前言
Xposed是早期的Hook框架,有成熟的社区和API来支撑,但作者在2017年就停止了该项目的维护.后来出现了Edposed,并接管了Xposed的位置,但Edposed存在的时间很短且本身框架也有很多问题.于是基于Edposed的改良框架Lsposed脱颖而出,它接管了Xposed的API,可以很好的兼容Xposed的API,再加上其模块编写后无需重启就可以生效的特性,极大的提高了我们的效率,值得我们进行学习.
下面的流程以Pixel sailfish为例,来介绍下Xposed和Lsposed安装以及基本模块的编写.
Xposed
Xposed正式版目前仅支持到Android 7,官方已不再维护,该项目的Github地址如下:
https://github.com/rovo89/Xposed
- 手机刷入Android7.1.2镜像.
https://dl.google.com/dl/android/aosp/sailfish-n2g47o-factory-f2bc8024.zip
- 下载SuperSU刷机包,将其推送到手机的sdcard目录.
https://supersuroot.org/download/
SR5-SuperSU-v2.82-SR5-20171001224502.zip
- 手机刷入twrp.
https://twrp.me/Devices/
1
2
3
4
|
//Nexus 5X
fastboot flash recovery twrp.img
//Pixel
fastboot flash boot twrp.img
|
-
手机进入recovey模式,刷入SuperSU.
-
下载Xposed刷机包,将其推送到手机的sdcard目录.
https://forum.xda-developers.com/t/official-xposed-for-lollipop-marshmallow-nougat-oreo-v90-beta3-2018-01-29.3034811/
xposed-v89-sdk25-arm64.zip
- 手机进入recovey模式,刷入Xposed.
- 手机重启后,安装XposedInstaller App(Xposed插件管理和功能控制App).
XposedInstaller_3.1.5.apk
Lsposed
官方目前支持Android8.1~13,该项目的Github地址如下:
https://github.com/LSPosed/LSPosed
- 手机刷入Android8.1镜像.
https://source.android.com/setup/start/build-numbers
https://developers.google.com/android/images
https://dl.google.com/dl/android/aosp/sailfish-opm1.171019.011-factory-56d15350.zip
- 使用Magisk进行Root.
https://github.com/topjohnwu/Magisk
- 在Magisk中启动Zygisk.
- 下载LSPosed的zygisk版本,将其推送到手机的sdcard目录中.
https://github.com/LSPosed/LSPosed
- 在Magisk中使用本地安装上述模块.
Hook模块编写
测试Apk
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
|
package com.example.luodst;
import androidx.appcompat.app.AppCompatActivity;
import android.os.Bundle;
import android.view.View;
import android.widget.Button;
import android.widget.Toast;
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Button button = (Button) findViewById(R.id.button);
button.setOnClickListener(new View.OnClickListener() {
public void onClick(View v) {
Toast.makeText(MainActivity.this, toastMessage(), Toast.LENGTH_SHORT).show();
}
});
}
public String toastMessage() {
return "我未被劫持";
}
}
|
模块编写
- 修改AndroidManifest.xml文件
1
2
3
4
5
6
7
8
9
|
<meta-data
android:name="xposedmodule"
android:value="true" />
<meta-data
android:name="xposeddescription"
android:value="这是一个xposed demo" />
<meta-data
android:name="xposedminversion"
android:value="82" />
|
- 将XposedBridgeApi.jar放到项目中的app/libs目录下
XposedBridgeApi-82.jar
- 配置build.gradle
1
2
3
|
compileOnly files('libs/XposedBridgeApi-82.jar')
compileOnly 'de.robv.android.xposed:api:82'
compileOnly 'de.robv.android.xposed:api:82:sources'
|
- 配置settings.gradle,在repositories中添加下面两个任意一个即可
1
2
|
maven { url 'https://maven.aliyun.com/repository/public/' }
//maven { url "https://api.xposed.info/" }
|
- 新建一个类继承IXposedHookLoadPackage来写Hook代码
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
|
package com.example.luoxposeddemo;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
public class LuoHook implements IXposedHookLoadPackage {
private final String TAG = "[LuoXposed]";
@Override
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable {
if (lpparam.packageName.equals("com.example.luodst")){
Class clazz = lpparam.classLoader.loadClass("com.example.luodst.MainActivity");
XposedHelpers.findAndHookMethod(clazz, "toastMessage", new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
}
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
param.setResult("你已被劫持");
}
});
}
}
}
|
- 在项目的main目录下新建一个assets文件夹
- 在上面新建的assets文件夹下,新建一个xposed_init文件,来指明Hook的入口类.
- 在Lsposed中启用上述编写的模块,后台杀掉测试进程App后重新启动,编写的的Hook代码就可以对上述测试Apk生效.
参考链接
新手不要再被误导!这是一篇最新的Xposed模块编写教程
android studio2021.3.1 最新xposed模块编写指南
夏洛魂 收录于 Android Lsposed 和 Lsposed