Snake&Apple V — Dyld

Introduction to the Dynamic Linker concept on the macOS with Python.

INTRO

Welcome to another article in the series on macOS security internals!

In the Snake&Apple I — Mach-O, I introduced the Mach-O file format, which provides Dynamic Loader (Dyld) information on Dynamic Libraries (dylibs).

In turn, the topic of Dynamic Libraries was discussed in depth in the last publication, Snake&Apple IV — Dylibs.

This paper complements the two mentioned above and introduces the Dynamic Linker, responsible for starting each program on the macOS.

Please note that some topics have been intentionally omitted and will be addressed in future articles. However, leave a comment if you have any questions or need clarification about anything written here while reading. I guarantee a response and will use your feedback for future articles.

The Snake&Apple V. Dyld repository contains all of the code used.

Dyld — High-Level Overview

In one sentence, the Dynamic Linker is responsible for loading dependent dynamic libraries, rebasing and…