Hello,
I'm trying to create my own first xposed module after completing the tutorial successfully
What I'm trying to do is to hook the sendTextMessage from the class android.telephony.SmsManager
I've a modified ROM, so i added logs to this API and I see that when I'm sending SMS, i enter this API for sure.
I also know that the class loading and method getting works fine, but the before and after hooks are not called...
this is my module code:
Code:
package com.example.xpossedexample;
import static de.robv.android.xposed.XposedHelpers.findAndHookMethod;
import android.app.PendingIntent;
import android.graphics.Color;
import android.os.Message;
import android.widget.TextView;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XC_MethodHook.MethodHookParam;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.callbacks.XC_LoadPackage.LoadPackageParam;
public class Smstry implements IXposedHookLoadPackage {
public void handleLoadPackage(final LoadPackageParam lpparam) throws Throwable {
// XposedBridge.log("handleLoadPackage:: Enter:: package name is:: " + lpparam.packageName);
if (!lpparam.packageName.equals("android")) {
// XposedBridge.log("not android package");
return;
}
XposedBridge.log("this is android package");
findAndHookMethod("android.telephony.SmsManager", lpparam.classLoader, "sendTextMessage",String.class,String.class,String.class,PendingIntent.class,PendingIntent.class, new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log("Enter:: before sendTextMessage hook");
}
});
}
}
any idea why the hooks are not called? any good way to debug this?
Thanks,
Gidi
Is the method being hooked correctly? Check your Xposed log and see if there are any errors. If not, then that method probably isn't getting called.
PS. You may want to use IXposedHookZygote/initZygote instead of IXposedHookLoadPackage/handleLoadPackage for "android".
GermainZ said:
Is the method being hooked correctly? Check your Xposed log and see if there are any errors. If not, then that method probably isn't getting called.
PS. You may want to use IXposedHookZygote/initZygote instead of IXposedHookLoadPackage/handleLoadPackage for "android".
Click to expand...
Click to collapse
Hi,
Thanks for your reply.
from the test i did, the method is being correctly hooked, there are no errors in the logs.
The method is definitely being called, I added logs to the original method, so I see that it's being called.
Since i need to hook this method, I'm not sure if IXposedHookZygote/initZygote will work here (at least from the examples i saw).
can I use IXposedHookZygote/initZygote to hook a method?
Thanks,
Gidi
Ok, I managed to hook my method as you suggested.
Now, I've a problem I don't understand.
in AOSP, there's a class called RIL (com.android.internal.telephony.RIL), when i try to hook it, and give it as com.android.internal.telephony.RIL.class, I get an error, the IDE doesn't recognize this class (only com.android.internal.util) can be found...
any idea?
Thanks,
Gidi
shnapsi said:
Ok, I managed to hook my method as you suggested.
Now, I've a problem I don't understand.
in AOSP, there's a class called RIL (com.android.internal.telephony.RIL), when i try to hook it, and give it as com.android.internal.telephony.RIL.class, I get an error, the IDE doesn't recognize this class (only com.android.internal.util) can be found...
any idea?
Thanks,
Gidi
Click to expand...
Click to collapse
Use "com.android.internal.telephony.RIL" (as a string).
GermainZ said:
Use "com.android.internal.telephony.RIL" (as a string).
Click to expand...
Click to collapse
Thanks, but then i need to give a classLoader as a parameter which i don't have when i'm using initZygote method.
Have i missed something?
shnapsi said:
Thanks, but then i need to give a classLoader as a parameter which i don't have when i'm using initZygote method.
Have i missed something?
Click to expand...
Click to collapse
I found the solution: i'm using the startupParam class's classloader
startupParam.getClass().getClassLoader(),
Thanks a lot!
If you're using initZygote the classloader argument can be null as well.
GermainZ said:
If you're using initZygote the classloader argument can be null as well.
Click to expand...
Click to collapse
So now I'm confused...
In that case, if i want to hook this specific method (or method located in packages that are not recognized, it's better to use handleLoadPackage and not initZygote?
No, just replace "startupParam.getClass().getClassLoader()" by "null".
GermainZ said:
No, just replace "startupParam.getClass().getClassLoader()" by "null".
Click to expand...
Click to collapse
Sorry, now i lost you completely
shnapsi said:
Sorry, now i lost you completely
Click to expand...
Click to collapse
Here's an example that should show the difference clearly. Both methods (initZygote and handleLoadPackage) will have the same effect (this is only true if you're hooking the "android" package; if you're hooking anything else, you must use handleLoadPackage).
Java:
public class XposedMod implements IXposedHookLoadPackage, IXposedHookZygoteInit {
[PLAIN]@Override[/PLAIN]
public void initZygote(StartupParam startupParam) throws Throwable {
XC_MethodHook myHook = new XC_MethodHook() {
[PLAIN]@Override[/PLAIN]
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
// Do something.
}
};
findAndHookMethod(SomeSdkClass.class, "methodName", myHook);
findAndHookMethod("SomeOtherClass", null , "methodName", myHook);
}
[PLAIN]@Override[/PLAIN]
public void handleLoadPackage(final LoadPackageParam lpparam) throws Throwable {
if (!lpparam.packageName.equals("android"))
return;
XC_MethodHook myHook = new XC_MethodHook() {
[PLAIN]@Override[/PLAIN]
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
// Do something.
}
};
findAndHookMethod(SomeSdkClass.class, "methodName", myHook);
findAndHookMethod("SomeOtherClass", lpparam.classLoader , "methodName", myHook);
}
}
GermainZ said:
Here's an example that should show the difference clearly. Both methods (initZygote and handleLoadPackage) will have the same effect (this is only true if you're hooking the "android" package; if you're hooking anything else, you must use handleLoadPackage).
Java:
public class XposedMod implements IXposedHookLoadPackage, IXposedHookZygoteInit {
[PLAIN]@Override[/PLAIN]
public void initZygote(StartupParam startupParam) throws Throwable {
XC_MethodHook myHook = new XC_MethodHook() {
[PLAIN]@Override[/PLAIN]
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
// Do something.
}
};
findAndHookMethod(SomeSdkClass.class, "methodName", myHook);
findAndHookMethod("SomeOtherClass", null , "methodName", myHook);
}
[PLAIN]@Override[/PLAIN]
public void handleLoadPackage(final LoadPackageParam lpparam) throws Throwable {
if (!lpparam.packageName.equals("android"))
return;
XC_MethodHook myHook = new XC_MethodHook() {
[PLAIN]@Override[/PLAIN]
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
// Do something.
}
};
findAndHookMethod(SomeSdkClass.class, "methodName", myHook);
findAndHookMethod("SomeOtherClass", lpparam.classLoader , "methodName", myHook);
}
}
Click to expand...
Click to collapse
Thanks a lot!!! :laugh:
Related
Hi everyone. I ask for help. I literally beg for it..
com.android.dialer.dialpad.LatinSmartDialMap
You can see it here http://grepcode.com/file/repository...id/dialer/dialpad/LatinSmartDialMap.java?av=f
I only want to replace method . Any of them.
For example I want this method returns FALSE every time it's called.
Code:
@Override
public boolean isValidDialpadAlphabeticChar(char ch) {
return (ch >= 'a' && ch <= 'z');
}
Here is my code
Code:
public class Fm implements IXposedHookLoadPackage {
public void handleLoadPackage(final LoadPackageParam loadpkg) throws Throwable {
if (loadpkg.packageName.equals("com.android.dialer")) {
ClassLoader classLoader = loadpkg.classLoader;
XC_MethodReplacement methodreplacer = new XC_MethodReplacement() {
protected Object replaceHookedMethod(
XC_MethodHook.MethodHookParam paramAnonymousMethodHookParam)
throws Throwable {
XposedBridge.log("ALLLLL RIGHTTTT . NOW We ARE IN. AND MADE IT FALSe");
return false;
}
};
XposedHelpers.findAndHookMethod("com.android.dialer.dialpad.LatinSmartDialMap", loadpkg.classLoader,
"[COLOR="Red"]isValidDialpadAlphabeticChar[/COLOR]", Character.class, methodreplacer);
}
}
}
But this doesn't work
Here what I see in xposed log file:
java.lang.NoSuchMethodError: com.android.dialer.dialpad.LatinSmartDialMap#isValidDialpadAlphabeticChar(java.lang.Character)#exact
at de.robv.android.xposed.XposedHelpers.findMethodExact(XposedHelpers.java:179)
at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:129)
at de.robv.android.xposed.XposedHelpers.findAndHookMethod(XposedHelpers.java:136)
at com.s0bes.fmspeaker.Fm.handleLoadPackage(Fm.java:30)
at de.robv.android.xposed.IXposedHookLoadPackage
BUUUT. If I will try to replace other method. For example
matchesCombination in com.android.dialer.dialpad.SmartDialNameMatcher (http://grepcode.com/file/repository...dialer/dialpad/SmartDialNameMatcher.java?av=f)
Here the part of code which was changed:
Code:
XposedHelpers.findAndHookMethod("com.android.dialer.dialpad.SmartDialNameMatcher", loadpkg.classLoader,
"matchesCombination", String.class, String.class, ArrayList.class, methodreplacer);
Now everything work...
