ida 安装Keypatch 编译 libkeystone.dylib 

# 下载项目

git clone https://github.com/keystone-engine/keystone.git

cd keystone

mkdir build

cd build

修改 vim ../make-common.sh


ARCH='arm64'

修改 vim ../make-share.sh  根据自己的路径 调整

# cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -G "Unix Makefiles" ..
cmake -DBUILD_LIBS_ONLY=$BUILD_LIBS_ONLY -DLLVM_BUILD_32_BITS="$LLVM_BUILD_32_BITS" -DCMAKE_OSX_ARCHITECTURES="$ARCH" -DCMAKE_BUILD_TYPE=$BUILDTYPE -DBUILD_SHARED_LIBS=ON -DLLVM_TARGETS_TO_BUILD="all" -DPYTHON_LIBRARY="/Users/wzb/.pyenv/versions/3.11.10/lib/libpython3.11.dylib" -DPYTHON_EXECUTABLE="/Users/wzb/.pyenv/versions/3.11.10/bin/python3.11" -G "Unix Makefiles" ..



修复cmake配置

#!/usr/bin/env python
# -*- coding:utf-8 -*-

# Author: zhibo.wang
# E-mail: gm.zhibo.wang@gmail.com
# Date  : 25-11-07 14:45:35
# Desc  :


import os
import re

# 设置根目录
root_dir = '/Users/wzb/tests/keystone'

# 正则匹配旧版本的 cmake_minimum_required 语句(版本为 2.82.8.x)
cmake_version_pattern = re.compile(r'^\s*cmake_minimum_required\s*\(\s*VERSION\s*2\.8(\.\d+)?\s*\)', re.IGNORECASE)

# 匹配 CMP0051 块开始和结束
cmp0051_start_pattern = re.compile(r'^\s*if\s*\(\s*POLICY\s+CMP0051\s*\)', re.IGNORECASE)
endif_pattern = re.compile(r'^\s*endif\s*\(?\)?', re.IGNORECASE)

# 递归查找所有 CMakeLists.txt
for dirpath, dirnames, filenames in os.walk(root_dir):
    for filename in filenames:
        if filename == 'CMakeLists.txt':
            filepath = os.path.join(dirpath, filename)
            print(f'处理文件: {filepath}')

            with open(filepath, 'r') as f:
                lines = f.readlines()

            new_lines = []
            skip_block = False

            for line in lines:
                # 替换 cmake_minimum_required 的版本
                if cmake_version_pattern.match(line):
                    new_lines.append('cmake_minimum_required(VERSION 3.5)\n')
                    continue

                # 检测到 CMP0051 起始块
                if cmp0051_start_pattern.match(line):
                    skip_block = True
                    new_lines.append('# ' + line)
                    continue

                # 如果在 CMP0051 块中,注释所有行,直到 endif
                if skip_block:
                    new_lines.append('# ' + line)
                    if endif_pattern.match(line):
                        skip_block = False
                    continue

                # 正常行直接保留
                new_lines.append(line)

            # 写回原文件
            with open(filepath, 'w') as f:
                f.writelines(new_lines)

print("✅ 所有 CMakeLists.txt 文件已处理完成。")


然后在 build 目录下  运行  ../make-share.sh 


最后将 动态库挪到对应位置  cp /Users/wzb/tests/keystone/build/llvm/lib/libkeystone.0.dylib ~/.pyenv/versions/3.11.10/lib/python3.11/site-packages/keystone/libkeystone.dylib
git clone git@github.com:wang-zhibo/keypatch.git 


🦉 [plugins] cd /Applications/IDA\ Professional\ 9.2.app/Contents/MacOS/plugins                                                                                      15:01:25 
🦉 [plugins] cp ~/wangzhib_githubs/keypatch/keypatch.py .  
mac os arm
 

通过网盘分享的文件:keystone
链接: https://pan.baidu.com/s/1tFY5swZsvFoObEVWHsLtyQ 提取码: a72h

 

   ScreenShot_2025-11-07_150327_279

 

 

ScreenShot_2025-11-07_145844_639

ScreenShot_2025-11-07_145906_974

ScreenShot_2025-11-07_145948_617

 

 
posted @ 2025-11-07 15:01  🐳.城南  阅读(16)  评论(0)    收藏  举报