美文网首页
XPosed+Charles抓包淘宝App

XPosed+Charles抓包淘宝App

作者: 吃饱了就送 | 来源:发表于2021-06-08 11:37 被阅读0次

    阿里系大多使用了MTOP来加签请求,所以需要通过hook的方式关掉这个加签。我这里使用的是xposed。也可以使用Frida

     @Override
    public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable {
        XposedBridge.log("========START=====");

if(lpparam.packageName.contains("com.taobao")){
            XposedUtil.checkXposed(lpparam);
            XposedHelpers.findAndHookMethod(XposedHelpers.findClassIfExists("mtopsdk.mtop.global.SwitchConfig", lpparam.classLoader), "isGlobalSpdySwitchOpen",
                    new XC_MethodHook() {
                protected void afterHookedMethod(MethodHookParam methodHookParam) throws Throwable {
                    super.afterHookedMethod(methodHookParam);
                    XposedBridge.log("========开启抓包=====");
                   methodHookParam.setResult(false);
                }
            });
}
}

    Charles设置抓包HTTPS,打开淘宝,就能在Charles看到请求了


    抓包淘宝 
    public static void checkXposed(XC_LoadPackage.LoadPackageParam lpparam) {
XposedHelpers.findAndHookMethod("android.app.ApplicationPackageManager", lpparam.classLoader, "getInstalledPackages", int.class, new XC_MethodHook() {
            @Override
            protected void afterHookedMethod(MethodHookParam param) throws Throwable {
                super.afterHookedMethod(param);
                List<PackageInfo> packageInfos = (List<PackageInfo>) param.getResult();
                if (packageInfos != null) {
                    int size = packageInfos.size();
                    PackageInfo packageInfo;
                    for (int i = 0; i < size; i++) {
                        packageInfo = packageInfos.get(i);
                        if (packageInfo.packageName.contains("de.robv.android.xposed.XposedBridge") || packageInfo.packageName.contains("com.zte.heartyservice.SCC.FrameworkBridge")) {
                            packageInfos.remove(packageInfo);
                            i--;
                            size--;
                        }
                    }
                    //把修改后的List当作结果返回去
                    param.setResult(packageInfos);
                }

            }
        });
        XposedHelpers.findAndHookMethod(Throwable.class, "getStackTrace", new XC_MethodHook() {
            @Override
            protected void afterHookedMethod(MethodHookParam param) throws Throwable {
                super.afterHookedMethod(param);
                StackTraceElement[] stackTraceElements = (StackTraceElement[]) param.getResult();
                if (stackTraceElements != null) {
                    List<StackTraceElement> list = new ArrayList<>(Arrays.asList(stackTraceElements));
                    int size = list.size();
                    StackTraceElement element;
                    for (int i = 0; i < size; i++) {
                        element = stackTraceElements[i];
                        if (element != null && (element.getClassName().contains("de.robv.android.xposed.XposedBridge") || element.getClassName().contains("com.zte.heartyservice.SCC.FrameworkBridge"))) {
                            list.remove(element);
                            i--;
                            size--;
                        }
                    }
                    stackTraceElements = list.toArray(new StackTraceElement[list.size()]);
                }
                param.setResult(stackTraceElements);
            }
        });
    }

    相关文章

      网友评论

          本文标题:XPosed+Charles抓包淘宝App

          本文链接:https://www.haomeiwen.com/subject/wybdeltx.html

          延伸阅读

          深度阅读

          • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

          栏目导航

          热点阅读

          关于我们|服务条款|联系我们|XPosed+Charles抓包淘宝App|投稿指南|网站地图|RSS订阅|排版工具|手机版

          提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

          Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

          备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

          本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

          所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!