├── settings.gradle
├── app
├── .gitignore
├── src
│ ├── main
│ │ ├── jni
│ │ │ ├── Application.mk
│ │ │ ├── relocate.h
│ │ │ ├── inlineHook.h
│ │ │ ├── Android.mk
│ │ │ ├── native-lib.c
│ │ │ ├── android_log.h
│ │ │ ├── inlineHook.c
│ │ │ └── relocate.c
│ │ ├── res
│ │ │ ├── values
│ │ │ │ ├── strings.xml
│ │ │ │ ├── colors.xml
│ │ │ │ ├── dimens.xml
│ │ │ │ └── styles.xml
│ │ │ ├── mipmap-hdpi
│ │ │ │ └── ic_launcher.png
│ │ │ ├── mipmap-mdpi
│ │ │ │ └── ic_launcher.png
│ │ │ ├── mipmap-xhdpi
│ │ │ │ └── ic_launcher.png
│ │ │ ├── mipmap-xxhdpi
│ │ │ │ └── ic_launcher.png
│ │ │ ├── mipmap-xxxhdpi
│ │ │ │ └── ic_launcher.png
│ │ │ ├── values-w820dp
│ │ │ │ └── dimens.xml
│ │ │ └── layout
│ │ │ │ └── activity_main.xml
│ │ ├── AndroidManifest.xml
│ │ └── java
│ │ │ └── com
│ │ │ └── andr0day
│ │ │ └── androidinlinehook
│ │ │ └── MainActivity.java
│ ├── test
│ │ └── java
│ │ │ └── com
│ │ │ └── andr0day
│ │ │ └── androidinlinehook
│ │ │ └── ExampleUnitTest.java
│ └── androidTest
│ │ └── java
│ │ └── com
│ │ └── andr0day
│ │ └── androidinlinehook
│ │ └── ExampleInstrumentedTest.java
├── proguard-rules.pro
└── build.gradle
├── .gitignore
├── gradle
└── wrapper
│ ├── gradle-wrapper.jar
│ └── gradle-wrapper.properties
├── gradle.properties
├── gradlew.bat
└── gradlew
/settings.gradle:
--------------------------------------------------------------------------------
1 | include ':app'
2 |
--------------------------------------------------------------------------------
/app/.gitignore:
--------------------------------------------------------------------------------
1 | /build
2 | .externalNativeBuild
3 |
--------------------------------------------------------------------------------
/app/src/main/jni/Application.mk:
--------------------------------------------------------------------------------
1 | APP_ABI := armeabi armeabi-v7a
2 | APP_PIE:= true
--------------------------------------------------------------------------------
/.gitignore:
--------------------------------------------------------------------------------
1 | *.iml
2 | .gradle
3 | /local.properties
4 | /.idea
5 | .DS_Store
6 | /build
7 | /captures
8 |
--------------------------------------------------------------------------------
/app/src/main/res/values/strings.xml:
--------------------------------------------------------------------------------
1 |
2 | AndroidInlineHook
3 |
4 |
--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.jar:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/difcareer/AndroidInlineHook/HEAD/gradle/wrapper/gradle-wrapper.jar
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-hdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/difcareer/AndroidInlineHook/HEAD/app/src/main/res/mipmap-hdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-mdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/difcareer/AndroidInlineHook/HEAD/app/src/main/res/mipmap-mdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/difcareer/AndroidInlineHook/HEAD/app/src/main/res/mipmap-xhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/difcareer/AndroidInlineHook/HEAD/app/src/main/res/mipmap-xxhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png:
--------------------------------------------------------------------------------
https://raw.githubusercontent.com/difcareer/AndroidInlineHook/HEAD/app/src/main/res/mipmap-xxxhdpi/ic_launcher.png
--------------------------------------------------------------------------------
/app/src/main/res/values/colors.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | #3F51B5
4 | #303F9F
5 | #FF4081
6 |
7 |
--------------------------------------------------------------------------------
/app/src/main/res/values/dimens.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 | 16dp
4 | 16dp
5 |
6 |
--------------------------------------------------------------------------------
/gradle/wrapper/gradle-wrapper.properties:
--------------------------------------------------------------------------------
1 | #Mon Dec 28 10:00:20 PST 2015
2 | distributionBase=GRADLE_USER_HOME
3 | distributionPath=wrapper/dists
4 | zipStoreBase=GRADLE_USER_HOME
5 | zipStorePath=wrapper/dists
6 | distributionUrl=https\://services.gradle.org/distributions/gradle-2.14.1-all.zip
7 |
--------------------------------------------------------------------------------
/app/src/main/jni/relocate.h:
--------------------------------------------------------------------------------
1 | #ifndef _RELOCATE_H
2 | #define _RELOCATE_H
3 |
4 | #include
5 |
6 | void relocateInstruction(uint32_t target_addr, void *orig_instructions, int length, void *trampoline_instructions, int *orig_boundaries, int *trampoline_boundaries, int *count);
7 |
8 | #endif
--------------------------------------------------------------------------------
/app/src/main/res/values-w820dp/dimens.xml:
--------------------------------------------------------------------------------
1 |
2 |
5 | 64dp
6 |
7 |
--------------------------------------------------------------------------------
/app/src/main/res/values/styles.xml:
--------------------------------------------------------------------------------
1 |
2 |
3 |
4 |
10 |
11 |
12 |
--------------------------------------------------------------------------------
/app/src/test/java/com/andr0day/androidinlinehook/ExampleUnitTest.java:
--------------------------------------------------------------------------------
1 | package com.andr0day.androidinlinehook;
2 |
3 | import org.junit.Test;
4 |
5 | import static org.junit.Assert.*;
6 |
7 | /**
8 | * Example local unit test, which will execute on the development machine (host).
9 | *
10 | * @see Testing documentation
11 | */
12 | public class ExampleUnitTest {
13 | @Test
14 | public void addition_isCorrect() throws Exception {
15 | assertEquals(4, 2 + 2);
16 | }
17 | }
--------------------------------------------------------------------------------
/app/proguard-rules.pro:
--------------------------------------------------------------------------------
1 | # Add project specific ProGuard rules here.
2 | # By default, the flags in this file are appended to flags specified
3 | # in D:\Tools\AndroidSdk/tools/proguard/proguard-android.txt
4 | # You can edit the include path and order by changing the proguardFiles
5 | # directive in build.gradle.
6 | #
7 | # For more details, see
8 | # http://developer.android.com/guide/developing/tools/proguard.html
9 |
10 | # Add any project specific keep options here:
11 |
12 | # If your project uses WebView with JS, uncomment the following
13 | # and specify the fully qualified class name to the JavaScript interface
14 | # class:
15 | #-keepclassmembers class fqcn.of.javascript.interface.for.webview {
16 | # public *;
17 | #}
18 |
--------------------------------------------------------------------------------
/app/src/main/AndroidManifest.xml:
--------------------------------------------------------------------------------
1 |
2 |
4 |
5 |
11 |
12 |
13 |
14 |
15 |
16 |
17 |
18 |
19 |
20 |
--------------------------------------------------------------------------------
/app/src/main/jni/inlineHook.h:
--------------------------------------------------------------------------------
1 | #ifndef _INLINEHOOK_H
2 | #define _INLINEHOOK_H
3 |
4 | #include
5 | #include
6 |
7 | enum ele7en_status {
8 | ELE7EN_ERROR_UNKNOWN = -1,
9 | ELE7EN_OK = 0,
10 | ELE7EN_ERROR_NOT_INITIALIZED,
11 | ELE7EN_ERROR_NOT_EXECUTABLE,
12 | ELE7EN_ERROR_NOT_REGISTERED,
13 | ELE7EN_ERROR_NOT_HOOKED,
14 | ELE7EN_ERROR_ALREADY_REGISTERED,
15 | ELE7EN_ERROR_ALREADY_HOOKED,
16 | ELE7EN_ERROR_SO_NOT_FOUND,
17 | ELE7EN_ERROR_FUNCTION_NOT_FOUND
18 | };
19 |
20 | enum ele7en_status registerInlineHook(uint32_t target_addr, uint32_t new_addr, uint32_t **proto_addr);
21 | enum ele7en_status inlineUnHook(uint32_t target_addr);
22 | void inlineUnHookAll();
23 | enum ele7en_status inlineHook(uint32_t target_addr);
24 | void inlineHookAll();
25 |
26 | #endif
--------------------------------------------------------------------------------
/gradle.properties:
--------------------------------------------------------------------------------
1 | # Project-wide Gradle settings.
2 |
3 | # IDE (e.g. Android Studio) users:
4 | # Gradle settings configured through the IDE *will override*
5 | # any settings specified in this file.
6 |
7 | # For more details on how to configure your build environment visit
8 | # http://www.gradle.org/docs/current/userguide/build_environment.html
9 |
10 | # Specifies the JVM arguments used for the daemon process.
11 | # The setting is particularly useful for tweaking memory settings.
12 | org.gradle.jvmargs=-Xmx1536m
13 |
14 | # When configured, Gradle will run in incubating parallel mode.
15 | # This option should only be used with decoupled projects. More details, visit
16 | # http://www.gradle.org/docs/current/userguide/multi_project_builds.html#sec:decoupled_projects
17 | # org.gradle.parallel=true
18 |
--------------------------------------------------------------------------------
/app/src/main/res/layout/activity_main.xml:
--------------------------------------------------------------------------------
1 |
2 |
12 |
13 |
18 |
19 |
--------------------------------------------------------------------------------
/app/src/androidTest/java/com/andr0day/androidinlinehook/ExampleInstrumentedTest.java:
--------------------------------------------------------------------------------
1 | package com.andr0day.androidinlinehook;
2 |
3 | import android.content.Context;
4 | import android.support.test.InstrumentationRegistry;
5 | import android.support.test.runner.AndroidJUnit4;
6 |
7 | import org.junit.Test;
8 | import org.junit.runner.RunWith;
9 |
10 | import static org.junit.Assert.*;
11 |
12 | /**
13 | * Instrumentation test, which will execute on an Android device.
14 | *
15 | * @see Testing documentation
16 | */
17 | @RunWith(AndroidJUnit4.class)
18 | public class ExampleInstrumentedTest {
19 | @Test
20 | public void useAppContext() throws Exception {
21 | // Context of the app under test.
22 | Context appContext = InstrumentationRegistry.getTargetContext();
23 |
24 | assertEquals("com.andr0day.androidinlinehook", appContext.getPackageName());
25 | }
26 | }
27 |
--------------------------------------------------------------------------------
/app/src/main/jni/Android.mk:
--------------------------------------------------------------------------------
1 | # Copyright (C) 2009 The Android Open Source Project
2 | #
3 | # Licensed under the Apache License, Version 2.0 (the "License");
4 | # you may not use this file except in compliance with the License.
