I'm currently disassembling a Mach-O executable(the executable runs on Mac OS X, to be specific) in IDA Pro on windows. I have one instruction which I want to change, but it doesn't seem that IDA Pro allows you to do this. So, I tried using otool on OS X to dump the assembly(which it does fine). However, after editing the assembly in otool, I tried to reassemble it using as <file name of modified otool -tV output>. This greets me with a bunch of errors like Junk character 43 (+). What's the easiest way to change just a single instruction in a Mach-O binary on Mac OS X?
views:
393answers:
1
+2
A:
I've used both otool and otx to disassemble various binaries, and I've found the easiest way to edit them is to figure out what the assembly of the new code I want is (using nasm or similar), then just use a hex editor (I prefer Hex Fiend) on the binary file.
Tim
2009-12-19 07:10:55
This seems like a horrible solution(though tolerable for small edits), especially considering that x86 has variable-length instructions. Are there no good tools for disassembling and reassembling files on OS X?
Mike
2009-12-19 07:24:45
unfurtunely there are no tools like ollydbg on OS X :(
knoopx
2010-01-11 14:33:23