티스토리 뷰
Revision History
2016/10/07 10:57:32 - 최초 작성
Reference Page
Attached Files
upx.out.zipmacOS Sierra 에서 앱이 실행되지 않을 때(quit unexpectedly)
많은 맥 사용자들께서 일부 프로그램이 정상적으로 실행되지 않아 고생하실껍니다.
특히 Keygen 이나 Crack 앱 들은 거의 대부분 문제를 발생시키고 있습니다.
복잡한하고 지루한 이야기 일 수 있는데
개발자가 실행파일의 크기를 줄이기 위한 목적으로 압축을 하거나 리버스 엔지니어링을 막기 위해 난독화 등을 수행하면
실제 실행시점에는 원상태로 원복을 시켜주는 과정이 필요하게 됩니다.
이 때 사용하는 Packing 오픈소스 중 UPX라는 프로그램이 있습니다.
헌데 시에라 업그레이드 후 UPX로 패킹된 실행파일을 정상적으로 실행하지 못하는 문제가 있습니다.
오류의 내용을 보면 다음과 같습니다.
Process: CORE Keygen [12300] Path: /Volumes/VOLUME/CORE Keygen.app/Contents/MacOS/CORE Keygen Identifier: CORE-Keygen Version: ??? Code Type: X86-64 (Native) Parent Process: ??? [1] Responsible: CORE Keygen [12300] User ID: 501 Date/Time: 2016-10-07 10:52:42.729 +0900 OS Version: Mac OS X 10.12 (16A323) Report Version: 12 Anonymous UUID: 96FFE8F3-F873-D6D2-AD07-CFBADC693ED6 Sleep/Wake UUID: A65DC5F7-8ED5-4201-8B56-30CED3B92A79 Time Awake Since Boot: 25000 seconds Time Since Wake: 3000 seconds System Integrity Protection: enabled Crashed Thread: 0 Dispatch queue: com.apple.main-thread Exception Type: EXC_CRASH (SIGKILL) Exception Codes: 0x0000000000000000, 0x0000000000000000 Exception Note: EXC_CORPSE_NOTIFY Termination Reason: EXEC, [0xc] This UPX compressed binary contains an invalid Mach-O header and cannot be loaded. Thread 0 Crashed:: Dispatch queue: com.apple.main-thread 0 libsystem_kernel.dylib 0x00007fff944a6bb2 __posix_spawn + 10 1 libsystem_kernel.dylib 0x00007fff944a1ef2 posix_spawn + 386 2 xpcproxy 0x0000000106309d75 0x106307000 + 11637 3 xpcproxy 0x000000010630a992 0x106307000 + 14738 4 libdyld.dylib 0x00007fff94378255 start + 1 Thread 0 crashed with X86 Thread State (64-bit): rax: 0x000000000000000d rbx: 0x0000000000000000 rcx: 0x00007fff598f8388 rdx: 0x00007fff598f83a0 rdi: 0x0000000000000000 rsi: 0x00007fbd9a0010e5 rbp: 0x00007fff598f8430 rsp: 0x00007fff598f8388 r8: 0x00007fbd99c03b80 r9: 0x00007fbd99c03b80 r10: 0x00007fbd99c023c0 r11: 0x0000000000000202 r12: 0x00007fbd99c023c0 r13: 0x00007fbd9a0010e5 r14: 0x00007fff598f8950 r15: 0x00007fff598f8958 rip: 0x00007fff944a6bb2 rfl: 0x0000000000000203 cr2: 0x00007fff9d0480a8 Logical CPU: 0 Error Code: 0x020000f4 Trap Number: 133 Binary Images: 0x106307000 - 0x10630bffb xpcproxy (2.0.0 - 972.1.5) <625A730D-D6CA-3B26-ABFC-E0FD9005BAB6> /usr/libexec/xpcproxy 0x10ad89000 - 0x10adc61c7 dyld (421.1) <A525EAEA-AF86-30C2-B360-3D093B4F0828> /usr/lib/dyld 0x7fff92de4000 - 0x7fff92de5ff3 libSystem.B.dylib (1238) <168B3C56-081B-3998-9A44-681EB4C6828F> /usr/lib/libSystem.B.dylib 0x7fff92ef5000 - 0x7fff92ef5ff3 libauto.dylib (187) <5BBF6A00-CC76-389D-84E7-CA88EDADE683> /usr/lib/libauto.dylib 0x7fff92f16000 - 0x7fff92f6cff7 libc++.1.dylib (307.4) <BEE86868-F831-384C-919E-2B286ACFE87C> /usr/lib/libc++.1.dylib 0x7fff92f6d000 - 0x7fff92f97fff libc++abi.dylib (307.2) <1CEF8ABB-7E6D-3C2F-8E0A-E7884478DD23> /usr/lib/libc++abi.dylib 0x7fff93a86000 - 0x7fff93e56d97 libobjc.A.dylib (706) <F9AFE665-A3A2-3285-9495-19803A565861> /usr/lib/libobjc.A.dylib 0x7fff9429c000 - 0x7fff942a0ff7 libcache.dylib (79) <84E55656-FDA9-3B29-9E4F-BE31B2C0AA3C> /usr/lib/system/libcache.dylib 0x7fff942a1000 - 0x7fff942abfff libcommonCrypto.dylib (60092.1.2) <79F738D8-0AD7-3DEA-AF80-E0F8B90B74E3> /usr/lib/system/libcommonCrypto.dylib 0x7fff942ac000 - 0x7fff942b3fff libcompiler_rt.dylib (62) <486BDE52-81B4-3446-BD72-23977CAE556F> /usr/lib/system/libcompiler_rt.dylib 0x7fff942b4000 - 0x7fff942bcfff libcopyfile.dylib (138) <0DA49B77-56EC-362D-98FF-FA78CFD986D6> /usr/lib/system/libcopyfile.dylib 0x7fff942bd000 - 0x7fff9433fff3 libcorecrypto.dylib (442.1.3) <1CA8B679-810E-3C04-945A-4AC19372CDC7> /usr/lib/system/libcorecrypto.dylib 0x7fff94340000 - 0x7fff94372fff libdispatch.dylib (703.1.4) <12B1D95B-283D-325D-85AB-29A2FFD36987> /usr/lib/system/libdispatch.dylib 0x7fff94373000 - 0x7fff94378ff3 libdyld.dylib (421.1) <CDFBDC9C-418C-369D-B433-F64B0630E640> /usr/lib/system/libdyld.dylib 0x7fff94379000 - 0x7fff94379ffb libkeymgr.dylib (28) <09CD7CA6-46D2-3A9F-B9F1-7C4CA5CA0D68> /usr/lib/system/libkeymgr.dylib 0x7fff94387000 - 0x7fff94387fff liblaunch.dylib (972.1.5) <DC31FDEA-FD81-335E-BAA8-5A7395D20772> /usr/lib/system/liblaunch.dylib 0x7fff94388000 - 0x7fff9438dfff libmacho.dylib (894) <1EAE5ADD-490C-3B1F-9F97-447BA8E0E90F> /usr/lib/system/libmacho.dylib 0x7fff9438e000 - 0x7fff94390ff3 libquarantine.dylib (85) <78EF62D8-C890-3FC0-937A-C2FD8CEF8992> /usr/lib/system/libquarantine.dylib 0x7fff94391000 - 0x7fff94392ffb libremovefile.dylib (45) <C4FC07FF-ED86-382E-B06F-33C34718080C> /usr/lib/system/libremovefile.dylib 0x7fff94393000 - 0x7fff943abff7 libsystem_asl.dylib (349.1.1) <F0987490-8427-367F-B302-A05A7D61FEBF> /usr/lib/system/libsystem_asl.dylib 0x7fff943ac000 - 0x7fff943acff7 libsystem_blocks.dylib (67) <B8C3701D-5A91-3D35-999D-2DC8D5393525> /usr/lib/system/libsystem_blocks.dylib 0x7fff943ad000 - 0x7fff9443afe7 libsystem_c.dylib (1158.1.2) <5F260836-48E4-3F57-8553-62D2DA228A1F> /usr/lib/system/libsystem_c.dylib 0x7fff9443b000 - 0x7fff9443effb libsystem_configuration.dylib (888.1.2) <67BB9D8B-2430-38AD-81A7-F0EC924B2590> /usr/lib/system/libsystem_configuration.dylib 0x7fff9443f000 - 0x7fff94442fff libsystem_coreservices.dylib (41.1) <11F22E6C-0DCB-3699-A4F0-C99E301E56E9> /usr/lib/system/libsystem_coreservices.dylib 0x7fff94443000 - 0x7fff9445bffb libsystem_coretls.dylib (121.1.1) <8F7E9B12-400D-3276-A9C5-4546B0258554> /usr/lib/system/libsystem_coretls.dylib 