5 | # You may obtain a copy of the License at
6 | #
7 | # http://www.apache.org/licenses/LICENSE-2.0
8 | #
9 | # Unless required by applicable law or agreed to in writing, software
10 | # distributed under the License is distributed on an "AS IS" BASIS,
11 | # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
12 | # See the License for the specific language governing permissions and
13 | # limitations under the License.
14 | #
15 | #
16 | #
17 | LOCAL_PATH := $(call my-dir)
18 |
19 | include $(CLEAR_VARS)
20 |
21 | LOCAL_MODULE := native-lib
22 | LOCAL_SRC_FILES := inlineHook.c relocate.c native-lib.c
23 |
24 | LOCAL_LDLIBS := -L$(SYSROOT)/usr/lib -llog -lz
25 |
26 | include $(BUILD_SHARED_LIBRARY)
27 |
28 |
29 |
--------------------------------------------------------------------------------
/app/src/main/java/com/andr0day/androidinlinehook/MainActivity.java:
--------------------------------------------------------------------------------
1 | package com.andr0day.androidinlinehook;
2 |
3 | import android.support.v7.app.AppCompatActivity;
4 | import android.os.Bundle;
5 | import android.view.View;
6 | import android.widget.TextView;
7 |
8 | public class MainActivity extends AppCompatActivity {
9 |
10 | static {
11 | System.loadLibrary("native-lib");
12 | }
13 |
14 | @Override
15 | protected void onCreate(Bundle savedInstanceState) {
16 | super.onCreate(savedInstanceState);
17 | setContentView(R.layout.activity_main);
18 |
19 | findViewById(R.id.btn).setOnClickListener(new View.OnClickListener() {
20 | @Override
21 | public void onClick(View view) {
22 | stringFromJNI();
23 | }
24 | });
25 |
26 | }
27 |
28 | /**
29 | * A native method that is implemented by the 'native-lib' native library,
30 | * which is packaged with this application.
31 | */
32 | public native String stringFromJNI();
33 | }
34 |
--------------------------------------------------------------------------------
/app/src/main/jni/native-lib.c:
--------------------------------------------------------------------------------
1 | #include
2 | #include "inlineHook.h"
3 | #include "android_log.h"
4 |
5 | void (*old_log)(const char *) = NULL;
6 |
7 | void origin_log(const char *str) {
8 | LOGE("%s", str);
9 | char buf[10];
10 | buf[0] = '1';
11 | buf[1] = '2';
12 | buf[2] = '3';
13 | buf[3] = 0;
14 | LOGE("%s",buf);
15 | }
16 |
17 | void new_log(const char *str) {
18 | LOGE("hooked");
19 | // old_log("log hooked");
20 | }
21 |
22 | int hook() {
23 | if (registerInlineHook((uint32_t) origin_log, (uint32_t) new_log, (uint32_t **) &old_log)
24 | != ELE7EN_OK) {
25 | return -1;
26 | }
27 | if (inlineHook((uint32_t) origin_log) != ELE7EN_OK) {
28 | return -1;
29 | }
30 |
31 | return 0;
32 | }
33 |
34 | int unHook() {
35 | if (inlineUnHook((uint32_t) origin_log) != ELE7EN_OK) {
36 | return -1;
37 | }
38 |
39 | return 0;
40 | }
41 |
42 |
43 | jstring
44 | Java_com_andr0day_androidinlinehook_MainActivity_stringFromJNI(JNIEnv *env, jobject obj) {
45 | origin_log("test1");
46 | int ret = hook();
47 | LOGE("%d", ret);
48 | origin_log("test2");
49 | unHook();
50 | origin_log("test3");
51 | return (*env)->NewStringUTF(env, "WTF");
52 | }
53 |
--------------------------------------------------------------------------------
/app/build.gradle:
--------------------------------------------------------------------------------
1 | apply plugin: 'com.android.application'
2 |
3 | android {
4 | compileSdkVersion 25
5 | buildToolsVersion "24.0.3"
6 | defaultConfig {
7 | applicationId "com.andr0day.androidinlinehook"
8 | minSdkVersion 19
9 | targetSdkVersion 25
10 | versionCode 1
11 | versionName "1.0"
12 | testInstrumentationRunner "android.support.test.runner.AndroidJUnitRunner"
13 | externalNativeBuild {
14 | ndkBuild{
15 | abiFilters "armeabi-v7a"
16 | cFlags "-DNDKLOG"
17 | }
18 | }
19 | }
20 | buildTypes {
21 | release {
22 | minifyEnabled false
23 | proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
24 | }
25 | }
26 | externalNativeBuild {
27 | ndkBuild{
28 | path "src/main/jni/Android.mk"
29 | }
30 | }
31 | }
32 |
33 | dependencies {
34 | compile fileTree(dir: 'libs', include: ['*.jar'])
35 | androidTestCompile('com.android.support.test.espresso:espresso-core:2.2.2', {
36 | exclude group: 'com.android.support', module: 'support-annotations'
37 | })
38 | compile 'com.android.support:appcompat-v7:25.0.0'
39 | testCompile 'junit:junit:4.12'
40 | }
41 |
--------------------------------------------------------------------------------
/app/src/main/jni/android_log.h:
--------------------------------------------------------------------------------
1 | /*
2 | * Copyright (C) 2015 The Android Open Source Project
3 | *
4 | * Licensed under the Apache License, Version 2.0 (the "License");
5 | * you may not use this file except in compliance with the License.
6 | * You may obtain a copy of the License at
7 | *
8 | * http://www.apache.org/licenses/LICENSE-2.0
9 | *
10 | * Unless required by applicable law or agreed to in writing, software
11 | * distributed under the License is distributed on an "AS IS" BASIS,
12 | * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
13 | * See the License for the specific language governing permissions and
14 | * limitations under the License.
