@doit wrote:

各位大大好，我按照书本76页生成theos app的时候，hook是成功的，不过MSImageRef image显示null，但hook成功了。
然后我使用xcode生成了一个测试app，里面同样调用了类似的c++代码，但hook失败，麻烦各位有空的话帮我看一下，谢谢了。

Tweak.xm文件

import

void (*old__ZN10MyCppClass19testStringWithParamEPKc)(void *, const char *);
void new__ZN10MyCppClass19testStringWithParamEPKc(void *hiddenThis, const char *arg0)
{
old__ZN10MyCppClass19testStringWithParamEPKc(hiddenThis, "jack function back string");
}

%ctor
{
@autoreleasepool
{
MSImageRef image = MSGetImageByName("/var/mobile/Containers/Bundle/Application/AF024E0B-40EC-477D-A2A5-7B805144A515/TestTWeakApp1.app/TestTWeakApp1");

    if(image)
        NSLog(@"iOSRE: MSGetImageByName ok");
    else
        NSLog(@"iOSRE: MSGetImageByName nil");

    void *__ZN10MyCppClass19testStringWithParamEPKc = MSFindSymbol(image, "__ZN10MyCppClass19testStringWithParamEPKc");
    if(__ZN10MyCppClass19testStringWithParamEPKc)
        NSLog(@"iOSRE: found __ZN10MyCppClass19testStringWithParamEPKc");
    else
        NSLog(@"iOSRE: no found __ZN10MyCppClass19testStringWithParamEPKc");

    MSHookFunction((void *)__ZN10MyCppClass19testStringWithParamEPKc, (void *)&new__ZN10MyCppClass19testStringWithParamEPKc, (void **)&old__ZN10MyCppClass19testStringWithParamEPKc);
}

}

xcode工程c++文件

void MyCppClass::testStringWithParam(const char *buffer)
{
int nCount=0;

for(int i=0; i<2; ++i)
{
    u_int32_t randomNumber;
    if(i % 3 == 0)
        randomNumber = arc4random_uniform(i);
    else
        randomNumber = 1;

    NSProcessInfo *processInfo = [NSProcessInfo processInfo];
    NSString *hostName = processInfo.hostName;
    int pid = processInfo.processIdentifier;

    NSString *globallyUniqueString = processInfo.globallyUniqueString;

    NSString *processName = processInfo.processName;

    NSArray *junks = @[hostName, globallyUniqueString, processName];

    NSString *junk = @"";

    for(int j=0; j<pid; ++j)
    {
        if(pid % 6 == 0)
            junk = junks[j%3];

        if(i%6 == 1)
            nCount++;
    }
}


NSLog(@"iOSRE: %s", buffer);

}

• (BOOL)application:(UIApplication *)application didFinishLaunchingWithOptions:(NSDictionary *)launchOptions {
  // Override point for customization after application launch.

  //MyCppClass::testBackIntWithParam(100);
  //MyCppClass::testBackStringWithParam("testBackStringWithParam old");

  //MyCppClass::testIntWithParam(100);
  MyCppClass::testStringWithParam("testStringWithParam old");

return YES;

}

Posts: 2

Participants: 1

Read full topic