iOS8/9/10 控制音量键- HOOK代码实现


#21

这不就清楚了,这些都是 IOKit 的私有符号,无法链接。

可以 dlsym 动态获取函数指针,类似这里的方式:

或者像这样:

extern "C" {
	IOHIDEventSystemClientRef IOHIDEventSystemClientCreate(CFAllocatorRef allocator);
}

以上贴的函数都是不全的,不要直接照单复制。如果你实在搞不清楚那几个函数的原型参数,试试把下划线去了一个个搜看有没有人写过


#22

#import “HOOKVolumeViewController.h”

#include <stdlib.h>
#include <string.h>
#include <mach/mach_time.h>
#include <stdio.h>

struct __IOHIDEvent * holdEvent;
extern “C”{
typedef uint32_t IOHIDEventOptionBits;
typedef struct __IOHIDEvent *IOHIDEventRef;

typedef CFTypeRef IOHIDEventSystemClientRef;
typedef CFTypeRef IOHIDEventSystemConnectionRef;

IOHIDEventRef IOHIDEventCreateKeyboardEvent(CFAllocatorRef allocator, AbsoluteTime timeStamp, uint16_t usagePage, uint16_t usage, Boolean down, IOHIDEventOptionBits flags);


IOHIDEventSystemClientRef IOHIDEventSystemClientCreate(CFAllocatorRef allocator);

void IOHIDEventSetSenderID(struct __IOHIDEvent * event, uint64_t sender);


void IOHIDEventSystemClientDispatchEvent(IOHIDEventSystemClientRef client, IOHIDEventRef event);


typedef CFTypeRef IOHIDEventSystemRef;
typedef uint32_t IOHIDEventType;
typedef uint32_t IOOptionBits;
typedef uint32_t IOHIDEventField;
typedef uint32_t IOHIDDigitizerTransducerType;

CFTypeID IOHIDEventSystemGetTypeID(void);
IOHIDEventSystemRef IOHIDEventSystemCreate(CFAllocatorRef allocator);

IOHIDEventRef IOHIDEventSystemCopyEvent(IOHIDEventSystemRef system, IOHIDEventType type, IOHIDEventRef event, IOOptionBits options);
CFIndex IOHIDEventGetIntegerValue(void *, uint32_t);


void IOHIDEventSetIntegerValueWithOptions(IOHIDEventRef event, IOHIDEventField field, int value, IOOptionBits options);

void IOHIDEventAppendEvent(IOHIDEventRef event, IOHIDEventRef childEvent);
void IOHIDEventSetIntegerValue(IOHIDEventRef event, IOHIDEventField field, int value);

}

static void SendHIDEvent(IOHIDEventRef event) {
static IOHIDEventSystemClientRef client_(NULL);
if (client_ == NULL)
client_ = IOHIDEventSystemClientCreate(kCFAllocatorDefault);

IOHIDEventSetSenderID(event, 0xDEFACEDBEEFFECE5);
IOHIDEventSystemClientDispatchEvent(client_, event);
CFRelease(event);

}

@interface HOOKVolumeViewController ()

@end

@implementation HOOKVolumeViewController

  • (void)viewDidLoad {
    [super viewDidLoad];
    self.view.backgroundColor = [UIColor lightGrayColor];

    UIBarButtonItem *barItem = [[UIBarButtonItem alloc] initWithTitle:@“音量键-” style:UIBarButtonItemStylePlain target:self action:@selector(rightButtonItemClick)];
    self.navigationItem.rightBarButtonItem = barItem;
    // Do any additional setup after loading the view.
    }

  • (void)rightButtonItemClick
    {
    NSLog(@"%s",func);

    uint64_t abTime = mach_absolute_time();
    {
    //down
    IOHIDEventRef event = IOHIDEventCreateKeyboardEvent(kCFAllocatorDefault, *(AbsoluteTime *)&abTime, 0x0c, 0xea, 1, 0);

#define kIOHIDEventFieldBuiltIn 4
#define kIOHIDEventFieldDigitizerDisplayIntegrated 720921

		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldDigitizerDisplayIntegrated, 1, -268435456); //-268435456
		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldBuiltIn, 1, -268435456); //-268435456
	
	IOHIDEventSetIntegerValue(event,kIOHIDEventFieldBuiltIn, 1);

#define kIOHIDEventDigitizerSenderID 0x0000000100000194
IOHIDEventSetSenderID(event, kIOHIDEventDigitizerSenderID);

	SendHIDEvent(event);
	
}

{
		//up
	uint64_t abTime2 = mach_absolute_time();
	IOHIDEventRef event = IOHIDEventCreateKeyboardEvent(kCFAllocatorDefault, *(AbsoluteTime *)&abTime2, 0x0c, 0xea, 0, 0);

#define kIOHIDEventFieldBuiltIn 4
#define kIOHIDEventFieldDigitizerDisplayIntegrated 720921

		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldDigitizerDisplayIntegrated, 1, -268435456); //-268435456
		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldBuiltIn, 1, -268435456); //-268435456
	
	IOHIDEventSetIntegerValue(event,kIOHIDEventFieldBuiltIn, 1);

#define kIOHIDEventDigitizerSenderID 0x0000000100000194
IOHIDEventSetSenderID(event, kIOHIDEventDigitizerSenderID);
SendHIDEvent(event);

}

}
所有的代码都在这了,能帮忙鉴定一下吗,谢谢


#23
  • (void)rightButtonItemClick
    {
    NSLog(@"%s",func);

    uint64_t abTime = mach_absolute_time();
    {
    //down
    IOHIDEventRef event = IOHIDEventCreateKeyboardEvent(kCFAllocatorDefault, *(AbsoluteTime *)&abTime, 0x0c, 0xea, 1, 0);

#define kIOHIDEventFieldBuiltIn 4
#define kIOHIDEventFieldDigitizerDisplayIntegrated 720921

		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldDigitizerDisplayIntegrated, 1, -268435456); //-268435456
		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldBuiltIn, 1, -268435456); //-268435456
	
	IOHIDEventSetIntegerValue(event,kIOHIDEventFieldBuiltIn, 1);

#define kIOHIDEventDigitizerSenderID 0x0000000100000194
IOHIDEventSetSenderID(event, kIOHIDEventDigitizerSenderID);

	SendHIDEvent(event);
	
}

{
		//up
	uint64_t abTime2 = mach_absolute_time();
	IOHIDEventRef event = IOHIDEventCreateKeyboardEvent(kCFAllocatorDefault, *(AbsoluteTime *)&abTime2, 0x0c, 0xea, 0, 0);

#define kIOHIDEventFieldBuiltIn 4
#define kIOHIDEventFieldDigitizerDisplayIntegrated 720921

		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldDigitizerDisplayIntegrated, 1, -268435456); //-268435456
		//IOHIDEventSetIntegerValueWithOptions(event, kIOHIDEventFieldBuiltIn, 1, -268435456); //-268435456
	
	IOHIDEventSetIntegerValue(event,kIOHIDEventFieldBuiltIn, 1);

#define kIOHIDEventDigitizerSenderID 0x0000000100000194
IOHIDEventSetSenderID(event, kIOHIDEventDigitizerSenderID);
SendHIDEvent(event);

}

}
是打算在这个方法中实现点击音量键效果,是这边不对吗?
其他代码在头部声明了。


#24

你得找编译器帮你鉴定


#25

这么菜就不要做灰产了求求你


#26

公司有需求,我也是刚接触越狱开发,如果可以的话给个指导呗。