前言
本文介绍iOS设备日志查看工具syslog、deviceconsole和socat,如果上述工具都不满意,你也可以使用Mac系统自带的console控制台进行查看。
>
I syslog
1.1 安装syslog
在cydia搜索syslogd to /var/log/syslog安装即可
1.2 syslog用法
syslog是把系统日志写入到/var/log/syslog文件里,用法很简单,执行tail -f /var/log/syslog就能看到了
如果需要过滤某一应用的日志,只需加上grep即可,比如过滤微信
tail -f /var/log/syslog |grep WeChat
II socat
2.1 安装
- 在iOS设备安装
使用 APT 0.6 Transitional 安装socat
几乎所有流行的黑客工具都可以在 BigBoss Recommendation tools这个包中找到
( APT 0.6 Transitional, Git, GNU Debugger, less, make, unzip, wget 和 SQLite 3.x)
apt-get install socat
如果找不到安装包的时候,运行一下 apt-get update, 获得最新的包列表.
2.2 连接到系统日志的sock文件
socat - UNIX-CONNECT:/var/run/lockdown/syslog.sock
- 进入到命令行交互界面,这时可以输入help查看帮助
iPhone:~ root# socat - UNIX-CONNECT:/var/run/lockdown/syslog.sock
========================
ASL is here to serve you
>
2.3 日志的查看
输入watch查看,输入stop停止
2.4 清除日志文件数据
cat /dev/null >/var/log/syslogIII deviceconsole
自从iOS8之后,我就习惯使用Mac系统自带的console ,后来发现有些同事的Mac中console 版本低,没有device 选项;于是乎,就推荐他们使用deviceconsole
- deviceconsole --help
➜ bin git:(master) ✗ deviceconsole --help Usage: deviceconsole [options] Options: -d Include connect/disconnect messages in standard out -u <udid> Show only logs from a specific device -p <process name> Show only logs from a specific process Control-C to disconnect Mail bug reports and suggestions to <ryan.petrich@medialets.com>
knlog -help
Usage: knlog [options] Options: -i | --case-insensitive Make filters case-insensitive -f | --filter <string> Filter include by single word occurrences (case-sensitive) -x | --exclude <string> Filter exclude by single word occurrences (case-sensitive) -p | --process <string> Filter by process name (case-sensitive) -u | --udid <udid> Show only logs from a specific device -s | --simulator <version> Show logs from iOS Simulator --debug Include connect/disconnect messages in standard out --use-separators Skip a line between each line --force-color Force colored text --message-only Display only level and message Control-C to disconnect
- 编译之后的可执行文件 knlog
see also
更多服务和咨询请关注#公号:iOS逆向。
