iOS return value hooking not setting correct values #193
Description
Getting odd behavior when trying to run the latest version of Objection and frida-gadget. I patch a method to always return False/0, and the set-method-return job shows it as being overridden to 0x0. However, a watch-method job shows it as returning 0x1 (and my app crashes).
This was not an issue with the last version of objection, so I suspect it has to do with the move to the typescript agent.
The below output shows my issue pretty well. If it makes any difference, I'm running on Windows, and am connecting to frida-server over a network connection.
PS C:\Users\iwilliams> objection --network --host [snip] --gadget '[snip]' explore --startup-command "ios hooking set return_value '-[AppceleratorHttpsModule createX509Certificate
PinningSecurityManager:]' 0"
Using networked device @`[snip]:27042`
Agent injected and responds ok!
Running a startup command... ios hooking set return_value '-[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:]' 0
(agent) Selector address enumeration complete.
(agent) Found selector at 0x104d43c54 as -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:]
(agent) Registering job 2yssrjepb0j. Type: set-method-return for: -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:]
[snip]
[snip] on (iPad: 11.4) [net] # ios hooking watch method "-[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:]" --dump-args --dump-backtrace --d
ump-return
(agent) Selector address enumeration complete.
(agent) Found selector at 0x104d43c54 as -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:]
(agent) Registering job xwne5q5gdic. Type: watch-method for: -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:]
[snip] on (iPad: 11.4) [net] # (agent) [xwne5q5gdic] Called: -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:] 1 arguments(Kind: instance) (Super: TiModule)
(agent) [xwne5q5gdic] -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:] Backtrace:
[snip]
(agent) [xwne5q5gdic] Argument dump: [AppceleratorHttpsModule createX509CertificatePinningSecurityManager: (
[snip]
)]
(agent) [2yssrjepb0j] -[AppceleratorHttpsModule createX509CertificatePinningSecurityManager:] Return value was: 0x15dda64e0, overriding to 0x0
(agent) [xwne5q5gdic] Return Value: 0x1
(session detach message) process-terminated