15 | *
16 | */
17 | #ifndef NATIVE_ANDROID_DEBUG_H_H
18 | #define NATIVE_ANDROID_DEBUG_H_H
19 |
20 | #include
21 |
22 | #ifdef NDKLOG
23 |
24 | #define MODULE_NAME "NDKLOG"
25 | #define LOGV(...) __android_log_print(ANDROID_LOG_VERBOSE, MODULE_NAME, __VA_ARGS__)
26 | #define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, MODULE_NAME, __VA_ARGS__)
27 | #define LOGI(...) __android_log_print(ANDROID_LOG_INFO, MODULE_NAME, __VA_ARGS__)
28 | #define LOGW(...) __android_log_print(ANDROID_LOG_WARN,MODULE_NAME, __VA_ARGS__)
29 | #define LOGE(...) __android_log_print(ANDROID_LOG_ERROR,MODULE_NAME, __VA_ARGS__)
30 | #define LOGF(...) __android_log_print(ANDROID_LOG_FATAL,MODULE_NAME, __VA_ARGS__)
31 |
32 | #else
33 |
34 | #define LOGV(...)
35 | #define LOGD(...)
36 | #define LOGI(...)
37 | #define LOGW(...)
38 | #define LOGE(...)
39 | #define LOGF(...)
40 | #endif
41 |
42 | #endif //NATIVE_AUDIO_ANDROID_DEBUG_H_H
43 |
44 |
--------------------------------------------------------------------------------
/gradlew.bat:
--------------------------------------------------------------------------------
1 | @if "%DEBUG%" == "" @echo off
2 | @rem ##########################################################################
3 | @rem
4 | @rem Gradle startup script for Windows
5 | @rem
6 | @rem ##########################################################################
7 |
8 | @rem Set local scope for the variables with windows NT shell
9 | if "%OS%"=="Windows_NT" setlocal
10 |
11 | @rem Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
12 | set DEFAULT_JVM_OPTS=
13 |
14 | set DIRNAME=%~dp0
15 | if "%DIRNAME%" == "" set DIRNAME=.
16 | set APP_BASE_NAME=%~n0
17 | set APP_HOME=%DIRNAME%
18 |
19 | @rem Find java.exe
20 | if defined JAVA_HOME goto findJavaFromJavaHome
21 |
22 | set JAVA_EXE=java.exe
23 | %JAVA_EXE% -version >NUL 2>&1
24 | if "%ERRORLEVEL%" == "0" goto init
25 |
26 | echo.
27 | echo ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
28 | echo.
29 | echo Please set the JAVA_HOME variable in your environment to match the
30 | echo location of your Java installation.
31 |
32 | goto fail
33 |
34 | :findJavaFromJavaHome
35 | set JAVA_HOME=%JAVA_HOME:"=%
36 | set JAVA_EXE=%JAVA_HOME%/bin/java.exe
37 |
38 | if exist "%JAVA_EXE%" goto init
39 |
40 | echo.
41 | echo ERROR: JAVA_HOME is set to an invalid directory: %JAVA_HOME%
42 | echo.
43 | echo Please set the JAVA_HOME variable in your environment to match the
44 | echo location of your Java installation.
45 |
46 | goto fail
47 |
48 | :init
49 | @rem Get command-line arguments, handling Windowz variants
50 |
51 | if not "%OS%" == "Windows_NT" goto win9xME_args
52 | if "%@eval[2+2]" == "4" goto 4NT_args
53 |
54 | :win9xME_args
55 | @rem Slurp the command line arguments.
56 | set CMD_LINE_ARGS=
57 | set _SKIP=2
58 |
59 | :win9xME_args_slurp
60 | if "x%~1" == "x" goto execute
61 |
62 | set CMD_LINE_ARGS=%*
63 | goto execute
64 |
65 | :4NT_args
66 | @rem Get arguments from the 4NT Shell from JP Software
67 | set CMD_LINE_ARGS=%$
68 |
69 | :execute
70 | @rem Setup the command line
71 |
72 | set CLASSPATH=%APP_HOME%\gradle\wrapper\gradle-wrapper.jar
73 |
74 | @rem Execute Gradle
75 | "%JAVA_EXE%" %DEFAULT_JVM_OPTS% %JAVA_OPTS% %GRADLE_OPTS% "-Dorg.gradle.appname=%APP_BASE_NAME%" -classpath "%CLASSPATH%" org.gradle.wrapper.GradleWrapperMain %CMD_LINE_ARGS%
76 |
77 | :end
78 | @rem End local scope for the variables with windows NT shell
79 | if "%ERRORLEVEL%"=="0" goto mainEnd
80 |
81 | :fail
82 | rem Set variable GRADLE_EXIT_CONSOLE if you need the _script_ return code instead of
83 | rem the _cmd.exe /c_ return code!
84 | if not "" == "%GRADLE_EXIT_CONSOLE%" exit 1
85 | exit /b 1
86 |
87 | :mainEnd
88 | if "%OS%"=="Windows_NT" endlocal
89 |
90 | :omega
91 |
--------------------------------------------------------------------------------
/gradlew:
--------------------------------------------------------------------------------
1 | #!/usr/bin/env bash
2 |
3 | ##############################################################################
4 | ##
5 | ## Gradle start up script for UN*X
6 | ##
7 | ##############################################################################
8 |
9 | # Add default JVM options here. You can also use JAVA_OPTS and GRADLE_OPTS to pass JVM options to this script.
10 | DEFAULT_JVM_OPTS=""
11 |
12 | APP_NAME="Gradle"
13 | APP_BASE_NAME=`basename "$0"`
14 |
15 | # Use the maximum available, or set MAX_FD != -1 to use that value.
16 | MAX_FD="maximum"
17 |
18 | warn ( ) {
19 | echo "$*"
20 | }
21 |
22 | die ( ) {
23 | echo
24 | echo "$*"
25 | echo
26 | exit 1
27 | }
28 |
29 | # OS specific support (must be 'true' or 'false').
30 | cygwin=false
31 | msys=false
32 | darwin=false
33 | case "`uname`" in
34 | CYGWIN* )
35 | cygwin=true
36 | ;;
37 | Darwin* )
38 | darwin=true
39 | ;;
40 | MINGW* )
41 | msys=true
42 | ;;
43 | esac
44 |
45 | # Attempt to set APP_HOME
46 | # Resolve links: $0 may be a link
47 | PRG="$0"
48 | # Need this for relative symlinks.
49 | while [ -h "$PRG" ] ; do
50 | ls=`ls -ld "$PRG"`
51 | link=`expr "$ls" : '.*-> \(.*\)$'`
52 | if expr "$link" : '/.*' > /dev/null; then
53 | PRG="$link"
54 | else
55 | PRG=`dirname "$PRG"`"/$link"
56 | fi
57 | done
58 | SAVED="`pwd`"
59 | cd "`dirname \"$PRG\"`/" >/dev/null
60 | APP_HOME="`pwd -P`"
61 | cd "$SAVED" >/dev/null
62 |
63 | CLASSPATH=$APP_HOME/gradle/wrapper/gradle-wrapper.jar
64 |
65 | # Determine the Java command to use to start the JVM.
66 | if [ -n "$JAVA_HOME" ] ; then
67 | if [ -x "$JAVA_HOME/jre/sh/java" ] ; then
68 | # IBM's JDK on AIX uses strange locations for the executables
69 | JAVACMD="$JAVA_HOME/jre/sh/java"
70 | else
71 | JAVACMD="$JAVA_HOME/bin/java"
72 | fi
73 | if [ ! -x "$JAVACMD" ] ; then
74 | die "ERROR: JAVA_HOME is set to an invalid directory: $JAVA_HOME
75 |
76 | Please set the JAVA_HOME variable in your environment to match the
77 | location of your Java installation."
78 | fi
79 | else
80 | JAVACMD="java"
81 | which java >/dev/null 2>&1 || die "ERROR: JAVA_HOME is not set and no 'java' command could be found in your PATH.
82 |
83 | Please set the JAVA_HOME variable in your environment to match the
84 | location of your Java installation."
85 | fi
86 |
87 | # Increase the maximum file descriptors if we can.
88 | if [ "$cygwin" = "false" -a "$darwin" = "false" ] ; then
89 | MAX_FD_LIMIT=`ulimit -H -n`
90 | if [ $? -eq 0 ] ; then
91 | if [ "$MAX_FD" = "maximum" -o "$MAX_FD" = "max" ] ; then
92 | MAX_FD="$MAX_FD_LIMIT"
93 | fi
94 | ulimit -n $MAX_FD
95 | if [ $? -ne 0 ] ; then
96 | warn "Could not set maximum file descriptor limit: $MAX_FD"
97 | fi
98 | else
99 | warn "Could not query maximum file descriptor limit: $MAX_FD_LIMIT"
100 | fi
101 | fi
102 |
103 | # For Darwin, add options to specify how the application appears in the dock
104 | if $darwin; then
105 | GRADLE_OPTS="$GRADLE_OPTS \"-Xdock:name=$APP_NAME\" \"-Xdock:icon=$APP_HOME/media/gradle.icns\""
106 | fi
107 |
108 | # For Cygwin, switch paths to Windows format before running java
109 | if $cygwin ; then
110 | APP_HOME=`cygpath --path --mixed "$APP_HOME"`
111 | CLASSPATH=`cygpath --path --mixed "$CLASSPATH"`
112 | JAVACMD=`cygpath --unix "$JAVACMD"`
113 |
114 | # We build the pattern for arguments to be converted via cygpath
115 | ROOTDIRSRAW=`find -L / -maxdepth 1 -mindepth 1 -type d 2>/dev/null`
116 | SEP=""
117 | for dir in $ROOTDIRSRAW ; do
118 | ROOTDIRS="$ROOTDIRS$SEP$dir"
119 | SEP="|"
120 | done
121 | OURCYGPATTERN="(^($ROOTDIRS))"
122 | # Add a user-defined pattern to the cygpath arguments
123 | if [ "$GRADLE_CYGPATTERN" != "" ] ; then
124 | OURCYGPATTERN="$OURCYGPATTERN|($GRADLE_CYGPATTERN)"
125 | fi
126 | # Now convert the arguments - kludge to limit ourselves to /bin/sh
127 | i=0
128 | for arg in "$@" ; do
129 | CHECK=`echo "$arg"|egrep -c "$OURCYGPATTERN" -`
130 | CHECK2=`echo "$arg"|egrep -c "^-"` ### Determine if an option
131 |
132 | if [ $CHECK -ne 0 ] && [ $CHECK2 -eq 0 ] ; then ### Added a condition
133 | eval `echo args$i`=`cygpath --path --ignore --mixed "$arg"`
134 | else
135 | eval `echo args$i`="\"$arg\""
136 | fi
137 | i=$((i+1))
138 | done
139 | case $i in
140 | (0) set -- ;;
141 | (1) set -- "$args0" ;;
142 | (2) set -- "$args0" "$args1" ;;
143 | (3) set -- "$args0" "$args1" "$args2" ;;
144 | (4) set -- "$args0" "$args1" "$args2" "$args3" ;;
