我已经通过androguard获取了一个apk文件的api调用(外部方法),我也想获取一些敏感api的params值。是否有一些功能或方法?
或者
有没有办法从smali文件遍历方法中获取API调用的参数值?
例子:
invoke-static {v0}, Lcom/xyz/sdk/impl/bd;->setWebContentsDebuggingEnabled(Z)V
如何找到 setWebContentsDebuggingEnabled API 调用的布尔值?
我阅读了寄存器的最后一个值将保存方法参数的文档,但你能提供一些简单的例子吗?
The common way is to build an intra-procedural control flow graph so you can check which possible flows and thus what commands are executed before the invocation you are interested in.
Then check each those flows (go backwards through the list of commands that are executed) where the register you are looking for is written.
Often you end up in processing another method because the register is written using the return value of another method invocation or you go back until you reach the start of the method and recognize that the register value was handed over as argument to the method you are in. So you have to check the whole app code where are calls to this method and thus trace again the used register.
I am not sure if and how Androguard provides such a functionality.