使用xposed 来解阿里ctf-2014 第三题

只能说,有了xposed以后,对于java代码的hook从此非常简单

直接粘贴代码了,对于xposed 怎么上手,请参考https://github.com/rovo89/XposedBridge/wiki/Development-tutorial

关键是找到addJavascriptInterface这个函数并hook即可,然后找到到底注入的名字以及object对象。

public class Tutorial implements IXposedHookLoadPackage {

     public void handleLoadPackage(final LoadPackageParam lpparam) throws Throwable {

     //XposedBridge.log("Loaded app: " + lpparam.packageName);

         if (!lpparam.packageName.equals("com.ali.tg.testapp"))

     return;

    findAndHookMethod("android.webkit.WebView",lpparam.classLoader,"addJavascriptInterface",Object.class,String.class,new XC_MethodHook(){

    @Override

protected void beforeHookedMethod(MethodHookParam param) throws Throwable {

// this will be called before the clock was updated by the original method

    XposedBridge.log("before addJavascriptInterface:"+param.args[1].toString());

    XposedBridge.log("methods:");

    Object obj=param.args[0];

    Class<?> cls= obj.getClass();

    Method[] ms=cls.getDeclaredMethods();

    for( int i=0;i<ms.length;i++)

    {

        XposedBridge.log(ms[i].toString());

    }

}

@Override

protected void afterHookedMethod(MethodHookParam param) throws Throwable {

 

}

});

      

      

     }

}

posted on 2015-01-22 15:52  baizx  阅读(1223)  评论(0编辑  收藏  举报