Android 逆向(四) - adb常用逆向命令
本篇文章繼續(xù)記錄下adb 的一些常用逆向命令.
1: adb shell ps
該命令可以查看進(jìn)程信息.
用法: adb shell ps |grep [pname]
zh@zh:~/workSpace$ adb shell ps
USER PID PPID VSZ RSS WCHAN ADDR S NAME
root 1 0 2189532 3660 0 0 S init
root 2 0 0 0 0 0 S [kthreadd]
root 3 2 0 0 0 0 I [rcu_gp]
root 4 2 0 0 0 0 I [rcu_par_gp]
root 8 2 0 0 0 0 I [mm_percpu_wq]
root 9 2 0 0 0 0 S [ksoftirqd/0]
root 10 2 0 0 0 0 I [rcu_preempt]
root 11 2 0 0 0 0 I [rcu_sched]
root 12 2 0 0 0 0 I [rcu_bh]
root 13 2 0 0 0 0 S [rcuop/0]
root 14 2 0 0 0 0 S [rcuos/0]
root 16 2 0 0 0 0 S [rcuob/0]
root 17 2 0 0 0 0 S [migration/0]
root 18 2 0 0 0 0 S [cpuhp/0]
root 19 2 0 0 0 0 S [cpuhp/1]
root 20 2 0 0 0 0 S [migration/1]
root 21 2 0 0 0 0 S [ksoftirqd/1]
root 23 2 0 0 0 0 I [kworker/1:0H-kblockd]
root 24 2 0 0 0 0 S [rcuop/1]
root 25 2 0 0 0 0 S [rcuos/1]
root 26 2 0 0 0 0 S [rcuob/1]
root 27 2 0 0 0 0 S [cpuhp/2]
root 28 2 0 0 0 0 S [migration/2]
root 29 2 0 0 0 0 S [ksoftirqd/2]
root 31 2 0 0 0 0 I [kworker/2:0H-kblockd]
root 32 2 0 0 0 0 S [rcuop/2]
root 33 2 0 0 0 0 S [rcuos/2]
root 34 2 0 0 0 0 S [rcuob/2]
root 35 2 0 0 0 0 S [cpuhp/3]
過濾進(jìn)程名稱:
zh@zh:~/workSpace$ adb shell ps |grep com.sohu.inputmethod.sogou
u0_a434 29729 733 6858060 173656 0 0 S com.sohu.inputmethod.sogou
u0_a434 29968 733 7345116 174220 0 0 S com.sohu.inputmethod.sogou:home
python 用法:
python 執(zhí)行adb 命令的代碼也很簡單,如下:
import subprocess
subprocess.run(["adb", "shell", "ps |grep com.sohu.inputmethod.sogou"])
執(zhí)行結(jié)果:
/usr/bin/python3 /home/zh/workSpace/python/Test1/venv/adb.py
u0_a434 29729 733 6858060 173656 0 0 S com.sohu.inputmethod.sogou
u0_a434 29968 733 7327680 174220 0 0 S com.sohu.inputmethod.sogou:home
Process finished with exit code 0
2: adb shell top
該命令可以實(shí)時查看資源占用情況
用法: adb shell top
Tasks: 744 total, 6 running, 737 sleeping, 0 stopped, 1 zombie
Mem: 7823156K total, 7527928K used, 295228K free, 2592768 buffers
Swap: 4194300K total, 1431156K used, 2763144K free, 3952064K cached
800%cpu 179%user 31%nice 116%sys 451%idle 3%iow 14%irq 5%sirq 0%host
PID USER PR NI VIRT RES SHR S[%CPU] %MEM TIME+ ARGS
31951 u0_a170 10 -10 7.3G 216M 141M R 109 2.8 0:02.01 com.android.mms
29729 u0_a434 20 0 6.5G 166M 150M S 67.0 2.1 59:40.47 com.sohu.input+
1585 system 18 -2 12G 321M 321M S 38.6 4.1 1051:25.3 system_server
1049 system -2 -8 2.6G 17M 13M R 15.0 0.2 510:12.70 surfaceflinger
3855 radio 20 0 6.7G 55M 55M S 9.6 0.7 61:15.16 com.android.ph+
156 root 20 0 0 0 0 S 8.0 0.0 8:42.71 [kswapd0:0]
533 logd 30 10 2.1G 5.8M 2.6M S 7.6 0.0 140:49.31 logd
947 system -3 0 2.2G 5.1M 4.3M S 4.6 0.0 135:51.76 vendor.qti.har+
29120 shell 20 0 2.1G 5.7M 4.3M S 3.3 0.0 0:07.47 adbd --root_se+
31581 root 20 0 0 0 0 I 3.0 0.0 0:00.44 [kworker/u16:1+
549 system 20 0 2.0G 2.5M 2.3M S 3.0 0.0 0:56.66 android.hardwa+
31938 shell 20 0 2.0G 4.4M 3.0M R 2.3 0.0 0:00.37 top
2711 root 19 -1 0 0 0 S 2.3 0.0 91:36.77 [cds_ol_rx_thr+
731 root 20 0 2.3G 3.8M 3.3M S 2.3 0.0 18:27.65 netd
3396 u0_a116 20 0 7.9G 106M 106M S 2.0 1.3 201:44.89 com.android.sy+
22626 u0_a185 20 0 6.1G 110M 94M S 1.6 1.4 0:07.73 com.oppo.userc+
1501 mediacodec 20 0 2.6G 4.2M 4.2M S 1.6 0.0 0:27.59 media.swcodec +
1410 root 30 10 2.0G 5.1M 3.1M S 1.6 0.0 3:56.47 storaged
10841 u0_a179 20 0 5.4G 89M 89M S 1.3 1.1 0:31.45 com.nearme.sta+
^C 730 statsd 20 0 2.1G 2.0M 2.0M S 1.3 0.0 7:27.43 statsd
列含義:
- PID(Process ID):進(jìn)程號
- USER:進(jìn)程所屬用戶
- PR(Priority):優(yōu)先級
- NI(Nice value): 進(jìn)程優(yōu)先級的調(diào)整值
- VIRT(Virtual Image (kb)):進(jìn)程使用的虛擬內(nèi)存大小
- RES(Resident size (kb)):進(jìn)程使用的物理內(nèi)存大小
- SHR(Shared memory (kb)):進(jìn)程使用的共享內(nèi)存大小
- S(Process Status): 進(jìn)程狀態(tài) R:運(yùn)行 S:睡眠
- %CPU:當(dāng)前瞬間占用cpu的百分比
- %MEM:進(jìn)程使用的內(nèi)存百分比
- TIME+:進(jìn)程運(yùn)行的累計(jì)時間
- ARGS:進(jìn)程的命令名稱
3: 查詢UID
用法: adb shell dumpsys package <pkgName> |grep userId
zh@zh:~$ adb shell dumpsys package com.sohu.inputmethod.sogou |grep userId
userId=10434
本文由博客一文多發(fā)平臺 OpenWrite 發(fā)布睬棚!