145 | (5) set -- "$args0" "$args1" "$args2" "$args3" "$args4" ;;
146 | (6) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" ;;
147 | (7) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" ;;
148 | (8) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" ;;
149 | (9) set -- "$args0" "$args1" "$args2" "$args3" "$args4" "$args5" "$args6" "$args7" "$args8" ;;
150 | esac
151 | fi
152 |
153 | # Split up the JVM_OPTS And GRADLE_OPTS values into an array, following the shell quoting and substitution rules
154 | function splitJvmOpts() {
155 | JVM_OPTS=("$@")
156 | }
157 | eval splitJvmOpts $DEFAULT_JVM_OPTS $JAVA_OPTS $GRADLE_OPTS
158 | JVM_OPTS[${#JVM_OPTS[*]}]="-Dorg.gradle.appname=$APP_BASE_NAME"
159 |
160 | exec "$JAVACMD" "${JVM_OPTS[@]}" -classpath "$CLASSPATH" org.gradle.wrapper.GradleWrapperMain "$@"
161 |
--------------------------------------------------------------------------------
/app/src/main/jni/inlineHook.c:
--------------------------------------------------------------------------------
1 | /*
2 | thumb16 thumb32 arm32 inlineHook
3 | author: ele7enxxh
4 | mail: ele7enxxh@qq.com
5 | website: ele7enxxh.com
6 | modified time: 2015-01-23
7 | created time: 2015-11-30
8 | */
9 |
10 | #include
11 | #include
12 | #include
13 | #include
14 | #include
15 | #include
16 | #include
17 |
18 | #include "relocate.h"
19 | #include "inlineHook.h"
20 |
21 | #ifndef PAGE_SIZE
22 | #define PAGE_SIZE 4096
23 | #endif
24 |
25 | #define PAGE_START(addr) (~(PAGE_SIZE - 1) & (addr))
26 | #define SET_BIT0(addr) (addr | 1)
27 | #define CLEAR_BIT0(addr) (addr & 0xFFFFFFFE)
28 | #define TEST_BIT0(addr) (addr & 1)
29 |
30 | #define ACTION_ENABLE 0
31 | #define ACTION_DISABLE 1
32 |
33 | enum hook_status {
34 | REGISTERED,
35 | HOOKED,
36 | };
37 |
38 | struct inlineHookItem {
39 | uint32_t target_addr;
40 | uint32_t new_addr;
41 | uint32_t **proto_addr;
42 | void *orig_instructions;
43 | int orig_boundaries[4];
44 | int trampoline_boundaries[20];
45 | int count;
46 | void *trampoline_instructions;
47 | int length;
48 | int status;
49 | int mode;
50 | };
51 |
52 | struct inlineHookInfo {
53 | struct inlineHookItem item[1024];
54 | int size;
55 | };
56 |
57 | struct inlineHookInfo info = {0};
58 |
59 | int getAllTids(pid_t pid, pid_t *tids)
60 | {
61 | char dir_path[32];
62 | DIR *dir;
63 | int i;
64 | struct dirent *entry;
65 | pid_t tid;
66 |
67 | if (pid < 0) {
68 | snprintf(dir_path, sizeof(dir_path), "/proc/self/task");
69 | }
70 | else {
71 | snprintf(dir_path, sizeof(dir_path), "/proc/%d/task", pid);
72 | }
73 |
74 | dir = opendir(dir_path);
75 | if (dir == NULL) {
76 | return 0;
77 | }
78 |
79 | i = 0;
80 | while((entry = readdir(dir)) != NULL) {
81 | tid = atoi(entry->d_name);
82 | if (tid != 0 && tid != getpid()) {
83 | tids[i++] = tid;
84 | }
85 | }
86 | closedir(dir);
87 | return i;
88 | }
89 |
90 | bool doProcessThreadPC(struct inlineHookItem *item, struct pt_regs *regs, int action)
91 | {
92 | int offset;
93 | int i;
94 |
95 | switch (action)
96 | {
97 | case ACTION_ENABLE:
98 | offset = regs->ARM_pc - CLEAR_BIT0(item->target_addr);
99 | for (i = 0; i < item->count; ++i) {
100 | if (offset == item->orig_boundaries[i]) {
101 | regs->ARM_pc = (uint32_t) item->trampoline_instructions + item->trampoline_boundaries[i];
102 | return true;
103 | }
104 | }
105 | break;
106 | case ACTION_DISABLE:
107 | offset = regs->ARM_pc - (int) item->trampoline_instructions;
108 | for (i = 0; i < item->count; ++i) {
109 | if (offset == item->trampoline_boundaries[i]) {
110 | regs->ARM_pc = CLEAR_BIT0(item->target_addr) + item->orig_boundaries[i];
111 | return true;
112 | }
113 | }
114 | break;
115 | }
116 |
117 | return false;
118 | }
119 |
120 | void processThreadPC(pid_t tid, struct inlineHookItem *item, int action)
121 | {
122 | struct pt_regs regs;
123 |
124 | if (ptrace(PTRACE_GETREGS, tid, NULL, ®s) == 0) {
125 | if (item == NULL) {
126 | int pos;
127 |
128 | for (pos = 0; pos < info.size; ++pos) {
129 | if (doProcessThreadPC(&info.item[pos], ®s, action) == true) {
130 | break;
131 | }
132 | }
133 | }
134 | else {
135 | doProcessThreadPC(item, ®s, action);
136 | }
137 |
138 | ptrace(PTRACE_SETREGS, tid, NULL, ®s);
139 | }
140 | }
141 |
142 | pid_t freeze(struct inlineHookItem *item, int action)
143 | {
144 | int count;
145 | pid_t tids[1024];
146 | pid_t pid;
147 |
148 | pid = -1;
149 | count = getAllTids(getpid(), tids);
150 | if (count > 0) {
151 | pid = fork();
152 |
153 | if (pid == 0) {
154 | int i;
155 |
156 | for (i = 0; i < count; ++i) {
157 | if (ptrace(PTRACE_ATTACH, tids[i], NULL, NULL) == 0) {
158 | waitpid(tids[i], NULL, WUNTRACED);
159 | processThreadPC(tids[i], item, action);
160 | }
161 | }
162 |
163 | raise(SIGSTOP);
164 |
165 | for (i = 0; i < count; ++i) {
166 | ptrace(PTRACE_DETACH, tids[i], NULL, NULL);
167 | }
168 |
169 | raise(SIGKILL);
170 | }
171 |
172 | else if (pid > 0) {
173 | waitpid(pid, NULL, WUNTRACED);
174 | }
175 | }
176 |
177 | return pid;
178 | }
179 |
180 | void unFreeze(pid_t pid)
181 | {
182 | if (pid < 0) {
183 | return;
184 | }
185 |
186 | kill(pid, SIGCONT);
187 | wait(NULL);
188 | }
189 |
190 | bool isExecutableAddr(uint32_t addr)
191 | {
192 | FILE *fp;
193 | char line[1024];
194 | uint32_t start;
195 | uint32_t end;
196 |
197 | fp = fopen("/proc/self/maps", "r");
198 | if (fp == NULL) {
199 | return false;
200 | }
201 |
202 | while (fgets(line, sizeof(line), fp)) {
203 | if (strstr(line, "r-xp")) {
204 | start = strtoul(strtok(line, "-"), NULL, 16);
205 | end = strtoul(strtok(NULL, " "), NULL, 16);
206 | if (addr >= start && addr <= end) {
207 | fclose(fp);
208 | return true;
209 | }
210 | }
211 | }
212 |
213 | fclose(fp);
214 |
215 | return false;
216 | }
217 |
218 | struct inlineHookItem *findInlineHookItem(uint32_t target_addr)
219 | {
220 | int i;
221 |
222 | for (i = 0; i < info.size; ++i) {
223 | if (info.item[i].target_addr == target_addr) {
224 | return &info.item[i];
225 | }
226 | }
227 |
228 | return NULL;
229 | }
230 |
231 | struct inlineHookItem *addInlineHookItem() {
232 | struct inlineHookItem *item;
233 |
234 | if (info.size >= 1024) {
235 | return NULL;
236 | }
237 |
238 | item = &info.item[info.size];
239 | ++info.size;
240 |
241 | return item;
242 | }
243 |
244 | void deleteInlineHookItem(int pos)
245 | {
246 | info.item[pos] = info.item[info.size - 1];
247 | --info.size;
248 | }
249 |
250 | enum ele7en_status registerInlineHook(uint32_t target_addr, uint32_t new_addr, uint32_t **proto_addr)
251 | {
252 | struct inlineHookItem *item;
253 |
254 | if (!isExecutableAddr(target_addr) || !isExecutableAddr(new_addr)) {
255 | return ELE7EN_ERROR_NOT_EXECUTABLE;
256 | }
257 |
258 | item = findInlineHookItem(target_addr);
259 | if (item != NULL) {
260 | if (item->status == REGISTERED) {
261 | return ELE7EN_ERROR_ALREADY_REGISTERED;
262 | }
263 | else if (item->status == HOOKED) {
264 | return ELE7EN_ERROR_ALREADY_HOOKED;
265 | }
266 | else {
267 | return ELE7EN_ERROR_UNKNOWN;
268 | }
269 | }
270 |
271 | item = addInlineHookItem();
272 | // memset(item, 0, sizeof(struct inlineHookItem));
273 |
274 | item->target_addr = target_addr;
275 | item->new_addr = new_addr;
276 | item->proto_addr = proto_addr;
277 |
278 | item->length = TEST_BIT0(item->target_addr) ? 10 : 8;
279 | item->orig_instructions = malloc((size_t)item->length);
280 | memcpy(item->orig_instructions, (void *) CLEAR_BIT0(item->target_addr), (size_t)item->length);
281 |
282 |
283 | item->trampoline_instructions = mmap(NULL, PAGE_SIZE, PROT_READ | PROT_WRITE | PROT_EXEC, MAP_ANONYMOUS | MAP_PRIVATE, 0, 0);
284 | relocateInstruction(item->target_addr, item->orig_instructions, item->length, item->trampoline_instructions, item->orig_boundaries, item->trampoline_boundaries, &item->count);
285 |
286 | item->status = REGISTERED;
287 |
288 | return ELE7EN_OK;
289 | }
290 |
291 | void doInlineUnHook(struct inlineHookItem *item, int pos)
292 | {
293 | mprotect((void *) PAGE_START(CLEAR_BIT0(item->target_addr)), PAGE_SIZE * 2, PROT_READ | PROT_WRITE | PROT_EXEC);
294 | memcpy((void *) CLEAR_BIT0(item->target_addr), item->orig_instructions, item->length);
