Android xpsoed 插件开发代码实例
直接上代码就一下吧
package com.example.hook_https2;
import android.app.Application;
import android.content.Context;
import android.util.Log;
import androidx.core.app.NotificationCompat;
import com.google.gson.Gson;
import com.koushikdutta.async.http.server.AsyncHttpServer;
import com.koushikdutta.async.http.server.AsyncHttpServerRequest;
import com.koushikdutta.async.http.server.AsyncHttpServerResponse;
import com.koushikdutta.async.http.server.HttpServerRequestCallback;
import org.json.JSONException;
import org.json.JSONObject;
import java.util.Map;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
public class Hook implements IXposedHookLoadPackage {
private static final String TAG = "yunyikeji=>";
ClassLoader appCl;
Context appCxt;
String key;
String sessionId;
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam loadPackageParam) throws Throwable {
if (loadPackageParam.packageName.equals("com.kingpoint.gmcchh")) {
XposedBridge.hookAllMethods(XposedHelpers.findClass("android.app.ActivityThread", loadPackageParam.classLoader), "performLaunchActivity", new XC_MethodHook() {
/* class com.hook.hook_https.Hook.AnonymousClass1 */
/* access modifiers changed from: protected */
public void afterHookedMethod(XC_MethodHook.MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
Log.e(Hook.TAG, "afterHookedMethod:成功hook");
XposedBridge.log(Hook.TAG+"afterHookedMethod:成功hook");
final ClassLoader finalCL = (ClassLoader) XposedHelpers.callMethod((Application) XposedHelpers.getObjectField(param.thisObject, "mInitialApplication"), "getClassLoader", new Object[0]);
try {
XposedHelpers.findAndHookMethod(XposedHelpers.findClass("com.migu.tj0.a", finalCL), "i", String.class, String.class, new XC_MethodHook() {
/* class com.hook.hook_https.Hook.AnonymousClass1.AnonymousClass1 */
/* access modifiers changed from: protected */
public void beforeHookedMethod(MethodHookParam param) throws Throwable {
Log.e(Hook.TAG, "beforeHookedMethod: " + param.args[0].toString());
Log.e(Hook.TAG, "beforeHookedMethod: " + param.args[1].toString());
XposedBridge.log("param "+param);
super.beforeHookedMethod(param);
}
/* access modifiers changed from: protected */
public void afterHookedMethod(MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
String result = (String) param.getResult();
XposedBridge.log(Hook.TAG+ "afterHookedMethod: " + result);
if (result.contains("sessionKey")) {
Map map = (Map) new Gson().fromJson(result, Map.class);
Hook.this.key = map.get("sessionKey").toString();
Hook.this.sessionId = map.get("sessionId").toString();
}
new Thread(new Runnable() {
/* class com.hook.hook_https.Hook.AnonymousClass1.AnonymousClass1.AnonymousClass1 */
public void run() {
AsyncHttpServer server = new AsyncHttpServer();
server.post("/yunyi", new HttpServerRequestCallback() {
/* class com.hook.hook_https.Hook.AnonymousClass1.AnonymousClass1.AnonymousClass1.AnonymousClass1 */
@Override
// com.koushikdutta.async.http.server.HttpServerRequestCallback
public void onRequest(AsyncHttpServerRequest request, AsyncHttpServerResponse response) {
Throwable eee;
String str = "com.migu.il.a";
AsyncHttpServerResponse asyncHttpServerResponse = response;
JSONObject jsonObject = new JSONObject();
try {
String p1 = request.getQuery().getString("distributor");
if (p1.equals("session")) {
jsonObject.put(NotificationCompat.CATEGORY_STATUS, true);
jsonObject.put("data", Hook.this.sessionId);
}
if (p1.equals("sendsms")) {
try {
String phone = request.getQuery().getString("phone");
Class<?> signClass = XposedHelpers.findClass("com.migu.il.a", finalCL);
StringBuilder sb = new StringBuilder();
str = "com.migu.il.a";
sb.append("{\"mobileNumber\":\"");
sb.append(phone);
sb.append("\"}");
Object[] objArr = {"GMCCAPP_000_000_001_011", sb.toString()};
Class<?> encrypClass = XposedHelpers.findClass("com.migu.tj0.a", finalCL);
Object[] objArr2 = {Hook.this.key, (String) XposedHelpers.callStaticMethod(signClass, "a", objArr)};
jsonObject.put(NotificationCompat.CATEGORY_STATUS, true);
jsonObject.put("data", (String) XposedHelpers.callStaticMethod(encrypClass, "j", objArr2));
} catch (Throwable th) {
eee = th;
asyncHttpServerResponse = response;
Log.d(Hook.TAG, "onRequest: " + eee);
try {
jsonObject.put(NotificationCompat.CATEGORY_STATUS, false);
} catch (JSONException e) {
e.printStackTrace();
}
asyncHttpServerResponse.send(jsonObject);
}
} else {
str = "com.migu.il.a";
}
if (p1.equals("decrypt")) {
String data = request.getQuery().getString("data");
String sendEncryp = (String) XposedHelpers.callStaticMethod(XposedHelpers.findClass("com.migu.tj0.a", finalCL), "i", new Object[]{Hook.this.key, data});
Log.e(Hook.TAG, "onRequest: " + sendEncryp);
jsonObject.put(NotificationCompat.CATEGORY_STATUS, true);
jsonObject.put("data", sendEncryp);
}
if (p1.equals("login")) {
String data2 = request.getQuery().getString("verifyCode");
String phone2 = request.getQuery().getString("phone");
Class<?> signClass2 = XposedHelpers.findClass(str, finalCL);
String sign = (String) XposedHelpers.callStaticMethod(signClass2, "a", new Object[]{"GMCCAPP_000_000_001_001", "{\"password\":\"" + data2 + "\",\"loginType\":\"2\",\"mobileNumber\":\"" + phone2 + "\",\"isGDMobile\":\"1\"}"});
StringBuilder sb2 = new StringBuilder();
sb2.append("onRequest: login");
sb2.append(sign);
Log.e(Hook.TAG, sb2.toString());
Class<?> encrypClass2 = XposedHelpers.findClass("com.migu.tj0.a", finalCL);
Object[] objArr3 = {Hook.this.key, sign};
jsonObject.put(NotificationCompat.CATEGORY_STATUS, true);
jsonObject.put("data", (String) XposedHelpers.callStaticMethod(encrypClass2, "j", objArr3));
}
if (p1.equals("sessionKey")) {
String ke=Hook.this.key;
jsonObject.put("data",ke );
}
jsonObject.put("desc", "666!");
response.send(jsonObject);
} catch (Throwable th2) {
eee = th2;
Log.d(Hook.TAG, "onRequest: " + eee);
try {
jsonObject.put(NotificationCompat.CATEGORY_STATUS, false);
} catch (JSONException e) {
e.printStackTrace();
}
asyncHttpServerResponse.send(jsonObject);
}
}
});
server.listen(6666);
Log.e(Hook.TAG, "AsyncHttpServer start");
XposedBridge.log(Hook.TAG+" 开始了");
}
}).start();
XposedHelpers.findClass("com.migu.tj0.a", finalCL);
}
});
} catch (Throwable e) {
Log.e(Hook.TAG, "afterHookedMethod: " + e.toString());
}
}
});
}
}
}