新建Objective-C应用
- (void)viewDidLoad {
[super viewDidLoad];
}
- (void)click{
UISwitch *s = [[UISwitch alloc] init];
[self.view addSubview:s];
}
- (void)touchesBegan:(NSSet<UITouch *> *)touches withEvent:(UIEvent *)event{
[self click];
}
在touchesBegan方法中打断点,查看汇编源码
test_nature.jpeg
Tweak_test`-[ViewController click]:
0x100082688 <+0>: sub sp, sp, #0x30 ; =0x30
0x10008268c <+4>: stp x29, x30, [sp, #0x20]
0x100082690 <+8>: add x29, sp, #0x20 ; =0x20
0x100082694 <+12>: adrp x8, 2
0x100082698 <+16>: add x8, x8, #0xca0 ; =0xca0
....
使用theos,编写tweak住ViewController click方法,使点击view,生成一个红色的View
%hook ViewController
- (void)click{
UIView *v = [[UIView alloc] init];
v.frame = CGRectMake(100,100,100,100);
v.backgroundColor = [UIColor redColor];
[[self view] addSubview:v];
}
%end
转发越狱手机端口
sh usb.sh
编译打包安装越狱插件
make && make package && make install
重新运行Xcode,点击屏幕,再次查看汇编代码
test_tweak.jpeg
注意:如果电脑同时连接两台iPhone,可能会无法远程登陆成功,那么也无法make install成功
网友评论