├── MainActivity.java
├── PackHookPlugin.java
├── ScanAttack.java
└── ScanMethod.java


/MainActivity.java:
--------------------------------------------------------------------------------
 1 | package com.example.yixianglin.antidex2jar;
 2 | 
 3 | import android.support.v7.app.AppCompatActivity;
 4 | import android.os.Bundle;
 5 | import android.widget.TextView;
 6 | 
 7 | public class MainActivity extends AppCompatActivity {
 8 | 
 9 |     // Used to load the 'native-lib' library on application startup.
10 |     static {
11 |         System.loadLibrary("native-lib");
12 |     }
13 | 
14 |     @Override
15 |     protected void onCreate(Bundle savedInstanceState) {
16 |         super.onCreate(savedInstanceState);
17 |         setContentView(R.layout.activity_main);
18 | 
19 |         // Example of a call to a native method
20 |         TextView tv = (TextView) findViewById(R.id.sample_text);
21 |         tv.setText(stringFromJNI());
22 |     }
23 | 
24 |     /**
25 |      * A native method that is implemented by the 'native-lib' native library,
26 |      * which is packaged with this application.
27 |      */
28 |     public native String stringFromJNI();
29 | 
30 | 
31 | }
32 | 


--------------------------------------------------------------------------------
/PackHookPlugin.java:
--------------------------------------------------------------------------------
 1 | package com.example.yixianglin.antidex2jar;
 2 | 
 3 | import org.json.JSONArray;
 4 | import org.json.JSONException;
 5 | import org.json.JSONObject;
 6 | 
 7 | import java.util.ArrayList;
 8 | import java.util.Collection;
 9 | import java.util.HashMap;
10 | import java.util.List;
11 | import java.util.Map;
12 | 
13 | /**
14 |  * Created by yixianglin on 2018/3/12.
15 |  */
16 | 
17 | public class PackHookPlugin {
18 |     private int a;
19 |     private Map<String,List<String>> methodDesciption;
20 |     public PackHookPlugin(int i){
21 |         this.methodDesciption=new HashMap();
22 |         this.a=i;
23 |     }
24 | 
25 |     public void addMethod(String key,String value){
26 |         if(!this.methodDesciption.containsKey(key)){
27 |             List arrayList=new ArrayList();
28 |             arrayList.add(value);
29 |             this.methodDesciption.put(key,arrayList);
30 |         }else if(!((List)this.methodDesciption.get(key)).contains(value)){
31 |             ((List)this.methodDesciption.get(key)).add(value);
32 |         }
33 |     }
34 | 
35 |     public JSONArray defineMethod(){
36 |         if(this.methodDesciption.isEmpty()){
37 |             return null;
38 |         }
39 | 
40 |         JSONArray jsonArray=new JSONArray();
41 |         for(String key:this.methodDesciption.keySet()){
42 |             JSONObject jsonObject=new JSONObject();
43 |             JSONArray jsonArray1=new JSONArray((Collection)this.methodDesciption.get(key));
44 |             try {
45 |                 jsonObject.put("function",jsonArray1);
46 |             } catch (JSONException e) {
47 |                 e.printStackTrace();
48 |             }
49 |             jsonArray.put(jsonObject);
50 |         }
51 |         return jsonArray;
52 | 
53 |     }
54 | }
55 | 


--------------------------------------------------------------------------------
/ScanAttack.java:
--------------------------------------------------------------------------------
  1 | package com.example.yixianglin.antidex2jar;
  2 | 
  3 | import android.content.Context;
  4 | 
  5 | import org.json.JSONArray;
  6 | 
  7 | import java.lang.reflect.Field;
  8 | import java.lang.reflect.Member;
  9 | import java.lang.reflect.Method;
 10 | import java.lang.reflect.Modifier;
 11 | import java.util.ArrayList;
 12 | import java.util.Iterator;
 13 | import java.util.Map;
 14 | 
 15 | /**
 16 |  * Created by yixianglin on 2018/3/12.
