jeb插件的编写,文档在文件夹\jeb_1.5\doc\apidoc。
我这里的目的是回溯sendTextMessage等敏感api的调用路径,实现代码如下:
from jeb.api import IScript
class MyPlugin(IScript):
def run(self, jeb):
OpMethod = "sendTextMessage"
def foo(dex, i, num_hyphen):
l = dex.getMethodReferences(i)
for k in l:
print '-'*num_hyphen+dex.getMethod(k).getSignature(True)
if dex.getMethodReferences(k) != None:
foo(dex, k, num_hyphen+4)
print ''
print ''
dex = jeb.getDex()
method_count = dex.getMethodCount()
print "method_count:"+str(method_count)
for i in range(method_count):
if dex.getMethod(i).getSignature(True).find(OpMethod)>=0:
print '*'+dex.getMethod(i).getName()
print dex.getMethod(i).getSignature(True)
foo(dex, i, 4)
效果:
jeb还提供了许多其他功能强大的接口,尽在文档中。
参考:
示例脚本:https://www.pnfsoftware.com/jeb1/downloads
技术博客:https://www.pnfsoftware.com/blog/category/jeb1/
关于Jeb AST的学习:http://www.tuicool.com/articles/zm6Nz23