Review past
The most detailed framework of CydiaSubstrate ever
Android Apk 360 Hardening procedure
Frida environment installation
JNI dynamic registration
Xposed framework is a can not modify the APK under the condition of affecting the program to run (modify the system) framework services, based on it can make many powerful modules, and in the case of functional conflict at the same time. Applications or functions such as replacement ICONS for native Launcher are based on this framework.
One: install xposed framework
There are two cases of the installation of the framework: system 5.0 or above. At present, simulators or mobile phones are 5.0 or above. Let’s first demonstrate the installation of the framework 5.0 or above. Xposed framework needs to have ROOT authorization to install, Android all advanced applications need ROOT permission.
1. Install the Xposed framework installation package, after the installation is completed, open the main interface, as shown in the figure below.
2. A message is displayed indicating that the frame is not installed, as shown in the following figure.
3. If you want to reinstall or restore the installation, select Reinstall, as shown in the following figure.
4. After the installation is complete, restart the lightning simulator. Since it does not support self-start, you need to manually shut down and restart the simulator, as shown in the following figure.
5. After the startup, the normal interface is activated, as shown in the following figure.
6. Once the installation is complete, click in the upper left corner, where you only need the module and logging options.
If you select a new module, you need to restart the emulator to take effect. 7. The log window is shown in the following figure.
Plug-in development
2. Modify the configuration file
First open Eclipse, create an Android project and configure it in the Androidmanifest.xml file, remember you can’t change the name property value, just the value property. 1. Add a logo to let the system recognize it as a plug-in, as shown below.
2. The information displayed after loading HOOK module can be customized, as shown below.
3. Specify the VERSION of the JAR package. You can also customize the version, as shown in the following figure.
Add third-party JAR packages
After the configuration file is modified, add the third-party JAR package as follows: 1. Create a new folder named lib and put the jar package xposedBridgeapi.jar in it.
2. Right-click the jar package in lib and add the build path.
Four: configure the plug-in entry class
Then create a new class that must inherit from IXposedHookLoadPackage and then configure it. The configuration is as follows: Create a folder named Assets, create a file xposed_init in the folder, and specify the path of the module you just wrote: package name + class name, as shown in the following figure.
Five: write code to hook
1. Install the target APK, and enter the account and registration code, as shown below.
If you click the register button, it will prompt you that the registration failed, so the purpose of hook is to make it return correct. (1) Open the JADX tool to analyze the source code and finally find the return value, as shown in the figure below.
(2) Find the final judgment and write hook code, as shown in the figure below.
2. Run the program to view the final effect, as shown below.
summary
Xposed framework concept and how to install, install after the completion of the need to use the function of introduction, and share the introduction of the plug-in and basic properties, actual combat operation write plug-in and steps, running app to achieve the ultimate goal.
If you are also interested in Android reverse, please add contact information, you can also scan the following TWO-DIMENSIONAL code, or wechat search [Chen Dao mobile security team], pay attention to surprise oh!
Qq: 3543756281
Ag: Yjxiaox