So, it works with one thing and doesnt work with method I need
If you want to replace a method to return a consatnt, you can use the XC_MethodReplacement.returnConstant(…) shortcut. For example:
Java:
XposedHelpers.findAndHookMethod("com.android.dialer.dialpad.SmartDialNameMatcher", loadpkg.classLoader,
"matchesCombination", String.class, String.class, ArrayList.class, XC_MethodReplacement.returnConstant(false));
As for your problem, you're trying to hook isValidDialpadAlphabeticChar(Character.class), but you should be hooking isValidDialpadAlphabeticChar(char.class). Just replace "Character.class" by "char.class" in your findAndHookMethod call.
I want to hook the constructor with xposed , and the code is as follows ,but there is some wrong.
Code:
XposedHelpers.findAndHookConstructor("java.io.File",
lpparam.classLoader, new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param)
throws Throwable {
}
@Override
protected void afterHookedMethod(MethodHookParam param)
throws Throwable {
System.out.println("file interception" + "-------------->"
+ param.args[0]);
}
});
Error content:
java.lang.NoSuchMethodError: java.io.File()#exact
Thanks
That's because there is no File() constructor. To hook e.g. File(String filename), you need to use:
Code:
XposedHelpers.findAndHookConstructor("java.io.File",
lpparam.classLoader, [COLOR="Red"][B]String.class, [/B][/COLOR]new XC_MethodHook() {
or simply
Code:
XposedHelpers.findAndHookConstructor(File.class, [COLOR="Red"][B]String.class, [/B][/COLOR]new XC_MethodHook() {
Be careful with such generic classes though, you can easily get lots of calls to it.
rovo89 said:
That's because there is no File() constructor. To hook e.g. File(String filename), you need to use:
Code:
XposedHelpers.findAndHookConstructor("java.io.File",
lpparam.classLoader, [COLOR="Red"][B]String.class, [/B][/COLOR]new XC_MethodHook() {
or simply
Code:
XposedHelpers.findAndHookConstructor(File.class, [COLOR="Red"][B]String.class, [/B][/COLOR]new XC_MethodHook() {
Be careful with such generic classes though, you can easily get lots of calls to it.
Click to expand...
Click to collapse
It works, thanks you very much .
I am trying to log HTTP requests and answers from single apps.
Code:
import java.net.URL;
import android.util.Log;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage.LoadPackageParam;
public class Module implements IXposedHookLoadPackage {
@Override
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
if (lpparam.packageName.equals(Common.CLASSNAME)) {
final Class<?> httpUrlConnection = XposedHelpers.findClass(
"java.net.HttpURLConnection", lpparam.classLoader);
XposedBridge.hookAllConstructors(httpUrlConnection, new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
URL url = (URL)param.args[0];
Log.d("httpLogger", "call:"+url.toString());
}
});
}
}
}
So far i can retrieve the URLs but i do not know how to advance any further from here. Can you tell a smart way to approache the problem.
now that its been a while and i did not get any closer.. *bump*
Well, just follow API.
HttpResponse response = httpclient.execute(httppost);
Click to expand...
Click to collapse
So hook "execute" method from HttpClient class.
I have two problems with that.
The first one is:
HttpClient seems to be deprecated (http://developer.android.com/reference/org/apache/http/client/HttpClient.html). I am guessing a decent application would already use java.net.URL.openConnection().
But if we keep that point asside and assume the request we are trying to hook would be done with HttpClient execute i tryed to just see any of them done:
Code:
public class Module implements IXposedHookLoadPackage {
protected static final String HTTP_TAG = "myHttpLogger";
@Override
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
final Class<?> httpUrlConnection = findClass("org.apache.http.client.HttpClient", lpparam.classLoader);
findAndHookMethod(httpUrlConnection, "execute", HttpResponse.class, new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
Log.d(HTTP_TAG, "execute");
}
});
}
}
This trows an exception
Code:
java.lang.NoSuchMethodError: org.apache.http.client.HttpClient#execute(org.apache.http.HttpResponse)#exact
Can you tell me where i went wrong or show me a different approach?
