Yoo趣儿

Yoo趣儿 探索分享 问与答 unidbg补环境报错,求大佬帮忙看看

unidbg补环境报错,求大佬帮忙看看

查看 27|回复 0
作者:还在学习呢   
因为不太懂NDK开发,全是参照例子中补的环境,出现以下问题不太懂,希望线上大佬帮忙看看
[color=]在此拜谢大佬
[color=]报错信息
[Java] 纯文本查看 复制代码[13:40:43 876]  WARN [com.github.unidbg.linux.ARM64SyscallHandler] (ARM64SyscallHandler:412) - handleInterrupt intno=2, NR=-130528, svcNumber=0x119, PC=unidbg@0xfffe0224, LR=RX@0x400ba150[libfekit.so]0xba150, syscall=null
java.lang.UnsupportedOperationException: com/tencent/mobileqq/sign/QQSecuritySign$SignResult->()V
        at com.github.unidbg.linux.android.dvm.AbstractJni.newObjectV(AbstractJni.java:803)
        at com.github.unidbg.linux.android.dvm.AbstractJni.newObjectV(AbstractJni.java:758)
        at com.github.unidbg.linux.android.dvm.DvmMethod.newObjectV(DvmMethod.java:214)
        at com.github.unidbg.linux.android.dvm.DalvikVM64$26.handle(DalvikVM64.java:420)
        at com.github.unidbg.linux.ARM64SyscallHandler.hook(ARM64SyscallHandler.java:121)
        at com.github.unidbg.arm.backend.Unicorn2Backend$11.hook(Unicorn2Backend.java:352)
        at com.github.unidbg.arm.backend.unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:109)
        at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Native Method)
        at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Unicorn.java:312)
        at com.github.unidbg.arm.backend.Unicorn2Backend.emu_start(Unicorn2Backend.java:389)
        at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:378)
        at com.github.unidbg.thread.Function64.run(Function64.java:39)
        at com.github.unidbg.thread.MainTask.dispatch(MainTask.java:19)
        at com.github.unidbg.thread.UniThreadDispatcher.run(UniThreadDispatcher.java:175)
        at com.github.unidbg.thread.UniThreadDispatcher.runMainForResult(UniThreadDispatcher.java:99)
        at com.github.unidbg.AbstractEmulator.runMainForResult(AbstractEmulator.java:341)
        at com.github.unidbg.arm.AbstractARM64Emulator.eFunc(AbstractARM64Emulator.java:262)
        at com.github.unidbg.Module.emulateFunction(Module.java:163)
        at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethod(DvmObject.java:135)
        at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethodObject(DvmObject.java:93)
        at com.mobileqq.Dandelion.getSign(Dandelion.java:96)
        at com.mobileqq.Dandelion.main(Dandelion.java:69)
[13:40:43 876]  WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:417) - emulate RX@0x40096f1c[libfekit.so]0x96f1c exception sp=unidbg@0xbfffebc0, msg=com/tencent/mobileqq/sign/QQSecuritySign$SignResult->()V, offset=0ms @ Runnable|Function64 address=0x40096f1c, arguments=[unidbg@0xfffe1640[libjnigraphics.so]0x640, 2027775614, 282821294, 1344199921, 2025269734, 1800031768, 667447085]
[color=]在java代码中找到QQSecurit
ySign类
[Java] 纯文本查看 复制代码package com.tencent.mobileqq.sign;
import android.text.TextUtils;
import com.tencent.mobileqq.p3122fe.EventCallback;
import com.tencent.mobileqq.qfix.redirect.IPatchRedirector;
import com.tencent.mobileqq.qsec.qsecurity.QSec;
/* compiled from: P */
/* loaded from: classes2.dex */
public class QQSecuritySign {
    static IPatchRedirector $redirector_ = null;
    private static final String TAG = "QQSecuritySDK";
    private static QQSecuritySign sInstance;
    private String mExtra;
    /* compiled from: P */
    /* loaded from: classes2.dex */
    public static class SignResult {
        static IPatchRedirector $redirector_;
        public byte[] extra;
        public byte[] sign;
        public byte[] token;
        public SignResult() {
            IPatchRedirector iPatchRedirector = $redirector_;
            if (iPatchRedirector == null || !iPatchRedirector.hasPatch((short) 1)) {
                return;
            }
            iPatchRedirector.redirect((short) 1, (Object) this);
        }
    }
    QQSecuritySign() {
        IPatchRedirector iPatchRedirector = $redirector_;
        if (iPatchRedirector == null || !iPatchRedirector.hasPatch((short) 1)) {
            return;
        }
        iPatchRedirector.redirect((short) 1, (Object) this);
    }
    public static synchronized QQSecuritySign getInstance() {
        QQSecuritySign qQSecuritySign;
        synchronized (QQSecuritySign.class) {
            if (sInstance == null) {
                sInstance = new QQSecuritySign();
            }
            qQSecuritySign = sInstance;
        }
        return qQSecuritySign;
    }
    private native SignResult getSign(QSec qSec, String str, String str2, byte[] bArr, byte[] bArr2, String str3);
    public native void dispatchEvent(String str, String str2, EventCallback eventCallback);
    public native void dispatchEventPB(String str, String str2, byte[] bArr, EventCallback eventCallback);
    public SignResult getSign(QSec qSec, String str, byte[] bArr, byte[] bArr2, String str2) {
        IPatchRedirector iPatchRedirector = $redirector_;
        if (iPatchRedirector != null && iPatchRedirector.hasPatch((short) 10)) {
            return (SignResult) iPatchRedirector.redirect((short) 10, this, qSec, str, bArr, bArr2, str2);
        }
        if (bArr != null && bArr.length > 0) {
            if (TextUtils.isEmpty(str)) {
                return new SignResult();
            }
            if (TextUtils.isEmpty(this.mExtra)) {
                this.mExtra = "";
            }
            return getSign(qSec, this.mExtra, str, bArr, bArr2, str2);
        }
        return new SignResult();
    }
    public void init(String str) {
        IPatchRedirector iPatchRedirector = $redirector_;
        if (iPatchRedirector == null || !iPatchRedirector.hasPatch((short) 2)) {
            this.mExtra = str;
        } else {
            iPatchRedirector.redirect((short) 2, (Object) this, (Object) str);
        }
    }
    public native void initSafeMode(boolean z);
    public native void notifyCamera(String str, String str2, String str3, String str4, String str5, String str6, EventCallback eventCallback);
    public native void notifyFaceDetect(String str, String str2, String str3, EventCallback eventCallback);
    public native void requestToken();
    public native void safeUiReport(String str, String str2, String str3, EventCallback eventCallback);
}
[color=]IPatchRedirector类
[Java] 纯文本查看 复制代码package com.tencent.mobileqq.qfix.redirect;
import androidx.annotation.Keep;
@Keep
/* loaded from: classes.dex */
public interface IPatchRedirector {
    boolean hasPatch(short s);
    Object redirect(short s);
    Object redirect(short s, Object obj);
    Object redirect(short s, Object obj, int i2);
    Object redirect(short s, Object obj, int i2, Object obj2);
    Object redirect(short s, Object obj, long j2);
    Object redirect(short s, Object obj, Object obj2);
    Object redirect(short s, Object obj, Object obj2, int i2);
    Object redirect(short s, Object obj, Object obj2, Object obj3);
    Object redirect(short s, Object obj, Object obj2, Object obj3, Object obj4);
    Object redirect(short s, Object obj, boolean z);
    Object redirect(short s, Object... objArr);
