Cycript的使用方法
- Cycript的开启和关闭
- 开启
cycript
cy#cycript -p 进程IDcycript -p 进程名称
注意:这几个操作都是开启操作,不可以同时进行,需要退出Cycript(control + D),才可以执行不同的指令
安装 App
MonkeyDev 这里有详细的说明 https://github.com/AloneMonkey/MonkeyDev/wiki/
刚注意到前天的 GitHub 被收购的消息,
微软正在收购GitHub
https://blog.github.com/2018-06-04-github-microsoft/
安装好 APP ,就可以使用 Cycript 调试。
- 常用语法
连接手机:
cycript -r 192.168.1.213:6666
ip + port,默认的端口就是6666,不进入cycript 环境连接。
当前应用对象:UIApp 或 [UIApplication sharedApplication]
定义变量:var 变量名 = 变量值
如:var keyWin = UIWindow.keyWindow 或 var keyWin = UIApp.keyWindow
但是我的 var keyWin = UIWindow.keyWindow 定义报错:
获取内存对象: keyWin.rootViewController
*"#"<QMSideMenuViewController: 0x109e23810>" *
通过内存地址获取对象:#0x109e23810
#"<QMSideMenuViewController: 0x109e23810>"
访问对象的属性:#0x109e23810.view
#"<UIView: 0x109b2d8c0; frame = (0 0; 375 667); autoresize = W+H; gestureRecognizers = <NSArray: 0x1c0640e70>; layer = <CALayer: 0x1c44271e0>>"
获取加载的所有OC类:ObjectiveC.classes (会崩溃)
获取对象的所有成员变量:*变量名称
eg: *keyWin
{
isa: CPMotionRecognizingWindow,
_hasOverrideClient: 0,
_hasOverrideHost: 0,
_hasInputAssistantItem: 0,
_constraintsExceptingSubviewAutoresizingConstraints: @[],
_cachedTraitCollection: null,
_layer: # "<UIWindowLayer: 0x1c4426da0>",
_layerRetained: # "<UIWindowLayer: 0x1c4426da0>",
_enabledGestures: 0,
_gestureRecognizers: @[#"<_UISystemGestureGateGestureRecognizer: 0x1c41c4740; state = Possible; delaysTouchesEnded = NO; view = <CPMotionRecognizingWindow 0x109b2c7e0>>", #"<_UISystemGestureGateGestureRecognizer: 0x1c41c4830; state = Possible; delaysTouchesBegan = YES; delaysTouchesEnded = NO; view = <CPMotionRecognizingWindow 0x109b2c7e0>>"],
_window: null,
_subviewCache: @[#"<UIView: 0x109b2d8c0; frame = (0 0; 375 667); autoresize = W+H; gestureRecognizers = <NSArray: 0x1c0640e70>; layer = <CALayer: 0x1c44271e0>>"],
_templateLayoutView: null,
_charge: 0,
.....
}
遍历打印某个视图的子控件:[变量名 recursiveDescription].toString()
如:[[UIApp keyWindow] recursiveDescription].toString()
< CPMotionRecognizingWindow: 0x109b2c7e0;
baseClass = UIWindow;
frame = (0 0; 375 667);
autoresize = W + H;
gestureRecognizers = < NSArray: 0x1c465f1a0 > ;
layer = < UIWindowLayer: 0x1c4426da0 >>
|
< UIView: 0x109b2d8c0;
frame = (0 0; 375 667);
autoresize = W + H;
gestureRecognizers = < NSArray: 0x1c0640e70 > ;
layer = < CALayer: 0x1c44271e0 >>
......
在内存里查找某个类型的对象:choose(类名)
如 choose(UITableViewCell)
- 快捷键
取消输入:Ctrl + C
退出:Ctrl + D
清屏:Command + R
Cycript 小练习
安装完 WeChat 后,进入 Cy 环境。
修改任意你想修改的内容, 输入代码后回车 即可注入
/** 显示通知个数 */
[[UIApplication sharedApplication] setApplicationIconBadgeNumber:666666]
/** 隐藏状态栏 */
[[UIApplication sharedApplication] setStatusBarHidden:YES]
// 修改转账的金额
1. choose(UILabel)
2. Command + F -> 金额 -> 获取控件内存地址
3. # 0x11c159340.text = '88888888'
#0x13baab450.textColor = [UIColor orangeColor]
#0x13baab450.adjustsFontSizeToFitWidth = YES
OK , 搞定!!!