295 | mprotect((void *) PAGE_START(CLEAR_BIT0(item->target_addr)), PAGE_SIZE * 2, PROT_READ | PROT_EXEC);
296 | munmap(item->trampoline_instructions, PAGE_SIZE);
297 | free(item->orig_instructions);
298 |
299 | deleteInlineHookItem(pos);
300 |
301 | cacheflush(CLEAR_BIT0(item->target_addr), CLEAR_BIT0(item->target_addr) + item->length, 0);
302 | }
303 |
304 | enum ele7en_status inlineUnHook(uint32_t target_addr)
305 | {
306 | int i;
307 |
308 | for (i = 0; i < info.size; ++i) {
309 | if (info.item[i].target_addr == target_addr && info.item[i].status == HOOKED) {
310 | pid_t pid;
311 |
312 | pid = freeze(&info.item[i], ACTION_DISABLE);
313 |
314 | doInlineUnHook(&info.item[i], i);
315 |
316 | unFreeze(pid);
317 |
318 | return ELE7EN_OK;
319 | }
320 | }
321 |
322 | return ELE7EN_ERROR_NOT_HOOKED;
323 | }
324 |
325 | void inlineUnHookAll()
326 | {
327 | pid_t pid;
328 | int i;
329 |
330 | pid = freeze(NULL, ACTION_DISABLE);
331 |
332 | for (i = 0; i < info.size; ++i) {
333 | if (info.item[i].status == HOOKED) {
334 | doInlineUnHook(&info.item[i], i);
335 | --i;
336 | }
337 | }
338 |
339 | unFreeze(pid);
340 | }
341 |
342 | void doInlineHook(struct inlineHookItem *item)
343 | {
344 | mprotect((void *) PAGE_START(CLEAR_BIT0(item->target_addr)), PAGE_SIZE * 2, PROT_READ | PROT_WRITE | PROT_EXEC);
345 |
346 | if (TEST_BIT0(item->target_addr)) {
347 | int i;
348 |
349 | i = 0;
350 | if (CLEAR_BIT0(item->target_addr) % 4 != 0) {
351 | ((uint16_t *) CLEAR_BIT0(item->target_addr))[i++] = 0xBF00; // NOP
352 | }
353 | ((uint16_t *) CLEAR_BIT0(item->target_addr))[i++] = 0xF8DF;
354 | ((uint16_t *) CLEAR_BIT0(item->target_addr))[i++] = 0xF000; // LDR.W PC, [PC]
355 | ((uint16_t *) CLEAR_BIT0(item->target_addr))[i++] = item->new_addr & 0xFFFF;
356 | ((uint16_t *) CLEAR_BIT0(item->target_addr))[i++] = item->new_addr >> 16;
357 | }
358 | else {
359 | ((uint32_t *) (item->target_addr))[0] = 0xe51ff004; // LDR PC, [PC, #-4]
360 | ((uint32_t *) (item->target_addr))[1] = item->new_addr;
361 | }
362 |
363 | mprotect((void *) PAGE_START(CLEAR_BIT0(item->target_addr)), PAGE_SIZE * 2, PROT_READ | PROT_EXEC);
364 |
365 | if (item->proto_addr != NULL) {
366 | *(item->proto_addr) = TEST_BIT0(item->target_addr) ? (uint32_t *) SET_BIT0((uint32_t) item->trampoline_instructions) : item->trampoline_instructions;
367 | }
368 |
369 | item->status = HOOKED;
370 |
371 | cacheflush(CLEAR_BIT0(item->target_addr), CLEAR_BIT0(item->target_addr) + item->length, 0);
372 | }
373 |
374 | enum ele7en_status inlineHook(uint32_t target_addr)
375 | {
376 | int i;
377 | struct inlineHookItem *item;
378 |
379 | item = NULL;
380 | for (i = 0; i < info.size; ++i) {
381 | if (info.item[i].target_addr == target_addr) {
382 | item = &info.item[i];
383 | break;
384 | }
385 | }
386 |
387 | if (item == NULL) {
388 | return ELE7EN_ERROR_NOT_REGISTERED;
389 | }
390 |
391 | if (item->status == REGISTERED) {
392 | pid_t pid;
393 |
394 | pid = freeze(item, ACTION_ENABLE);
395 |
396 | doInlineHook(item);
397 |
398 | unFreeze(pid);
399 |
400 | return ELE7EN_OK;
401 | }
402 | else if (item->status == HOOKED) {
403 | return ELE7EN_ERROR_ALREADY_HOOKED;
404 | }
405 | else {
406 | return ELE7EN_ERROR_UNKNOWN;
407 | }
408 | }
409 |
410 | void inlineHookAll()
411 | {
412 | pid_t pid;
413 | int i;
414 |
415 | pid = freeze(NULL, ACTION_ENABLE);
416 |
417 | for (i = 0; i < info.size; ++i) {
418 | if (info.item[i].status == REGISTERED) {
419 | doInlineHook(&info.item[i]);
420 | }
421 | }
422 |
423 | unFreeze(pid);
424 | }
425 |
--------------------------------------------------------------------------------
/app/src/main/jni/relocate.c:
--------------------------------------------------------------------------------
1 | /*
2 | relocate instruction
3 | author: ele7enxxh
4 | mail: ele7enxxh@qq.com
5 | website: ele7enxxh.com
6 | modified time: 2016-10-17
7 | created time: 2015-01-17
8 | */
9 |
10 | #include "relocate.h"
11 |
12 | #define ALIGN_PC(pc) (pc & 0xFFFFFFFC)
13 |
14 | enum INSTRUCTION_TYPE {
15 | // B