首页 文章 精选 留言 我的

xposed框架的Android网络监测模块

2017-05-02 582

试图监控一个app所有的网络通信。

前提 :

  1. 手机root过
  2. 已成功安装xposed框架

XposedInstaller:

https://github.com/rovo89/XposedInstaller

操作步骤

  1. 添加xposed框架XposedBridgeApi-54.jar包到android项目build path

  2. assets目录下添加xposed_init文件内容为com.example.xposeddiy.Test,指示入口

  3. AndroidManifest.xml文件application标签下添加

    [[meta-data
    android:name="xposedmodule"
    android:value="true" />
    [[meta-data
    android:name="xposedminversion"
    android:value="40" />
    [[meta-data
    android:name="xposeddescription"
    android:value="network monitor" />

  4. hook android所有通信调用函数,代码如下

package com.example.xposeddiy;

import java.io.FileNotFoundException;
import java.io.IOException;
import java.io.OutputStream;
import java.lang.reflect.Method;
import java.net.DatagramPacket;
import java.net.DatagramSocket;
import java.net.InetAddress;
import java.net.InetSocketAddress;
import java.net.Proxy;
import java.net.ServerSocket;
import java.net.SocketAddress;
import java.net.URL;
import java.util.Arrays;
import java.util.Map;

import org.apache.http.Header;
import org.apache.http.HttpEntity;
import org.apache.http.HttpHost;
import org.apache.http.HttpRequest;
import org.apache.http.HttpResponse;
import org.apache.http.client.methods.HttpEntityEnclosingRequestBase;
import org.apache.http.client.methods.HttpGet;
import org.apache.http.client.methods.HttpPost;
import org.apache.http.client.utils.URLEncodedUtils;
import org.apache.http.protocol.HTTP;
import org.apache.http.protocol.HttpContext;
import org.apache.http.util.EntityUtils;


import android.app.Activity;
import android.app.Application;
import android.content.IntentFilter;
import android.content.SharedPreferences;
import android.content.pm.ApplicationInfo;
import android.util.Log;

import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XC_MethodHook.MethodHookParam;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.callbacks.XC_LoadPackage.LoadPackageParam;
import static de.robv.android.xposed.XposedHelpers.findAndHookMethod;
import static de.robv.android.xposed.XposedHelpers.findAndHookConstructor;

//web.loadUrl("http://1.1.1.0", param);web.loadUrl("http://1.1.1.1/");web.postUrl("","");

//DatagramSocket.send(packet) 发送
//DatagramSocket DatagramSocket.bind DatagramSocket.createSocket 监听

//startupSocket对应多个socket构造函数  sock.connect  
//ServerSocket ServerSocket.bind

//SocketChannel.open(addr)  ?SocketChannel.connect?

//outputstream.write(byte[],int,int)

//httpclient.execute(post);
//urls.openConnection(); urls.openConnection(proxy);  ?urls.setRequestProperty?


//辅助记录,避免出现调用其他包进行监听 logcat | grep xuhu >>/sdcard/a.txt

public class Test implements IXposedHookLoadPackage{
private String TARGET_APP = "com.baidu.BaiduMap";
private String[] TARGET_APPS = new String[]{"com.yek.lafaso","com.vipshop.vswxk","com.baidu.BaiduMap","com.example.t1","com.baidu.fb","com.tencent.mm","com.tencent.mtt","com.nq.mdm"};
private SharedPreferences msp = null;
private Application mApp = null;
private String LOG_FILENAME = "_test_network";
private boolean NETWORK = true;
private boolean HTTP_DATA = true;
private boolean SOCKET_DATA = true;
private boolean HTTP_RESPONSE = false;
    @Override
    public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
    
    if(!Arrays.asList(TARGET_APPS).contains(lpparam.packageName))return;
   
TARGET_APP = lpparam.packageName;
if(lpparam.appInfo == null || 
           (lpparam.appInfo.flags & (ApplicationInfo.FLAG_SYSTEM | ApplicationInfo.FLAG_UPDATED_SYSTEM_APP)) !=0){
       return;
   }else if(true){//lpparam.isFirstApplication
   
    hookOncreate(lpparam);//
    if(mApp != null){
    msp = mApp.getSharedPreferences(LOG_FILENAME, Activity.MODE_PRIVATE);
    }
    mLog("target", lpparam.packageName);