}
[color=]这是我补的环境代码
[Java] 纯文本查看 复制代码@Override
    public DvmObject newObjectV(BaseVM vm, DvmClass dvmClass, String signature, VaList vaList) {
        switch (signature) {
            case "com/tencent/mobileqq/sign/QQSecuritySign$SignResult->()V": {
                return vm.resolveClass("com/tencent/mobileqq/sign/QQSecuritySign$SignResult").newObject(null);
            }
        }
        throw new UnsupportedOperationException(signature);
    }
[color=]继续报错
[Java] 纯文本查看 复制代码[13:43:48 042]  WARN [com.github.unidbg.linux.ARM64SyscallHandler] (ARM64SyscallHandler:412) - handleInterrupt intno=2, NR=-130528, svcNumber=0x119, PC=unidbg@0xfffe0224, LR=RX@0x400ba150[libfekit.so]0xba150, syscall=null
java.lang.UnsupportedOperationException: java/lang/String->([BLjava/lang/String;)V
        at com.mobileqq.Dandelion.newObjectV(Dandelion.java:116)
        at com.github.unidbg.linux.android.dvm.AbstractJni.newObjectV(AbstractJni.java:758)
        at com.github.unidbg.linux.android.dvm.DvmMethod.newObjectV(DvmMethod.java:214)
        at com.github.unidbg.linux.android.dvm.DalvikVM64$26.handle(DalvikVM64.java:420)
        at com.github.unidbg.linux.ARM64SyscallHandler.hook(ARM64SyscallHandler.java:121)
        at com.github.unidbg.arm.backend.Unicorn2Backend$11.hook(Unicorn2Backend.java:352)
        at com.github.unidbg.arm.backend.unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:109)
        at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Native Method)
        at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Unicorn.java:312)
        at com.github.unidbg.arm.backend.Unicorn2Backend.emu_start(Unicorn2Backend.java:389)
        at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:378)
        at com.github.unidbg.thread.Function64.run(Function64.java:39)
        at com.github.unidbg.thread.MainTask.dispatch(MainTask.java:19)
        at com.github.unidbg.thread.UniThreadDispatcher.run(UniThreadDispatcher.java:175)
        at com.github.unidbg.thread.UniThreadDispatcher.runMainForResult(UniThreadDispatcher.java:99)
        at com.github.unidbg.AbstractEmulator.runMainForResult(AbstractEmulator.java:341)
        at com.github.unidbg.arm.AbstractARM64Emulator.eFunc(AbstractARM64Emulator.java:262)
        at com.github.unidbg.Module.emulateFunction(Module.java:163)
        at com.github.unidbg.linux.LinuxModule.callFunction(LinuxModule.java:262)
        at com.github.unidbg.linux.LinuxSymbol.call(LinuxSymbol.java:27)
        at com.github.unidbg.linux.android.dvm.DalvikModule.callJNI_OnLoad(DalvikModule.java:33)
        at com.mobileqq.Dandelion.(Dandelion.java:48)
        at com.mobileqq.Dandelion.main(Dandelion.java:62)
[13:43:48 042]  WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:417) - emulate RX@0x4006bd2c[libfekit.so]0x6bd2c exception sp=unidbg@0xbfffe800, msg=java/lang/String->([BLjava/lang/String;)V, offset=78ms @ Runnable|Function64 address=0x4006bd2c, arguments=[unidbg@0xfffe0080, null]
Exception in thread "main" java.lang.IllegalStateException: Illegal JNI version: 0xffffffff
        at com.github.unidbg.linux.android.dvm.BaseVM.checkVersion(BaseVM.java:228)
        at com.github.unidbg.linux.android.dvm.DalvikModule.callJNI_OnLoad(DalvikModule.java:39)
        at com.mobileqq.Dandelion.(Dandelion.java:48)
        at com.mobileqq.Dandelion.main(Dandelion.java:62)
[color=]继续补环境
[Java] 纯文本查看 复制代码@Override
    public DvmObject newObjectV(BaseVM vm, DvmClass dvmClass, String signature, VaList vaList) {
