Xposed插件开发(一)简单demo
xposed下载地址:http://repo.xposed.info/module/de.robv.android.xposed.installer
xposed开发包源码:https://github.com/rovo89/XposedBridge.git
xposed简易demo:https://github.com/rovo89/XposedExamples.git
准备阶段
新建android工程,只需要修改三个地方,就可以开发xposed插件了:
导入XposedBridgeApi.jar
我这边图省事直接将demo中lib文件拷贝到当前工程中了
Androidmanifest.xml 没有activity也不要紧。
<application
android:allowBackup="true"
android:icon="@drawable/ic_launcher"
android:label="@string/app_name"
android:theme="@style/AppTheme" >
<!-- 增加三个meata-data -->
<meta-data
android:name="xposedmodule"
android:value="true" />
<meta-data
android:name="xposeddescription"
android:value="make a Simcard id" />
<meta-data
android:name="xposedminversion"
android:value="30" />
</application>
在assets中添加xposed_init文件
xposed_init文件记录xposed插件处理类,文件写入格式为:包名+类名
简单demo
由于某app需要获取sim卡才能运行,这边准备利用xposed伪造一份simcard id绕过去。
代码放在gihub:https://github.com/saidyou/com.saidyou.xposed.simcard.git
package com.saiyou.xposed.simcard;
import static de.robv.android.xposed.XposedHelpers.findAndHookMethod;
import android.telephony.TelephonyManager;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.callbacks.XC_LoadPackage.LoadPackageParam;
public class Simcard implements IXposedHookLoadPackage {
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
// TODO Auto-generated method stub
XposedBridge.log(lpparam.packageName + " [Simcard]");
// sim is usefully
findAndHookMethod(TelephonyManager.class.getName(),lpparam.classLoader,"getSimState",new XC_MethodHook(){
protected void beforeHookedMethod(XC_MethodHook.MethodHookParam param) throws Throwable {
// TODO Auto-generated method stub
super.beforeHookedMethod(param);
}
protected void afterHookedMethod(XC_MethodHook.MethodHookParam param) throws Throwable {
// TODO Auto-generated method stub
super.afterHookedMethod(param);
//TelephonyManager.SIM_STATE_READY 5
param.setResult(TelephonyManager.SIM_STATE_READY);
}
});
// get sim id
findAndHookMethod("android.telephony.TelephonyManager",lpparam.classLoader,"getSubscriberId",new XC_MethodHook(){
}
}
问题
xposed没有运行
问题描述: 在android studio下编译,会将XposedBridgeApi.jar编译到dex中,然后xposed框架在运行时不是调用系统中的xposed接口,而是自身的jar包
解决方法: 所以删掉不必要的代码,xposed的才能正常运行,我这边写脚本处理,可以借鉴
import sys
import os
import shutil
pwd = sys.path[0]
temp_path = pwd+'\\temp'
if os.path.exists(temp_path):
shutil.rmtree(temp_path)
cmd = "apktool d -r %s\\app-release.apk -o %s"%(pwd,temp_path)
print cmd
os.system(cmd)
shutil.rmtree('%s\\smali\\de'%temp_path)
shutil.rmtree('%s\\smali\\androidx'%temp_path)
shutil.rmtree('%s\\smali\\android'%temp_path)
shutil.rmtree('%s\\unknown'%temp_path)
text = ''
is_unknown = False
for line in open('%s\\apktool.yml'%temp_path):
if is_unknown == False and line.find('unknownFiles:')+1:
is_unknown = True
elif is_unknown and line.startswith(' ') == False:
is_unknown = False
elif is_unknown == False:
text += line
open('%s\\apktool.yml'%temp_path, 'w+').write(text)
os.system("apktool b -r %s -o %s\\new.apk"%(temp_path,pwd))
os.system("apksign %s\\new.apk"%pwd)
os.system('adb install -r %s\\new_signed.apk'%pwd)
加载so
问题描述: xposed的模块,在高版本下,例如android7.1上无法加载自己的so
1、存在路径限制,只能加载/system/lib和/vertor/lib下的so
2、域空间名限制