ios在没有越狱的机器上安装插件
ios在没有越狱的机器上安装插件
余成海 发表于1年前
ios在没有越狱的机器上安装插件
  • 发表于 1年前
  • 阅读 107
  • 收藏 0
  • 点赞 0
  • 评论 0

【腾讯云】新注册用户域名抢购1元起>>>   

之前分享过如何用tweak的方式做一个微信抢红包插件,然后安装在越狱手机上《ios-微信自动抢红包插件

今天分享下如果用你上次写好的插件安装到没有越狱的手机上。前提是你有apple的开发者账号。这样才能有证书重新打包。

1.将线上的微信app敲壳备用Clutch 或者直接到越狱平台上下载一个(pp助手,同步推什么的)

编译Clutch成功后会出现Clutch.app文件,打开包文件会有我们想要的Clutch,将它拷贝到越狱手机上

(如果没有越狱手机,可以直接到第三方平台上下载包ipa)

然后将编译出来的Clutch拷贝到手机上使用 (有些小伙伴懒得编译或者没有证书,可以直接下载

$ chmod 777 Clutch
$ scp Clutch root@<手机ip>:/usr/bin/

连接上越狱手机开始敲壳 密码:alpine

$ ssh root@10.242.68.37 
$ Clutch -i

$ Clutch -d com.tencent.xin

敲壳成功后会生成ipa到/private/var/mobile/Documents/Dumped/目录下,将其拷贝回电脑上,其实就和我们到越狱平台上下载的ipa是一样的

$ mv /private/var/mobile/Documents/Dumped/com.tencent.xin-iOS7.0-\(Clutch-2.0.4\).ipa /private/var/mobile/Documents/Dumped/wechat.ipa
$ scp root@<your.device.ip>:/private/var/mobile/Documents/Dumped/wechat.ipa ~/Desktop

2.打包之前做好的代码生成dylib

到你编写的tweak目录下make 会生成obj目录,里面就有我们想要的dylib文件,不明白可以回看这篇博客《theos搭建

3.合并依赖库

上面的代码是需要合并依赖库的

$ otool -L WeChatRedEnvelop.dylib

WeChatRedEnvelop.dylib (architecture armv7):
	/Library/MobileSubstrate/DynamicLibraries/WeChatRedEnvelop.dylib (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
	/System/Library/Frameworks/Foundation.framework/Foundation (compatibility version 300.0.0, current version 1349.13.0)
	/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation (compatibility version 150.0.0, current version 1348.22.0)
	/System/Library/Frameworks/UIKit.framework/UIKit (compatibility version 1.0.0, current version 3600.6.21)
	/Library/Frameworks/CydiaSubstrate.framework/CydiaSubstrate (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 307.4.0)
	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.0.0)
WeChatRedEnvelop.dylib (architecture arm64):
	/Library/MobileSubstrate/DynamicLibraries/WeChatRedEnvelop.dylib (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
	/System/Library/Frameworks/Foundation.framework/Foundation (compatibility version 300.0.0, current version 1349.13.0)
	/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation (compatibility version 150.0.0, current version 1348.22.0)
	/System/Library/Frameworks/UIKit.framework/UIKit (compatibility version 1.0.0, current version 3600.6.21)
	/Library/Frameworks/CydiaSubstrate.framework/CydiaSubstrate (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 307.4.0)
	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.0.0)

发现会有这么个东西/Library/Frameworks/CydiaSubstrate.framework/CydiaSubstrate

从越狱手机里面考出这个东西,然后修改下,然后将CydiaSubstrate改名成libsubstrate.dylib

$ scp root@<手机ip>:/Library/Frameworks/CydiaSubstrate.framework/CydiaSubstrate ~/Desktop
$ install_name_tool -change /Library/Frameworks/CydiaSubstrate.framework/CydiaSubstrate @loader_path/libsubstrate.dylib WeChatRedEnvelop.dylib
$ otool -L WeChatRedEnvelop.dylib
WeChatRedEnvelop.dylib (architecture armv7):
	/Library/MobileSubstrate/DynamicLibraries/WeChatRedEnvelop.dylib (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
	/System/Library/Frameworks/Foundation.framework/Foundation (compatibility version 300.0.0, current version 1349.13.0)
	/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation (compatibility version 150.0.0, current version 1348.22.0)
	/System/Library/Frameworks/UIKit.framework/UIKit (compatibility version 1.0.0, current version 3600.6.21)
	@loader_path/libsubstrate.dylib (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 307.4.0)
	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.0.0)
WeChatRedEnvelop.dylib (architecture arm64):
	/Library/MobileSubstrate/DynamicLibraries/WeChatRedEnvelop.dylib (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libobjc.A.dylib (compatibility version 1.0.0, current version 228.0.0)
	/System/Library/Frameworks/Foundation.framework/Foundation (compatibility version 300.0.0, current version 1349.13.0)
	/System/Library/Frameworks/CoreFoundation.framework/CoreFoundation (compatibility version 150.0.0, current version 1348.22.0)
	/System/Library/Frameworks/UIKit.framework/UIKit (compatibility version 1.0.0, current version 3600.6.21)
	@loader_path/libsubstrate.dylib (compatibility version 0.0.0, current version 0.0.0)
	/usr/lib/libc++.1.dylib (compatibility version 1.0.0, current version 307.4.0)
	/usr/lib/libSystem.B.dylib (compatibility version 1.0.0, current version 1238.0.0)

4.将动态链接库注入二进制文件中

下载optool工具

将砸壳过的 ipa 文件解压,然后将 CydiaSubstrate 与 WeChatRedEnvelop.dylib 拷贝到解压后的 WeChat.app 目录下。

$ unzip wechat.ipa -d wechat
$ cp libsubstrate.dylib WeChatRedEnvelop.dylib wechat/Payload/WeChat.app

$ ./optool install -c load -p "@executable_path/WeChatRedEnvelop.dylib" -t wechat/Payload/WeChat.app/WeChat

5.打包并重签名

ios-app-signer 功能能快速帮助重新打包,只要放入你的证书就能重新打包成ipa。

然后通过各种工具安装ipa到你的手机上,就大功告成了

注:如果遇到Watch报错,就在.app中删除watch目录,重新打包

  • 打赏
  • 点赞
  • 收藏
  • 分享
共有 人打赏支持
粉丝 61
博文 56
码字总数 29577
×
余成海
如果觉得我的文章对您有用,请随意打赏。您的支持将鼓励我继续创作!
* 金额(元)
¥1 ¥5 ¥10 ¥20 其他金额
打赏人
留言
* 支付类型
微信扫码支付
打赏金额:
已支付成功
打赏金额: