methodHook

Project Url: bin2415/methodHook
Introduction: 通过 Xposed 框架 hook android 的敏感函数,具体参考 https://github.com/halfkiss/ZjDroid,并添加了相应的函数
More: Author   ReportBugs   
Tags:
zzd-
  • 需要一台 root 过的 android4.4.x 的设备
  • 在该设备中安装 Xposed Installer 客户端,由于安装 Xposed 时,需要将 android 的 app_main.cpp 等文件进行替换,
    所以需要 android 的 root 权限
  • 安装编写好的 com.bingpang.methodhook 模块至该客户端,此时 Xposed 客户端将会检测到有 Xposed 模块,如图所示
    安装模板截图
  • 勾选该模板并重启 android 设备

----

Hook Method 解析

实现的功能

  • 标签为 FM 的 log 输出了具体敏感函数的类和方法名,如 android.telephony.SmsManager->sendTextMessage
  • 标签为 DetailInform 的 log 则输出了敏感函数相应的数据,如在 android.telephony.SmsManager->sendTextMessage 中
    会输出 Send SMS -> SMS DestNumber: destNumber , SMS Content: Content

    具体的敏感函数列表

SmsManager

  • android.telephony.SmsManager/sendTextMessage
  • android.telephony.SmsManager/getAllMessagesFromIcc
  • android.telephony.SmsManager/sendDataMessage
  • android.telephony.SmsManager/sendMultipartTextMessage

TelephonyManager

  • android.telephony.TelephonyManager/getLine1Number
  • android.telephony.TelephonyManager/listen

AccountManager

  • android.accounts.AccountManager/getAccounts
  • android.accounts.AccountManager/getAccountsByType

ActivityManager

  • android.app.ActivityManager/killBackgroundProcesses
  • android.app.ActivityManager/forceStopPackage

AlarmManager

  • android.app.AlarmManager/setImpl

AudioRecord

  • android.media.AudioRecord

Camera

  • android.hardware.Camera/takepicture
  • android.hardware.Camera/setPreviewCallback
  • android.hardware.Camera/setPreviewCallbackWithBuffer
  • android.hardware.Camera/setOneShotPreviewCallback

ConnectivityManager

  • android.net.ConnectivityManager/setMobileDataEnabled

ContentResolver

  • android.content.ContentResolver/qurey
  • android.content.ContentResolver/registerContentObserver
  • android.content.ContentResolver/insert
  • android.content.ContentResolver/bulkInsert
  • android.content.ContentResolver/delete
  • android.content.ContentResolver/update
  • android.content.ContentResolver/applyBatch

ContextImpl

  • android.app.ContextImpl/registerReceiver

MediaRecorder

  • android.media.MediaRecorder/start
  • android.media.MediaRecorder/stop

Internet

  • java.net.URL/openConnection
  • org.apache.http.impl.client.AbstractHttpClient/execute

NotificationManager

  • android.app.NotificationManager/notify

ApplicationPackageManager

  • android.app.ApplicationPackageManager/installPackage
  • android.app.ApplicationPackageManager/deletePackage
  • android.app.ApplicationPackageManager/getInstalledPackages

Highly Recommended:Google Play 4.7 Star Android Developer Tools, Decompile, View Manifest, Open Debug Options Quickly

Apps
Android Developer Tools
Android Developer Tools Pro
About Me
Tools: TimeShining
GitHub: Trinea
Facebook: Dev Tools