| 123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051 |
- var savepath = "/sdcard/"
- function savedexfile(dexfileptr) {
- try {
- //将mCookie转换为对应的dexfile内存指针
- var dexfilebegin = ptr(dexfileptr).add(Process.pointerSize*1).readPointer(); //dex的初始指针
- var dexfilesize = ptr(dexfileptr).add(Process.pointerSize*2).readU32(); //dex的大小
- var dex = new File(savepath+"_"+dexfilesize+".dex","a");
- if(dex!=null){
- var content = ptr(dexfilebegin).readByteArray(dexfilesize);
- dex.write(content);
- dex.flush();
- dex.close();
- console.warn("[dumpdex]"+savepath+"_"+dexfilesize+".dex");
- }
- } catch (e) {
- }
- }
- function dumpDexBymCookie() {
- Java.perform(function () {
- var DexFileClass = Java.use("dalvik.system.DexFile");
- Java.choose("dalvik.system.DexFile",{
- onMatch:function (dexfile) {
- var mCookie = dexfile.mCookie.value;
- //获取类列表和dex路径
- // var classlist = DexFileClass.getClassNameList(mCookie);
- // classlist.forEach(function (classname) {
- // console.log(dexfile.mFileName.value+"->"+classname);
- // })
- //console.log(mCookie.$className);
- var Array = Java.use("java.lang.reflect.Array");
- var size = Array.getLength(mCookie);
- var i = 0;
- for(i=0;i<size;i++){
- //console.log(i+"->"+Array.getLong(mCookie,i));
- var longvalue = Array.getLong(mCookie,i);
- var dexfilestr = ptr(longvalue + "");
- //console.log(dexfilestr);
- savedexfile(dexfilestr)
- }
- },onComplete:function () {
- console.warn("Search DexFile over!");
- }
- })
- })
- }
- setImmediate(dumpDexBymCookie())
|
