VirtualXposed开发1

VirtualXposed开发1

1.安装

git clone https://github.com/android-hacker/VirtualXposed.git
cd VirtualXposed
git submodule update --init --recursive

使用android studio打开运行, 就安装成功了.

默认安装了xposed

2.设置安装默认apk

需要修改NewHomeActivity.java, 把需要安装的apk放在跟XposedInstaller_3.1.5.apk_同一个目录(就是assets里), 然后添加遍历assets目录的方法, 最后安装apk.

// 添加遍历assets目录并安装的方法
private void installApks(String name) {
    ProgressDialog dialog = new ProgressDialog(this);
    dialog.setCancelable(false);
    dialog.setMessage("Loading " + name);
    dialog.show();

    VUiKit.defer().when(() -> {
        File installerApk = getFileStreamPath(name + ".apk");
        if (!installerApk.exists()) {
            InputStream input = null;
            OutputStream output = null;
            try {
                input = getApplicationContext().getAssets().open(name);
                output = new FileOutputStream(installerApk);
                byte[] buffer = new byte[1024];
                int length;
                while ((length = input.read(buffer)) > 0) {
                    output.write(buffer, 0, length);
                }
            } catch (Throwable e) {
                VLog.e(TAG, "copy file error", e);
            } finally {
                FileUtils.closeQuietly(input);
                FileUtils.closeQuietly(output);
            }
        }

        if (installerApk.isFile() && !DeviceUtil.isMeizuBelowN()) {
            try {
                VirtualCore.get().installPackage(installerApk.getPath(), InstallStrategy.TERMINATE_IF_EXIST);
            } catch (Throwable ignored) {

            }
        }
    }).then((v) -> {
        dismissDialog(dialog);
        mUiHandler.sendEmptyMessageDelayed(2, 500);
    }).fail((err) -> {
        dismissDialog(dialog);
        mUiHandler.sendEmptyMessageDelayed(2, 500);
    });
}

private List<String> names;
private void initNames() {
    names = new ArrayList<>();
    try {
        boolean isXposedInstalled = VirtualCore.get().isAppInstalled(XPOSED_INSTALLER_PACKAGE);
        if (!isXposedInstalled) {
            for (String s : getAssets().list("")) {
                names.add(s);
            }
        }
    } catch (IOException e) {
        Toast.makeText(this, "Init error!", Toast.LENGTH_SHORT).show();
    }
}

// 重写获取mUiHandler方法
private Handler getmUiHandler() {
    return new Handler(getMainLooper()) {
        @Override
        public void handleMessage(Message msg) {
            if (msg.what == 1) {
                if (names.size() > 0) {
                    installApks(names.get(0));
                }
            }
            if (msg.what == 2) {
                if (names.size() > 0) {
                    names.remove(0);
                    sendEmptyMessage(1);
                }
            }
        }
    };
}

替换原来mUiHandler初始化的方法

mUiHandler = getmUiHandler();
initNames();

// 注释原来installXposed的方法
if (checkXposedInstaller) {
    checkXposedInstaller = false;
//            installXposed();
    mUiHandler.sendEmptyMessage(1);
}

重新运行, 这时候除了XposedInstaller还安装了你放在该目录里的其他apk

不会android开发直接搞xposed确实够呛, 慢慢来, 把过程都记录好, 💪
下篇写怎样hook, 一边google一边学, 网上资料确实少或者很多过时的, 还是ios逆向简单😅