 options above is that they can lag behind format changes in the shared cache. This tool loads the private dsc_extractor.bundle from Xcode, meaning it should always be able to extract the shared cache files even from beta OS versions (potentially using a beta Xcode version).

This logic is based on the function at the bottom of dyld3/shared-cache/dsc_extractor.cpp from the dyld source dump.

You might also like...
Windows Package Manager CLI (aka winget)
Windows Package Manager CLI (aka winget)

Welcome to the Windows Package Manager Client (aka winget.exe) repository This repository contains the source code for the Windows Package Manager Cli

Microsoft 18.4k Dec 27, 2022
CLI to play a word-guessing game like Wordle
CLI to play a word-guessing game like Wordle

Lexeme What is this? Python program to play a word-guessing game like Wordle, but… More addictive because you can play it over and over and over, not

Dan Lenski 6 Oct 26, 2022
This is a simple CLI interface helper library for C.

LIBCCLI This is a very simple shell like interface for CLI activities. More will be added to this, but for now, this is the basic idea:

Steven Rostedt 40 Sep 24, 2022
A CLI program that helps you find classes and plan pre-requisites. Written in C++ and Python.

CourseHelper A CLI program created to help you prepare for course registration. Note: At the moment, this project is built specifically for other UCLA

Kyle Chui 0 Dec 13, 2022
CLI for single-cell analyses

CLI for single-cell analyses This repository provides a no-frills command-line interface for single-cell RNA-seq data analysis from a Matrix Market fi

Aaron Lun 2 Jan 28, 2022
A CLI based solver for the popular word guessing game WORDLE
A CLI based solver for the popular word guessing game WORDLE

Project WAR WAR stands for Wordle Answer and Resolver About Wordle is a web-based word game developed by Welsh-born software engineer Josh Wardle, for

Yeluri Ketan 2 Feb 19, 2022
n³ The unorthodox terminal file manager
n³ The unorthodox terminal file manager

n³ The unorthodox terminal file manager

Mischievous Meerkat 15.5k Jan 1, 2023
A Windows Shell Extension for the Pixar USD file format.

Activision USD Shell Extension A Windows Shell Extension for the Pixar USD file format. Windows Explorer Features Hydra Realtime Preview Thumbnails Co

null 319 Dec 28, 2022
Yori is a CMD replacement shell that supports backquotes, job control, and improves tab completion, file matching, aliases, command history, and more.

Yori is a CMD replacement shell that supports backquotes, job control, and improves tab completion, file matching, aliases, command history, and more.

Malcolm Smith 1.1k Dec 30, 2022
Comments
  • macOS Ventura VM shared cache location

    macOS Ventura VM shared cache location

    I'm not sure if this is a permanent change or just a VM detail, but I noticed in my macOS Ventura VM that the shared cache location is actually:

    /System/Volumes/Preboot/Cryptexes/OS/System/Library/dyld/...

    There is also:

    /System/Volumes/Preboot/Cryptexes/OS/System/DriverKit/System/Library/dyld/

    Which seems to have a smaller subset of libraries potentially used at boot?

    Just filing this in case others are looking for this info

    opened by keith 5
  • Update paths for Ventura

    Update paths for Ventura

    This just puts the Ventura paths front and center and adds a note about the old paths below.

    Fixes https://github.com/keith/dyld-shared-cache-extractor/issues/4

    opened by keith 0
  • Invalid cache magic in file at dyld_shared_cache_arm64

    Invalid cache magic in file at dyld_shared_cache_arm64

    I got this log when run dyld-shared-cache-extractor /Users/andaji/Mine/XiaoMaGe/iOSFramesMachO/dyld_shared_cache_arm64 /Users/andaji/Mine/XiaoMaGe/iOSFramesMachO/aaa

    My Mac version is 12.3.1 with Apple M1 chip and my XCode version is 13.4.1. The dyld_shared_cache_arm64 is load from a iPhone 7 and it iOS version is 12.0.1

    opened by jiwenyi163 1
  • How to get actual objc headers from the dump this tool produces?

    How to get actual objc headers from the dump this tool produces?

    This may be a noob question but I'm lost on how to parse the dump into a human-readable format, specifically into objc header files. As the README suggested, I ran dyld-shared-cache-extractor /System/Library/dyld/dyld_shared_cache_arm64e /tmp/libraries and it works great - gives me an output for all the frameworks I was expecting.

    However when opening the file inside the framework, it appears to be encrypted or obfuscated in some way - the actual headers aren't readable. Is there some method I can use to read them? TIA!

    image

    opened by tneotia 1
Releases(0.2.0)
Owner
Keith Smiley
iOS @Lyft
Keith Smiley
GitHub
Simple command line utilities for extracting data from Fallout 4 and 76 files

fo76utils Simple command line utilities for extracting data from Fallout 4 and 76 files. baunpack - list the contents of, or extract from .BA2 archive

null 15 Dec 6, 2022
The KISS file manager: CLI-based, ultra-lightweight, lightning fast, and written in C

CliFM is a CLI-based, shell-like (non-curses) and KISS terminal file manager written in C: simple, fast, and lightweight as hell

leo-arch 819 Jan 8, 2023
File's sizes as a markdown table (CLI)

File's sizes as a markdown table (CLI)

Reaper 5 Feb 6, 2022
C++ lib and CLI for playing media files on a Chromecast

castr - a CLI and C++ library to cast media files to Chromecast devices using the built in Default Media Receiver

null 33 Oct 31, 2022
Creating CLI's just got a whole lot better

Staq Creating CLI's just got a whole lot better. Don't worry about CLI colouring, networking, Size of Executables, Speed ever again Have any doubts? R

null 9 Jun 1, 2021
CLI Application that provides the Freedesktop Secret Service using Pass as its backend!

pass-secrets CLI Application that provides the Freedesktop Secret Service using Pass as its backend! Status Currently working to store secrets with pr

null 21 Sep 13, 2022
Fegeya Freud, CLI FPaper renderer, based on Totem (`less`-like tool without `--help`)

Fegeya Freud, CLI FPaper renderer, based on Totem (`less`-like tool without `--help`)

Ferhat Geçdoğan 3 Jun 11, 2021
Um CLI para encontrar os seus alias

Manager-Alias Que tal gerenciar todos os seus alias de um único local? Pesquisar e encontrar o que você precisa sem ter que ficar lendo diversos arqui

Wiris Rafael Januario Wernek 3 Oct 26, 2021
Port of ani-cli with more features 😉

Port of ani-cli with more features ??

Dinkan 14 Jun 25, 2022
The Efficient Study Planner (ESP) is a CLI app that gives an optimized plan to study for an upcoming exam.

Welcome to Efficient Study Planner ?? Optimize your study plan with ESP! Table of Contents About The Project Tech Stack Prerequisites How To Use? Lice

Md Ausaf Rashid 3 Aug 3, 2022