ARM disassembler/cross-compiler for examining iOS compilation

Can anyone recommend either:

• an ARM disassembler that runs in either Windows or MacOS and which can ideally understand the executable format used by iOS
• within MacOS, a way to call the cross-compiling GCC installed by XCode directly from the command line (so that I can run it on a small test file and ask for assembly output).

Basically, I'm interested in seeing how certain things get compiled for ARM/iOS by XCode/gcc to help me with optimisation. As you can see, although I have both a Windows and Linux background, I'm not fundamentally a Mac specialist so I'm not too familiar with e.g. where XCode intsalls all its gubbinry or the ins and outs of whatever binary format iOS uses.

I don't particularly care whether I have to do the "disassembly" under Mac OS or Windows, but what I was trying to avoid is installing a brand new cop开发者_JAVA技巧y of GCC configured to cross-compile to ARM, as XCode presumably has a perfectly good installation already sitting there somewhere... Any help appreciated.

You can always use otool disassembler. It's rather basic but does the job.

IDA Pro can disassemble ARM Mach-O files used in iOS. Using it is (in my biased opinion) much better experience that looking at the dead listing. You can check how it works with the demo version.

Disclaimer: I work for Hex-Rays.

an ARM disassembler that runs in either Windows or MacOS and which can ideally understand the executable format used by iOS

I can suggest you a LLVM. If it is built with default options, llvm-objdump will disassemble ARM.

Also, looks like http://developer.apple.com/technologies/tools/whats-new.html Apple is using LLVM toolchain in iOS SDK.

There is already an ARM cross compile toolchain built into Xcode. You can debug your iOS applications at the source and ASM level with the gdb debugger support already built into Xcode. For example, open your iOS app and select Device and Debug. Then set a breakpoint at a source line and run your program until the breakpoint is hit. Now select "Run -> Debugger" from the menu. When the debugger is showing, select "Run -> Debugger Display -> Source and Disassembly" and you will see a window on the right side that shows the ARM asm code that was generated from your source code. You can step through the code a source line at a time using the buttons. If you want to step one ARM asm instruction at a time, open up the gdb console and use the "stepi" instruction (type it once, then just hit enter to repeat).

Take a look at Hopper. It's darn cheap compared to IDA (though not as powerful) and the recent versions can handle ARM.

Within MacOS, a way to call the cross-compiling GCC installed by XCode directly from the command line (so that I can run it on a small test file and ask for assembly output).

Use this script for a gcc that compiles for iphone:

#!/bin/bash

# Note: The "/Applications/Xcode.app/Contents" prefix is only required on 10.7.2 and 
# later (where Xcode is installed through app store rather than as a package).
# If running 10.6 or earlier, cut out that prefix.
PLATFORM=/Applications/Xcode.app/Contents/Developer/Platforms/iPhoneOS.platform
# Change this to the iOS version you want to compile for (you must have the platform
# SDK installed in Xcode)
VER=6.1

$PLATFORM/Developer/usr/bin/gcc -arch armv7 -framework IOKit -framework CoreFoundation -F $PLATFORM/Developer/SDKs/ iPhoneOS$VER.sdk/System/Library/Frameworks -I $PLATFORM/DeviceSupport/Latest/Symbols/usr/include -L $PLATFORM/Developer/SDKs/iPhoneOS$VER.sdk/usr/lib -L $PLATFORM/Developer/SDKs/iPhoneOS$VER.sdk/usr/lib/system $*

Source: newosxbook.com

Take a look at Radare2 it is an open Source tool that is rising it's Feature-Set constantly and already supports ARM disassembling.