欢迎您访问程序员文章站本站旨在为大家提供分享程序员计算机编程知识!
您现在的位置是: 首页

Xposed hook(android)

程序员文章站 2022-05-12 14:02:53
...

先写一个测试程序获取 id

public class MainActivity extends AppCompatActivity {

    @Override
    protected void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.activity_main);
        //控件
        TextView test = findViewById(R.id.test);
        Context context = getApplicationContext();
        //权限
        //<uses-permission android:name="android.permission.READ_PHONE_STATE" />
        if (context.getPackageManager().checkPermission(Manifest.permission.READ_PHONE_STATE,
                context.getPackageName()) == PackageManager.PERMISSION_GRANTED)
        {
            String  Imei = ((TelephonyManager) getSystemService(TELEPHONY_SERVICE)).getDeviceId();
            Log.e("soho",Imei);
            test.setText(Imei);
        }
        else
        {
            Log.e("soho","no permission");
        }

    }
}

Xposed hook(android)
开始 hook
新建一个项目
在application中增加模块说明

 <meta-data android:name="xposedmodule" android:value="true"></meta-data>
        <meta-data android:name="xposeddescription" android:value="Xposed插件"></meta-data>
        <meta-data android:name="xposedminversion" android:value="54"></meta-data>
/////////////////////////////////////////////////////////////
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
    package="com.example.liuhailong.hook">

    <application
        android:allowBackup="true"
        android:icon="@mipmap/ic_launcher"
        android:label="@string/app_name"
        android:roundIcon="@mipmap/ic_launcher_round"
        android:supportsRtl="true"
        android:theme="@style/AppTheme">
        <activity android:name=".MainActivity">
            <intent-filter>
                <action android:name="android.intent.action.MAIN" />

                <category android:name="android.intent.category.LAUNCHER" />
            </intent-filter>
        </activity>
        <meta-data android:name="xposedmodule" android:value="true"></meta-data>
        <meta-data android:name="xposeddescription" android:value="Xposed插件"></meta-data>
        <meta-data android:name="xposedminversion" android:value="54"></meta-data>
    </application>

</manifest>

导入 xposed jar
先在 app 中新建 一个文件夹同时必须名为 lib(在 project 视图)
Xposed hook(android)
复制模块进去
Xposed hook(android)
打开模块依赖
Xposed hook(android)
再添加
Xposed hook(android)
修改 scope 为
Xposed hook(android)
Xposed hook(android)
加载下或者运行一下不行重启 as
会出现 3 个目录说明加载成功
Xposed hook(android)
创建一个类 名称必须为Main实现IXposedHookLoadPackage接口
Xposed hook(android)
实现方法
Xposed hook(android)
声明主入口类路径
在 main文件夹内建立 assets文件夹必须名为assets
在assets文件夹内新建一个 xposed_init的文件名称也要一样
在文件中声明入口类名称
Xposed hook(android)
使用 findAndHookMethod

    package com.example.liuhailong.hook;

import android.telephony.TelephonyManager;

import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodReplacement;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;

public class Main implements IXposedHookLoadPackage {
    @Override
    public void handleLoadPackage(XC_LoadPackage.LoadPackageParam loadPackageParam) throws Throwable {
        //先判断要 hook的包也就是那个 app
        if(!loadPackageParam.packageName.equals("com.example.liuhailong")){
            //打印日志这个打印在 apk上
            XposedBridge.log(loadPackageParam.packageName);
            return;
        }  
        //打到对应的方法 进行替换 replaceHookedMethod替换方法
        //参数1:名称 参数2:方法名 参数3:实现监听 重写方法
        XposedHelpers.findAndHookMethod(
        TelephonyManager.class,
        "getDeviceId",
        new XC_MethodReplacement() {
            @Override
            protected Object replaceHookedMethod(MethodHookParam argMethodHookParam) throws Throwable {
                return "我才是***!";
            }
        }
        );
    }
}

安装 hook 框架
de.robv.android.xposed.installer_v32_de4f0d.apk
Xposed hook(android)
提示要你安装 hook
Xposed hook(android)
点击框架
Xposed hook(android)
点击安装它就会要你重启
重启完后启动 hook

点击模块
Xposed hook(android)
重启就可以了 只要启动 hooktest 就会被 hook(hook不要启动 一般是写没有见面的我是为了调试)
Xposed hook(android)
Main.java 完整代码

package com.bluelesson.xposed24;

import android.telephony.TelephonyManager;

import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;

public class Main implements IXposedHookLoadPackage {
    @Override
    public void handleLoadPackage(XC_LoadPackage.LoadPackageParam argLoadPackageParam) throws Throwable {

        // 判断是不是要Hook的包,不是直接返回
        if(!argLoadPackageParam.packageName.equals("com.bluelesson.testphoneinfo")){
            return;
        }

//        XposedHelpers.findAndHookMethod(
//                TelephonyManager.class,
//                "getDeviceId",
//                new XC_MethodReplacement() {
//                    @Override
//                    protected Object replaceHookedMethod(MethodHookParam argMethodHookParam) throws Throwable {
//                        return "我才是***!";
//                    }
//                }
//        );

        XposedHelpers.findAndHookMethod(
                TelephonyManager.class,
                "getDeviceId",
                new XC_MethodHook() {
                    @Override
                    protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
                        super.beforeHookedMethod(param);

                        XposedBridge.log("beforeHookedMethod");
                    }

                    @Override
                    protected void afterHookedMethod(MethodHookParam param) throws Throwable {
                        super.afterHookedMethod(param);

                        XposedBridge.log("afterHookedMethod");

                        param.setResult("我是***");
                    }
                }
        );

    }
}

转载于:https://blog.51cto.com/haidragon/2137417