[关闭]
@oro-oro 2015-08-18T11:16:39.000000Z 字数 2586 阅读 1824

4. JebAPI 之 jeb.api.ui

JebAPI


JebInstance可以通过getUI()方法来获得jeb.api.ui.JebUI

JebUI 下面有很多View,如AssemblyView, JavaView等等。

JebUI可以通过getView(View.Type viewtype)方法获得对应的View。
具体类型在jeb.api.ui.View.Type中:

类型 说明
ASSEMBLY 反汇编界面
CLASS_HIERARCHY 类层级界面(左)
CONSOLE 控制台(下)
JAVA Java代码界面
MANIFEST 清单界面
NOTES 全局评论界面

在第3章解密的基础上,让JavaView界面自动刷新,显示解密字符串:

  1. import jeb.api.IScript;
  2. import jeb.api.JebInstance;
  3. import jeb.api.ast.*;
  4. import jeb.api.dex.Dex;
  5. import jeb.api.dex.DexMethod;
  6. import jeb.api.ui.JavaView;
  7. import jeb.api.ui.JebUI;
  8. import jeb.api.ui.View;
  9. import java.util.ArrayList;
  10. import java.util.List;
  11. public class TestASTDecode implements IScript {
  12. public static final byte[] bytes = new byte[]{'H', 'e', 'l', 'l', 'o', ' ', 'W', 'o', 'r', 'l', 'd', '!'};
  13. @Override
  14. public void run(JebInstance jebInstance) {
  15. JebUI ui = jebInstance.getUI();
  16. JavaView javaView = (JavaView) ui.getView(View.Type.JAVA);
  17. Dex dex = jebInstance.getDex();
  18. List<String> classSignatures = dex.getClassSignatures(true);
  19. Constant.Builder cstBuilder = new Constant.Builder(jebInstance);
  20. // 获得decode方法的sig
  21. int methodCount = dex.getMethodCount();
  22. String decodeMtdSig;
  23. for (int i = 0; i < methodCount; i++) {
  24. DexMethod dexMethod = dex.getMethod(i);
  25. int index = dexMethod.getIndex();
  26. decodeMtdSig = dex.getMethod(i).getSignature(true);
  27. if (decodeMtdSig.contains("Lcom/test/helloworld/MainActivity;->decode")) {
  28. // 找出所有使用了该方法的地方
  29. List<Integer> methodReferences = dex.getMethodReferences(index);
  30. for (Integer refIdx : methodReferences) {
  31. DexMethod refDexMethod = dex.getMethod(refIdx);
  32. // 找到AST中对应的Method
  33. Method decompiledMethodTree = jebInstance.getDecompiledMethodTree(refDexMethod.getSignature(true));
  34. // 拿到语句块,遍历所有语句
  35. Block block = decompiledMethodTree.getBody();
  36. int size = block.size();
  37. for (int j = 0; j < size; j++) {
  38. Statement statement = block.get(j);
  39. jebInstance.print(statement.toString());
  40. if (statement instanceof Call) {
  41. Call call = (Call) statement;
  42. Method method = call.getMethod();
  43. jebInstance.print("Call : " + method.getSignature());
  44. List<IElement> subElements = call.getSubElements();
  45. for (IElement element : subElements) {
  46. jebInstance.print("Sub Element : " + element.toString());
  47. if (element instanceof Call) {
  48. Call c = (Call) element;
  49. Method m = c.getMethod();
  50. if (m.getSignature().equals(decodeMtdSig)) {
  51. jebInstance.print(">>> " + decodeMtdSig);
  52. List<IExpression> arguments = c.getArguments();
  53. ArrayList<Integer> arrayList = new ArrayList<Integer>();
  54. for (IExpression expression : arguments) {
  55. if (expression instanceof Constant) {
  56. arrayList.add(((Constant) expression).getInt());
  57. }
  58. }
  59. String str = decode(arrayList.get(0), arrayList.get(1));
  60. jebInstance.print("解密后的字符串 : " + str);
  61. // 将当前语句Call的子元素,替换为解密后的字符串
  62. call.replaceSubElement(element, cstBuilder.buildString(str));
  63. }
  64. }
  65. }
  66. }
  67. }
  68. }
  69. }
  70. }
  71. javaView.refresh();
  72. }
  73. String decode(int a, int b) {
  74. byte[] ab = new byte[]{bytes[a], bytes[b]};
  75. return new String(ab);
  76. }
  77. }
添加新批注
在作者公开此批注前,只有你和作者可见。
回复批注