编写jeb插件打印目标方法的交叉引用
jeb插件的编写,文档在文件夹\jeb_1.5\doc\apidoc。
我这里的目的是回溯sendTextMessage等敏感api的调用路径,实现代码如下:
1 from jeb.api import IScript 2 3 class MyPlugin(IScript): 4 5 def run(self, jeb): 6 7 OpMethod = "sendTextMessage" 8 9 def foo(dex, i, num_hyphen): 10 l = dex.getMethodReferences(i) 11 for k in l: 12 print '-'*num_hyphen+dex.getMethod(k).getSignature(True) 13 if dex.getMethodReferences(k) != None: 14 foo(dex, k, num_hyphen+4) 15 16 print '' 17 print '' 18 dex = jeb.getDex() 19 method_count = dex.getMethodCount() 20 print "method_count:"+str(method_count) 21 for i in range(method_count): 22 if dex.getMethod(i).getSignature(True).find(OpMethod)>=0: 23 print '*'+dex.getMethod(i).getName() 24 print dex.getMethod(i).getSignature(True) 25 foo(dex, i, 4)
效果:
jeb还提供了许多其他功能强大的接口,尽在文档中。
参考:
示例脚本:https://www.pnfsoftware.com/jeb1/downloads
技术博客:https://www.pnfsoftware.com/blog/category/jeb1/
关于Jeb AST的学习:http://www.tuicool.com/articles/zm6Nz23