Java SubstrateMain 예제들

예제 #1

파일: TelephonyHooker.java 프로젝트: vendanner/android

  /** Hook main methods of the ServiceState class */
  private void attachOnServiceStateClass() {

    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("getIsManualSelection", 1);
    methodsToHook.put("getOperatorAlphaLong", 1);
    methodsToHook.put("getOperatorAlphaShort", 1);

    methodsToHook.put("getOperatorNumeric", 1);
    methodsToHook.put("getRoaming", 1);
    methodsToHook.put("getState", 1);

    methodsToHook.put("setIsManualSelection", 2);
    methodsToHook.put("setOperatorName", 2);
    methodsToHook.put("setRoaming", 2);

    methodsToHook.put("setState", 2);
    methodsToHook.put("setStateOff", 2);
    methodsToHook.put("setStateOutOfService", 2);

    try {
      hookMethods(null, "android.telephony.ServiceState", methodsToHook);
      SubstrateMain.log("hooking android.telephony.ServiceState methods sucessful");

    } catch (HookerInitializationException e) {
      SubstrateMain.log("hooking android.telephony.ServiceState methods has failed", e);
    }
  }

예제 #2

파일: SystemHooker.java 프로젝트: Bludge0n/hooker

  /** Attach on PackageManager class */
  private void attachOnPackageManagerClass() {
    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("addPermission", 2);
    methodsToHook.put("addPermissionAsync", 2);
    methodsToHook.put("checkPermission", 0);
    methodsToHook.put("getActivityInfo", 1);
    methodsToHook.put("getAllPermissionGroups", 1);
    methodsToHook.put("getApplicationEnabledSetting", 1);
    methodsToHook.put("getInstalledPackages", 1);
    // methodsToHook.put("getPackageInfo", 1); //This is quiet verbose and
    // frequent...
    methodsToHook.put("getPermissionInfo", 1);
    methodsToHook.put("getServiceInfo", 1);
    methodsToHook.put("getSystemSharedLibraryNames", 1);
    methodsToHook.put("hasSystemFeature", 1);
    methodsToHook.put("removePermission", 2);
    methodsToHook.put("setComponentEnabledSetting", 2);
    methodsToHook.put("setApplicationEnabledSetting", 2);

    try {
      hookMethods(null, "android.app.ApplicationPackageManager", methodsToHook);
      SubstrateMain.log("hooking android.app.ApplicationPackageManager methods sucessful");

    } catch (HookerInitializationException e) {
      SubstrateMain.log("hooking android.app.ApplicationPackageManager methods has failed", e);
    }
  }

예제 #3

파일: TelephonyHooker.java 프로젝트: vendanner/android

  /** Hook main methods of the SmsManager class */
  private void attachOnSmsManagerClass() {

    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("sendDataMessage", 2);
    methodsToHook.put("sendMultipartTextMessage", 2);
    methodsToHook.put("sendTextMessage", 2);

    try {
      hookMethods(null, "android.telephony.SmsManager", methodsToHook);
      SubstrateMain.log("hooking android.telephony.SmsManager methods sucessful");

    } catch (HookerInitializationException e) {
      SubstrateMain.log("hooking android.telephony.SmsManager methods has failed", e);
    }
  }

예제 #4

파일: FileEventReporter.java 프로젝트: Bludge0n/hooker

  /** @return */
  private FileOutputStream getCurrentFileOutputStream() {
    if (currentFileOutputStream == null) {
      File sdCardPath = Environment.getExternalStorageDirectory();

      // create directory if it doesn't exist
      File outputDir = new File(sdCardPath.getAbsolutePath() + File.separator + OUTPUT_PATH);
      if (!outputDir.exists()) {
        SubstrateMain.log("Creating the output directtory for event reporting");
        outputDir.mkdirs();
      }

      // delete old log files if exist
      String outputPath = outputDir.getAbsolutePath() + File.separator + this.outputFile;
      File outputFile = new File(outputPath);
      if (outputFile.exists()) {
        outputFile.delete();
      }

      // create the file
      try {
        outputFile.createNewFile();
      } catch (IOException e) {
        SubstrateMain.log(
            new StringBuilder("Error, impossible to create the file: ")
                .append(outputFile.getAbsolutePath())
                .toString(),
            e);
        return null;
      }

      try {
        currentFileOutputStream = new FileOutputStream(outputFile);
      } catch (FileNotFoundException e) {
        SubstrateMain.log(
            new StringBuilder("Error, impossible to open ")
                .append(outputFile.getAbsolutePath())
                .append(" on the sdcard")
                .toString(),
            e);
      }
    }
    return currentFileOutputStream;
  }

예제 #5

파일: TelephonyHooker.java 프로젝트: vendanner/android

  /** Hook main methods of the telephony manager class */
  private void attachOnTelephonyManagerClass() {

