0x0 What is FLEX debugger?
The FLEX Debugger is an impressive tool for debugging iOS applications, and it can be activated directly on your iOS device. You can find more details about it here: FLEX GitHub Repository.
This tool is especially useful for developing app tweaks. However, the official website doesn’t provide instructions for debugging third-party applications.
0x1 FLEXing or FLEXList?
Both of these tools are great and can load the FLEX Debugger into any iOS app. However, I found two major drawbacks:
- They use an older version of the FLEX Debugger (version 4.7.0, as far as I know).
- They become unusable if you can’t jailbreak your device.
That’s why I decided to create my own FLEX loader, which can be activated and injected into any iOS application.
0x2 Compiling FLEX
First, I cloned the FLEX repository and compiled it using Xcode without any issues. It generated a FLEX.framework
folder, which can be linked in a tweak’s makefile like this:
autoflex_LDFLAGS += -framework FLEX -F../build
This works, but both the .deb
file and the FLEX.framework
folder need to be injected into the .ipa
file, which isn’t ideal.
So, can we directly compile FLEX into our .deb
file?
0x3 FLEX into deb
FLEX stores its source code in the Classes
folder. To compile it, you’ll need to copy all the files and run the compilation. Here are a few issues you might encounter:
- Use
clang++
instead ofclang
, as FLEX is written in C++. - You need to compile all
.m
,.mm
, and.c
files. - FLEX relies on multiple frameworks (UIKit, CoreGraphics, QuartzCore, ImageIO, WebKit, Security, SceneKit, AVFoundation, UserNotifications), and you need to link all of them.
- Several compiler flags (
-Wno-deprecated-declarations
,-Wno-strict-prototypes
,-Wno-unsupported-availability-guard
) need to be turned off for a successful compilation.
FLEXSwiftInternal.mm Issues
I was puzzled when FLEXSwiftInternal.mm
gave me two errors, even though it compiled successfully in Xcode. The issue was caused by two lines involving atomic types. To fix this, I removed the atomic qualifiers in the file:
FILE="src/FLEXSwiftInternal.mm"
# Replace "std::atomic<mask_t> _maybeMask;" with "mask_t _maybeMask;" on line 59
sed -i '' '59s/std::atomic<mask_t> _maybeMask;/mask_t _maybeMask;/' "$FILE"
# Replace "std::atomic<preopt_cache_t *> _originalPreoptCache;" with "preopt_cache_t * _originalPreoptCache;" on line 65
sed -i '' '65s/std::atomic<preopt_cache_t \*> _originalPreoptCache;/preopt_cache_t \* _originalPreoptCache;/' "$FILE"
After this fix, your .deb
file will be ready!
0x4 AutoFLEX
I created a GitHub repository to automate this process. With proper GitHub actions, you’ll have the latest version of FLEX compiled whenever you need it!
To use this .deb
file, you’ll need to use Sideloadly or another .ipa
editing tool to inject the .deb
into your .ipa
and install it on your device. This .deb
file cannot be installed directly!