    //网络监控开始
    if(NETWORK){
    findAndHookConstructor(InetSocketAddress.class, String.class, int.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            mLog("网络地址", param.args[0]+":"+param.args[1]);
               super.beforeHookedMethod(param);
           }
       });
   
    //
    findAndHookMethod("java.net.DatagramSocket", lpparam.classLoader, "send", DatagramPacket.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            DatagramPacket d = (DatagramPacket)param.args[0];
            if(SOCKET_DATA){
            mLog("udp发送", d.getAddress()+":"+d.getPort()+":"+new String(d.getData()));
            }else{
            mLog("udp发送", d.getAddress()+":"+d.getPort());
            }
               super.beforeHookedMethod(param);
           }
       });
    findAndHookMethod("java.net.DatagramSocket", lpparam.classLoader, "createSocket", int.class, InetAddress.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            mLog("udp监听", ((InetAddress)param.args[1]).toString()+":"+(Integer)param.args[0]);
               super.beforeHookedMethod(param);
           }
       });
    findAndHookMethod("java.net.DatagramSocket", lpparam.classLoader, "bind", SocketAddress.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            mLog("udp监听", ((SocketAddress)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
    findAndHookConstructor(DatagramSocket.class, SocketAddress.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            mLog("udp监听", ((SocketAddress)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
   
    //
    findAndHookMethod("android.webkit.WebView", lpparam.classLoader, "loadUrl", String.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            String d = (String)param.args[0];
               mLog("webview", d);
               super.beforeHookedMethod(param);
           }
       });
    findAndHookMethod("android.webkit.WebView", lpparam.classLoader, "loadUrl", String.class, Map.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            String d = (String)param.args[0];
            if(HTTP_DATA){
            Map d1 = (Map)param.args[1];
               mLog("webview", d+":"+d1.toString());
            }else{
            mLog("webview", d);
            }
           
               super.beforeHookedMethod(param);
           }
       });
    findAndHookMethod("android.webkit.WebView", lpparam.classLoader, "postUrl", String.class, byte[].class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            String d = (String)param.args[0];
            if(HTTP_DATA){
            String d1 = new String((byte[])param.args[1]);
               mLog("webview", d+":"+d1);
            }else{
            mLog("webview", d);
            }
           
               super.beforeHookedMethod(param);
           }
       });
   
    //
    if(SOCKET_DATA){
       findAndHookMethod("java.io.OutputStream", lpparam.classLoader, "write", byte[].class, int.class, int.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            byte[] d = (byte[])param.args[0];
            mLog("socketdata", new String(d));
               super.beforeHookedMethod(param);
           }
       });
       findAndHookMethod("java.io.OutputStream", lpparam.classLoader, "write", byte[].class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            byte[] d = (byte[])param.args[0];
            mLog("socketdata1", new String(d));
               super.beforeHookedMethod(param);
           }
       });
    }
    findAndHookMethod("java.nio.channels.SocketChannel", lpparam.classLoader, "open", SocketAddress.class, new XC_MethodHook() {
      @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
            mLog("tcp连接", ((SocketAddress)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
   
    findAndHookMethod("java.net.Socket", lpparam.classLoader, "startupSocket", InetAddress.class, int.class, InetAddress.class, int.class, boolean.class, new XC_MethodHook() { 
           @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               mLog("tcp连接", ((InetAddress)param.args[0]).toString()+":"+(Integer)param.args[1]);
               super.beforeHookedMethod(param);
           }
       });
    findAndHookMethod("java.net.Socket", lpparam.classLoader, "connect", SocketAddress.class, int.class, new XC_MethodHook() { 
           @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               mLog("tcp连接", ((SocketAddress)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
    findAndHookConstructor(ServerSocket.class, int.class, int.class, InetAddress.class, new XC_MethodHook() { 
           @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               mLog("tcp监听", ((InetAddress)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
       findAndHookMethod("java.net.ServerSocket", lpparam.classLoader, "bind", SocketAddress.class, int.class, new XC_MethodHook() {
    @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               mLog("tcp监听", ((SocketAddress)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
       
