frida注入不了zygote #1
Comments
|
zygote比较复杂,我也没有搞清楚怎么注入 但是开启调试这件事相对简单一些,可以在android.os.Debug,或者dalvik.system.VMDebug上做手脚,手工开启调试 |
|
ActivityThread是这么干的 if (data.debugMode != IApplicationThread.DEBUG_OFF) {
// XXX should have option to change the port.
Debug.changeDebugPort(8100);
if (data.debugMode == IApplicationThread.DEBUG_WAIT) {
Slog.w(TAG, "Application " + data.info.getPackageName()
+ " is waiting for the debugger on port 8100...");
IActivityManager mgr = ActivityManagerNative.getDefault();
try {
mgr.showWaitingForDebugger(mAppThread, true);
} catch (RemoteException ex) {
}
Debug.waitForDebugger();
try {
mgr.showWaitingForDebugger(mAppThread, false);
} catch (RemoteException ex) {
}
} else {
Slog.w(TAG, "Application " + data.info.getPackageName()
+ " can be debugged on port 8100...");
}
}我们照着干应该就行 |
|
嗯 谢谢大佬的解释 |
|
查了一下,做frida-java-bridge的大佬在某个issue表示,zygote fork时所有的线程都会停止。导致被hook的方法会调用一个状态未初始化的线程。 如果要hook zygote,可能需要结合C层和Java层,做一些hack。 |
|
诶 frida虽然比Xpoed用起来方便的多,但是那也只是应用级别的Hook,无法Hook Zygote就不能替换Xposed的地位 |
嗯,这么说也不错。 |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
注入不了zygote,
也就是实现不了dbopener这样的xp插件
这种问题有没有没办法解决
The text was updated successfully, but these errors were encountered: