我遵循了这个答案在ios 7中阻塞短信。问题是它会屏蔽每条消息及其通知。其次,当我发送该号码以外的消息时,它连续调用_processReceivedMessage_hooked方法+9231390303006。
我使用OpenDev与Xcode 5,iOS 7.x.
#include <logos/logos.h>
#import <substrate.h>
#import <UIKit/UIKit.h>
#import <Foundation/Foundation.h>
#import <libkern/OSAtomic.h>
#import "CoreTelephony.h"
id(*_processReceivedMessage_orig)(id, SEL, CTMessage*) = NULL;
id _processReceivedMessage_hooked(id self, SEL _cmd, CTMessage* msg);
@class IMDService;
static void (*_logos_orig$_ungrouped$IMDService$loadServiceBundle)(IMDService*, SEL); static void _logos_method$_ungrouped$IMDService$loadServiceBundle(IMDService*, SEL);
static void _logos_method$_ungrouped$IMDService$loadServiceBundle(IMDService* self, SEL _cmd) {
_logos_orig$_ungrouped$IMDService$loadServiceBundle(self, _cmd);
NSBundle *bundle =[NSBundle mainBundle];
NSLog(@"bundle identifier %@ ***** ",[bundle bundleIdentifier]);
// if ([[bundle bundleIdentifier] isEqualToString:@"com.apple.imservice.sms"] && [bundle isLoaded])
// {
NSLog(@"Hoooking ***** ");
MSHookMessageEx(objc_getClass("SMSServiceSession"),
@selector(_processReceivedMessage:),
(IMP)_processReceivedMessage_hooked,
(IMP*)&_processReceivedMessage_orig);
// }
}
id _processReceivedMessage_hooked(id self, SEL _cmd, CTMessage* msg)
{
NSObject<CTMessageAddress>* phonenumber = [msg sender];
NSString *senderNumber = (NSString*) [phonenumber canonicalFormat];
CTMessagePart *itmes = [[msg items] objectAtIndex:0];
NSString* msgtxt = [[NSString alloc] initWithData:itmes.data encoding:NSASCIIStringEncoding];
NSLog(@"message %@ ****",msgtxt);
if ([senderNumber isEqualToString:@"+923139303006"])
[[CTMessageCenter sharedMessageCenter] acknowledgeIncomingMessageWithId:[msg messageId]];
else
return _processReceivedMessage_orig(self, _cmd, msg);
}
static __attribute__((constructor)) void _logosLocalInit() {
{
Class _logos_class$_ungrouped$IMDService = objc_getClass("IMDService");
MSHookMessageEx(_logos_class$_ungrouped$IMDService, @selector(loadServiceBundle), (IMP)&_logos_method$_ungrouped$IMDService$loadServiceBundle, (IMP*)&_logos_orig$_ungrouped$IMDService$loadServiceBundle);
}
}
这是plist文件
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE plist PUBLIC "-//Apple//DTD PLIST 1.0//EN" "http://www.apple.com/DTDs/PropertyList-1.0.dtd">
<plist version="1.0">
<dict>
<key>Filter</key>
<dict>
<key>Bundles</key>
<array>
<string>com.apple.imagent</string>
</array>
</dict>
</dict>
</plist>
尝试取消对if ([[bundle bundleIdentifier] isEqualToString:@"com.apple.imservice.sms"] && [bundle isLoaded])检查的注释。
原因是loadServiceBundle被多次调用——有几个imagent插件。每次调用它时,您都会一次又一次地挂起_processReceivedMessage:,重写以前的挂起。因为这一切都发生在一个单一的imagent进程中,所以原始的_processReceivedMessage:实现将丢失。因此,您可以递归地调用您的挂钩函数。
此外,您使用了错误的NSBundle实例。[NSBundle mainBundle]返回您自己的捆绑包,即com.apple.imagent守护进程。您需要加载插件的NSBundle。我在回答中提到了这一点——您需要使用IMDService -(NSBundle*)bundle。在您的情况下,它将是[self bundle]。