[Android 逆向]Xposed 破解 切水果大战原版.apk
代码
public class Main implements IXposedHookLoadPackage {
boolean flag = false;
@Override
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable {
String t_packageName = lpparam.packageName;
if ("com.mf.xxyzgame.wpp.game.hlqsgdzz.huawei".equals(t_packageName)) {
XposedBridge.log("hook!!! in in !! : " + t_packageName);
Class<?> aClass = lpparam.classLoader.loadClass("com.mydefinemmpay.tool.MessageUtil");
// hook gouzao fangfa wuxiao
// XposedHelpers.findAndHookConstructor(aClass, new XC_MethodHook() {
// @Override
// protected void afterHookedMethod(MethodHookParam param) throws Throwable {
// super.afterHookedMethod(param);
// XposedBridge.log("hook!!! before");
// XposedHelpers.setObjectField(param.thisObject, "free", "1");
// XposedBridge.log("hook!!! after");
// }
// });
XposedHelpers.findAndHookMethod(aClass, "init", Context.class, new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
String t_free = (String)XposedHelpers.getObjectField(param.thisObject, "free");
XposedBridge.log("hook!!! beforeHookedMethod t_free: " + t_free);
}
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
XposedBridge.log("hook!!! before");
XposedHelpers.setObjectField(param.thisObject, "free", "1");
XposedBridge.log("hook!!! after");
String ta_free = (String)XposedHelpers.getObjectField(param.thisObject, "free");
XposedBridge.log("hook!!! afterHookedMethod ta_free: " + ta_free);
}
});
}
}
}
这里记录一下
- t_packageName 其实是对应的是进程名称,而非类所在的包下的名称
- hook 构造函数,即使在after方法内也是不生效的
- 可以在hook 普通函数中执行XposedHelpers.setObjectField方法来修改实例的成员变量的值
