From a0af2bbb02b4d0f94986f12169ab8447f75d22ab Mon Sep 17 00:00:00 2001
From: Naville <403799106@qq.com>
Date: Sun, 13 Mar 2016 02:46:06 +0000
Subject: [PATCH] OCRuntime+MachO

---
 BasePreferences.plist                     |   1 -
 Hooks/API/LSApplication.xm                |  89 +++++++++++--
 Hooks/API/MachO.xm                        | 149 ++++++++++++++++++++++
 Hooks/API/ObjCRuntime.xm                  |  39 +++++-
 Hooks/ThirdPartyTools/DeviceIDFake.xm     |  47 +++++++
 Hooks/ThirdPartyTools/InspectiveC.xm      |  47 +++++++
 Hooks/ThirdPartyTools/RuntimeClassDump.xm |  47 +++++++
 Hooks/ThirdPartyTools/dumpdecrypted.xm    |  47 +++++++
 VERSION                                   |   2 +-
 todo/README.md                            |   2 +
 10 files changed, 455 insertions(+), 15 deletions(-)
 create mode 100644 Hooks/API/MachO.xm
 create mode 100644 Hooks/ThirdPartyTools/DeviceIDFake.xm
 create mode 100644 Hooks/ThirdPartyTools/InspectiveC.xm
 create mode 100644 Hooks/ThirdPartyTools/RuntimeClassDump.xm
 create mode 100644 Hooks/ThirdPartyTools/dumpdecrypted.xm

diff --git a/BasePreferences.plist b/BasePreferences.plist
index 5036a0a..f0b38df 100644
--- a/BasePreferences.plist
+++ b/BasePreferences.plist
@@ -20,4 +20,3 @@
       <string>WTFJH</string>
    </dict>
 </plist>
-
diff --git a/Hooks/API/LSApplication.xm b/Hooks/API/LSApplication.xm
index a1e0033..13780bb 100644
--- a/Hooks/API/LSApplication.xm
+++ b/Hooks/API/LSApplication.xm
@@ -24,10 +24,40 @@
 	return ret;
 
 }
++ (id)applicationProxyForItemID:(id)arg1{
+
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationProxy",@"applicationProxyForItemID:");
+	WTAdd(arg1,@"ItemID");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;
+}
++ (id)applicationProxyWithBundleUnitID:(unsigned long)arg1{
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationProxy",@"applicationProxyWithBundleUnitID:");
+	WTAdd([NSNumber numberWithUnsignedLong:arg1],@"BundleUnitID");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;
+}
+- (id)VPNPlugins{
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationProxy",@"VPNPlugins");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;
+}
 /*
-+ (id)applicationProxyForItemID:(id)arg1;
-+ (id)applicationProxyWithBundleUnitID:(unsigned long)arg1;
-- (id)VPNPlugins;
 - (id)_initWithBundleUnit:(unsigned long)arg1 applicationIdentifier:(id)arg2;
 - (id)appStoreReceiptURL;
 - (id)appTags;
@@ -35,7 +65,6 @@
 - (id)applicationType;
 - (id)audioComponents;
 - (long)bundleModTime;
-- (id)description;
 - (id)deviceFamily;
 - (id)deviceIdentifierForVendor;
 - (id)directionsModes;
@@ -61,18 +90,60 @@
 - (id)staticDiskUsage;
 - (id)teamID;
 - (id)userActivityStringForAdvertisementData:(id)arg1;
-- (id)vendorName;
+- (id)vendorName;*/
 %end
+
 %hook LSApplicationWorkspace
-+ (id)defaultWorkspace;
++ (id)defaultWorkspace{
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationWorkspace",@"defaultWorkspace");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;
+
 
-- (id)URLOverrideForURL:(id)arg1;
+}
+
+- (id)URLOverrideForURL:(id)arg1{
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationWorkspace",@"URLOverrideForURL:");
+	WTAdd(arg1,@"URL");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;
+
+}
+- (id)allApplications{
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationWorkspace",@"allApplications");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;	
+}
+- (id)allInstalledApplications{
+	id ret=%orig;
+	if(WTShouldLog){
+	WTInit(@"LSApplicationWorkspace",@"allInstalledApplications");
+	WTReturn(ret);
+	WTSave;
+	WTRelease;
+	}
+	return ret;	
+}
+/*
 - (void)_LSClearSchemaCaches;
