设为首页收藏本站
开启辅助访问

Android 逆向体验优化 · 大专栏

 您所在的位置:网站首页 magiskfrida作用 Android 逆向体验优化 · 大专栏

Android 逆向体验优化 · 大专栏

2022-12-20 18:45| 来源: 网络整理| 查看: 265

adb shell 过于难用, 想想办法.

1 adb shell su -c "setprop persist.adb.tcp.port 5555"

有时候似乎会连接不上, 重新连接 wifi 即可.

抓包 配置 Charles

配置 socks5 代理

安装 ProxyDroid (年久失修, 推荐 Drony)

当然也可以配置翻墙.

Drony

Drony 之 Wifi 环境下设置教程

Magisk Nano for Android NDK

Magisk 的下载里搜索 nano, 即 Magisk-Modules-Repo/nano-ndk.

SSH for Magisk

Magisk 的下载里搜索 ssh, 即 d4rcm4rc/MagiskSSH.

安装重启

配置公钥

1 2 3 4 5 6 7 8 ssh-keygen -t rsa adb push id_rsa.pub /data/ssh/shell/.ssh/authorized_keys chmod 600 /data/ssh/shell/.ssh/authorized_keys adb push id_rsa.pub /data/ssh/root/.ssh/authorized_keys chmod 600 /data/ssh/root/.ssh/authorized_keys

修改 /data/ssh/sshd_config

1 2 3 PasswordAuthentication yes PermitEmptyPasswords yes PermitUserEnvironment yes

添加环境变量

1 2 3 echo "LD_LIBRARY_PATH=.:/vendor/lib:/system/libnPATH=/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin:/system/bin:/system/xbin:/system/sbin:/sbin/.magisk/modules/ssh/usr/binnANDROID_DATA=/datanANDROID_ROOT=/system" > /data/ssh/root/.ssh/environment echo "LD_LIBRARY_PATH=.:/vendor/lib:/system/libnPATH=/sbin:/vendor/bin:/system/sbin:/system/bin:/system/xbin:/system/bin:/system/xbin:/system/sbin:/sbin/.magisk/modules/ssh/usr/binnANDROID_DATA=/datanANDROID_ROOT=/system" > /data/ssh/shell/.ssh/environment

重启 sshd

1 /sbin/.magisk/modules/ssh/opensshd.init restart

然后直接连接

1 ssh [email protected] GNU Utils For Android

Magisk 的下载里搜索 gnu, 即 Zackptg5/GNU-Utils-Android.

Curl For Android

Magisk 的下载里搜索 curl, 即 Zackptg5/Curl-For-Android.

Move Certificates

Magisk 的下载里搜索 move, 即 yochananmarqos/Move-Certificates.

可以把证书从 user certificate store 移到 system store, 可以消除网络可能会受到监控的警告.

MagiskFrida

AeonLucid/MagiskFrida.

开机自动运行 frida-server

Binary unzip

https://github.com/therealsaumil/static-arm-bins https://github.com/jakev/android-binaries https://forum.xda-developers.com/showthread.php?t=1612760 https://forum.xda-developers.com/android/software/utils-data-recovery-tools-testdisk-t3709380