0x7fff9445c000 - 0x7fff94462fff libsystem_dnssd.dylib (765.1.2) <C5FF2025-C60B-39C6-B205-6BF1BC51D1B3> /usr/lib/system/libsystem_dnssd.dylib 0x7fff94463000 - 0x7fff9448cfff libsystem_info.dylib (503) <C686B834-5E7D-382C-AF6E-44AB78EE83E2> /usr/lib/system/libsystem_info.dylib 0x7fff9448d000 - 0x7fff944afff7 libsystem_kernel.dylib (3789.1.32) <5C68A0D7-C3C9-3E52-B983-EDE9A28AB6FC> /usr/lib/system/libsystem_kernel.dylib 0x7fff944b0000 - 0x7fff944f7fe7 libsystem_m.dylib (3121.4) <E3370D16-EBAA-3C7F-AC56-2D6EAD7DB0A4> /usr/lib/system/libsystem_m.dylib 0x7fff944f8000 - 0x7fff94516ff7 libsystem_malloc.dylib (116) <3DD17B88-B7A4-38B9-9E95-AB88E1C3B647> /usr/lib/system/libsystem_malloc.dylib 0x7fff94517000 - 0x7fff9456dfff libsystem_network.dylib (856.1.8) <A8973360-956A-33BF-9971-14D59C84E0D1> /usr/lib/system/libsystem_network.dylib 0x7fff9456e000 - 0x7fff94577ff3 libsystem_networkextension.dylib (563.1.11) <1C551832-9360-36DD-A7BA-52B55A171720> /usr/lib/system/libsystem_networkextension.dylib 0x7fff94578000 - 0x7fff94581ffb libsystem_notify.dylib (165) <AF77D471-6B13-36BA-B144-7E7DDB9DBA9F> /usr/lib/system/libsystem_notify.dylib 0x7fff94582000 - 0x7fff9458afe7 libsystem_platform.dylib (126.1.2) <884DDF42-3CAE-334A-82CE-965617130FB1> /usr/lib/system/libsystem_platform.dylib 0x7fff9458b000 - 0x7fff94595fff libsystem_pthread.dylib (218.1.3) <050AE77B-4F4B-334A-A5BA-CF0D10AF5304> /usr/lib/system/libsystem_pthread.dylib 0x7fff94596000 - 0x7fff94599fff libsystem_sandbox.dylib (592.1.3) <90FEF628-316D-3F84-9EF4-F7F510A4FBBB> /usr/lib/system/libsystem_sandbox.dylib 0x7fff9459a000 - 0x7fff9459bfff libsystem_secinit.dylib (24) <A54B8FEF-E792-3C54-8E0B-E80A376662F2> /usr/lib/system/libsystem_secinit.dylib 0x7fff9459c000 - 0x7fff945a3fff libsystem_symptoms.dylib (532.1.1) <B26F656E-94F9-3834-9B03-51C4FF11D1BF> /usr/lib/system/libsystem_symptoms.dylib 0x7fff945a4000 - 0x7fff945c4ff7 libsystem_trace.dylib (518.1.16) <C3CDF7BC-CA3D-34F5-ADF8-46AAAB0B47F8> /usr/lib/system/libsystem_trace.dylib 0x7fff945c5000 - 0x7fff945caffb libunwind.dylib (35.3) <9F7C2AD8-A9A7-3DE4-828D-B0F0F166AAA0> /usr/lib/system/libunwind.dylib 0x7fff945cb000 - 0x7fff945f4ff7 libxpc.dylib (972.1.5) <2A901937-48E1-3BF2-83F1-2431156D82B7> /usr/lib/system/libxpc.dylib External Modification Summary: Calls made by other processes targeting this process: task_for_pid: 0 thread_create: 0 thread_set_state: 0 Calls made by this process: task_for_pid: 0 thread_create: 0 thread_set_state: 0 Calls made by all processes on this machine: task_for_pid: 18561 thread_create: 0 thread_set_state: 0 VM Region Summary: ReadOnly portion of Libraries: Total=119.1M resident=0K(0%) swapped_out_or_unallocated=119.1M(100%) Writable