违规获取MAC地址问题
应用宝检测违规获取MAC地址问题 需要在用户同意之后获取
使用工具Xposed
VirtualXposed再0.18.2版本之后只支持64位的App。
准备基于Xposed库开发自定义模块
1.引入Xposed库添加到app下的build.gradle
implementation 'de.robv.android.xposed:api:82'
implementation 'de.robv.android.xposed:api:82:sources'
2.自定义Xposed模块代码 我们使用XposedHelpers.findAndHookMethod检测获取MAC的方法:getMacAddress&getHardwareAddress,并输出日志。
public class XposedHook implements IXposedHookLoadPackage {
private static final String TAG = "HookLogin";
public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) {
if (lpparam == null) {
return;
}
Log.e(TAG, "Load app packageName:" + lpparam.packageName);
XposedHelpers.findAndHookMethod(
android.net.wifi.WifiInfo.class.getName(),
lpparam.classLoader,
"getMacAddress",
new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) {
XposedBridge.log("调用getMacAddress()获取了mac地址");
}
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log(getMethodStack());
super.afterHookedMethod(param);
}
}
);
XposedHelpers.findAndHookMethod(
java.net.NetworkInterface.class.getName(),
lpparam.classLoader,
"getHardwareAddress",
new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) {
XposedBridge.log("调用getHardwareAddress()获取了mac地址");
}
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log(getMethodStack());
super.afterHookedMethod(param);
}
}
);
}
private String getMethodStack() {
StackTraceElement[] stackTraceElements = Thread.currentThread().getStackTrace();
StringBuilder stringBuilder = new StringBuilder();
for (StackTraceElement temp : stackTraceElements) {
stringBuilder.append(temp.toString() + "\n");
}
return stringBuilder.toString();
}
}
3.注册Xposed自定义模块
在main下新建assets资源文件,并新建名为xposed_init文件,在这个文件里面添加 Xposed模块的包名+类名。 如:
com.xposed.XposedHook // com.xposed 包名 XposedHook 类名
在AndroidManifest.xml中添加:
<meta-data
android:name="xposedmodule"
android:value="true" />
<!--模块说明,一般为模块的功能描述-->
<meta-data
android:name="xposeddescription"
android:value="这个模块是用来检测用户隐私合规的,在用户未授权同意前,调用接口获取信息属于违规" />
<!--模块兼容版本-->
<meta-data
android:name="xposedminversion"
android:value="54" />
4.添加Xposed自定义模块
编译运行项目,安装到手机。启动VirtualXposed--->点击菜单:
1.添加应用--->找到Xposed模块应用--->选中后安装
2.模块管理--->勾选--->重启VirtualXposed
3.VirtualXposed从后台清除然后在重新打开
5.在VirtualXposed中开始检测
1.启动VirtualXposed--->上滑--->点击Xposed Installer
2.点击左上角菜单--->点击模块--->点击模块里面的应用
3.点击日志导出日志进行分析日志
6.分析日志 友盟调用了MAC地址
02-17 15:37:18.300 I/Xposed (28042): 调用getHardwareAddress()获取了mac地址
02-17 15:37:18.303 I/Xposed (28042): dalvik.system.VMStack.getThreadStackTrace(Native Method)
02-17 15:37:18.303 I/Xposed (28042): java.lang.Thread.getStackTrace(Thread.java:1730)
02-17 15:37:18.303 I/Xposed (28042): de.robv.android.xposed.DexposedBridge.handleHookedArtMethod(DexposedBridge.java:265)
02-17 15:37:18.303 I/Xposed (28042): me.weishu.epic.art.entry.Entry.onHookObject(Entry.java:69)
02-17 15:37:18.303 I/Xposed (28042): me.weishu.epic.art.entry.Entry.referenceBridge(Entry.java:186)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.a.e.b(DeviceConfig.java:165)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.a.e.q(DeviceConfig.java:661)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.analytics.c.c.a(Envelope.java:86)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.analytics.d.o.c(Sender.java:214)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.analytics.d.o.a(Sender.java:95)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.analytics.d.c.d(CacheImpl.java:649)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.analytics.d.c.a(CacheImpl.java:124)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.analytics.d.d$1.a(CacheService.java:45)
02-17 15:37:18.303 I/Xposed (28042): com.umeng.a.k.run(SafeRunnable.java:8)
02-17 15:37:18.303 I/Xposed (28042): java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:462)
02-17 15:37:18.303 I/Xposed (28042): java.util.concurrent.FutureTask.run(FutureTask.java:266)
02-17 15:37:18.303 I/Xposed (28042): java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:301)
02-17 15:37:18.303 I/Xposed (28042): java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
02-17 15:37:18.303 I/Xposed (28042): java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
02-17 15:37:18.303 I/Xposed (28042): java.lang.Thread.run(Thread.java:929)
02-17 15:37:19.148 I/VClientImpl(28235): Xposed is enabled.
