准备被Hook的文件
// filename: main.m
#import <Foundation/Foundation.h>
@interface PiaoPiao : NSObject
+(NSString *)GetRegName;
@end
@implementation PiaoPiao
+(id)GetRegName {
return @"PiaoPiao";
}
@end
int main(int argc, const char * argv[]) {
@autoreleasepool {
NSLog(@"RegName=%@", [PiaoPiao GetRegName]);
}
return 0;
}
编译gcc -ObjC -framework Foundation -g main.m -o main.gcc或clang -framework Foundation main.m -o main.clang
编写Theos进行注入
// filename: Tweak.xm
#import <Foundation/Foundation.h>
%config(generator=internal)
%hook PiaoPiao
+(id)GetRegName {
return @"Hooked!!!";
}
%end
%ctor {
NSLog(@"!!!!!!inject success!!!!!!!");
}
编译动态库:1. $THEOS/bin/logos.pl Tweak.xm > Tweak.mm 2. clang -shared -framework Foundation Tweak.mm -o libhook.dylib
注入
先执行下,看看结果./main.gcc输出以下内容:
2021-07-07 22:13:35.008 main[17192:165382] RegName=PiaoPiao
再注入并运行,执行DYLD_INSERT_LIBRARIES=libhook.dylib ./main.gcc,输出以下内容,成功注入:
2021-07-07 22:15:03.544 main[17329:166424] !!!!!!inject success!!!!!!!
2021-07-07 22:15:03.544 main[17329:166424] RegName=Hooked!!!
原文地址:https://dllhook.com/post/185.html 对内容稍有修改和补充。