一.Framework注入
1.PROJECT TARGETS 下方 "+","Cocoa Touch Framework","MuyangHook"
2.左侧"MuyangHook" 新建类
3.编译build,新的Framework会出现在 Products/.app “Show in Finder”成目录
4.显示app包内容.app/Frameworks/里包含新建Framework。新版XCode编译后自动包含
5.新建Framework编译后会自动进入.app/Frameworks,但是MachOView/Fat Binary/Executable/Load Commands里并没有新建的Framework。MachO文件不包含
6.将.app/Frameworks/MuyangHook.framework/MuyangHook 写入MachO文件,修改的越狱的原始app包。工程的APP目录
7.yololib修改。进入 Wechat.app包内容/Payload/Wechat.app
yololib Wechat Frameworks/MuyangHook.framework/MuyangHook
8.重新生成ipa包,进入Payload所在层目录。 zip -ry WeChat.ipa Payload
9.替换APP目录的ipad包
二.Dylib注入
a.Copy Files注入
1.PROJECT TARGETS 下方 "+","Library","MuyangHook"
2.修改General,"Deloyment Type","9.0"
修改Library,"Build Settings","Base SDK" "iOS"
修改Library,"Code Signing identity","iOS Developer"
3.给TARGETS 添加依赖 包含 Library
"TARGETS" "Build Phases" "+" "New Copy Files Phase","Copy Files -> Destination Frameworks" "+ libMuyangHook.dylib"
b.脚本注入
TARGET_APP_PATH="$BUILD_PRODUCTS_DIR/$TARGET_NAME.app"
APP_BINARY='plutil -convert xml1 -o -&TARGET_APP_PATH/Info.plist|grep -A1 Exec|tail-n1|cut -f2 -d\>|cut -f1 -d\<'
yololib "$TARGET_APP_PATH/$APP_BINARY" "Frameworks/libMuyangHook.dylib"
网友评论