You used HttpResponse.class as method's params. But it is not right.
HttpUriRequest.class is right parameter.
To covel all "execute" methods (I see many here http://developer.android.com/reference/org/apache/http/client/HttpClient.html), use XposedBridge.hookAllmethods API
I'am trying to create an Xposed module which hooks into the tranceive methods of nfc to find out what is transfered. But sadly the hook doesn't seam to work. I've created a sample app which sends data over the tranceive method but the logs are not written. Here is my code:
Code:
if (!lpparam.packageName.equals("android"))
return;
findAndHookMethod("android.nfc.tech.BasicTagTechnology", lpparam.classLoader, "transceive", "byte[]", "boolean", new XC_MethodHook() {
@Override
protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log("before");
}
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log("after");
}
});
I've also tried to hook into the service, but no logs either:
Code:
if (!lpparam.packageName.equals("com.android.nfc"))
return;
findAndHookMethod("com.android.nfc.NfcService", lpparam.classLoader, "doTransceiveNoLock", "int", "byte[]", new XC_MethodHook() {
.....
Am I doing something wrong or is it simply not possible to hook into these methods?
I found a solution for my problem. I have to hook the transceive method of com.android.nfc.NfcService$TagService to get access to every tag transmission.
Hi, I'm new development Xposed modules i have one problem in the hook process. My goal is to log the device imei by XposedBridge i tried by different forms but i can't have success . I all ready can change the imei but i can't do the correct log of the imei or put the value the correct value in a string anyone can help me? Thanksss Best regards... my code is this:
public class TelephoneManager implements IXposedHookLoadPackage {
@override
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
// TODO Auto-generated method stub
if(lpparam.packageName.equals("fca.up.identityspoofing")){
XposedHelpers.findAndHookMethod(TelephonyManager.class, "getDeviceId", new XC_MethodReplacement() {
protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log("in....");
String id_device = (String) param.thisObject.toString();
//TextView id = (TextView) param.thisObject;
//String device_id = id.getText().toString();
XposedBridge.log(id_device);
return "0000000";
}
});
Well you don't even need xposed to get imei, you can simply just do
Code:
TelephonyManager tm = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);
// get IMEI
String imei = tm.getDeviceId();
If you still want to go with the xposed module way, the correct code would be
Code:
@override
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
if(lpparam.packageName.equals("fca.up.identityspoo fing")){
XposedHelpers.findAndHookMethod(TelephonyManager.class, lpparam.classLoader, "getDeviceId", new XC_MethodHook() {
@Override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
String deviceId = (String) param.thisObject;
}
});
You hook after the original method has called so you can get the return value. You can still manipulate the result at this point if you want to do that.
Thanks for yoour help!
I tried that but does not result. In ;
if(lpparam.packageName.equals("fca.up.identityspoofing")){
XposedHelpers.findAndHookMethod(TelephonyManager.class, lpparam.classLoader, "getDeviceId", new XC_MethodHook() {
TelephonyManager.class needs to be a String. I tried "TelephonyManager.class" but Xposed can't find the class.
Then i tried with all all path to getDeviceId and not working too :
Code:
[user=439709]@override[/user]
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
if(lpparam.packageName.equals("fc.up.identityspoofing")){
XposedHelpers.findAndHookMethod("com.android.internal.telephony.PhoneSubInfo", lpparam.classLoader, "getDeviceId", new XC_MethodHook(){
[user=439709]@override[/user]
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
String deviceId = (String) param.thisObject;
XposedBridge.log(deviceId);
}
});
}
The logcat error's are :
W/System.err( 4247): at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
W/System.err( 4247): at de.robv.android.xposed.XposedBridge.handleHookedMethod(XposedBridge.java:631)
W/System.err( 4247): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:132)
W/System.err( 4247): at de.robv.android.xposed.XposedBridge.invokeOriginalMethodNative(Native Method)
W/System.err( 4247): at de.robv.android.xposed.XposedBridge.main(XposedBridge.java:132)
Do you have an idea of what may be happening? Best Regards
[QUOTE="sokie, post: 66189459, member: 2502626"]Well you don't even need xposed to get imei, you can simply just do
[CODE]
TelephonyManager tm = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);
// get IMEI
String imei = tm.getDeviceId();
If you still want to go with the xposed module way, the correct code would be
Code:
[user=439709]@override[/user]
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
if(lpparam.packageName.equals("fca.up.identityspoofing")){
XposedHelpers.findAndHookMethod(TelephonyManager.class, lpparam.classLoader, "getDeviceId", new XC_MethodHook() {
[user=439709]@override[/user]
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
String deviceId = (String) param.thisObject;
}
});
You hook after the original method has called so you can get the return value. You can still manipulate the result at this point if you want to do that.[/QUOTE]
jmarques00 said:
Do you have an idea of what may be happening? Best Regards
Click to expand...
Click to collapse
Yeah, sorry wrote this quickly.
Code:
@override
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
if(lpparam.packageName.equals("android.telephony")){
XposedHelpers.findAndHookMethod("android.telephony.TelephonyManager", lpparam.classLoader, "getDeviceId", new XC_MethodHook() {
@override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
super.afterHookedMethod(param);
String deviceId = (String) param.getResult();
}
});
This will work.
Also I take for granted you know your device and Android ver and know this method gets called.
Because depending on your android version there are other classes that take care of imei like:
- com.android.internal.telephony.PhoneSubInfo getDeviceId
- com.android.internal.telephony.gsm.GSMPhone getDeviceId
- com.android.internal.telephony.PhoneProxy getDeviceId
- android.telephony.TelephonyManager getImei
Cheers
Thanks for yoour help!
Thanks for your feedback i allready test the new code but unfortunately don't work too ! If the new code works all packages that require the emei this emei changed right? For that we don't need to implement IXposedHookZygoteInit instead IXposedHookLoadPackage? The code break in the frist if condition when lpparam.packageName.equals("android.telephony") :/ .
package fc.up.identityspoofing;
import de.robv.android.xposed.IXposedHookLoadPackage;
import de.robv.android.xposed.XC_MethodHook;
import de.robv.android.xposed.XposedBridge;
import de.robv.android.xposed.XposedHelpers;
import de.robv.android.xposed.callbacks.XC_LoadPackage.LoadPackageParam;
public class TelephoneManager implements IXposedHookLoadPackage {
private static final String TAG = "Xposed";
@override
public void handleLoadPackage(LoadPackageParam lpparam) throws Throwable {
XposedBridge.log("aaaaa");
if(lpparam.packageName.equals("android.telephony")){
XposedBridge.log("bbbbb");
//XposedHelpers.findAndHookMethod("com.android.internal.telephony.PhoneSubInfo", lpparam.classLoader, "getDeviceId", new XC_MethodHook() {
XposedHelpers.findAndHookMethod("android.telephony.TelephonyManager", lpparam.classLoader, "getDeviceId", new XC_MethodHook() {
@override
protected void afterHookedMethod(MethodHookParam param) throws Throwable {
XposedBridge.log("cccc");
super.afterHookedMethod(param);
String deviceId = (String) param.getResult();
XposedBridge.log(deviceId);
}
});
}
}
}
What doesn't work? How are you testing?
As said earlier, depending on your android version, the above code if you go to Settings ->About Phone -> Status -> IMEI Information you will hit the log ( if not and you're in europe you could try com.android.internal.telephony.gsm.GSMPhone ).
Also keep in mind that changing IMEI will probably work only for apps requesting it and the OS, network carriers get that info directly from the sim afaik.
EDIT: this is an example complete app that should work http://pastebin.com/uPjY47VR
I'm testing in in 2 modes my phone version 4.2.2 and with genymotion with 4.2.2 version too. My frist goal is to this package when wants to receive the device_id the device_id revived must be fake and i want to log the original one. Thanks for your help
sokie said:
What doesn't work? How are you testing?
As said earlier, depending on your android version, the above code if you go to Settings ->About Phone -> Status -> IMEI Information you will hit the log ( if not and you're in europe you could try com.android.internal.telephony.gsm.GSMPhone ).
Also keep in mind that changing IMEI will probably work only for apps requesting it and the OS, network carriers get that info directly from the sim afaik.
Click to expand...
Click to collapse
jmarques00 said:
I'm testing in in 2 modes my phone version 4.2.2 and with genymotion with 4.2.2 version too. My frist goal is to this package when wants to receive the device_id the device_id revived must be fake and i want to log the original one. Thanks for your help
Click to expand...
Click to collapse
Read my last edit:
EDIT: this is an example complete app that should work http://pastebin.com/uPjY47VR
Thanks for all sokie it really works fine in my mobile phone !!!
sokie said:
Read my last edit:
EDIT: this is an example complete app that should work http://pastebin.com/uPjY47VR
Click to expand...
Click to collapse