 - (BOOL)_LSPrivateRebuildApplicationDatabasesForSystemApps:(BOOL)arg1 internal:(BOOL)arg2 user:(BOOL)arg3;
 - (void)_clearCachedAdvertisingIdentifier;
 - (void)addObserver:(id)arg1;
-- (id)allApplications;
-- (id)allInstalledApplications;
 - (id)applicationForOpeningResource:(id)arg1;
 - (id)applicationForUserActivityDomainName:(id)arg1;
 - (id)applicationForUserActivityType:(id)arg1;
diff --git a/Hooks/API/MachO.xm b/Hooks/API/MachO.xm
new file mode 100644
index 0000000..d53e1cd
--- /dev/null
+++ b/Hooks/API/MachO.xm
@@ -0,0 +1,149 @@
+#import "../SharedDefine.pch"
+#import <mach-o/getsect.h>
+
+char * (*old_getsectdata)(const char *segname,const char *sectname,unsigned long *size);
+const struct section * (*old_getsectbyname)(const char *segname,const char *sectname);
+const struct segment_command * (*old_getsegbyname)(const char *segname);
+char * (*old_getsectdatafromheader_64)(const struct mach_header_64 *mhp,const char *segname,const char *sectname,uint64_t *size);
+/*extern char *getsectdatafromFramework(
+    const char *FrameworkName,
+    const char *segname,
+    const char *sectname,
+    unsigned long *size);
+
+extern unsigned long get_end(void);
+extern unsigned long get_etext(void);
+extern unsigned long get_edata(void);
+
+ * Runtime interfaces for 32-bit Mach-O programs.
+
+extern uint8_t *getsectiondata(
+    const struct mach_header *mhp,
+    const char *segname,
+    const char *sectname,
+    unsigned long *size);
+
+extern uint8_t *getsegmentdata(
+    const struct mach_header *mhp,
+    const char *segname,
+    unsigned long *size);
+
+Runtime interfaces for 64-bit Mach-O programs.
+extern const struct section_64 *getsectbyname(
+    const char *segname,
+    const char *sectname);
+
+extern uint8_t *getsectiondata(
+    const struct mach_header_64 *mhp,
+    const char *segname,
+    const char *sectname,
+    unsigned long *size);
+
+extern const struct segment_command_64 *getsegbyname(
+    const char *segname);
+
+extern uint8_t *getsegmentdata(
+    const struct mach_header_64 *mhp,
+    const char *segname,
+    unsigned long *size);
+
+ * Interfaces for tools working with 32-bit Mach-O files.
+extern char *getsectdatafromheader(
+    const struct mach_header *mhp,
+    const char *segname,
+    const char *sectname,
+    uint32_t *size);
+
+extern const struct section *getsectbynamefromheader(
+    const struct mach_header *mhp,
+    const char *segname,
+    const char *sectname);
+
+extern const struct section *getsectbynamefromheaderwithswap(
+    struct mach_header *mhp,
+    const char *segname,
+    const char *sectname,
+    int fSwap);
+
+extern const struct section_64 *getsectbynamefromheader_64(
+    const struct mach_header_64 *mhp,
+    const char *segname,
+    const char *sectname);
+
+extern const struct section *getsectbynamefromheaderwithswap_64(
+    struct mach_header_64 *mhp,
+    const char *segname,
+    const char *sectname,
+    int fSwap);
+*/
+char* new_getsectdata(const char *segname,const char *sectname,unsigned long *size){
+	char* ret=old_getsectdata(segname,sectname,size);
+	if(WTShouldLog){
+		NSString* NSSegName=[NSString stringWithUTF8String:segname];
+		NSString* NSSectName=[NSString stringWithUTF8String:sectname];
+		NSData* SectData=[NSData dataWithBytes:ret length:*size];
+		WTInit(@"Mach-O",@"getsectdata");
+		WTAdd(NSSegName,@"SegmentName");
+		WTAdd(NSSectName,@"SectionName");
+		WTAdd(SectData,@"SectionData");
+
+		[NSSectName release];
+		[NSSegName release];
+		[SectData release];
+
+	}
+	return ret;
+
+}
+const struct section * new_getsectbyname(const char *segname,const char *sectname){
