XPosed+Charles抓包淘寶App

阿里系大多使用了MTOP來加簽請(qǐng)求,所以需要通過hook的方式關(guān)掉這個(gè)加簽。我這里使用的是xposed。也可以使用Frida

 @Override
    public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) throws Throwable {
        XposedBridge.log("========START=====");

if(lpparam.packageName.contains("com.taobao")){
            XposedUtil.checkXposed(lpparam);
            XposedHelpers.findAndHookMethod(XposedHelpers.findClassIfExists("mtopsdk.mtop.global.SwitchConfig", lpparam.classLoader), "isGlobalSpdySwitchOpen",
                    new XC_MethodHook() {
                protected void afterHookedMethod(MethodHookParam methodHookParam) throws Throwable {
                    super.afterHookedMethod(methodHookParam);
                    XposedBridge.log("========開啟抓包=====");
                   methodHookParam.setResult(false);
                }
            });
}
}

Charles設(shè)置抓包HTTPS,打開淘寶,就能在Charles看到請(qǐng)求了


抓包淘寶
public static void checkXposed(XC_LoadPackage.LoadPackageParam lpparam) {
XposedHelpers.findAndHookMethod("android.app.ApplicationPackageManager", lpparam.classLoader, "getInstalledPackages", int.class, new XC_MethodHook() {
            @Override
            protected void afterHookedMethod(MethodHookParam param) throws Throwable {
                super.afterHookedMethod(param);
                List<PackageInfo> packageInfos = (List<PackageInfo>) param.getResult();
                if (packageInfos != null) {
                    int size = packageInfos.size();
                    PackageInfo packageInfo;
                    for (int i = 0; i < size; i++) {
                        packageInfo = packageInfos.get(i);
                        if (packageInfo.packageName.contains("de.robv.android.xposed.XposedBridge") || packageInfo.packageName.contains("com.zte.heartyservice.SCC.FrameworkBridge")) {
                            packageInfos.remove(packageInfo);
                            i--;
                            size--;
                        }
                    }
                    //把修改后的List當(dāng)作結(jié)果返回去
                    param.setResult(packageInfos);
                }

            }
        });
        XposedHelpers.findAndHookMethod(Throwable.class, "getStackTrace", new XC_MethodHook() {
            @Override
            protected void afterHookedMethod(MethodHookParam param) throws Throwable {
                super.afterHookedMethod(param);
                StackTraceElement[] stackTraceElements = (StackTraceElement[]) param.getResult();
                if (stackTraceElements != null) {
                    List<StackTraceElement> list = new ArrayList<>(Arrays.asList(stackTraceElements));
                    int size = list.size();
                    StackTraceElement element;
                    for (int i = 0; i < size; i++) {
                        element = stackTraceElements[i];
                        if (element != null && (element.getClassName().contains("de.robv.android.xposed.XposedBridge") || element.getClassName().contains("com.zte.heartyservice.SCC.FrameworkBridge"))) {
                            list.remove(element);
                            i--;
                            size--;
                        }
                    }
                    stackTraceElements = list.toArray(new StackTraceElement[list.size()]);
                }
                param.setResult(stackTraceElements);
            }
        });
    }
最后編輯于
?著作權(quán)歸作者所有,轉(zhuǎn)載或內(nèi)容合作請(qǐng)聯(lián)系作者
【社區(qū)內(nèi)容提示】社區(qū)部分內(nèi)容疑似由AI輔助生成,瀏覽時(shí)請(qǐng)結(jié)合常識(shí)與多方信息審慎甄別。
平臺(tái)聲明:文章內(nèi)容(如有圖片或視頻亦包括在內(nèi))由作者上傳并發(fā)布,文章內(nèi)容僅代表作者本人觀點(diǎn),簡書系信息發(fā)布平臺(tái),僅提供信息存儲(chǔ)服務(wù)。

相關(guān)閱讀更多精彩內(nèi)容

友情鏈接更多精彩內(nèi)容