Skip to content

Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32.

Notifications You must be signed in to change notification settings

PAGalaxyLab/Android_Inline_Hook

 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

5 Commits
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Android Inline Hook

This project make an Android .so file that can automatically do some native hook works.

It mainly use Android Inline Hook, not PLT Hook.

If you can read Chinese or wanna see more picture, I've wrote some articles about this repo and the first one is the main article. I highly recommend you to read the articles before reading the code. These article will save you a lot of time, I promise.

  1. Android Inline Hook Practice
  2. Opcode Fix In Android Inline Hook
  3. An Introduction to Android Native Hook

Articles in English

I've received several e-mails and all the questions in them have been written in the articles Chinese. So i think it's necessary translate some part of the articles in English. I will try my best to tanslate more part and the parts metioned by the questions in issue will have high priority.

  1. Android Inline Hook Practice EN

How To Use

The only thing you have to change is the code in InlineHook.cpp.

You can name the __attribute__((constructor)) ModifyIBored() function at your will and change the follow arg in it:

  1. pModuleBaseAddr is the address of your target so.
  2. target_offset is the offset of your hook point in the target so.
  3. is_target_thumb shows the hook point's CPU mode. You can know this information in the work of reversing before the hook work.

EvilHookStubFunctionForIBored function is the thing you really wanna do when the hook works. You can name at your will, but keep the arg (pt_regs *regs). It brings you the power to control the registers, like set r0 to 0x333 : regs->uregs[0]=0x333;.

After you finish the args above, just ndk-build and you will get your .so file.

Example

I've make some examples in other repo, it includes code and the target APK file.

  1. thumb-2 example
  2. arm32 example

Contact

I believe that this project still has some problems. If you find some bugs or have some problems, you can send e-mail to [email protected]. I wish we can fix it together!

Reference

Game Security Lab of Tencent

Ele7enxxh's Blog

About

Build an so file to automatically do the android_native_hook work. Supports thumb-2/arm32.

Resources

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published

Languages

  • C 88.6%
  • C++ 6.3%
  • Makefile 2.6%
  • Assembly 2.5%