+    if(WTShouldLog){
+        NSString* NSSegName=[NSString stringWithUTF8String:segname];
+        NSString* NSSectName=[NSString stringWithUTF8String:sectname];
+        WTInit(@"Mach-O",@"getsectbyname");
+        WTAdd(NSSegName,@"SegmentName");
+        WTAdd(NSSectName,@"SectionName");
+
+        [NSSectName release];
+        [NSSegName release];    
+    }
+    return old_getsectbyname(segname,sectname);
+
+}
+const struct segment_command * new_getsegbyname(const char *segname){
+
+    if(WTShouldLog){
+        NSString* NSSegName=[NSString stringWithUTF8String:segname];
+        WTInit(@"Mach-O",@"getsegbyname");
+        WTAdd(NSSegName,@"SegmentName");
+        [NSSegName release];    
+    }
+    return old_getsegbyname(segname);
+}
+char * new_getsectdatafromheader_64(const struct mach_header_64 *mhp,const char *segname,const char *sectname,uint64_t *size){
+    char* ret=old_getsectdatafromheader_64(mhp,segname,sectname,size);
+    if(WTShouldLog){
+        NSString* NSSegName=[NSString stringWithUTF8String:segname];
+        NSString* NSSectName=[NSString stringWithUTF8String:sectname];
+        NSData* SectData=[NSData dataWithBytes:ret length:*size];
+        NSString* HeaderAddress=[NSString stringWithFormat:@"%p",mhp];
+        WTInit(@"Mach-O",@"getsectdata");
+        WTAdd(NSSegName,@"SegmentName");
+        WTAdd(NSSectName,@"SectionName");
+        WTAdd(SectData,@"SectionData");
+        WTAdd(HeaderAddress,@"HeaderAddress");
+
+        [NSSectName release];
+        [NSSegName release];
+        [SectData release];
+        [HeaderAddress release];
+    }
+    return ret;
+
+}
+
+extern void init_MachO_hook() {
+	MSHookFunction((void*)getsectdata,(void*)new_getsectdata, (void**)&old_getsectdata);
+    MSHookFunction((void*)getsectbyname,(void*)new_getsectbyname, (void**)&old_getsectbyname);
+    MSHookFunction((void*)getsegbyname,(void*)new_getsegbyname, (void**)&old_getsegbyname);
+    MSHookFunction((void*)getsectdatafromheader_64,(void*)new_getsectdatafromheader_64, (void**)&old_getsectdatafromheader_64);
+}
diff --git a/Hooks/API/ObjCRuntime.xm b/Hooks/API/ObjCRuntime.xm
index 20c7651..36a2e37 100644
--- a/Hooks/API/ObjCRuntime.xm
+++ b/Hooks/API/ObjCRuntime.xm
@@ -4,10 +4,7 @@
 
 /*
 To Implement:
-Class objc_getClass(const char *name)
-const char *object_getClassName(id obj)
 objc_getMetaClass(const char *name)
-IMP class_getMethodImplementation(Class cls, SEL name) 
 BOOL class_respondsToSelector(Class cls, SEL sel)
 class_replaceMethod(Class cls, SEL name, IMP imp, 
                                     const char *types) 
@@ -27,7 +24,8 @@ NSString* (*old_NSStringFromSelector)(SEL aSelector);
 SEL (*old_NSSelectorFromString)(NSString* aSelectorName);
 BOOL (*old_class_addMethod)(Class cls, SEL name, IMP imp,const char *types);
 BOOL (*old_class_addIvar)(Class cls, const char *name, size_t size,uint8_t alignment, const char *types);
-
+Class (*old_objc_getClass)(const char *name);
+IMP (*old_class_getMethodImplementation)(Class cls, SEL name);
 
 //New Func
 Class new_NSClassFromString(NSString* aClassName){
@@ -142,7 +140,39 @@ BOOL new_class_addIvar(Class cls, const char *name, size_t size,uint8_t alignmen
     return old_class_addIvar(cls,name,size,alignment,types);
     
 }
+Class new_objc_getClass(char* Name){
+	if(WTShouldLog){
+		NSString* ClassName=[NSString stringWithUTF8String:Name];
+		WTInit(@"ObjCRuntime",@"objc_getClass");
+		WTAdd(ClassName,@"ClassName");
+		WTSave;
+		WTRelease;
+		[ClassName release];
+	}
+	return old_objc_getClass(Name);
+}
+
+IMP new_class_getMethodImplementation(Class cls, SEL name){
+	IMP ret=old_class_getMethodImplementation(cls,name);