regions: Total=28.4M written=0K(0%) resident=0K(0%) swapped_out=0K(0%) unallocated=28.4M(100%) VIRTUAL REGION REGION TYPE SIZE COUNT (non-coalesced) =========== ======= ======= Kernel Alloc Once 8K 2 MALLOC 20.2M 8 MALLOC guard page 16K 4 STACK GUARD 56.0M 2 Stack 8192K 2 VM_ALLOCATE 4K 2 __DATA 1460K 43 __LINKEDIT 111.3M 4 __TEXT 8084K 42 shared memory 12K 4 =========== ======= ======= TOTAL 204.8M 103 Model: MacBook9,1, BootROM MB91.0154.B07, 2 processors, Intel Core m7, 1.3 GHz, 8 GB, SMC 2.35f102 Graphics: Intel HD Graphics 515, Intel HD Graphics 515, Built-In Memory Module: BANK 0/DIMM0, 4 GB, LPDDR3, 1867 MHz, 0x80CE, 0x4B33514634463430424D2D41474346202020 Memory Module: BANK 1/DIMM0, 4 GB, LPDDR3, 1867 MHz, 0x80CE, 0x4B33514634463430424D2D41474346202020 AirPort: spairport_wireless_card_type_airport_extreme (0x14E4, 0x158), Broadcom BCM43xx 1.0 (7.21.171.10.1a16) Bluetooth: Version 5.0.0f18, 3 services, 27 devices, 1 incoming serial ports Network Service: Wi-Fi, AirPort, en0 USB Device: USB 3.0 Bus USB Device: USB3.0 Hub USB Device: USB2.0 Hub USB Device: USB-C Digital AV Multiport Adapter Thunderbolt Bus:
해결방법은 UPX로 압축을 해제하고 실행하는 방식을 사용하면 됩니다.
하지만 여기에서도 현재 시점에서 문제가 있는데 배포버전은 3.91에서는 정상적으로 언패킹이 되지 않는 문제입니다. 따라서 베타 버전(3.92)을 사용해서 이를 해결해야 합니다.
$ upx.out
Ultimate Packer for eXecutables
Copyright (C) 1996 - 2016
UPX 3.92-BETA Markus Oberhumer, Laszlo Molnar & John Reiser Sep 22nd 2016
Usage: upx.out [-123456789dlthVL] [-qvfk] [-o file] file..
Commands:
-1 compress faster -9 compress better
-d decompress -l list compressed file
-t test compressed file -V display version number
-h give more help -L display software license
Options:
-q be quiet -v be verbose
-oFILE write output to 'FILE'
-f force compression of suspicious files
-k keep backup files
file.. executables to (de)compress
Type 'upx.out --help' for more detailed help.
UPX comes with ABSOLUTELY NO WARRANTY; for details visit http://upx.sf.netUPX 3.92 버전으로 실행파일 압축해제
$ upx.out -d CORE\ Keygen
Ultimate Packer for eXecutables
Copyright (C) 1996 - 2016
UPX 3.92-BETA Markus Oberhumer, Laszlo Molnar & John Reiser Sep 22nd 2016
File size Ratio Format Name
-------------------- ------ ----------- -----------
40400 <- 16384 40.55% macho/i386 CORE Keygen
Unpacked 1 file.언패킹 후 정상적으로 실행됨을 확인 할 수 있습니다.
검색: Macintosh, 매킨토시, Mac, 맥, OS X, UPX, Packing, Unpacking
'OS > Mac' 카테고리의 다른 글
| Purrfect Memory - 문장을 기억하는데 도움을 주는 앱 (0) | 2016.10.10 |
|---|---|
| OnyX - OS X 최적화 및 감춰진 기능을 활성화해주는 프로그램 (0) | 2016.10.10 |
| 맥용 Wireshark 에서 interface가 검색되지 않을 때 해결방법 (0) | 2016.09.22 |
| [링크] 맥용 사전 앱과 연동되는 이모지 사전 'Emojipedia' (0) | 2016.09.01 |
| 터미널에서 게이트키퍼(Gatekeeper) 제어하는 방법 (0) | 2016.08.29 |
댓글