 17 |  */
 18 | 
 19 | public class ScanAttack {
 20 |     private static ScanAttack mInstance=null;
 21 |     public static ScanAttack getmInstance(){
 22 |         if(mInstance==null){
 23 |            synchronized (ScanAttack.class){
 24 |                mInstance=new ScanAttack();
 25 |            }
 26 |         }
 27 |         return mInstance;
 28 |     }
 29 | 
 30 |     //通过检查环境种是否有hook框架进行检测
 31 |     private static boolean scanPackage(Context context, String string){
 32 |         boolean bool=false;
 33 |         try {
 34 |             if(context.getPackageManager().getPackageInfo(string,0).equals(string)){
 35 |                 bool=true;
 36 |             }
 37 |             return bool;
 38 | 
 39 |         }catch (Exception e){
 40 |             return false;
 41 |         }
 42 |     }
 43 | 
 44 |     public static boolean xposedInstalled(Context context){
 45 |         boolean bool=scanPackage(context,"de.robv.android.xposed.installer");
 46 |         return bool;
 47 |     }
 48 | 
 49 |     public static boolean cydiaInstalled(Context context){
 50 |         boolean bool=scanPackage(context,"com.saurik.substrate");
 51 |         return bool;
 52 |     }
 53 | 
 54 | 
 55 |     //通过检查需要保护的方法属性是否由Java变成了native
 56 |     private static JSONArray methodToNative(){
 57 |         PackHookPlugin packHookPlugin=new PackHookPlugin(2);
 58 |         for(ScanMethod.HooKMethod hooKMethod:ScanMethod.a){
 59 |             try {
 60 |                 int modifiers=Class.forName(hooKMethod.classname).getDeclaredMethod(hooKMethod.methodname,hooKMethod.type).getModifiers();
 61 |                 if(Modifier.isNative(modifiers)){
 62 |                     packHookPlugin.addMethod("native",hooKMethod.methodname+"#"+hooKMethod.type);
 63 | 
 64 |                 }
 65 |             } catch (NoSuchMethodException e) {
 66 |                 e.printStackTrace();
 67 |             } catch (ClassNotFoundException e) {
 68 |                 e.printStackTrace();
 69 |             }
 70 |         }
 71 |         return packHookPlugin.defineMethod();
 72 |     }
 73 |     //检查函数调用堆栈中是否有hook框架包
 74 |     private static boolean checkXposedStackTrace(Context context){
 75 |         int i=0;
 76 |         try{
 77 |             throw new Exception("checkXposedStackTrance");
 78 |         }catch (Exception e){
 79 |             StackTraceElement[] stackTraceElements=e.getStackTrace();
 80 |             int length=stackTraceElements.length;
 81 |             boolean bool=false;
 82 |             while (i<length){
 83 |                 StackTraceElement stackTraceElement=stackTraceElements[i];
 84 |                 String getClassname=stackTraceElement.getClassName();
 85 |                 String getMethodname=stackTraceElement.getMethodName();
 86 |                 if(getClassname.trim().equals("de.robv.android.xposed.XposedBridge") && getMethodname.equals("main")){
 87 |                     bool=true;
 88 |                 }
 89 |                 if(getClassname.trim().equals("de.robv.android.xposed.XposedBridge") && getMethodname.equals("handleHookedMethod")){
 90 |                     bool=true;
 91 |                 }
 92 |                 i++;
 93 |             }
 94 |             return bool;
 95 |         }
 96 |     }
 97 | 
 98 |     private static boolean checkCydiaStackTrace(Context context){
 99 |         boolean bool=false;
100 |         try {
101 |             throw new Exception("checkCydiaStackTrace");
102 | 
103 |         }catch (Exception e){
104 |             StackTraceElement[] stackTraceElements=e.getStackTrace();
105 |             int i=0;
106 |             for (StackTraceElement stackTraceElement:stackTraceElements){
107 |                 String getClassname=stackTraceElement.getClassName();
108 |                 String getMethodname=stackTraceElement.getMethodName();
109 |                 if(getClassname.equals("com.android.internal.os.ZygoteInit")){
110 |                     i++;
111 |                     if(i==2){
112 |                         bool=true;
113 |                     }
114 |                 }
115 |                 if(getClassname.equals("com.saurik.substrate.MS$2") && getMethodname.equals("invoked")){
116 |                     bool=true;
117 |                 }
118 |             }
119 |             return bool;
120 |         }
121 |     }
122 | 
123 |     //通过反射调用hook类，判断是否有hook框架
124 | 
125 |     private static boolean checkCydiaClass(Context context){
126 |         boolean bool=false;
127 |         Class clazz=null;
128 |         try {
129 |             clazz=ClassLoader.getSystemClassLoader().loadClass("com.saurik.substrate.SubstrateClassLoader");
130 | 
131 |         } catch (ClassNotFoundException e) {
132 |             e.printStackTrace();
133 |         }
134 |         if(clazz!=null){
135 |             bool=true;
136 |         }
137 |         return bool;
138 |     }
139 | 
140 |     //检查应用的field是否被hook
141 |     private static String xposedFieldInHook(Context context){
142 |         String result=null;
143 |         try {
144 |             Field declaredField=ClassLoader.getSystemClassLoader().loadClass("de.robv.android.xposed.XposedHelpers").getDeclaredField("fieldCache");
145 |             declaredField.setAccessible(true);
146 |             Map map=(Map)declaredField.get(null);
147 |             ArrayList arrayList=new ArrayList();
148 |             arrayList.add(map.keySet());
149 |             result=arrayList.toString();
150 | 
151 |         }catch (Exception e){
152 | 
153 |         }
154 |         return result;
155 |     }
156 | 
157 |     //检查保护的方法是否被xposed hook
158 |     private static String xposedMethodInHook(Context context){
159 |         String jsonArray=null;
160 |         PackHookPlugin packHookPlugin=new PackHookPlugin(1);
161 |         try {
162 |             Field declaredField=ClassLoader.getSystemClassLoader().loadClass("de.robv.android.xposed.XposedBridge").getDeclaredField("sHookedMethodCallbacks");
163 |             declaredField.setAccessible(true);
164 |             Map map=(Map) declaredField.get(null);
165 |             Class clazz=ClassLoader.getSystemClassLoader().loadClass("de.robv.android.xposed.XposedBridge$CopyOnWriteSortedSet");
166 |             Method getSnapshot=clazz.getDeclaredMethod("getSnapshot");
167 |             Iterator iterator=map.entrySet().iterator();
168 |             if(iterator.hasNext()) {
169 |                 Map.Entry entry = (Map.Entry) iterator.next();
170 |                 Member member = (Member) entry.getKey();
171 |                 Object value = entry.getValue();//CopyOnWriteSortedSet
172 |                 String methodInHook = ScanMethod.getMethod(member.toString());
173 |                 if (!"".equals(methodInHook) && clazz.isInstance(value)) {
174 |                     for (Object object : (Object[]) getSnapshot.invoke(value, new Object[0])) {
175 |                         String classLoader = object.getClass().getClassLoader().toString();
176 |                         if (classLoader.split("\"").length > 1) {
177 |                             packHookPlugin.addMethod(classLoader.split("\"")[1], methodInHook);
178 |                         }
179 |                     }
180 | 
181 |                 }
182 |             }
183 | 
184 |             JSONArray jsonArray1=packHookPlugin.defineMethod();
185 |             JSONArray methodToNative=methodToNative();
186 |             if(jsonArray1!=null){
187 |                 if(methodToNative!=null){
188 |                     for(int i=0;i<methodToNative.length();i++){
189 |                         jsonArray1.put(methodToNative.getJSONObject(i));
190 |                     }
191 |                 }
192 |                 jsonArray=jsonArray1.toString();
193 |             }else {
194 |                 if(methodToNative!=null){
195 |                     jsonArray=methodToNative.toString();
196 |                 }
197 |                 jsonArray=null;
198 |             }
199 | 
200 |         }catch (Exception e){}
201 |         return jsonArray;
202 |     }
203 | 
204 | }
205 | 


--------------------------------------------------------------------------------
/ScanMethod.java:
--------------------------------------------------------------------------------
  1 | package com.example.yixianglin.antidex2jar;
  2 | 
  3 | import android.app.ActivityManager;
  4 | import android.app.ActivityManager.MemoryInfo;
  5 | import android.bluetooth.BluetoothAdapter;
  6 | import android.content.ComponentName;
  7 | import android.content.ContentResolver;
  8 | import android.content.Context;
  9 | import android.content.Intent;
 10 | import android.content.SharedPreferences.Editor;
 11 | import android.content.pm.PackageManager;
 12 | import android.location.Location;
 13 | import android.net.Proxy;
 14 | import android.net.wifi.WifiInfo;
 15 | import android.net.wifi.WifiManager;
 16 | import android.os.Debug;
 17 | import android.os.Process;
 18 | import android.os.StatFs;
 19 | import android.provider.Settings.Secure;
