前言
#import <SystemConfiguration/CaptiveNetwork.h>
hook CaptiveNetwork.h
CNCopyCurrentNetworkInfo
code
CFDictionaryRef (*oldCNCopyCurrentNetworkInfo)(CFStringRef interfaceName); CFDictionaryRef newCNCopyCurrentNetworkInfo(CFStringRef interfaceName) { CFDictionaryRef result = NULL; NSDictionary *dictionary = @{ @"BSSID":@"", @"SSID": @"", @"SSIDDATA":@"" }; result = (CFDictionaryRef)CFRetain((__bridge CFDictionaryRef)(dictionary)); if(!result) { result = oldCNCopyCurrentNetworkInfo(interfaceName); } NSLog(@"this is newCNCopyCurrentNetworkInfo() oldCNCopyCurrentNetworkInfo:%@ new result:%@",oldCNCopyCurrentNetworkInfo(interfaceName),result); return result; } %ctor { MSHookFunction(&CNCopyCurrentNetworkInfo, &newCNCopyCurrentNetworkInfo, &oldCNCopyCurrentNetworkInfo); }
- 效果:
**2018-08-24 10:57:52.112701 WeChat[1048:26723] this is newCNCopyCurrentNetworkInfo() interfaceName:en0 oldCNCopyCurrentNetworkInfo:{**2018-08-24 10:44:07.829346 WeChat[1026:23970] this is newCNCopyCurrentNetworkInfo() oldCNCopyCurrentNetworkInfo:{ BSSID = "::7:6b:94:26"; SSID = V6; SSIDDATA = <536>; } new result:{ BSSID = ""; SSID = ""; SSIDDATA = ""; }` MSHookFunction(&CNCopySupportedInterfaces, &newCNCopySupportedInterfaces, &oldCNCopySupportedInterfaces);`
code
CFArrayRef (*oldCNCopySupportedInterfaces)(); CFArrayRef newCNCopySupportedInterfaces() { CFArrayRef result = NULL; //NSArray *array = [NSArray arrayWithObject:wifi.interfaceName]; //result = (CFArrayRef)CFRetain((__bridge CFArrayRef)(array)); if(!result) { result = oldCNCopySupportedInterfaces(); } NSLog(@"this is newCNCopySupportedInterfaces() oldCNCopySupportedInterfaces:%@ new result:%@",oldCNCopySupportedInterfaces(),result);//2018-08-24 11:11:24.395138 WeChat[1088:29403] this is newCNCopySupportedInterfaces() oldCNCopySupportedInterfaces:( // en0 // ) new result:( // en0 // ) return result; }
bssid
- (std::string) bssid
{
// sourced https://stackoverflow.com/questions/31555640/how-to-get-wifi-ssid-in-ios9-after-captivenetwork-is-deprecated-and-calls-for-wi
NSString *wifiName = @"";
NSArray *interFaceNames = (__bridge_transfer id)CNCopySupportedInterfaces();
for (NSString *name in interFaceNames) {
NSDictionary *info = (__bridge_transfer id)CNCopyCurrentNetworkInfo((__bridge CFStringRef)name);
if (info[@"BSSID"]) {
wifiName = info[@"BSSID"];
}
}
return std::string([wifiName UTF8String]);
}
ssid
- (std::string) ssid
{
//https://stackoverflow.com/questions/31555640/how-to-get-wifi-ssid-in-ios9-after-captivenetwork-is-deprecated-and-calls-for-wi
NSString *wifiName = @"";
NSArray *interFaceNames = (__bridge_transfer id)CNCopySupportedInterfaces();
for (NSString *name in interFaceNames) {
NSDictionary *info = (__bridge_transfer id)CNCopyCurrentNetworkInfo((__bridge CFStringRef)name);
if (info[@"SSID"]) {
wifiName = info[@"SSID"];
}
}
return std::string([wifiName UTF8String]);
}
SSIDDATA
NSArray *ifs = (__bridge id)CNCopySupportedInterfaces();
for (NSString *ifname in ifs) {
NSDictionary *info = (__bridge id)CNCopyCurrentNetworkInfo((__bridge CFStringRef)ifname);
if (info[@"BSSID"])
{
BSSID = info[@"BSSID"];
}
if (info[@"SSID"])
{
SSID = info[@"SSID"];
}
if (info[@"SSIDDATA"])
{
// SSIDDATA = info[@"SSIDDATA"];
// 需要转化为NSData
SSIDDATA = [[[NSString alloc] initWithData:info[@"SSIDDATA"] encoding:NSUTF8StringEncoding] autorelease];
}
}
ipaddr
- (std::string)ipaddr
{