    Map<String, Integer> methodsFromTelephonyManagerToHook = new HashMap<String, Integer>();

    methodsFromTelephonyManagerToHook.put("getCellLocation", 1);
    methodsFromTelephonyManagerToHook.put("getSubscriberId", 1);
    methodsFromTelephonyManagerToHook.put("getDeviceId", 1);
    methodsFromTelephonyManagerToHook.put("getDeviceSoftwareVersion", 1);
    methodsFromTelephonyManagerToHook.put("getNeighboringCellInfo", 1);
    methodsFromTelephonyManagerToHook.put("getNetworkCountryIso", 1);
    methodsFromTelephonyManagerToHook.put("getNetworkOperator", 1);
    methodsFromTelephonyManagerToHook.put("getNetworkOperatorName", 1);
    methodsFromTelephonyManagerToHook.put("getLine1Number", 1);

    methodsFromTelephonyManagerToHook.put("getAllCellInfo", 1);
    methodsFromTelephonyManagerToHook.put("getCallState", 1);
    methodsFromTelephonyManagerToHook.put("getGroupIdLevel1", 1);

    methodsFromTelephonyManagerToHook.put("getNetworkType", 1);
    methodsFromTelephonyManagerToHook.put("getPhoneType", 1);
    methodsFromTelephonyManagerToHook.put("getSimCountryIso", 1);
    methodsFromTelephonyManagerToHook.put("getSimOperator", 1);
    methodsFromTelephonyManagerToHook.put("getSimOperatorName", 1);
    methodsFromTelephonyManagerToHook.put("getSimSerialNumber", 1);
    methodsFromTelephonyManagerToHook.put("getSimState", 1);
    methodsFromTelephonyManagerToHook.put("getVoiceMailNumber", 1);
    methodsFromTelephonyManagerToHook.put("isNetworkRoaming", 1);

    Map<String, Object> outputs = new HashMap<String, Object>();
    outputs.put("getDeviceId", "134679718293842");

    try {
      hookMethodsWithOutputs(
          null, "android.telephony.TelephonyManager", methodsFromTelephonyManagerToHook, outputs);
      SubstrateMain.log("hooking android.telephony.TelephonyManager methods sucessful");

    } catch (HookerInitializationException e) {
      SubstrateMain.log("hooking android.telephony.TelephonyManager methods has failed", e);
    }
  }

예제 #6

파일: TelephonyHooker.java 프로젝트: vendanner/android

  /** Hook main methods of the SmsMessage class */
  private void attachOnSmsMessageClass() {

    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("createFromPdu", 2);

    methodsToHook.put("getDisplayMessageBody", 1);
    methodsToHook.put("getDisplayOriginatingAddress", 21);
    methodsToHook.put("getEmailBody", 1);
    methodsToHook.put("getEmailFrom", 1);
    methodsToHook.put("getIndexOnIcc", 1);
    methodsToHook.put("getIndexOnSim", 1);
    methodsToHook.put("getMessageBody", 1);
    methodsToHook.put("getOriginatingAddress", 1);
    methodsToHook.put("getPdu", 1);
    methodsToHook.put("getProtocolIdentifier", 1);
    methodsToHook.put("getPseudoSubject", 1);
    methodsToHook.put("getServiceCenterAddress", 1);
    methodsToHook.put("getStatus", 1);
    methodsToHook.put("getStatusOnIcc", 1);
    methodsToHook.put("getStatusOnSim", 1);
    methodsToHook.put("getSubmitPdu", 1);
    methodsToHook.put("getUserData", 1);

    try {
      hookMethods(null, "android.telephony.SmsMessage", methodsToHook);
      SubstrateMain.log("hooking android.telephony.SmsMessage methods sucessful");

    } catch (HookerInitializationException e) {
      SubstrateMain.log("hooking android.telephony.SmsMessage methods has failed", e);
    }

    try {
      hookMethods(null, "android.telephony.gsm.SmsMessage", methodsToHook);
      SubstrateMain.log("hooking android.telephony.gsm.SmsMessage methods sucessful");

    } catch (HookerInitializationException e) {
      SubstrateMain.log("hooking android.telephony.gsm.SmsMessage methods has failed", e);
    }
  }

예제 #7

파일: SystemHooker.java 프로젝트: Bludge0n/hooker

  /** Attach on ActivityManager class. */
  private void attachOnActivityManagerClass() {
    final String className = "android.app.ActivityManager";