 20 | import android.provider.Settings.System;
 21 | import android.telephony.TelephonyManager;
 22 | import android.view.Display;
 23 | import java.io.File;
 24 | import java.lang.reflect.Modifier;
 25 | import java.net.InetAddress;
 26 | import java.net.NetworkInterface;
 27 | import java.util.ArrayList;
 28 | import java.util.List;
 29 | import java.util.Locale;
 30 | import java.util.TimeZone;
 31 | 
 32 | public class ScanMethod {
 33 |     public static List<HooKMethod> a;
 34 | 
 35 |     public static class HooKMethod {
 36 |         public int index;
 37 |         public String classname;
 38 |         public String methodname;
 39 |         public Class[] type;
 40 | 
 41 |         public HooKMethod(int index, String classname, String methodname, Class[] type) {
 42 |             this.index=index;
 43 |             this.classname=classname;
 44 |             this.methodname=methodname;
 45 |             this.type=type;
 46 | 
 47 |         }
 48 |     }
 49 | 
 50 |     static {
 51 |         List arrayList = new ArrayList();
 52 |         a = arrayList;
 53 |         arrayList.add(new HooKMethod(0, System.class.getName(), "getString", new Class[]{ContentResolver.class, String.class}));
 54 |         a.add(new HooKMethod(1, Editor.class.getName(), "putString", new Class[]{String.class, String.class}));
 55 |         a.add(new HooKMethod(2, "android.os.SystemProperties", "get", new Class[]{String.class, String.class}));
 56 |         a.add(new HooKMethod(3, TelephonyManager.class.getName(), "getSubscriberId", new Class[0]));
 57 |         a.add(new HooKMethod(4, TelephonyManager.class.getName(), "getLine1Number", new Class[0]));
 58 |         a.add(new HooKMethod(5, TelephonyManager.class.getName(), "getDeviceId", new Class[0]));
 59 |         a.add(new HooKMethod(6, TelephonyManager.class.getName(), "getVoiceMailNumber", new Class[0]));
 60 |         a.add(new HooKMethod(7, TelephonyManager.class.getName(), "getSimSerialNumber", new Class[0]));
 61 |         a.add(new HooKMethod(8, TelephonyManager.class.getName(), "getNetworkCountryIso", new Class[0]));
 62 |         a.add(new HooKMethod(9, TelephonyManager.class.getName(), "getNetworkOperatorName", new Class[0]));
 63 |         a.add(new HooKMethod(10, TelephonyManager.class.getName(), "getSimOperatorName", new Class[0]));
 64 |         a.add(new HooKMethod(11, TelephonyManager.class.getName(), "getPhoneType", new Class[0]));
 65 |         a.add(new HooKMethod(12, TelephonyManager.class.getName(), "getNetworkType", new Class[0]));
 66 |         a.add(new HooKMethod(13, TelephonyManager.class.getName(), "getCellLocation", new Class[0]));
 67 |         a.add(new HooKMethod(14, TelephonyManager.class.getName(), "getDeviceSoftwareVersion", new Class[0]));
 68 |         a.add(new HooKMethod(15, WifiInfo.class.getName(), "getMacAddress", new Class[0]));
 69 |         a.add(new HooKMethod(16, WifiInfo.class.getName(), "getIpAddress", new Class[0]));
 70 |         a.add(new HooKMethod(17, WifiInfo.class.getName(), "getSSID", new Class[0]));
 71 |         a.add(new HooKMethod(18, WifiInfo.class.getName(), "getBSSID", new Class[0]));
 72 |         a.add(new HooKMethod(19, WifiManager.class.getName(), "getConnectionInfo", new Class[0]));
 73 |         a.add(new HooKMethod(20, WifiManager.class.getName(), "getDhcpInfo", new Class[0]));
 74 |         a.add(new HooKMethod(21, WifiManager.class.getName(), "getScanResults", new Class[0]));
 75 |         a.add(new HooKMethod(22, NetworkInterface.class.getName(), "getNetworkInterfaces", new Class[0]));
 76 |         a.add(new HooKMethod(23, Proxy.class.getName(), "getHost", new Class[]{Context.class}));
 77 |         a.add(new HooKMethod(24, Proxy.class.getName(), "getPort", new Class[]{Context.class}));
 78 |         a.add(new HooKMethod(25, System.class.getName(), "getProperty", new Class[]{String.class}));
 79 |         a.add(new HooKMethod(26, PackageManager.class.getName(), "getInstallerPackageName", new Class[]{String.class}));
 80 |         a.add(new HooKMethod(27, PackageManager.class.getName(), "getPackageInfo", new Class[]{String.class, Integer.TYPE}));
 81 |         a.add(new HooKMethod(28, PackageManager.class.getName(), "getInstalledPackages", new Class[]{Integer.TYPE}));
 82 |         a.add(new HooKMethod(29, File.class.getName(), "getAbsolutePath", new Class[0]));
 83 |         a.add(new HooKMethod(30, ActivityManager.class.getName(), "getRunningTasks", new Class[]{Integer.TYPE}));