+	if(WTShouldLog){
+		NSString* ClassName=NSStringFromClass(cls);
+		NSString* SELName=NSStringFromSelector(name);
+		NSString* IMPAddress=[NSString stringWithFormat:@"%p",ret];
+		WTInit(@"ObjCRuntime",@"class_getMethodImplementation");
+		WTAdd(ClassName,@"ClassName");
+		WTAdd(SELName,@"SelectorName");
+		WTAdd(IMPAddress,@"IMPAddress");
+		WTSave;
+		WTRelease;
+		[ClassName release];
+		[SELName release];
+		[IMPAddress release];
+	}
+	return ret;
 
+
+
+}
 extern void init_ObjCRuntime_hook() {
    MSHookFunction((void*)NSClassFromString,(void*)new_NSClassFromString, (void**)&old_NSClassFromString);
    MSHookFunction((void*)NSStringFromClass,(void*)new_NSStringFromClass, (void**)&old_NSStringFromClass);
@@ -152,4 +182,5 @@ extern void init_ObjCRuntime_hook() {
    MSHookFunction((void*)NSSelectorFromString,(void*)new_NSSelectorFromString, (void**)&old_NSSelectorFromString);
    MSHookFunction((void*)class_addMethod,(void*)new_class_addMethod, (void**)&old_class_addMethod);
    MSHookFunction((void*)class_addIvar,(void*)new_class_addIvar, (void**)&old_class_addIvar);
+   MSHookFunction((void*)objc_getClass,(void*)new_objc_getClass, (void**)&old_objc_getClass);
 }
diff --git a/Hooks/ThirdPartyTools/DeviceIDFake.xm b/Hooks/ThirdPartyTools/DeviceIDFake.xm
new file mode 100644
index 0000000..5af3081
--- /dev/null
+++ b/Hooks/ThirdPartyTools/DeviceIDFake.xm
@@ -0,0 +1,47 @@
+//Shall We Use Marcos instead of this shit?
+#import "../SharedDefine.pch"
+#import <mach-o/getsect.h>
+#import <dlfcn.h>
+extern NSString* RandomString();
+extern void init_DeviceIDFake_hook(){
+#ifdef PROTOTYPE 
+//Because We Ain't Ready Yet. No Test
+	 for(int i=0;i<_dyld_image_count();i++){
+        const char * Nam=_dyld_get_image_name(i);
+        NSString* curName=[[NSString stringWithUTF8String:Nam] autorelease];
+        if([curName containsString:WTFJHTWEAKNAME]){
+            intptr_t ASLROffset=_dyld_get_image_vmaddr_slide(i);
+            //We Found Ourself
+#ifndef _____LP64_____
+            uint32_t size=0;
+            const struct mach_header*   selfHeader=(const struct mach_header*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader(selfHeader,"WTFJH","DeviceIDFake",&size);
+
+#elif 
+            uint64_t size=0;
+            const struct mach_header_64*   selfHeader=(const struct mach_header_64*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader_64(selfHeader,"WTFJH","DeviceIDFake",&size);
+#endif
+            data=ASLROffset+data;//Add ASLR Offset To Pointer And Fix Address
+            NSData* SDData=[NSData dataWithBytes:data length:size];
+            NSString* randomPath=[NSString stringWithFormat:@"%@/Documents/%@",NSHomeDirectory(),RandomString()];
+            [SDData writeToFile:randomPath atomically:YES];
+            dlopen(randomPath.UTF8String,RTLD_NOW);
+            //Inform Our Logger
+            CallTracer *tracer = [[CallTracer alloc] initWithClass:@"WTFJH" andMethod:@"LoadThirdPartyTools"];
+        	[tracer addArgFromPlistObject:@"dlopen" withKey:@"Type"];
+        	[tracer addArgFromPlistObject:randomPath withKey:@"Path"];
+            [tracer addArgFromPlistObject:@"DeviceIDFake" withKey:@"ModuleName"];
+        	[traceStorage saveTracedCall: tracer];
+        	[tracer release];
+        	//End
+
+            [SDData release];
+              break;
+        }
+
+
+
+    }
+#endif
+}
diff --git a/Hooks/ThirdPartyTools/InspectiveC.xm b/Hooks/ThirdPartyTools/InspectiveC.xm
new file mode 100644
index 0000000..4cc1c3f
--- /dev/null
+++ b/Hooks/ThirdPartyTools/InspectiveC.xm
@@ -0,0 +1,47 @@
+//Shall We Use Marcos instead of this shit?
