从检测机构所提供的检测说明如下:
com.amitshekhar.fudk,com.amitshekhar.DebugDB,com.amitshekhar.debug
可以看出获取ip的行为是由第三方框架:Android-Debug-Database导致的,github地址为:amitshekhariitbhu/Android-Debug-Database: A library for debugging android databases and shared preferences - Make Debugging Great Again (github.com)
相关调用链为:
E6FE5275-DF9A-4d53-835E-0BF9B196D04B.png
2.png
3.png
最终调用如下代码:
package com.amitshekhar.utils;
public final class NetworkUtils {
private NetworkUtils() {
// This class in not publicly instantiable
}
public static String getAddressLog(Context context, int port) {
WifiManager wifiManager = (WifiManager) context.getSystemService(Context.WIFI_SERVICE);
int ipAddress = wifiManager.getConnectionInfo().getIpAddress();
@SuppressLint("DefaultLocale")
final String formattedIpAddress = String.format("%d.%d.%d.%d",
(ipAddress & 0xff),
(ipAddress >> 8 & 0xff),
(ipAddress >> 16 & 0xff),
(ipAddress >> 24 & 0xff));
return "Open http://" + formattedIpAddress + ":" + port + " in your browser";
}
}
获取ip的代码为:
wifiManager.getConnectionInfo().getIpAddress();
所以我们的hook点在就此处,我们使用的hook框架是:lancet:
eleme/lancet: A lightweight and fast AOP framework for Android App and SDK developers (github.com)
根据提供的使用说明我们写出的hook代码为:
public class SWDidAOP {
@TargetClass("com.amitshekhar.utils.NetworkUtils")
@Insert("getAddressLog")
public static String getAddressLog(Context context, int port) {
Log.v("myp_ip","myp_ip");
return "";
}
// @TargetClass("com.geely.lynkco.main.lancet.Test")
// @Insert("getAddressLog")
// public static String getAddressLog(int port) {
// Log.v("myp_ip","myp_ip");
// return "";
// }
}
最终我们运行代码后从logcat获取的结果如下:
企业微信截图_1661412536942.png
从logcat结果看,代码走到了hook代码中,不会去执行框架中获取ip地址的代码。
网友评论