逆向 - cycript 对其他的app技术分析
2022-06-25 本文已影响0人
wg689
手机和电脑 和电脑安装 cycript
https://www.jianshu.com/p/991b13c10c1f?utm_campaign=maleskine&utm_content=note&utm_medium=seo_notes
电脑配置环境变量
vim ~/.bash_profile
export CYCRIPT=/opt/cycript_0.9.594/
export PATH=$PATH:$CYCRIPT
打开手机的 ssh通道
image.png
连接ssh 到手机
image.png
cycript的主要命令
ps -e|grep Application 列出所有的app
ps -e 获取手机所有进程
ps -A|grep appName 抓取手机上运行的APP进程
cycript -p APP进程ID(或者名称)
cycript -p kiwi
UIApp.keyWindow.recursiveDescription().toString() 打印页面的视图
ps -e 获取手机所有进程
cycript -p APP进程ID(或者名称)
ps -A|grep appName 抓取手机上运行的APP进程
分析
UIApp.keyWindow.recursiveDescription().toString() 查看api的
jingetiemadeiPhone:~ root# cycript -p 3687
cy# UIApp.keyWindow.recursiveDescription().toString()
image.png
查看手机 app
jingetiemadeiPhone:~ root# ps -e|grep Application
3809 ?? 0:00.34 /Applications/Spotlight.app/Spotlight
4193 ?? 0:05.55 /var/containers/Bundle/Application/1EB9AFE0-B5E7-4157-AF16-321E3DE8E3A4/wpsoffice.app/wpsoffice
4560 ?? 0:01.84 /Applications/Cydia.app/Cydia
4736 ?? 0:02.61 /var/containers/Bundle/Application/D54F5F74-D4D9-4518-87B9-74B74856DBF4/Runner.app/Runner
4822 ttys000 0:00.01 grep Application
对wps的分析
`<KWMainWindow: 0x11294bf50; baseClass = UIWindow; frame = (0 0; 375 667); autoresize = W+H; gestureRecognizers = <NSArray: 0x2829caac0>; layer = <UIWindowLayer: 0x2827443e0>>
| <UITransitionView: 0x112954890; frame = (0 0; 375 667); autoresize = W+H; layer = <CALayer: 0x2827468c0>>
| | <UIDropShadowView: 0x112954bb0; frame = (0 0; 375 667); clipsToBounds = YES; autoresize = W+H; layer = <CALayer: 0x2827465e0>>
| | | <UILayoutContainerView: 0x112936c20; frame = (0 0; 375 667); clipsToBounds = YES; autoresize = W+H; gestureRecognizers = <NSArray: 0x282988c60>; layer = <CALayer: 0x282746ca0>>
对banban分析
4961 ttys000 0:00.01 grep Application
jingetiemadeiPhone:~ root# cycript -p 4736
cy# UIApp.keyWindow.recursiveDescription().toString()
`<UIWindow: 0x145dc8780; frame = (0 0; 375 667); gestureRecognizers = <NSArray: 0x281be0090>; layer = <UIWindowLayer: 0x2815d0f20>>
| <UITransitionView: 0x145dcd9c0; frame = (0 0; 375 667); autoresize = W+H; layer = <CALayer: 0x2815fba80>>
| | <UIDropShadowView: 0x147913bd0; frame = (0 0; 375 667); clipsToBounds = YES; autoresize = W+H; layer = <CALayer: 0x2815fbd80>>
0x2815f1ba0>>`
cy#