// sourced https://stackoverflow.com/questions/6807788/how-to-get-ip-address-of-iphone-programmatically
NSString *address = @"0.0.0.0";
struct ifaddrs *interfaces = NULL;
struct ifaddrs *temp_addr = NULL;
int success = 0;
// retrieve the current interfaces - returns 0 on success
success = getifaddrs(&interfaces);
if (success == 0) {
// Loop through linked list of interfaces
temp_addr = interfaces;
while(temp_addr != NULL) {
if(temp_addr->ifa_addr->sa_family == AF_INET) {
// Check if interface is en0 which is the wifi connection on the iPhone
if([[NSString stringWithUTF8String:temp_addr->ifa_name] isEqualToString:@"en0"]) {
// Get NSString from C String
address = [NSString stringWithUTF8String:inet_ntoa(((struct sockaddr_in *)temp_addr->ifa_addr)->sin_addr)];
}
}
temp_addr = temp_addr->ifa_next;
}
}
// Free memory
freeifaddrs(interfaces);
return std::string([address UTF8String]);
}
code
// 进行保存初始化的数据
UIDevice* device = [UIDevice currentDevice];
NSString * model = [device model];
NSString * localizedModel = [device localizedModel];
NSString * systemVersion = [device systemVersion];
NSString * name = [device name];
NSString * identifierForVendor = [[device identifierForVendor] UUIDString];
NSString * advertisingIdentifier = [[[ASIdentifierManager sharedManager] advertisingIdentifier] UUIDString];
CTTelephonyNetworkInfo * ctTelephonyNetworkInfo = [[[CTTelephonyNetworkInfo alloc] init] autorelease];
CTCarrier* ctCarrier = [ctTelephonyNetworkInfo subscriberCellularProvider];
NSString * carrierName = [ctCarrier carrierName];
NSString * mobileCountryCode = [ctCarrier mobileCountryCode]?[ctCarrier mobileCountryCode]:@"";
NSString * mobileNetworkCode = [ctCarrier mobileNetworkCode]?[ctCarrier mobileNetworkCode]:@"";
NSString * isoCountryCode = [ctCarrier isoCountryCode]?[ctCarrier isoCountryCode]:@"";
NSString * currentRadioAccessTechnology = [ctTelephonyNetworkInfo currentRadioAccessTechnology]?[ctTelephonyNetworkInfo currentRadioAccessTechnology]:@"";
NSString * macaddress = [self macaddress];
NSString * ServeralNumber = [GeneralUtil getServeral];
NSString * UUID = [GeneralUtil getUUID];
NSString *BSSID = nil;
NSString *SSID = nil;
NSString *SSIDDATA = nil;
伪代码
bssid
void * +[DeviceInfo bssid](void * self, void * _cmd) {
r7 = (sp - 0x14) + 0xc;
r4 = sp - 0x98;
asm { bfc r4, #0x0, #0x3 };
sp = r4;
[@"" retain];
r0 = CNCopySupportedInterfaces();
asm { vmov.i32 q8, #0x0 };
asm { vst1.64 {d16, d17}, [r1]! };
asm { vst1.64 {d16, d17}, [r1] };
r0 = [r0 retain];
r1 = @selector(countByEnumeratingWithState:objects:count:);
asm { strd r1, r0, [sp, #0x90 + var_8C] };
r6 = objc_msgSend(r0, r1);
if (r6 != 0x0) {
r1 = stack[2016];
r10 = *r1;
r4 = @"";
do {
r5 = 0x0;
do {
r0 = *stack[2016];
if (r0 != r10) {
asm { ldrne r0, [sp, #0x90 + var_88] };
}
if (CPU_FLAGS & NE) {
objc_enumerationMutation(r0);
}
r11 = CNCopyCurrentNetworkInfo();
if (r11 != 0x0) {
r1 = *_kCNNetworkInfoKeyBSSID;
r7 = r7;
r8 = [CFDictionaryGetValue(r11, r1) retain];
[r4 release];
CFRelease(r11);
r4 = r8;
}
r5 = r5 + 0x1;
} while (r5 < r6);
r0 = 0x10;
asm { ldrd r1, r0, [sp, #0x90 + var_8C] };
r6 = objc_msgSend(r0, r1);
} while (r6 != 0x0);
}
[stack[2012] release];
[stack[2012] release];
r0 = *___stack_chk_guard - *___stack_chk_guard;
if (r0 != 0x0) {
__stack_chk_fail();
}
r0 = loc_2a89782();
return r0;
}
See Also
/Users/devzkn/bin//knpost bssid ssid的获取 -t DeviceInfo #原来""的参数,需要自己加上""
