在 Frida 中从非主线程调用 API 修改应用程序的 GUI
Calling an API to modify an App's GUI from non-Main thread in Frida
我刚刚开始使用 Frida,并且已经学习了使用 JavaScript 和 python 绑定进行代码注入和挂钩的基本教程。我当前的问题是确定如何从非主线程调用 GUI 更新方法。意识到这是不可能的,并且搜索我在 java 中找到了代码 ,它将在主线程上安排任务。我不知道如何在 JavaScript 中表示此代码,即您如何在 Frida JavaScript 中表示以下 java 代码(在注入代码中):
android_View.getActivity().runOnUiThread(new Runnable()
{
@Override
public void run()
{
android_View.setVisibility(View.VISIBLE);
}
}
谢谢
在 Robert 的上述评论之后添加答案 - 谢谢,帮助很大。
// Assign the javascript code to a variable.
jsCode = """
// Create a method called Cheese that will be exported.
function Cheese()
{
// Perform the code from injected context.
Java.perform(function ()
{
// Variable to store the view representing the button
// to click programmatically.
var view;
// Define the Runnable type javascript wrapper.
var Runnable = Java.use("java.lang.Runnable");
// Find the MainActivity class in myApp.
Java.choose("com.example.myApp.MainActivity",
{
// Once it has been found execute the following code.
onMatch: function(instance)
{
// Get the view representing button to click.
// 2131436712 id derived from decompiling app.
view = instance.findViewById(2131436712);
// Define a new class that implements Runnable and provide
// the implementation of the run() method which, will
// execute from the Main thread.
const MyRunnable = Java.registerClass({
name:'com.example.MyRunnable',
implements: [Runnable],
methods: {
// run executes button click.
run(){
instance.onClick(view);
},
}
});
// Create an instance of the class just created.
var MyGuiUpdate = MyRunnable .$new();
// Schedule the run method in MyGuiUpdate to
// execute on the UI thread.
instance.runOnUiThread(MyGuiUpdate );
},
onComplete:function(){}
});
});
}
// Export Cheese function to python with name fromage
rpc.exports = {
fromage:Cheese
};
"""
使用上面的方法你可以从python调用fromage,它会向定义的按钮发出一个点击事件。该调用是从非 UI 线程发出的,并使用 runOnUiThread 调度到 UI 线程。
我刚刚开始使用 Frida,并且已经学习了使用 JavaScript 和 python 绑定进行代码注入和挂钩的基本教程。我当前的问题是确定如何从非主线程调用 GUI 更新方法。意识到这是不可能的,并且搜索我在 java 中找到了代码 ,它将在主线程上安排任务。我不知道如何在 JavaScript 中表示此代码,即您如何在 Frida JavaScript 中表示以下 java 代码(在注入代码中):
android_View.getActivity().runOnUiThread(new Runnable()
{
@Override
public void run()
{
android_View.setVisibility(View.VISIBLE);
}
}
谢谢
在 Robert 的上述评论之后添加答案 - 谢谢,帮助很大。
// Assign the javascript code to a variable.
jsCode = """
// Create a method called Cheese that will be exported.
function Cheese()
{
// Perform the code from injected context.
Java.perform(function ()
{
// Variable to store the view representing the button
// to click programmatically.
var view;
// Define the Runnable type javascript wrapper.
var Runnable = Java.use("java.lang.Runnable");
// Find the MainActivity class in myApp.
Java.choose("com.example.myApp.MainActivity",
{
// Once it has been found execute the following code.
onMatch: function(instance)
{
// Get the view representing button to click.
// 2131436712 id derived from decompiling app.
view = instance.findViewById(2131436712);
// Define a new class that implements Runnable and provide
// the implementation of the run() method which, will
// execute from the Main thread.
const MyRunnable = Java.registerClass({
name:'com.example.MyRunnable',
implements: [Runnable],
methods: {
// run executes button click.
run(){
instance.onClick(view);
},
}
});
// Create an instance of the class just created.
var MyGuiUpdate = MyRunnable .$new();
// Schedule the run method in MyGuiUpdate to
// execute on the UI thread.
instance.runOnUiThread(MyGuiUpdate );
},
onComplete:function(){}
});
});
}
// Export Cheese function to python with name fromage
rpc.exports = {
fromage:Cheese
};
"""
使用上面的方法你可以从python调用fromage,它会向定义的按钮发出一个点击事件。该调用是从非 UI 线程发出的,并使用 runOnUiThread 调度到 UI 线程。