有的时候我们需要注入smali调用Log输出,打印字符串的值。
比如说:
如果我们要打印下面v1的值。
new-instance v1, Ljava/lang/String;
const-string v7, “this is my string”
invoke-direct {v1, v7}, Ljava/lang/String;-><init>(Ljava/lang/String;)V
那可能要先修改使用的寄存器数,然后添加打印:
这样注入是比较麻烦的,可以自己建一个crack.smali文件,并定义自己的Log信息输出函数,如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 | .class public Lcrack; .super Ljava/lang/Object; .source "crack.java" .method public static log1(Ljava/lang/String;)V #打印出info 1字符串 .locals 1 .prologue const-string v0, "info 1" invoke-static {v0, p0}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I return-void .end method .method public static log2(Ljava/lang/String;)V #打印出info 2字符串 .locals 1 .prologue const-string v0, "info 2" invoke-static {v0, p0}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I return-void .end method .method public static log3(Ljava/lang/String;)V #打印出info 3字符串 .locals 1 .prologue const-string v0, "info 3" invoke-static {v0, p0}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I return-void .end method .method public static I(I)V #打印出int型值 .locals 2 .prologue const-string v0, "info_int" invoke-static {p0}, Ljava/lang/String;->valueOf(I)Ljava/lang/String; move-result-object v1 invoke-static {v0, v1}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I return-void .end method .method public static J(J)V #打印出long类型的值 .locals 2 .prologue const-string v0, "info_long" invoke-static {p0, p1}, Ljava/lang/String;->valueOf(J)Ljava/lang/String; move-result-object v1 invoke-static {v0, v1}, Landroid/util/Log;->d(Ljava/lang/String;Ljava/lang/String;)I return-void .end method |
这个时候就只需要添加一行代码就行了:
invoke-static {v1}, Lcrack;->log1(Ljava/lang/String;)V
就能打印出:
如果是int或者long类型的话,如下调用即可:
获得Log输出:
当然你还可以定义自己的Log输出加入到crack.smali里面。
但是记得把crack.smali这个文件拷贝到目录下去。