Hook的几种方式
- Method Swizzle,作用于OC
- fishhook,作用于C
- Cydia Substrate,作用于OC、C、函数地址
Hook原理
Method Swizzle
方法交换
fishhook
#import <Foundation/Foundation.h>
#import "fishhook.h"
#import <dlfcn.h>
static int (*orig_close)(int);
static int (*orig_open)(const char *, int, ...);
void save_original_symbols() {
orig_close = dlsym(RTLD_DEFAULT, "close");
orig_open = dlsym(RTLD_DEFAULT, "open");
}
int my_close(int fd) {
printf("Calling real close(%d)\n", fd);
return orig_close(fd);
}
int my_open(const char *path, int oflag, ...) {
va_list ap = {0};
mode_t mode = 0;
if ((oflag & O_CREAT) != 0) {
// mode only applies to O_CREAT
va_start(ap, oflag);
mode = va_arg(ap, int);
va_end(ap);
printf("Calling real open('%s', %d, %d)\n", path, oflag, mode);
return orig_open(path, oflag, mode);
} else {
printf("Calling real open('%s', %d)\n", path, oflag);
return orig_open(path, oflag, mode);
}
}
int main(int argc, char * argv[]) {
@autoreleasepool {
save_original_symbols();
`此处为交换方法`
int fd = open(argv[0], O_RDONLY);
uint32_t magic_number = 0;
read(fd, &magic_number, 4);
printf("Mach-O Magic Number: %x \n", magic_number);
close(fd);
return 0;
}
}
Cydia Substrate
修改汇编代码