       //
       findAndHookMethod("java.net.URL", lpparam.classLoader, "openConnection", java.net.Proxy.class, new XC_MethodHook() {
    @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               URL url = (URL) param.thisObject;
               mLog("urlconnp", url.toString()+":"+((Proxy)param.args[0]).toString());
               super.beforeHookedMethod(param);
           }
       });
       if(HTTP_DATA){
    findAndHookMethod("java.net.URLConnection", lpparam.classLoader, "setRequestProperty", String.class, String.class, new XC_MethodHook() {
    @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               mLog("urlconnheader", (String)param.args[0]+":"+(String)param.args[1]);
               super.beforeHookedMethod(param);
           }

       });
    findAndHookMethod("java.net.URLConnection", lpparam.classLoader, "addRequestProperty", String.class, String.class, new XC_MethodHook() {
    @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               mLog("urlconnheader", (String)param.args[0]+":"+(String)param.args[1]);
               super.beforeHookedMethod(param);
           }
   
       });
       }
    findAndHookMethod("java.net.URL", lpparam.classLoader, "openConnection", new XC_MethodHook() {
    @Override
           protected void beforeHookedMethod(MethodHookParam param)
                   throws Throwable {
               URL url = (URL) param.thisObject;
               mLog("urlconn", url.toString());
               super.beforeHookedMethod(param);
           }
       });
    //
    hookHttpClient(lpparam);

    }//网络监控结束
        }
    }
    
    public void mLog(String tag, String text){
    Log.i(TARGET_APP, "xuhu"+tag+":"+text);
    if(msp != null){
    if(HTTP_DATA){
    mSharePrefer(text,tag);
    }else{
    int i = text.indexOf("?");
    if(i > 0)
    mSharePrefer(text.substring(0, i), tag);
    else
    mSharePrefer(text, tag);
    }
    }
    }
    public void mSharePrefer(String key, String value){
SharedPreferences.Editor editor = msp.edit();
editor.putString(key, value);
editor.commit();
}
    
    public void hookHttpClient(LoadPackageParam lpparam){
    findAndHookMethod("org.apache.http.impl.client.AbstractHttpClient", lpparam.classLoader,
"execute", HttpHost.class, HttpRequest.class, HttpContext.class, new XC_MethodHook() {
     
            @Override
            protected void beforeHookedMethod(MethodHookParam param)
                    throws Throwable {
            //HttpHost host = (HttpHost) param.args[0];
HttpRequest request = (HttpRequest) param.args[1];
if (request instanceof HttpGet) {
HttpGet httpGet = (HttpGet) request;
mLog("httpclientGet", httpGet.getURI().toString());
if(HTTP_DATA){
Header[] headers = request.getAllHeaders();
if (headers != null) {
for (int i = 0; i < headers.length; i++) {
mLog("getHeader", headers[i].getName() + ": " + headers[i].getValue());
}
}}
} else if (request instanceof HttpPost) {
HttpPost httpPost = (HttpPost) request;
mLog("httpclientPost", httpPost.getURI().toString());
if(HTTP_DATA){// until get header
Header[] headers = request.getAllHeaders();
if (headers != null) {
for (int i = 0; i < headers.length; i++) {
mLog("postHeader", headers[i].getName() + ":" + headers[i].getValue());
}
}
HttpEntity entity = httpPost.getEntity();
String contentType = null;
if (entity.getContentType() != null) {
contentType = entity.getContentType().getValue();
if (URLEncodedUtils.CONTENT_TYPE.equals(contentType)) {
try {
byte[] data = new byte[(int) entity.getContentLength()];
entity.getContent().read(data);
String content = new String(data, HTTP.DEFAULT_CONTENT_CHARSET);
mLog("postcontent",content);
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
} else if (contentType.startsWith(HTTP.DEFAULT_CONTENT_TYPE)) {
try {
byte[] data = new byte[(int) entity.getContentLength()];
entity.getContent().read(data);
String content = new String(data, contentType.substring(contentType.lastIndexOf("=") + 1));
mLog("postcontent",content);
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
e.printStackTrace();
}
}
}else{
byte[] data = new byte[(int) entity.getContentLength()];
try {
entity.getContent().read(data);
String content = new String(data, HTTP.DEFAULT_CONTENT_CHARSET);
mLog("postcontent",content);
} catch (IllegalStateException e) {
// TODO Auto-generated catch block
e.printStackTrace();
} catch (IOException e) {
// TODO Auto-generated catch block
e.printStackTrace();
}
}
}//get header
}else{
HttpEntityEnclosingRequestBase get = (HttpEntityEnclosingRequestBase)request;
HttpEntity entity = get.getEntity();
mLog("Android-async-http", get.getURI().toString());
if(HTTP_DATA){
Header[] headers = request.getAllHeaders();
if (headers != null) {
for (int i = 0; i < headers.length; i++) {
mLog("Android-async-httpHeader", headers[i].getName() + ":" + headers[i].getValue());
}
}
if(entity!= null){
String content = EntityUtils.toString(entity);
                       mLog("Android-async-httpcontent", content);
}
}
}
                super.beforeHookedMethod(param);
            }