1 2 3 4 5 6 7 8 # 下载 unzip curl -k -O https://a.downloader.workers.dev/proxy/raw.githubusercontent.com/jakev/android-binaries/master/unzip mv unzip /vendor/bin/unzip chmod u=rwx,g=rx,o=rx /vendor/bin/unzip chgrp root /vendor/bin/unzip chown root /vendor/bin/unzip unzip -h 1 2 3 4 5 6 7 8 # 下载 tar curl -k -O https://a.downloader.workers.dev/proxy/raw.githubusercontent.com/jakev/android-binaries/master/tar mv tar /vendor/bin/tar chmod u=rwx,g=rx,o=rx /vendor/bin/tar chgrp root /vendor/bin/tar chown root /vendor/bin/tar tar --help 精简一哈 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 68 69 70 71 72 73 74 75 76 77 78 79 80 81 82 83 84 85 86 87 88 89 90 91 92 93 94 95 96 97 98 99 100 101 102 103 104 105 106 107 108 109 110 111 112 113 114 115 116 117 118 119 120 121 122 123 124 125 126 127 128 129 130 131 132 133 134 135 136 # mount -o rw,remount /system rm -rf /system/app/Books rm -rf /system/app/Drive rm -rf /system/app/EditorsDocsStub rm -rf /system/app/EditorsSheetsStub rm -rf /system/app/EditorsSlidesStub rm -rf /system/app/FitnessPrebuilt rm -rf /system/app/Hangouts rm -rf /system/app/KoreanIME rm -rf /system/app/Maps rm -rf /system/app/PlayGames rm -rf /system/app/PlusOne rm -rf /system/app/NewsstandStub rm -rf /system/app/PrebuiltGmail rm -rf /system/app/PrebuiltKeepStub rm -rf /system/app/PrebuiltNewsWeather rm -rf /system/app/YouTube rm -rf /system/app/Videos rm -rf /system/app/Wallet rm -rf /system/app/PrebuiltDeskClockGoogle rm -rf /system/app/CalculatorGoogle rm -rf /system/app/FaceLock rm -rf /system/app/Music2 rm -rf /system/app/CalendarGooglePrebuilt rm -rf /system/app/CloudPrint2 rm -rf /system/app/GoogleContactsSyncAdapter rm -rf /system/app/GoogleEars rm -rf /system/app/GoogleHindiIME rm -rf /system/app/GoogleTTS rm -rf /system/app/LiveWallpapersPicker rm -rf /system/app/MediaShortcuts rm -rf /system/app/Photos rm -rf /system/app/PrebuiltExchange3Google rm -rf /system/app/talkback rm -rf /system/app/iWnnIME # rm -rf /system/app/BasicDreams # rm -rf /system/app/Bluetooth # rm -rf /system/app/BluetoothMidiService # rm -rf /system/app/CaptivePortalLogin # rm -rf /system/app/CertInstaller # rm -rf /system/app/Chrome # rm -rf /system/app/DMAgent # rm -rf /system/app/DocumentsUI # rm -rf /system/app/DownloadProviderUi # rm -rf /system/app/GoogleCamera # rm -rf /system/app/GoogleHome # rm -rf /system/app/GooglePinyinIME # rm -rf /system/app/HTMLViewer # rm -rf /system/app/KeyChain # rm -rf /system/app/LatinImeGoogle # rm -rf /system/app/NfcNci # rm -rf /system/app/PacProcessor # rm -rf /system/app/PartnerBookmarksProvider # rm -rf /system/app/PrebuiltBugleStub # rm -rf /system/app/PrintSpooler # rm -rf /system/app/Stk # rm -rf /system/app/SunBeam # rm -rf /system/app/TimeService # rm -rf /system/app/UpdateSetting # rm -rf /system/app/UserDictionaryProvider # rm -rf /system/app/WebViewGoogle # rm -rf /system/app/qcrilmsgtunnel # rm -rf /system/app/shutdownlistener # rm -rf /system/priv-app/BackupRestoreConfirmation # rm -rf /system/priv-app/CalendarProvider # rm -rf /system/priv-app/CallLogBackup # rm -rf /system/priv-app/CarrierConfig # rm -rf /system/priv-app/CellBroadcastReceiver # rm -rf /system/priv-app/ConfigUpdater # rm -rf /system/priv-app/ContactsProvider # rm -rf /system/priv-app/DefaultContainerService # rm -rf /system/priv-app/DownloadProvider # rm -rf /system/priv-app/ExternalStorageProvider # rm -rf /system/priv-app/FusedLocation # rm -rf /system/priv-app/GCS # rm -rf /system/priv-app/GoogleBackupTransport # rm -rf /system/priv-app/GoogleContacts # rm -rf /system/priv-app/GoogleDialer # rm -rf /system/priv-app/GoogleFeedback # rm -rf /system/priv-app/GoogleLoginService # rm -rf /system/priv-app/GoogleOneTimeInitializer # rm -rf /system/priv-app/GooglePackageInstaller # rm -rf /system/priv-app/GooglePartnerSetup # rm -rf /system/priv-app/GoogleServicesFramework # rm -rf /system/priv-app/InputDevices # rm -rf /system/priv-app/Launcher2 # rm -rf /system/priv-app/ManagedProvisioning # rm -rf /system/priv-app/MediaProvider # rm -rf /system/priv-app/MmsService # rm -rf /system/priv-app/MusicFX # rm -rf /system/priv-app/OmaDmclient # rm -rf /system/priv-app/Phonesky # rm -rf /system/priv-app/PrebuiltGmsCore # rm -rf /system/priv-app/ProxyHandler # rm -rf /system/priv-app/Settings # rm -rf /system/priv-app/SettingsProvider # rm -rf /system/priv-app/SetupWizard # rm -rf /system/priv-app/SharedStorageBackup # rm -rf /system/priv-app/Shell # rm -rf /system/priv-app/SprintHiddenMenu # rm -rf /system/priv-app/StatementService # rm -rf /system/priv-app/SystemUI # rm -rf /system/priv-app/TagGoogle # rm -rf /system/priv-app/TeleService # rm -rf /system/priv-app/Telecom # rm -rf /system/priv-app/TelephonyProvider # rm -rf /system/priv-app/Velvet # rm -rf /system/priv-app/VpnDialogs # rm -rf /system/priv-app/WallpaperCropper # rm -rf /system/priv-app/twrpapp chmod u=rw,g=r,o=r mark.via.apk chgrp root mark.via.apk chown root mark.via.apk mount -o ro,remount /system function set_mode () { if [ -d "$1" ]; then chmod u=rw,g=r,o=r $1 chgrp root $1 chown root $1 fi }



【本文地址】


今日新闻

推荐新闻

CopyRight 2018-2019 办公设备维修网 版权所有 豫ICP备15022753号-3