先写一个测试程序获取 id
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
//控件
TextView test = findViewById(R.id.test);
Context context = getApplicationContext();
//权限
//<uses-permission android:name="android.permission.READ_PHONE_STATE" />
if (context.getPackageManager().checkPermission(Manifest.permission.READ_PHONE_STATE,
context.getPackageName()) == PackageManager.PERMISSION_GRANTED)
{
String Imei = ((TelephonyManager) getSystemService(TELEPHONY_SERVICE)).getDeviceId();
Log.e("soho",Imei);
test.setText(Imei);
}
else
{
Log.e("soho","no permission");
}
}
}
开始 hook
新建一个项目
在application中增加模块说明
<meta-data android:name="xposedmodule" android:value="true"></meta-data>
<meta-data android:name="xposeddescription" android:value="Xposed插件"></meta-data>
<meta-data android:name="xposedminversion" android:value="54"></meta-data>
/////////////////////////////////////////////////////////////
<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android"
package="com.example.liuhailong.hook">
<application
android:allowBackup="true"
android:icon="@mipmap/ic_launcher"
android:label="@string/app_name"
android:roundIcon="@mipmap/ic_launcher_round"
android:supportsRtl="true"
android:theme="@style/AppTheme">
<activity android:name=".MainActivity">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
</intent-filter>
</activity>
<meta-data android:name="xposedmodule" android:value="true"></meta-data>
<meta-data android:name="xposeddescription" android:value="Xposed插件"></meta-data>
<meta-data android:name="xposedminversion" android:value="54"></meta-data>
</application>
</manifest>导入 xposed jar
先在 app 中新建 一个文件夹同时必须名为 lib(在 project 视图)
复制模块进去
打开模块依赖
再添加
修改 scope 为
创建一个类 名称必须为Main实现IXposedHookLoadPackage接口
实现方法
声明主入口类路径
在 main文件夹内建立 assets文件夹必须名为assets
在assets文件夹内新建一个 xposed_init的文件名称也要一样
在文件中声明入口类名称
使用 findAndHookMethod
package com.example.liuhailong.hook;
import android.telephony.TelephonyManager;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodReplacement;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
public class Main implements IXposedHookLoadPackage {
@Override
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam loadPackageParam) throws Throwable {
//先判断要 hook的包也就是那个 app
if(!loadPackageParam.packageName.equals("com.example.liuhailong")){
//打印日志这个打印在 apk上
XposedBridge.log(loadPackageParam.packageName);
return;
}
//打到对应的方法 进行替换 replaceHookedMethod替换方法
//参数1:名称 参数2:方法名 参数3:实现监听 重写方法
XposedHelpers.findAndHookMethod(
TelephonyManager.class,
"getDeviceId",
new XC_MethodReplacement() {
@Override
protected Object replaceHookedMethod(MethodHookParam argMethodHookParam) throws Throwable {
return "我才是序列号!";
}
}
);
}
}
安装 hook 框架
de.robv.android.xposed.installer_v32_de4f0d.apk
提示要你安装 hook
点击框架
点击安装它就会要你重启
重启完后启动 hook
点击模块
重启就可以了 只要启动 hooktest 就会被 hook(hook不要启动 一般是写没有见面的我是为了调试)
Main.java 完整代码
package com.bluelesson.xposed24;
import android.telephony.TelephonyManager;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage;
public class Main implements IXposedHookLoadPackage {
@Override
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam argLoadPackageParam) throws Throwable {
// 判断是不是要Hook的包,不是直接返回
if(!argLoadPackageParam.packageName.equals("com.bluelesson.testphoneinfo")){
return;
}
// XposedHelpers.findAndHookMethod(
// TelephonyManager.class,
// "getDeviceId",
// new XC_MethodReplacement() {
// @Override
// protected Object replaceHookedMethod(MethodHookParam argMethodHookParam) throws Throwable {
// return "我才是序列号!";
// }
// }
// );
XposedHelpers.findAndHookMethod(
TelephonyManager.class,
"getDeviceId",
new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
XposedBridge.log("beforeHookedMethod");
}
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
XposedBridge.log("afterHookedMethod");
param.setResult("我是序列号");
}
}
);
}
}