尝试使用了frida hook分析了dy,现象是:

1.自己写的so能够正常打印出注册函数及包含模块

2.大部分so都能正常打印函数,但libcms.so是没有注册函数输出的

依照常理，函数注册肯定会调用RegisterNatives函数的,但是并没有打印到,猜测so可能直接调用更底层，但单独HOOK更底层的几个函数也是一样，

研究了一阵子也没明白是怎么做到的?

代码如下:

function hook_RegisterNatives() {
    var env=Java.vm.getEnv();
    var handlePointer=Memory.readPointer(env.handle);
    var nativePointer=Memory.readPointer(handlePointer.add(215*4));
   
   
    Interceptor.attach(nativePointer,{
            onEnter:function (args) {
                send("onEnter 截获传入参数 env:"+args[0]+" clazz:"+args[1]+" functable:"+args[2]+" num:"+args[3]);
                var methods = args[2];
                var methodcount = args[3];
               
                for (var i = 0; i < methodcount; i ++ ) {
                    var idx = i * 12;
                    console.log("name: " + Memory.readCString(Memory.readPointer(methods.add(idx)))
                    + " signature: " + Memory.readCString(Memory.readPointer(methods.add(idx + 4)))
                    + " fnPtr: " + Memory.readPointer(methods.add(idx + 8))
                    );
                }
            },

            onLeave:function (retVal) {
               // enumMods();
               
            }

    });
}