+#import "../SharedDefine.pch"
+#import <mach-o/getsect.h>
+#import <dlfcn.h>
+extern NSString* RandomString();
+extern void init_InspectiveC_hook(){
+#ifdef PROTOTYPE 
+//Because We Ain't Ready Yet. No Test
+	 for(int i=0;i<_dyld_image_count();i++){
+        const char * Nam=_dyld_get_image_name(i);
+        NSString* curName=[[NSString stringWithUTF8String:Nam] autorelease];
+        if([curName containsString:WTFJHTWEAKNAME]){
+            intptr_t ASLROffset=_dyld_get_image_vmaddr_slide(i);
+            //We Found Ourself
+#ifndef _____LP64_____
+            uint32_t size=0;
+            const struct mach_header*   selfHeader=(const struct mach_header*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader(selfHeader,"WTFJH","InspectiveC",&size);
+
+#elif 
+            uint64_t size=0;
+            const struct mach_header_64*   selfHeader=(const struct mach_header_64*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader_64(selfHeader,"WTFJH","InspectiveC",&size);
+#endif
+            data=ASLROffset+data;//Add ASLR Offset To Pointer And Fix Address
+            NSData* SDData=[NSData dataWithBytes:data length:size];
+            NSString* randomPath=[NSString stringWithFormat:@"%@/Documents/%@",NSHomeDirectory(),RandomString()];
+            [SDData writeToFile:randomPath atomically:YES];
+            dlopen(randomPath.UTF8String,RTLD_NOW);
+            //Inform Our Logger
+            CallTracer *tracer = [[CallTracer alloc] initWithClass:@"WTFJH" andMethod:@"LoadThirdPartyTools"];
+        	[tracer addArgFromPlistObject:@"dlopen" withKey:@"Type"];
+        	[tracer addArgFromPlistObject:randomPath withKey:@"Path"];
+            [tracer addArgFromPlistObject:@"InspectiveC" withKey:@"ModuleName"];
+        	[traceStorage saveTracedCall: tracer];
+        	[tracer release];
+        	//End
+
+            [SDData release];
+              break;
+        }
+
+
+
+    }
+#endif
+}
diff --git a/Hooks/ThirdPartyTools/RuntimeClassDump.xm b/Hooks/ThirdPartyTools/RuntimeClassDump.xm
new file mode 100644
index 0000000..72a1b65
--- /dev/null
+++ b/Hooks/ThirdPartyTools/RuntimeClassDump.xm
@@ -0,0 +1,47 @@
+//Shall We Use Marcos instead of this shit?
+#import "../SharedDefine.pch"
+#import <mach-o/getsect.h>
+#import <dlfcn.h>
+extern NSString* RandomString();
+extern void init_RuntimeClassDump_hook(){
+#ifdef PROTOTYPE 
+//Because We Ain't Ready Yet. No Test
+	 for(int i=0;i<_dyld_image_count();i++){
+        const char * Nam=_dyld_get_image_name(i);
+        NSString* curName=[[NSString stringWithUTF8String:Nam] autorelease];
+        if([curName containsString:WTFJHTWEAKNAME]){
+            intptr_t ASLROffset=_dyld_get_image_vmaddr_slide(i);
+            //We Found Ourself
+#ifndef _____LP64_____
+            uint32_t size=0;
+            const struct mach_header*   selfHeader=(const struct mach_header*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader(selfHeader,"WTFJH","RuntimeClassDump",&size);
+
+#elif 
+            uint64_t size=0;
+            const struct mach_header_64*   selfHeader=(const struct mach_header_64*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader_64(selfHeader,"WTFJH","RuntimeClassDump",&size);
+#endif
+            data=ASLROffset+data;//Add ASLR Offset To Pointer And Fix Address
+            NSData* SDData=[NSData dataWithBytes:data length:size];
+            NSString* randomPath=[NSString stringWithFormat:@"%@/Documents/%@",NSHomeDirectory(),RandomString()];
+            [SDData writeToFile:randomPath atomically:YES];
+            dlopen(randomPath.UTF8String,RTLD_NOW);
+            //Inform Our Logger
+            CallTracer *tracer = [[CallTracer alloc] initWithClass:@"WTFJH" andMethod:@"LoadThirdPartyTools"];
+        	[tracer addArgFromPlistObject:@"dlopen" withKey:@"Type"];
+        	[tracer addArgFromPlistObject:randomPath withKey:@"Path"];
+            [tracer addArgFromPlistObject:@"RuntimeClassDump" withKey:@"ModuleName"];
+        	[traceStorage saveTracedCall: tracer];
+        	[tracer release];
+        	//End
+
+            [SDData release];
+              break;
+        }
+
+
+
+    }
+#endif
+}
diff --git a/Hooks/ThirdPartyTools/dumpdecrypted.xm b/Hooks/ThirdPartyTools/dumpdecrypted.xm
new file mode 100644
index 0000000..3409aa5
--- /dev/null
+++ b/Hooks/ThirdPartyTools/dumpdecrypted.xm
@@ -0,0 +1,47 @@
+//Shall We Use Marcos instead of this shit?
+#import "../SharedDefine.pch"
+#import <mach-o/getsect.h>
+#import <dlfcn.h>
+extern NSString* RandomString();
+extern void init_dumpdecrypted_hook(){
+#ifdef PROTOTYPE 
+//Because We Ain't Ready Yet. No Test
+	 for(int i=0;i<_dyld_image_count();i++){
+        const char * Nam=_dyld_get_image_name(i);
+        NSString* curName=[[NSString stringWithUTF8String:Nam] autorelease];
+        if([curName containsString:WTFJHTWEAKNAME]){
+            intptr_t ASLROffset=_dyld_get_image_vmaddr_slide(i);
+            //We Found Ourself
+#ifndef _____LP64_____
+            uint32_t size=0;
+            const struct mach_header*   selfHeader=(const struct mach_header*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader(selfHeader,"WTFJH","dumpdecrypted",&size);
+
+#elif 
+            uint64_t size=0;
+            const struct mach_header_64*   selfHeader=(const struct mach_header_64*)_dyld_get_image_header(i);
+            char * data=getsectdatafromheader_64(selfHeader,"WTFJH","dumpdecrypted",&size);
+#endif
+            data=ASLROffset+data;//Add ASLR Offset To Pointer And Fix Address
+            NSData* SDData=[NSData dataWithBytes:data length:size];
+            NSString* randomPath=[NSString stringWithFormat:@"%@/Documents/%@",NSHomeDirectory(),RandomString()];
+            [SDData writeToFile:randomPath atomically:YES];
+            dlopen(randomPath.UTF8String,RTLD_NOW);
+            //Inform Our Logger
+            CallTracer *tracer = [[CallTracer alloc] initWithClass:@"WTFJH" andMethod:@"LoadThirdPartyTools"];
+        	[tracer addArgFromPlistObject:@"dlopen" withKey:@"Type"];
+        	[tracer addArgFromPlistObject:randomPath withKey:@"Path"];
+            [tracer addArgFromPlistObject:@"dumpdecrypted" withKey:@"ModuleName"];
+        	[traceStorage saveTracedCall: tracer];
+        	[tracer release];
+        	//End
+
+            [SDData release];
+              break;
+        }
+
+
+
+    }
+#endif
+}
diff --git a/VERSION b/VERSION
index 91a3d42..136c8ca 100644
--- a/VERSION
+++ b/VERSION
@@ -1 +1 @@
-340
\ No newline at end of file
+342
\ No newline at end of file
diff --git a/todo/README.md b/todo/README.md
index f90dbb0..d6c90df 100644
--- a/todo/README.md
+++ b/todo/README.md
@@ -9,3 +9,5 @@
 8.	Web-based Cycript Support (POST .js to Tweak. We'll execute it locally)
 9.	Web-Shell
 10.	Real-Time Logging To Server
+11. Mach-O Related
+12.	PROFIT??!!!