[Java] 纯文本查看 复制代码 package com.example.studycreateprocess1;
import static androidx.constraintlayout.helper.widget.MotionEffect.TAG;
import androidx.appcompat.app.AppCompatActivity;
import android.os.Bundle;
import android.util.Log;
import java.io.BufferedReader;
import java.io.IOException;
import java.io.InputStreamReader;
import java.io.OutputStreamWriter;
//com.example.studycreateprocess1
public class MainActivity extends AppCompatActivity {
@Override
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Log.d(TAG,"我是主线程");
new Thread(() -> {
try {
// 启动 sh 进程
//Process process = Runtime.getRuntime().exec("sh");
//通过简单的脚本也能hook到
Process process = Runtime.getRuntime().exec("sh");
Log.d(TAG,"Parent PID: " + process);
// 获取进程的输出流
OutputStreamWriter writer = new OutputStreamWriter(process.getOutputStream());
// 向进程中写入命令
writer.write("app_process32 -Djava.class.path=/data/local/tmp/HelloWorld.dex /data/local/tmp HelloWorld &\n");
writer.flush();
//执行之后 app_process变成野进程
writer.close();
// 等待进程完成
process.waitFor();
} catch (IOException e) {
Log.e(TAG, "IOException: " + e.getMessage());
} catch (InterruptedException e) {
Log.e(TAG, "InterruptedException: " + e.getMessage());
}
}).start();
}
}
[Java] 纯文本查看 复制代码 public class HelloWorld {
public static void main(String[] strArr) {
while (true) {
System.out.println("Hello, I am started by app_process!");
try {
Thread.sleep(1000L);
} catch (InterruptedException e) {
e.printStackTrace();
}
}
}
}
第一个代码是app的代码 第二个代码是dex的代码 我想知道怎么第一时间hook子进程sh启动子进程呢 也就是第一时间hook dex文件里面的System.out.println函数呢
| 
发表于 2024-9-17 10:26