        switch (signature) {
            case "com/tencent/mobileqq/sign/QQSecuritySign$SignResult->()V": {
                return vm.resolveClass("com/tencent/mobileqq/sign/QQSecuritySign$SignResult").newObject(null);
            }
            case "java/lang/String->([BLjava/lang/String;)V": {
                ByteArray array = vaList.getObjectArg(0);
                assert array != null;
                StringObject charsetName = vaList.getObjectArg(1);
                assert charsetName != null;
                try {
                    return new StringObject(vm, new String(array.getValue(), charsetName.getValue()));
                } catch (UnsupportedEncodingException e) {
                    throw new IllegalStateException(e);
                }
            }
        }
        throw new UnsupportedOperationException(signature);
    }
[color=]还是报错
[Java] 纯文本查看 复制代码[13:44:55 099]  WARN [com.github.unidbg.linux.ARM64SyscallHandler] (ARM64SyscallHandler:412) - handleInterrupt intno=2, NR=-128400, svcNumber=0x19e, PC=unidbg@0xfffe0a74, LR=RX@0x40097b00[libfekit.so]0x97b00, syscall=null
java.lang.NullPointerException
        at java.base/java.util.Objects.requireNonNull(Objects.java:233)
        at com.github.unidbg.linux.android.dvm.DalvikVM64$159.handle(DalvikVM64.java:2610)
        at com.github.unidbg.linux.ARM64SyscallHandler.hook(ARM64SyscallHandler.java:121)
        at com.github.unidbg.arm.backend.Unicorn2Backend$11.hook(Unicorn2Backend.java:352)
        at com.github.unidbg.arm.backend.unicorn.Unicorn$NewHook.onInterrupt(Unicorn.java:109)
        at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Native Method)
        at com.github.unidbg.arm.backend.unicorn.Unicorn.emu_start(Unicorn.java:312)
        at com.github.unidbg.arm.backend.Unicorn2Backend.emu_start(Unicorn2Backend.java:389)
        at com.github.unidbg.AbstractEmulator.emulate(AbstractEmulator.java:378)
        at com.github.unidbg.thread.Function64.run(Function64.java:39)
        at com.github.unidbg.thread.MainTask.dispatch(MainTask.java:19)
        at com.github.unidbg.thread.UniThreadDispatcher.run(UniThreadDispatcher.java:175)
        at com.github.unidbg.thread.UniThreadDispatcher.runMainForResult(UniThreadDispatcher.java:99)
        at com.github.unidbg.AbstractEmulator.runMainForResult(AbstractEmulator.java:341)
        at com.github.unidbg.arm.AbstractARM64Emulator.eFunc(AbstractARM64Emulator.java:262)
        at com.github.unidbg.Module.emulateFunction(Module.java:163)
        at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethod(DvmObject.java:135)
        at com.github.unidbg.linux.android.dvm.DvmObject.callJniMethodObject(DvmObject.java:93)
        at com.mobileqq.Dandelion.getSign(Dandelion.java:96)
        at com.mobileqq.Dandelion.main(Dandelion.java:69)
[13:44:55 099]  WARN [com.github.unidbg.AbstractEmulator] (AbstractEmulator:417) - emulate RX@0x40096f1c[libfekit.so]0x96f1c exception sp=unidbg@0xbfffece0, msg=java.lang.NullPointerException, offset=0ms @ Runnable|Function64 address=0x40096f1c, arguments=[unidbg@0xfffe1640[libjnigraphics.so]0x640, 2027775614, 282821294, 1344199921, 2025269734, 1800031768, 667447085]

大佬, 代码

相关帖子

返回列表
您需要登录后才可以回帖 登录 | 立即注册

AD1

热门主题

热门板块

问与答分享发现分享创造奇思妙想分享邀请码商业推广优惠信息PythonPHPJavaJavaScriptNode.jsGo语言C++HTML

公告

标签|小黑屋|Yoo趣儿

GMT+8, 2024-11-7 00:32 , Processed in 0.009615 second(s), 4 queries , Gzip On, MemCached On.

Powered by Discuz! X3.2

The happiest thing in the world is to strive for an ideal.