没有好的调试工具下
对dex后的smali的技巧 。一、常用插代码 (如果怕影响寄存器值,可以将.locals xxx改多几个或者合适的地方,如返回前添加)
1、
const-string v7, "log.v(xx, yy);"
invoke-static {v7, v7}, Landroid/util/Log;->v(Ljava/lang/String;Ljava/lang/String;)I
const-string v0, "Must ensure vx is Context class, then Toast.makeText(vx, xxx, 1).show();" # CharSequence对象类型
const/4 v1, 0x1 # I int类型
invoke-static {p0, v0, v1}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast; # p0 是一个Context
move-result-object v0
invoke-virtual {v0}, Landroid/widget/Toast;->show()V
.class public Lcom/dataviz/dxtg/common/android/launcher/TabbedLauncherActivity;
.super Lcom/dataviz/dxtg/common/android/ApplicationActivity;
# interfaces
.implements Landroid/view/GestureDetector$OnGestureListener;
.implements Lcom/dataviz/dxtg/common/android/ar;
.implements Lcom/dataviz/dxtg/common/android/bt;
.implements Lcom/dataviz/dxtg/common/android/cs;
.implements Lcom/dataviz/dxtg/common/android/dv;
.implements Lcom/dataviz/dxtg/common/android/iap/d;
.implements Lcom/dataviz/dxtg/common/android/iap/z;
.method public c()V
.end method
.class public interface abstract Lcom/dataviz/dxtg/common/android/dv;
.super Ljava/lang/Object;
# virtual methods
.method public abstract a(Ljava/lang/String;)V
.end method
.method public abstract a(Z)V
.end method
.method public abstract c()V
.end method
Searching 7287 files for "Lcom/dataviz/dxtg/common/android/dv;->c()V"
D:\com.dataviz.docstogo\smali\com\dataviz\dxtg\common\android\do.smali:
91: invoke-interface {v0}, Lcom/dataviz/dxtg/common/android/dv;->c()V
289: invoke-interface {v0}, Lcom/dataviz/dxtg/common/android/dv;->c()V
2 matches in 1 file
.method public c()V
.locals 1 ## .locals 1 romove desktop tab
const/4 v0, 0x0
#new-instance v0, Lcom/dataviz/dxtg/common/android/bl;
#invoke-direct {v0}, Lcom/dataviz/dxtg/common/android/bl;-><init>()V
invoke-direct {p0, v0}, Lcom/dataviz/dxtg/common/android/launcher/TabbedLauncherActivity;->a(Landroid/support/v4/app/Fragment;)Z
return-void
.end method
const-string/jumbo v0, "4.001"
const v1, 666666
# # VFY: invalid reg type 1073801336 on iput instr (need 12)
# # VFY: rejecting opcode 0x59 at 0x001d
# # 0x59 表示 iput vx,vy, field_id, 0x001d应该是 方法里偏移量,两字节一个偏移量
iput v0, v4, Lxx/yy/clazz;->field:I
<?xml version="1.0" encoding="utf-8"?>
<fs_sr_script>
<fs_sr_options/>
<fs_sr_info case_sensitive="0">
<search_string>Lcom/dataviz/dxtg/common/d/j/</search_string>
<replace_string>Lcom/dataviz/dxtg/common/d/HttpThread_j</replace_string>
</fs_sr_info>
<fs_file_list_info>
<mask>*</mask>
<path>D:\d</path>
</fs_file_list_info>
</fs_sr_script>
#generate a 'suggest' config for rename
d2j-init-deobf -f -o init.txt a.jar
-o 输出配置文件,这里为init.txt
-f 如果存在重写文件
a.jar 待修改的文件
d2j-jar-remap -f -c init.txt -o a-deobf.jar a.jar
-c 替换的配置文件
-o 输出文件
-f 如果存在重写文件
a.jar 待修改的文件
## file UTF-8
# format : ? x=y
#?为大写貌似是静态吗,因为在public class InitOut里方法private void doMethod(String owner, ClassInfo.MemberInfo member, int x)有句sb.append(AccUtils.isStatic(member.access) ? "M" : "m");
#重命名包a为pa
p a=pa
#重命名类a为C000_a
c a/a=C000_a
#重命名方法名a为Ma
m a/a.a()=Ma
#重命名字段名a为Fa
f a/a.a=Fa
## file UTF-8
## format : pqx=y
##
## p is as follow:
## a comment line config starts with '#';
## a field or method line config starts with 'F', 'M', 'f',or 'm';
## a class line config starts with 'C',or 'c';
## a package line config starts with 'P',or 'p';
## a @ line config starts with '@';
##
## q ?, but a space is ok
package a; public class a { static String a = "Hello"; static void a() { System.out.println(a); } public static void main(String[] args) { a(); } }
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
上传的附件: