Fix Issue:fix issue #4

panhongwei · Nov 1, 2017 · f0c4c06 · f0c4c06
1 parent e43e6a6
commit f0c4c06
Show file tree

Hide file tree

Showing 16 changed files with 487 additions and 134 deletions.
diff --git a/AndHook/app/build.gradle b/AndHook/app/build.gradle
@@ -10,6 +10,16 @@ android {
         versionCode 1
         versionName "1.0"
         testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
+        externalNativeBuild {
+            ndkBuild {
+                abiFilters "armeabi", "armeabi-v7a", "x86"
+            }
+        }
+    }
+    externalNativeBuild {
+        ndkBuild {
+            path file("src/main/jni/Android.mk")
+        }
     }
     buildTypes {
         release {

diff --git a/AndHook/app/src/main/AndroidManifest.xml b/AndHook/app/src/main/AndroidManifest.xml
@@ -16,6 +16,10 @@
                 <category android:name="android.intent.category.LAUNCHER" />
             </intent-filter>
         </activity>
+        <!-- 在SDCard中创建与删除文件权限 -->
+        <uses-permission android:name="android.permission.MOUNT_UNMOUNT_FILESYSTEMS"/>
+        <!-- 往SDCard写入数据权限 -->
+        <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
     </application>
 
 </manifest>
diff --git a/AndHook/app/src/main/java/com/panda/hook/andhook/APP.java b/AndHook/app/src/main/java/com/panda/hook/andhook/APP.java
@@ -3,7 +3,9 @@
 import android.app.Activity;
 import android.app.Application;
 import android.content.Context;
+import android.os.Build;
 import android.os.Bundle;
+import android.os.Process;
 import android.util.Log;
 
 import com.android.dx.command.Main;
@@ -13,23 +15,20 @@
 import com.panda.hook.javahook.MethodCallback;
 import com.panda.hook.javahook.MethodHookParam;
 
+import java.io.File;
+import java.io.FileDescriptor;
 import java.lang.reflect.Constructor;
+import java.lang.reflect.Field;
 import java.lang.reflect.Method;
 import java.util.ArrayList;
 import java.util.List;
+import java.util.Objects;
 
 /**
  * Created by panda on 17/8/19.
  */
 
 public class APP extends Application {
-    public static Method t;
-    static {
-        try {
-            t = MainActivity.class.getDeclaredMethod("test1", Object.class, int.class, int.class, char.class);
-        } catch (Exception e) {
-        }
-    }
 
     protected void attachBaseContext(Context base) {
         super.attachBaseContext(base);
@@ -49,6 +48,15 @@ protected void afterHookedMethod(MethodHookParam param) throws Throwable {
 //                    param.setResult(112233.0);
                 }
             });
+            Class<?> posixClass =ClassLoader.getSystemClassLoader().loadClass("libcore.io.Posix");
+            HookManager.findAndHookMethod(posixClass, "readBytes", FileDescriptor.class, Object.class, int.class, int.class, new MethodCallback() {
+                @Override
+                protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
+                    super.beforeHookedMethod(param);
+                    Log.d("panda", "i'm in method " +param.method.getName()+" beforeHookedMethod");
+//                    param.setResult(111.0);
+                }
+            });
             HookManager.findAndHookMethod(MainActivity.class, "test1", Object.class, int.class, int.class, char.class, new MethodCallback() {
                 @Override
                 protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
@@ -66,7 +74,25 @@ protected void afterHookedMethod(MethodHookParam param) throws Throwable {
 //                    param.setResult(112233.0);
                 }
             });
-            HookManager.findAndHookMethod(Activity.class, "onCreate", Bundle.class, new MethodCallback() {
+            HookManager.findAndHookMethod(MainActivity.class, "test2", new MethodCallback() {
+                @Override
+                protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
+                    super.beforeHookedMethod(param);
+//                    Log.d("panda", "i'm in method beforeHookedMethod"+());
+                    Log.d("panda", "i'm in method beforeHookedMethod "+ param.thisObject);
+                    Log.d("panda", "i'm in method " +param.method.getName()+" beforeHookedMethod");
+//                    param.setResult(111.0);
+                }
+
+                @Override
+                protected void afterHookedMethod(MethodHookParam param) throws Throwable {
+                    super.afterHookedMethod(param);
+                    Log.d("panda", "i'm in method " +param.method.getName()+" afterHookedMethod");
+//                    param.setResult(112233.0);
+                }
+            });
+//            Class;
+            HookManager.findAndHookMethod(MainActivity.class, "onCreate", Bundle.class, new MethodCallback() {
                 @Override
                 protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
                     super.beforeHookedMethod(param);

diff --git a/AndHook/app/src/main/java/com/panda/hook/andhook/MainActivity.java b/AndHook/app/src/main/java/com/panda/hook/andhook/MainActivity.java
@@ -24,6 +24,10 @@
 import java.util.List;
 
 public class MainActivity extends AppCompatActivity  {
+    public static MainActivity instance=new MainActivity();
+    static {
+        System.loadLibrary("test");
+    }
     @Override
     protected void onCreate(Bundle savedInstanceState) {
         super.onCreate(savedInstanceState);
@@ -35,17 +39,19 @@ protected void onCreate(Bundle savedInstanceState) {
             Log.d("panda","test1 res="+test1(this,333,4444,'E')+"");
             Log.d("panda","before invoke contrustor Test =======>>>>>>");
             new Test(11111,22222).log();
+            Log.d("panda","before invoke reflect tt =======>>>>>>");
+            tt(instance);
             Log.d("panda","before invoke reflect Test =======>>>>>>");
-//            Method t=MainActivity.class.getDeclaredMethod("test1",Object.class,int.class,int.class,char.class);
-            APP.t.invoke(this,this,111,333,'D');
+            Method t=MainActivity.class.getDeclaredMethod("test1",Object.class,int.class,int.class,char.class);
+            t.invoke(this,this,111,333,'D');
         } catch (Exception e) {
-            e.printStackTrace();
+            Log.e("panda","",e);
         }
     }
     public  static MainActivity test(Object thiz,int a,int b,char cr){
         return null;
     }
-    private int test1(Object thiz,int a,int b,char cr){
+    public int test1(Object thiz,int a,int b,char cr){
         Log.d("panda","in new test1");
         return 111;
     }
@@ -54,4 +60,5 @@ public int test2(){
         Log.d("panda","in new test2");
         return 111;
     }
+    public static native void tt(MainActivity instance);
 }
diff --git a/AndHook/app/src/main/jni/Android.mk b/AndHook/app/src/main/jni/Android.mk
@@ -0,0 +1,15 @@
+LOCAL_PATH := $(call my-dir)
+include $(CLEAR_VARS)
+
+LOCAL_MODULE := test
+
+LOCAL_CFLAGS := -Wno-error=format-security -fpermissive
+LOCAL_CFLAGS += -fno-rtti -fno-exceptions
+LOCAL_CFLAGS += -fvisibility=hidden -O3
+LOCAL_CFLAGS	:= -std=gnu++11 -DDEBUG -O0
+
+LOCAL_SRC_FILES := test.cpp \
+
+LOCAL_LDLIBS    := -llog
+
+include $(BUILD_SHARED_LIBRARY)
diff --git a/AndHook/app/src/main/jni/Application.mk b/AndHook/app/src/main/jni/Application.mk
@@ -0,0 +1,15 @@
+# The ARMv7 is significanly faster due to the use of the hardware FPU
+
+APP_STL :=
+
+APP_CPPFLAGS += -fpermissive  #此项有效时表示宽松的编译形式，比如没有用到的代码中有错误也可以通过编译；
+
+ifeq ($(NDK_DEBUG), 1)
+APP_CPPFLAGS += -DNDK_DEBUG
+else
+APP_CPPFLAGS += -fvisibility=hidden -O3
+endif
+
+APP_ABI := armeabi armeabi-v7a
+APP_PLATFORM := android-14
+APP_STL := gnustl_static
diff --git a/AndHook/app/src/main/jni/test.cpp b/AndHook/app/src/main/jni/test.cpp
@@ -0,0 +1,57 @@
+#include <jni.h>
+#include <stdio.h>
+#include <cassert>
+#include "test.h"
+#include <malloc.h>
+#include <string.h>
+
+static void repair(JNIEnv* env,jclass clazz,jobject thiz) {
+	LOGD("panda");
+	jclass cls=env->FindClass(JAVA_CLASS);
+	jmethodID m=env->GetMethodID(cls,"test2","()I");
+	env->CallIntMethod(thiz,m);
+	return;
+}
+/*
+ * JNI registration.
+ */
+static JNINativeMethod gMethods[] = {
+{ "tt", "(Lcom/panda/hook/andhook/MainActivity;)V", (void*) repair },
+};
+/*
+ * Register several native methods for one class.
+ */
+static int registerNativeMethods(JNIEnv* env, const char* className,
+		JNINativeMethod* gMethods, int numMethods) {
+	jclass clazz;
+	clazz = env->FindClass(className);
+	if (clazz == NULL) {
+		return JNI_FALSE;
+	}
+	if (env->RegisterNatives(clazz, gMethods, numMethods) < 0) {
+		return JNI_FALSE;
+	}
+
+	return JNI_TRUE;
+}
+
+static int registerNatives(JNIEnv* env) {
+	if (!registerNativeMethods(env, JAVA_CLASS, gMethods,
+			sizeof(gMethods) / sizeof(gMethods[0])))
+		return JNI_FALSE;
+	return JNI_TRUE;
+}
+
+JNIEXPORT jint JNICALL JNI_OnLoad(JavaVM* vm, void* reserved) {
+	JNIEnv* env = NULL;
+	jint result = -1;
+	if (vm->GetEnv((void**) &env, JNI_VERSION_1_4) != JNI_OK) {
+		return -1;
+	}
+	assert(env != NULL);
+	if (!registerNatives(env)) { //注册
+		return -1;
+	}
+//	LOGD("size offset=%d level=%d",size,level);
+	return JNI_VERSION_1_4;
+}
diff --git a/AndHook/app/src/main/jni/test.h b/AndHook/app/src/main/jni/test.h
@@ -0,0 +1,40 @@
+/*
+ *
+ * Copyright (c) 2015, alipay.com
+ *
+ * Licensed under the Apache License, Version 2.0 (the "License");
+ * you may not use this file except in compliance with the License.
+ * You may obtain a copy of the License at
+ *
+ *      http://www.apache.org/licenses/LICENSE-2.0
+ *
+ * Unless required by applicable law or agreed to in writing, software
+ * distributed under the License is distributed on an "AS IS" BASIS,
+ * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
+ * See the License for the specific language governing permissions and
+ * limitations under the License.
+ */
+
+/*
+ * 	common.h
+ *
+ *  @author : [email protected]
+ *
+ */
+
+#ifndef NativeHelper_H_
+#define NativeHelper_H_
+
+#include <jni.h>
+#include "dlfcn.h"
+#include "stdio.h"
+#include <elf.h>
+#include <android/log.h>
+#define TAG "panda"
+#define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG,  TAG, __VA_ARGS__)
+#define LOGI(...) __android_log_print(ANDROID_LOG_INFO,  TAG, __VA_ARGS__)
+#define LOGW(...) __android_log_print(ANDROID_LOG_WARN,  TAG, __VA_ARGS__)
+#define LOGE(...) __android_log_print(ANDROID_LOG_ERROR, TAG, __VA_ARGS__)
+#define JAVA_CLASS "com/panda/hook/andhook/MainActivity"
+
+#endif
diff --git a/AndHook/dexmaker/build/libs/dexmaker.jar b/AndHook/dexmaker/build/libs/dexmaker.jar
diff --git a/AndHook/javahook/src/main/AndroidManifest.xml b/AndHook/javahook/src/main/AndroidManifest.xml
@@ -5,5 +5,8 @@
         android:supportsRtl="true">
 
     </application>
-
+    <!-- SDCard中创建与删除文件权限 -->
+    <uses-permission android:name="android.permission.MOUNT_UNMOUNT_FILESYSTEMS"/>
+    <!-- 向SDCard写入数据权限 -->
+    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
 </manifest>
diff --git a/AndHook/javahook/src/main/java/com/panda/hook/javahook/HookManager.java b/AndHook/javahook/src/main/java/com/panda/hook/javahook/HookManager.java
@@ -10,6 +10,8 @@
 //import junit.framework.TestMine;
 
 import java.io.File;
+import java.io.FileNotFoundException;
+import java.io.FileOutputStream;
 import java.lang.reflect.Array;
 import java.lang.reflect.Constructor;
 import java.lang.reflect.Field;
@@ -91,8 +93,14 @@ public static void beginHook(List<BackMethod> methods){
                 String name=m.getOldMethod().getDeclaringClass().getName().replace(".","_");
                 if(classes.get(name)==null){
                     TypeId<?> cls = TypeId.get("L"+name+";");
-                    dexMaker.declare(cls, "", Modifier.PUBLIC, TypeId.OBJECT);
-
+                    Class target=m.getOldMethod().getDeclaringClass();
+//                    dexMaker.declare(cls, "", Modifier.PUBLIC, TypeId.OBJECT);
+                    if(Modifier.isFinal(target.getModifiers())) {
+                        dexMaker.declare(cls, "", Modifier.PUBLIC, TypeId.OBJECT);
+                    }else {
+                        dexMaker.declare(cls, "", Modifier.PUBLIC, TypeId.get(target));
+                    }
+                    MethodUtil.addDefaultInstanceField(dexMaker,cls);
                     MethodUtil.addDefaultConstructor(dexMaker, cls);
                     classes.put(name,cls);
                     if(m.getOldMethod() instanceof Method) {
@@ -112,7 +120,6 @@ public static void beginHook(List<BackMethod> methods){
                     }
                 }
             }
-//            Log.d("panda",getSystemContext().getCacheDir().getPath());
             File outputDir = new File(context.getDir("path", Context.MODE_PRIVATE).getPath());
             if (outputDir.exists()) {
                 File[] fs = outputDir.listFiles();
@@ -126,10 +133,18 @@ public static void beginHook(List<BackMethod> methods){
                 Member m=bak.getOldMethod();
                 String name=m.getDeclaringClass().getName().replace(".","_");
                 Class<?> cls = loader.loadClass(name);
+                Field classLoaderField = Class.class.getDeclaredField("classLoader");
+                classLoaderField.setAccessible(true);
+                classLoaderField.set(cls, m.getDeclaringClass().getClassLoader());
                 Constructor con=cls.getDeclaredConstructor();
                 con.newInstance();
                 Member mem=null;
                 Method invoker=null;
+                if( HookUtil.isArt()) {
+                    if (!HookUtil.setMadeClassSuper(cls)) {
+                        throw new FileNotFoundException("found error!");
+                    }
+                }
                 if(m instanceof Method){
                     mem=cls.getDeclaredMethod(m.getName(),((Method) m).getParameterTypes());
                     invoker=cls.getDeclaredMethod(m.getName()+"_Invoker",((Method) m).getParameterTypes());