
Cycript – Objective-C++/JavaScript hybrid debug REPL for OSX/iOS - saurik
http://www.cycript.org/
======
skue
Thank you so much for sharing this, for making it open source, and even more
so for documenting it so well!

I've used F-Script (on the Mac) whenever I needed something like this.
However, the Smalltalk syntax seems to limit its appeal, and I've wondered
whether a similar tool leveraging JavaScript could really take off. What you
have created is far more sophisticated than I ever imagined. Looking forward
to digging into it more.

~~~
sdfjkl
For those like me who find the Smalltalk syntax appealing, there's hope to
make more of it (given Objective-C's roots, this makes every sense):
[http://objective.st/](http://objective.st/)

~~~
sdegutis
That looks really cool, but maybe a little ambitious? I don't know what
Apple's restrictions are for iOS apps these days, but last time I was in the
iOS game, they didn't allow anything that wasn't written directly in ObjC or
C.

~~~
Moto7451
That's not the case anymore (ever?). There are iOS apps written in C#, Ruby,
C++, and of course JS/HTML care of Phonegap.

I think the only real opposition to alternative stacks Apple publicly
displayed was to Flash.

Edit: Actually it looks like Adobe Air also works:
[http://www.adobe.com/devnet/air/articles/air-on-ios-
faq.html...](http://www.adobe.com/devnet/air/articles/air-on-ios-faq.html#b)

------
moloch
I've been using cycript for a while now for reverse engineering iOS
applications, and it's absolute witchcraft! You can tab-complete your way
through objects, call arbitrary functions, -- it's a fantastic tool for any
pen-testers doing work in the mobile space.

It's nice to see this project get some much needed love, I tried to compile it
from source a while back and it was a nightmare.

~~~
saurik
I _highly_ recommend reading the new manual: I have added tons of new features
in the last few weeks. Example: you can now query live objects given a Class
(I scavenge the heap looking for live memory ranges that are the right size
and shape for that Class, or any subclass).

------
sdegutis
> I pronounce "cycript" using a "geminate S" or "long S". The result sounds a
> little like a stereotypical serpent from a cartoon: "sssscript". I doubt
> anyone else will pronounce it like this, but I have my hopes.

I can relate. Okay, I'll pronounce it that way! :)

------
spicyj
Wow, this looks awesome.

> [x+1 for (x of @[1,2,3])]

I wasn't aware Objective-C++ or JavaScript supported list comprehensions like
that.

~~~
saurik
This is a feature from "JavaScript 1.7" (the versions after 1.5 are Firefox-
only). There is a similar feature in ECMAScript 6, but the syntax is slightly
different. I support both the Firefox-specific syntax and the current
ECMAScript draft. (But yeah, if you try that expression without the
Objective-C @ symbol in Firefox, it will actually work.)

[https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Guid...](https://developer.mozilla.org/en-
US/docs/Web/JavaScript/Guide/Predefined_Core_Objects#Array_comprehensions)

------
_coreDump
Great job! thank you saurik for all the effort and help. I'm having a small
problem when attaching with the new version when on iPhone5 iOS7

(gdb) r Starting program: /usr/bin/cycript Reading symbols for shared
libraries + done Reading symbols for shared libraries
++++................................................. done cy# Program
received signal EXC_BAD_ACCESS, Could not access memory. Reason:
KERN_INVALID_ADDRESS at address: 0x00000010 0x000127bc in CYDisplayMove ()
(gdb) where #0 0x000127bc in CYDisplayMove () #1 0x00012b50 in CYDisplayUpdate
() #2 0x0015c9ae in readline_internal_setup () #3 0x0015d16e in readline () #4
0x0000b2fc in Main () #5 0x0000e668 in main ()

------
auganov
Can anyone share similar things for other environments/languages/OSes? Would
love to play with something similar but I'm not on OSX/iOS.

