noob-z
commented
3 years ago 我也遇到这个问题了
Open xueleilei120 opened 3 years ago
noob-z
commented
3 years ago 我也遇到这个问题了
zhkl0228
commented
3 years ago 使用最新代码跑
`package com.sun.jna;
import com.github.unidbg.AndroidEmulator; import com.github.unidbg.LibraryResolver; import com.github.unidbg.linux.android.AndroidEmulatorBuilder; import com.github.unidbg.linux.android.AndroidResolver; import com.github.unidbg.linux.android.dvm.AbstractJni; import com.github.unidbg.linux.android.dvm.BaseVM; import com.github.unidbg.linux.android.dvm.DalvikModule; import com.github.unidbg.linux.android.dvm.DvmClass; import com.github.unidbg.linux.android.dvm.DvmObject; import com.github.unidbg.linux.android.dvm.StringObject; import com.github.unidbg.linux.android.dvm.VM; import com.github.unidbg.linux.android.dvm.VaList; import com.github.unidbg.linux.android.dvm.VarArg; import com.github.unidbg.linux.android.dvm.array.ByteArray; import com.github.unidbg.linux.android.dvm.jni.ProxyDvmObject; import com.github.unidbg.linux.android.dvm.wrapper.DvmInteger; import com.github.unidbg.memory.Memory; import sun.security.pkcs.PKCS7; import sun.security.pkcs.ParsingException;
import java.io.ByteArrayOutputStream; import java.io.File; import java.io.IOException; import java.io.ObjectOutputStream; import java.security.cert.X509Certificate;
public class JniDispatch32JD2 extends AbstractJni {
private static LibraryResolver createLibraryResolver() {
return new AndroidResolver(23);
}
private static AndroidEmulator createARMEmulator() {
return AndroidEmulatorBuilder.for32Bit()
.setProcessName("com.jingdong.app.mall")
.build();
}
private final AndroidEmulator emulator;
private final VM vm;
private JniDispatch32JD2() {
emulator = createARMEmulator();
final Memory memory = emulator.getMemory();
memory.setLibraryResolver(createLibraryResolver());
File apkFile = new File("unidbg-android/src/test/resources/app/jd922.apk");
vm = emulator.createDalvikVM(apkFile);
vm.setJni(this);
vm.setVerbose(true);
DalvikModule dm = vm.loadLibrary("jdbitmapkit", false);
dm.callJNI_OnLoad(emulator);
}
private void destroy() throws IOException {
emulator.close();
System.out.println("destroy");
}
public static void main(String[] args) throws Exception {
JniDispatch32JD2 test = new JniDispatch32JD2();
test.test();
test.destroy();
}
private void test() {
DvmClass cBitmapkitUtils = vm.resolveClass("com/jingdong/common/utils/BitmapkitUtils");
StringObject strRc = cBitmapkitUtils.callStaticJniMethodObject(emulator,"getSignFromJni()(Landroid/content/Context;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/String;",
vm.resolveClass("android/app/Activity").newObject(null),
"asynInteface",
"{\"intefaceType\":\"asynIntefaceType\",\"skuId\":\"100008667315\"}",
"99001184062989-f460e22c02fa",
"android",
"9.2.2");
System.out.println("666");
System.out.println(strRc.getValue());
}
@Override
public DvmObject<?> getStaticObjectField(BaseVM vm, DvmClass dvmClass, String signature) {
if ("com/jingdong/common/utils/BitmapkitUtils->a:Landroid/app/Application;".equals(signature)) {
return vm.resolveClass("android/app/Activity", vm.resolveClass("android/content/ContextWrapper", vm.resolveClass("android/content/Context"))).newObject(null);
}
return super.getStaticObjectField( vm, dvmClass, signature);
}
@Override
public DvmObject<?> callStaticObjectMethod(BaseVM vm, DvmClass dvmClass, String signature, VarArg varArg) {
switch (signature) {
case "com/jingdong/common/utils/BitmapkitZip->unZip(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)[B":
StringObject apkPath = varArg.getObjectArg(0);
StringObject directory = varArg.getObjectArg(1);
StringObject filename = varArg.getObjectArg(2);
if (APK_PATH.equals(apkPath.getValue()) &&
"META-INF/".equals(directory.getValue()) &&
