Android应用隐私合规检测实现方案
一、准备工作
1、安装夜神模拟器安卓7.0版本,自带Xposed框架
二、编写Xposed模块
1、在Android Studio新建一个Android App项目
2、在build.gradle中添加xposed的编译依赖
dependencies {
compileOnly 'de.robv.android.xposed:api:82'
}3、记得配置阿里云或者jcenter()仓库
4、在AndroidManifest.xml application标签下添加对应属性的设置
<!--告诉xposed框架这是一个xposed模块-->
<meta-data
android:name="xposedmodule"
android:value="true" />
<!--模块描述-->
<meta-data
android:name="xposeddescription"
android:value="隐私合规检测工具" />
<!--模块支持Xposed的最低版本-->
<meta-data
android:name="xposedminversion"
android:value="53" />5、新建一个类实现IXposedHookLoadPackage接口的handleLoadPackage方法
public class PrivacyHook implements IXposedHookLoadPackage {
@Override
public void handleLoadPackage(final XC_LoadPackage.LoadPackageParam loadPackageParam) throws Throwable {
if (loadPackageParam.packageName.startsWith("com.sswl")) {
XposedBridge.log("PrivacyHook has Hooked!");
//检测mac的获取
Class<?> NetworkInterfaceCls = XposedHelpers.findClass("java.net.NetworkInterface", loadPackageParam.classLoader);
XposedHelpers.findAndHookMethod(NetworkInterfaceCls, "getNetworkInterfaces", new XC_MethodHook() {
protected void beforeHookedMethod(XC_MethodHook.MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
Log.w("Xposed", "=============================================================");
XposedBridge.log("调用getNetworkInterfaces");
StackTraceElement[] stackTrace = new Exception().getStackTrace();
for (int i = 0; i < stackTrace.length; i++) {
Log.e("Xposed", "" + stackTrace[i]);
}
}
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
}
});
//获取IMEI
Class<?> Imei = XposedHelpers.findClass("android.telephony.TelephonyManager", loadPackageParam.classLoader);
XposedHelpers.findAndHookMethod(Imei, "getDeviceId", new XC_MethodHook() {
protected void beforeHookedMethod(XC_MethodHook.MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
Log.w("Xposed1", "=============================================================");
XposedBridge.log("调用getDeviceId");
StackTraceElement[] stackTrace = new Exception().getStackTrace();
for (int i = 0; i < stackTrace.length; i++) {
Log.e("Xposed", "" + stackTrace[i]);
}
}
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
}
});
//获取IMSI
Class<?> Imsi = XposedHelpers.findClass("android.telephony.TelephonyManager", loadPackageParam.classLoader);
XposedHelpers.findAndHookMethod(Imsi, "getSubscriberId",int.class, new XC_MethodHook() {
protected void beforeHookedMethod(XC_MethodHook.MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
Log.w("Xposed2", "=============================================================");
XposedBridge.log("调用getSubscriberId");
StackTraceElement[] stackTrace = new Exception().getStackTrace();
for (int i = 0; i < stackTrace.length; i++) {
Log.e("Xposed", "" + stackTrace[i]);
}
}
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
}
});
//检测androidId的获取
Class<?> SystemCls = XposedHelpers.findClass("android.provider.Settings$Secure", loadPackageParam.classLoader);
XposedHelpers.findAndHookMethod(SystemCls, "getStringForUser", ContentResolver.class, String.class, int.class, new XC_MethodHook() {
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
super.beforeHookedMethod(param);
Log.w("Xposedadam", "=============================================================");
XposedBridge.log("调用getStringForUser");
StackTraceElement[] stackTrace = new Exception().getStackTrace();
for (int i = 0; i < stackTrace.length; i++) {
Log.e("Xposed", "" + stackTrace[i]);
}
}
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
}
});
}
}
}
6、根据需要hook的方法参数决定
7、在assets目录下新建文件名为:xposed_init 的文本文件,并将刚才新建的那个类的完整类名填写到第一行,比如:
com.sswl.xposed.PrivacyHook
8、将应用打包出来安装到模拟器上,然后点模块进行安装,然后重启生效
9、运行需要检测的应用,就可以在Android Studio查看日志打印