            @Override
            protected void afterHookedMethod(MethodHookParam param)
                    throws Throwable { 
            HttpResponse resp = (HttpResponse) param.getResult();
if (resp != null && HTTP_RESPONSE) {
mLog("Status Code", ""+resp.getStatusLine().getStatusCode());
Header[] headers = resp.getAllHeaders();
if (headers != null) {
for (int i = 0; i < headers.length; i++) {
mLog("response", headers[i].getName() + ":" + headers[i].getValue());
}
}

}
                super.afterHookedMethod(param);
            }
        });
    }
    
    public void hookOncreate(LoadPackageParam lpparam){
    String appClassName = lpparam.appInfo.className;
    if (appClassName == null) {
    Method hookOncreateMethod = null;
try {
hookOncreateMethod = Application.class.getDeclaredMethod("onCreate", new Class[] {});
} catch (NoSuchMethodException e) {
e.printStackTrace();
mLog("target0", "target");
}
    XposedBridge.hookMethod(hookOncreateMethod, new ApplicationOnCreateHook("target0",lpparam));
    }else{
    Class[[?> hook_application_class = null;
try {
hook_application_class = lpparam.classLoader.loadClass(appClassName);
if (hook_application_class != null) {
Method hookOncreateMethod = hook_application_class.getDeclaredMethod("onCreate", new Class[] {});
if (hookOncreateMethod != null) {
XposedBridge.hookMethod(hookOncreateMethod, new ApplicationOnCreateHook("target1",lpparam));
}
}
mLog("target11", "target");
} catch (Exception e) {
// TODO Auto-generated catch block
Method hookOncreateMethod;
try {
hookOncreateMethod = Application.class.getDeclaredMethod("onCreate", new Class[] {});
if (hookOncreateMethod != null) {
XposedBridge.hookMethod(hookOncreateMethod, new ApplicationOnCreateHook("target2",lpparam));
}
mLog("target21", "target");
} catch (NoSuchMethodException e1) {
// TODO Auto-generated catch block
mLog("target3", "target");
e1.printStackTrace();
}

}
    }
    }
    private class ApplicationOnCreateHook extends XC_MethodHook {
    public String which;
    public LoadPackageParam lpparam;
public ApplicationOnCreateHook(String which, LoadPackageParam lpparam){
this.which = which;
this.lpparam = lpparam;
}
@Override
public void afterHookedMethod(MethodHookParam param) throws FileNotFoundException {
mLog("", which);
if (!HAS_REGISTER_LISENER) {
mApp = (lpparam.isFirstApplication)?(Application) param.thisObject:mApp;
IntentFilter filter = new IntentFilter("xuhuafeng");
mApp.registerReceiver(new CommandBroadcastReceiver(), filter);
msp = mApp.getSharedPreferences(LOG_FILENAME, Activity.MODE_PRIVATE);
HAS_REGISTER_LISENER = true;
}
}

}
    private boolean HAS_REGISTER_LISENER = false;
}
上一篇 下一篇
优秀的个人博客,低调大师

微信关注我们

原文链接:https://yq.aliyun.com/articles/627424

转载内容版权归作者及来源网站所有!