".RSA".equals(filename.getValue())) {
byte[] data = vm.unzip("META-INF/JINGDONG.RSA");
return new ByteArray(vm, data);
}
case "com/jingdong/common/utils/BitmapkitZip->objectToBytes(Ljava/lang/Object;)[B":
DvmObject<?> obj = varArg.getObjectArg(0);
byte[] bytes = objectToBytes(obj.getValue());
return new ByteArray(vm, bytes);
}
return super.callStaticObjectMethod(vm, dvmClass, signature, varArg);
}
@Override
public DvmObject<?> newObjectV(BaseVM vm, DvmClass dvmClass, String signature, VaList vaList) {
switch (signature) {
case "java/lang/StringBuffer-><init>()V":
return vm.resolveClass("java/lang/StringBuffer").newObject(new StringBuffer());
case "java/lang/Integer-><init>(I)V":
int value = vaList.getIntArg(0);
return DvmInteger.valueOf(vm, value);
}
return super.newObjectV(vm, dvmClass, signature, vaList);
}
@Override
public DvmObject<?> callObjectMethodV(BaseVM vm, DvmObject<?> dvmObject, String signature, VaList vaList) {
switch (signature) {
case "java/lang/StringBuffer->append(Ljava/lang/String;)Ljava/lang/StringBuffer;": {
StringBuffer buffer = (StringBuffer) dvmObject.getValue();
StringObject str = vaList.getObjectArg(0);
buffer.append(str.getValue());
return dvmObject;
}
case "java/lang/Integer->toString()Ljava/lang/String;":
Integer it = (Integer) dvmObject.getValue();
return new StringObject(vm, it.toString());
case "java/lang/StringBuffer->toString()Ljava/lang/String;":
StringBuffer buffer = (StringBuffer) dvmObject.getValue();
return new StringObject(vm, buffer.toString());
}
return super.callObjectMethodV(vm, dvmObject, signature, vaList);
}
@Override
public DvmObject<?> newObject(BaseVM vm, DvmClass dvmClass, String signature, VarArg varArg) {
if ("sun/security/pkcs/PKCS7-><init>([B)V".equals(signature)) {
ByteArray array = varArg.getObjectArg(0);
try {
return vm.resolveClass("sun/security/pkcs/PKCS7").newObject(new PKCS7(array.getValue()));
} catch (ParsingException e) {
throw new IllegalStateException(e);
}
}
return super.newObject(vm, dvmClass, signature, varArg);
}
@Override
public DvmObject<?> callObjectMethod(BaseVM vm, DvmObject<?> dvmObject, String signature, VarArg varArg) {
if ("sun/security/pkcs/PKCS7->getCertificates()[Ljava/security/cert/X509Certificate;".equals(signature)) {
PKCS7 pkcs7 = (PKCS7) dvmObject.getValue();
X509Certificate[] certificates = pkcs7.getCertificates();
return ProxyDvmObject.createObject(vm, certificates);
}
return super.callObjectMethod(vm, dvmObject, signature, varArg);
}
private static byte[] objectToBytes(Object obj) {
try {
ByteArrayOutputStream baos = new ByteArrayOutputStream();
ObjectOutputStream oos = new ObjectOutputStream(baos);
oos.writeObject(obj);
oos.flush();
byte[] array = baos.toByteArray();
oos.close();
baos.close();
return array;
} catch (IOException e) {
throw new IllegalStateException(e);
}
}
private static final String APK_PATH = "/data/app/com.jingdong.app.mall.apk";
@Override
public DvmObject<?> getObjectField(BaseVM vm, DvmObject<?> dvmObject, String signature) {
if ("android/content/pm/ApplicationInfo->sourceDir:Ljava/lang/String;".equals(signature)) {
return new StringObject(vm, APK_PATH);
}
return super.getObjectField(vm, dvmObject, signature);
}} `
lyg4795
commented
3 years ago
链接: https://pan.baidu.com/s/1HSriT7XhH4xSRNskmXvTng 提取码: ikwi apk和代码在里面,多谢。 分享失效了,方便再发一个嘛?我也碰到这个问题了,想尝试一下,谢谢
Pr0214
commented
3 years ago 楼上你好,你的问题是MethodID不匹配,需要明确继承关系。
yuninf
commented
2 years ago 环境是JDK1.8 环境是JDK1.8 环境是JDK1.8 运行OJBK
bamqj
commented
2 years ago lyg4795
你这个问题解决了没有,我也是和你一样的问题
FBLeee
commented
2 years ago lyg4795
你这个问题解决了没有,我也是和你一样的问题
有希望解决吗?
FBLeee
commented
2 months ago lyg4795
你这个问题解决了没有,我也是和你一样的问题
有希望解决吗?
- 首先注释掉该代码
链接: https://pan.baidu.com/s/1HSriT7XhH4xSRNskmXvTng 提取码: ikwi apk和代码在里面,多谢。