    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("clearApplicationUserData", 2);
    methodsToHook.put("dumpPackageState", 1);
    methodsToHook.put("getDeviceConfigurationInfo", 0);
    methodsToHook.put("getLargeMemoryClass", 0);
    methodsToHook.put("getMemoryClass", 0);
    methodsToHook.put("getMemoryInfo", 0);
    methodsToHook.put("getMyMemoryState", 0);
    methodsToHook.put("getProcessMemoryInfo", 0);
    methodsToHook.put("getProcessesInErrorState", 0);
    methodsToHook.put("getRecentTasks", 0);
    methodsToHook.put("getRunningAppProcesses", 0);
    methodsToHook.put("getRunningServiceControlPanel", 0);
    methodsToHook.put("getRunningServices", 0);
    methodsToHook.put("getRunningTasks", 0);
    methodsToHook.put("isLowRamDevice", 0);
    methodsToHook.put("isRunningInTestHarness", 0);
    methodsToHook.put("isUserAMonkey", 0);
    methodsToHook.put("killBackgroundProcesses", 0);
    methodsToHook.put("moveTaskToFront", 0);
    methodsToHook.put("restartPackage", 0);

    Map<String, Object> outputs = new HashMap<String, Object>();
    outputs.put("isUserAMonkey", false);

    try {
      hookMethodsWithOutputs(null, className, methodsToHook, outputs);
      SubstrateMain.log(
          new StringBuilder("hooking ").append(className).append(" methods sucessful").toString());

    } catch (HookerInitializationException e) {
      SubstrateMain.log(
          new StringBuilder("hooking ").append(className).append(" methods has failed").toString(),
          e);
    }
  }

예제 #8

파일: SystemHooker.java 프로젝트: Bludge0n/hooker

  /** Attach on SecurityManager */
  private void attachOnSecurityManagerClass() {
    final String className = "java.lang.SecurityManager";

    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("checkAccept", 0);
    methodsToHook.put("checkAccess", 0);
    methodsToHook.put("checkConnect", 0);
    methodsToHook.put("checkCreateClassLoader", 0);
    methodsToHook.put("checkDelete", 0);
    methodsToHook.put("checkExec", 0);
    methodsToHook.put("checkExit", 0);
    methodsToHook.put("checkLink", 0);
    methodsToHook.put("checkListen", 0);
    methodsToHook.put("checkMulticast", 0);
    methodsToHook.put("checkPackageAccess", 0);
    methodsToHook.put("checkPackageDefinition", 0);
    methodsToHook.put("checkPermission", 0);
    methodsToHook.put("checkPrintJobAccess", 0);
    methodsToHook.put("checkPropertiesAccess", 0);
    methodsToHook.put("checkPropertyAccess", 0);
    methodsToHook.put("checkRead", 0);
    methodsToHook.put("checkSecurityAccess", 0);
    methodsToHook.put("checkSetFactory", 0);
    methodsToHook.put("checkSystemClipboardAccess", 0);
    methodsToHook.put("checkWrite", 0);
    methodsToHook.put("checkSecurityContext", 0);

    try {
      hookMethods(null, className, methodsToHook);
      SubstrateMain.log(
          new StringBuilder("hooking ").append(className).append(" methods sucessful").toString());

    } catch (HookerInitializationException e) {
      SubstrateMain.log(
          new StringBuilder("hooking ").append(className).append(" methods has failed").toString(),
          e);
    }
  }

예제 #9

파일: SystemHooker.java 프로젝트: Bludge0n/hooker

  /** Attach on PowerManager class. */
  private void attachOnPowerManagerClass() {
    final String className = "android.os.PowerManager";

    Map<String, Integer> methodsToHook = new HashMap<String, Integer>();

    methodsToHook.put("goToSleep", 0);
    methodsToHook.put("isScreenOn", 0);
    methodsToHook.put("newWakeLock", 1);
    methodsToHook.put("reboot", 1);
    methodsToHook.put("userActivity", 1);
    methodsToHook.put("wakeUp", 1);

    try {
      hookMethods(null, className, methodsToHook);
      SubstrateMain.log(
          new StringBuilder("hooking ").append(className).append(" methods sucessful").toString());

    } catch (HookerInitializationException e) {
      SubstrateMain.log(
          new StringBuilder("hooking ").append(className).append(" methods has failed").toString(),
          e);
    }
  }

예제 #10

파일: FileEventReporter.java 프로젝트: Bludge0n/hooker

  /** @param jsonEvent */
  private void writeToFile(String jsonEvent) {

    FileOutputStream fos = this.getCurrentFileOutputStream();
    if (fos != null) {
      byte[] data = new String(jsonEvent + EVENT_DELIMITER).getBytes();
      try {
        fos.write(data);
        fos.flush();
      } catch (IOException e) {
        SubstrateMain.log(
            new StringBuilder("Error, while writing (or flushing) file ")
                .append(this.outputFile)
                .append(" on the sdcard")
                .toString(),
            e);
      }
    }
  }

예제 #11

파일: FileEventReporter.java 프로젝트: Bludge0n/hooker

 @Override
 protected void report(InterceptEvent event) {
   SubstrateMain.log("File reporter write to file an event.");
   this.writeToFile(event.toJson());
 }