1、以frida为例:
frida是一款代码插桩工具,它可以向windows,macOS,Linux,iOS,Android等平台的原生应用中注射自定义的JavaScript和python代码片段,使用python和javascrip进行hook模块的开发。
(1)准备一台已Root手机,连接至PC/Mac;
(2)在PC/Mac上安装Python 2.7或Python 3.6,并安装frida和frida-tools:
pip installfrida
pipinstall frida-tools
pip list|find "frida" //列出已经安装的指定包
(3)从 https://github.com/frida/frida/releases 下载对应的frida-server, 解压后使用adb向目标手机推送frida-server:
adb push frida-server /data/local/tmp
adb push frida-server-12.2.30 /data/local/tmp
(4)在手机上运行Frida Server,同时启动目标App:
$adb shell su$su$cd/data/local/tmp/$chmod 755 /data/local/tmp/frida-server
$ adb shellsu -c "/data/local/tmp/frida-server"./frida-server-12.2.30 //笔记本连接用这个//笔记本上运行如下命令:
pip search frida
frida-version //笔记本上查看安装的fr