原文链接:https://api-caller.com/2019/11/05/capture-note/
抓包应该是被问到最多的事情了, 记录一些片段.
珍惜Any
之前提过 一种思路
是遍历所有类, 按照特征去判断校验类和方法.
此处的思路则是, 先跑一遍并让它失败, 找到特征打印堆栈, 即可锁定位置, 再行 hook 即可.
let jni_struct_array = [ | |
"reserved0", "reserved1", "reserved2", "reserved3", "GetVersion", "DefineClass", "FindClass", "FromReflectedMethod", "FromReflectedField", "ToReflectedMethod", "GetSuperclass", "IsAssignableFrom", "ToReflectedField", "Throw", "ThrowNew", | |
"ExceptionOccurred", "ExceptionDescribe", "ExceptionClear", "FatalError", "PushLocalFrame", "PopLocalFrame", "NewGlobalRef", "DeleteGlobalRef", "DeleteLocalRef", "IsSameObject", "NewLocalRef", "EnsureLocalCapacity", "AllocObject", "NewObject", | |
"NewObjectV", "NewObjectA", "GetObjectClass", "IsInstanceOf", "GetMethodID", "CallObjectMethod", "CallObjectMethodV", "CallObjectMethodA", "CallBooleanMethod", "CallBooleanMethodV", "CallBooleanMethodA", "CallByteMethod", "CallByteMethodV", | |
"CallByteMethodA", "CallCharMethod", "CallCharMethodV", "CallCharMethodA", "CallShortMethod", "CallShortMethodV", "CallShortMethodA", "CallIntMethod", "CallIntMethodV", "CallIntMethodA", "CallLongMethod", "CallLongMethodV", "CallLongMethodA", | |
"CallFloatMet |
1 { | |
1: "WebcastChatMessage" //method | |
2 { | |
1 { //common | |
1: "WebcastChatMessage" //method | |
2: 6831800841696561932 //msg_id | |
3: 6831775107220769536 //room_id | |
4: 1590652825937 //create_time | |
6: 1 //is_show_msg | |
} |
原文链接:https://api-caller.com/2019/11/05/capture-note/
抓包应该是被问到最多的事情了, 记录一些片段.
珍惜Any
之前提过 一种思路
是遍历所有类, 按照特征去判断校验类和方法.
此处的思路则是, 先跑一遍并让它失败, 找到特征打印堆栈, 即可锁定位置, 再行 hook 即可.
Edit: This list is now maintained in the rust-anthology repo.
def rolling_window(array, window=(0,), asteps=None, wsteps=None, axes=None, toend=True): | |
"""Create a view of `array` which for every point gives the n-dimensional | |
neighbourhood of size window. New dimensions are added at the end of | |
`array` or after the corresponding original dimension. | |
Parameters | |
---------- | |
array : array_like | |
Array to which the rolling window is applied. | |
window : int or tuple |