package com.chinac.testxposed.log
//import com.sun.xml.internal.fastinfoset.algorithm.BuiltInEncodingAlgorithmFactory.getAlgorithm
import android.content.Context
import android.os.Build
import android.os.Environment
import android.util.Log
import com.chinac.testxposed.SystemTool
import de.robv.android.xposed.*
import de.robv.android.xposed.callbacks.XC_LoadPackage
import java.io.FileWriter
import java.io.IOException
import de.robv.android.xposed.XC_MethodHook.MethodHookParam
import de.robv.android.xposed.XC_MethodHook
import de.robv.android.xposed.XposedHelpers
import android.R.attr.name
class qiaqiaMain : IXposedHookLoadPackage {
private var dataNum=1;
private var resultNum=1;
private val mRemoveSecureFlagHook = object : XC_MethodHook() {
@Throws(Throwable::class)
override fun beforeHookedMethod(paramAnonymousMethodHookParam: XC_MethodHook.MethodHookParam) {
val localInteger =
Integer.valueOf(-0x2001 and (paramAnonymousMethodHookParam.args[0] as Int).toInt())
paramAnonymousMethodHookParam.args[0] = localInteger
}
}
private val mRemoveSetSecureHook = object : XC_MethodHook() {
@Throws(Throwable::class)
override fun beforeHookedMethod(paramAnonymousMethodHookParam: XC_MethodHook.MethodHookParam) {
paramAnonymousMethodHookParam.args[0] = java.lang.Boolean.valueOf(false)
}
}
@Throws(Exception::class)
override fun handleLoadPackage(lpparam: XC_LoadPackage.LoadPackageParam?) {
Log.e("Main", "packageName:" + lpparam!!.packageName)
if (lpparam!!.packageName.startsWith("com.qiaqiachat.vip") || lpparam!!.packageName.startsWith("com.wei.myapplication")) {
XposedHelpers.findAndHookMethod("com.qihoo.util.c",
lpparam.classLoader,
"a",
Context::class.java,
object : XC_MethodHook() {
@Throws(Throwable::class)
override fun afterHookedMethod(param: MethodHookParam) {
super.afterHookedMethod(param)
Log.e("chinaclog", "com.qihoo.util.c")
//获取到360的Context对象,通过这个对象来获取classloader
val context = param.args[0] as Context
//获取360的classloader,之后hook加固后的代码就使用这个classloader
val classLoader = context.classLoader
//替换classloader,hook加固后的真正代码
XposedHelpers.findAndHookMethod("com.snail.antifake.jni.EmulatorDetectUtil", classLoader, "a",
Context::class.java,
object : XC_MethodHook() {
override fun beforeHookedMethod(param: MethodHookParam) {
super.beforeHookedMethod(param)
}
override fun afterHookedMethod(param: MethodHookParam?) {
Log.e("chinaclog", "EmulatorDetectUtil.a")
param!!.result = false
super.afterHookedMethod(param)
}
})
XposedHelpers.findAndHookMethod("com.snail.antifake.deviceid.a", classLoader, "b",
Context::class.java,
object : XC_MethodHook() {
override fun beforeHookedMethod(param: MethodHookParam) {
super.beforeHookedMethod(param)
}
override fun afterHookedMethod(param: MethodHookParam?) {
Log.e("chinaclog", "a.b")
param!!.result = false
super.afterHookedMethod(param)
}
})
}
})
}
}
private fun strToFile(data: String, name: String) {
val path: String = Environment.getExternalStorageDirectory().toString() + "/sige/" + name
XposedBridge.log("保存路径为:$path")
var fwriter: FileWriter? = null
try {
fwriter = FileWriter(path)
fwriter.write(data)
} catch (ex: IOException) {
ex.printStackTrace()
} finally {
if (fwriter != null) try {
fwriter.flush()
fwriter.close()
} catch (ex: IOException) {
ex.printStackTrace()
}
}
}
}
以上是对恰恰应用的模拟检测的hook,应用通过360加固了,所以需要通过360加固的对象本身获取content的对象,然后通过这个对象获取要hook的类