低调大师中文资讯倾力打造互联网数据资讯、行业资源、电子商务、移动互联网、网络营销平台。持续更新报道IT业界、互联网、市场资讯、驱动更新,是最及时权威的产业资讯及硬件资讯报道平台。

Android Studio 中 build.gradle 中 dependencies 下的 comile 后面的内容的来源

Android Studio 中 build.gradle 中 dependencies 下的 comile 后面的内容的来源 compile 'io.reactivex.rxjava2:rxandroid:2.0.1' compile 'io.reactivex.rxjava2:rxjava:2.1.0' 答案来自于:http://mvnrepository.com/ 你知道的名字应该是 rxandroid,而它依赖 rxjava,如果你想使用 rxjava 的最新版本,而不是 rxandroid 默认指定的依赖版本,那么就加上它的 compile. <!-- https://mvnrepository.com/artifact/io.reactivex.rxjava2/rxandroid --> <dependency> <groupId>io.reactivex.rxjava2</groupId> <artifactId>rxandroid</artifactId> <version>2.0.1&...
2017-05-03
604
上一篇

OSS发布swift sdk了~~

OSS发布swift sdk了。欢迎有swift开发需求的同学试用。本次发布的 swift sdk 主要包括 1. bucket 相关操作。包括创建,获取所有Objects信息,以及删除。 2. object 相关操作。包括上传,下载,获取meta头信息,以及删除。 3. iterator形式的列表。 4. 流式上传/下载。 5. 文件上传/下载 6. 支持STS/HTTPS访问 7. 详细的示例 安装方式: 1.请先安装需要的pod 依赖。具体需要的pods依赖如下 ![_2017_05_03_5_14_48](https://yqfile.alicdn.com/838a2e879ec3b86231f84e132bcbffd54b813dca.png) 2.下载附件中framework文件。注意:确保在Embedded Binarie
2017-05-03
701
下一篇

相关文章

发表评论

资源下载

更多资源
优质分享App

优质分享App

近一个月的开发和优化,本站点的第一个app全新上线。该app采用极致压缩,本体才4.36MB。系统里面做了大量数据访问、缓存优化。方便用户在手机上查看文章。后续会推出HarmonyOS的适配版本。

时间: 2025-12-03 大小: 4.36MB 下载: 23次
腾讯云软件源

腾讯云软件源

为解决软件依赖安装时官方源访问速度慢的问题,腾讯云为一些软件搭建了缓存服务。您可以通过使用腾讯云软件源站来提升依赖包的安装速度。为了方便用户自由搭建服务架构,目前腾讯云软件源站支持公网访问和内网访问。

时间: 2025-12-28 大小: 1MB 下载: 4次
Spring

Spring

Spring框架(Spring Framework)是由Rod Johnson于2002年提出的开源Java企业级应用框架,旨在通过使用JavaBean替代传统EJB实现方式降低企业级编程开发的复杂性。该框架基于简单性、可测试性和松耦合性设计理念,提供核心容器、应用上下文、数据访问集成等模块,支持整合Hibernate、Struts等第三方框架,其适用范围不仅限于服务器端开发,绝大多数Java应用均可从中受益。

时间: 2025-12-17 大小: 5MB 下载: 1次
Sublime Text

Sublime Text

Sublime Text具有漂亮的用户界面和强大的功能,例如代码缩略图,Python的插件,代码段等。还可自定义键绑定,菜单和工具栏。Sublime Text 的主要功能包括:拼写检查,书签,完整的 Python API , Goto 功能,即时项目切换,多选择,多窗口等等。Sublime Text 是一个跨平台的编辑器,同时支持Windows、Linux、Mac OS X等操作系统。

时间: 2025-12-03 大小: 9.84MB 下载: 39次
手机查看

扫码在手机上查看文章

扫描二维码,手机阅读更方便

热门标签
SpringCloud HarmonyOS6 Nacos3 OpenAi Rocky Docker Kubernetes DeepSeek Jdk25 Redis SpringBoot4 Gemini3 Service Mesh

欢迎您来访!

登录后,您将获得更多功能!
热门文章
联系我们

有任何问题或合作意向欢迎联系我们

Email: 99873273@qq.com

QQ: 99873273

用户登录
用户注册