This analysis is mainly on the source code analysis, divided into two pieces 1. Xposedinstall Reverse Analysis Java code, 2. Analyze the principle of app_process and frame hooks replaced by frames.
The first part:
Mainly hope that the analysis is as thorough as possible, this is the second analysis of the Anda, before the second part of the analysis (source read, the literature read many times) after the understanding is not profound, and at that time the first part did not take the matter, because the project compared to rush. So now in order to slip through the clean sweep, decided to "internal and external" and repair, Java and C + + with the system to learn a summary, to achieve a confluence of the can.
The reason why again analysis xposed is that he is very important, from the zjdroid also use the xposed framework can be seen.
******** Okay, get into **************** from here.
First look at a few pairs:
Figure 1
Figure 2
Tumen
Application, it's weird. Application$activitylifecyclecallbacks This callback is useless, but it is used to monitor the activity of the app and can be used to monitor the user's actions (more than 4.0)
Entrance activity,
OnCreate ()
working with interactions on the home page
Parent activity (Primary)
Call the OnCreate () method of the parent class:
OnCreate () of the parent class is analyzed below
Note: I mainly analyze the process "the impact of important actions in the app", so only in the main line of code analysis, as for the bypass branch please read the code by themselves.
From the See Navigationitemlist contains 6 classes are 6 functions on the processing interface.
The following analysis framework –installerfragment class, directly see the entry function Oncreateview ()
The following section of the code is mainly to check the Android version of the phone, the current version of Xposed support is relatively high, it is recommended to use the version between 4.0-5.0, I use the 4.4.4.
v6–> installation Function –>install.sh
v7–> Restart –>reboot.sh
V8–> Soft Restart –>softreboot.sh
v9–> Uninstalling –>uninstall.sh
Get version information for app_process and Xposedbridge.jar first.
Run the install.sh script
OK, that's it, after reading the code, although no new things found, but some more practical.
A comprehensive analysis of xposed (i)---xposedinstall apk file, reverse analysis
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