 84 |         a.add(new HooKMethod(31, ComponentName.class.getName(), "getPackageName", new Class[0]));
 85 |         a.add(new HooKMethod(32, Modifier.class.getName(), "isNative", new Class[]{Integer.TYPE}));
 86 |         a.add(new HooKMethod(33, Debug.class.getName(), "isDebuggerConnected", new Class[0]));
 87 |         a.add(new HooKMethod(34, Process.class.getName(), "myPid", new Class[0]));
 88 |         a.add(new HooKMethod(35, TimeZone.class.getName(), "getRawOffset", new Class[0]));
 89 |         a.add(new HooKMethod(36, TimeZone.class.getName(), "getDSTSavings", new Class[0]));
 90 |         a.add(new HooKMethod(37, Locale.class.getName(), "getLanguage", new Class[0]));
 91 |         a.add(new HooKMethod(38, Intent.class.getName(), "getIntent", new Class[]{String.class}));
 92 |         a.add(new HooKMethod(39, Intent.class.getName(), "getExtra", new Class[]{String.class}));
 93 |         a.add(new HooKMethod(40, Intent.class.getName(), "getBooleanExtra", new Class[]{String.class, Boolean.TYPE}));
 94 |         a.add(new HooKMethod(41, Intent.class.getName(), "getByteExtra", new Class[]{String.class, Byte.TYPE}));
 95 |         a.add(new HooKMethod(42, Intent.class.getName(), "getShortExtra", new Class[]{String.class, Short.TYPE}));
 96 |         a.add(new HooKMethod(43, Intent.class.getName(), "getCharExtra", new Class[]{String.class, Character.TYPE}));
 97 |         a.add(new HooKMethod(44, Intent.class.getName(), "getIntExtra", new Class[]{String.class, Integer.TYPE}));
 98 |         a.add(new HooKMethod(45, Intent.class.getName(), "getLongExtra", new Class[]{String.class, Long.TYPE}));
 99 |         a.add(new HooKMethod(46, Intent.class.getName(), "getFloatExtra", new Class[]{String.class, Float.TYPE}));
100 |         a.add(new HooKMethod(47, Intent.class.getName(), "getDoubleExtra", new Class[]{String.class, Double.TYPE}));
101 |         a.add(new HooKMethod(48, Intent.class.getName(), "getStringExtra", new Class[]{String.class}));
102 |         a.add(new HooKMethod(49, Display.class.getName(), "getWidth", new Class[0]));
103 |         a.add(new HooKMethod(50, Display.class.getName(), "getHeight", new Class[0]));
104 |         a.add(new HooKMethod(51, BluetoothAdapter.class.getName(), "getAddress", new Class[0]));
105 |         a.add(new HooKMethod(52, Secure.class.getName(), "getString", new Class[]{ContentResolver.class, String.class}));
106 |         a.add(new HooKMethod(53, ActivityManager.class.getName(), "getMemoryInfo", new Class[]{MemoryInfo.class}));
107 |         a.add(new HooKMethod(54, StatFs.class.getName(), "getBlockSize", new Class[0]));
108 |         a.add(new HooKMethod(55, StatFs.class.getName(), "getBlockSizeLong", new Class[0]));
109 |         a.add(new HooKMethod(56, StatFs.class.getName(), "getBlockCount", new Class[0]));
110 |         a.add(new HooKMethod(57, StatFs.class.getName(), "getBlockCountLong", new Class[0]));
111 |         a.add(new HooKMethod(58, StatFs.class.getName(), "getAvailableBlocks", new Class[0]));
112 |         a.add(new HooKMethod(59, StatFs.class.getName(), "getAvailableBlocksLong", new Class[0]));
113 |         a.add(new HooKMethod(60, Location.class.getName(), "getLatitude", new Class[0]));
114 |         a.add(new HooKMethod(61, Location.class.getName(), "getLongitude", new Class[0]));
115 |         a.add(new HooKMethod(62, InetAddress.class.getName(), "isLoopbackAddress", new Class[0]));
116 |         a.add(new HooKMethod(63, "android.os.SystemProperties", "get", new Class[]{String.class}));
117 |     }
118 | 
119 |     public static String getMethod(String string){
120 |         for(HooKMethod hooKMethod:a){
121 |             if(string.contains(hooKMethod.classname) && string.contains(hooKMethod.methodname)){
122 |                 Class[] clsArr=hooKMethod.type;
123 |                 StringBuilder stringBuilder=new StringBuilder();
124 |                 for(Class cls:clsArr){
125 |                     if(stringBuilder.length()>0){
126 |                         stringBuilder.append(",");
127 |                     }
128 |                     stringBuilder.append(cls.getName());
129 |                 }
130 |                 if(string.contains(stringBuilder.toString())){
131 |                     return hooKMethod.classname+"#"+hooKMethod.methodname;
132 |                 }
133 |             }
134 | 
135 |         }
136 |         return "";
137 | 
138 |     }
139 | 
140 | 
141 | }
142 | 
143 | 


--------------------------------------------------------------------------------