recently, i learned how to hook android goldfish kernel 2.6, i wrote hook.c like this:
最近,我学会了如何挂钩android金鱼内核2.6,我写了这样的hook.c:
#include <linux/kernel.h>
#include <linux/module.h>
#include <linux/moduleparam.h>
#include <linux/unistd.h>
#include <linux/semaphore.h>
#include <asm/cacheflush.h>
#include <linux/string.h>
void **sys_call_table;
asmlinkage int (*original_call_open) (const char*, int, int);
asmlinkage int (*original_call_read) (unsigned int, char*, int);
asmlinkage int our_sys_read(unsigned int fd, char * buf, int count){
if(fd == 0 && count == 1){
printk("有文件正在被读取intercept 0x%02X", buf[0]);
}
return original_call_read(fd, buf, count);
}
asmlinkage int our_sys_open(const char* file, int flags, int mode)
{
//联系人 /data/data/com.android.providers.contacts/databases/contacts2.db
//通话记录 /data/data/com.android.providers.telephony/databases/telephony.db
//短信记录 /data/data/com.android.providers.telephony/databases/mmssms.db
char * contact = "/data/data/com.android.providers.contacts/databases/contacts2.db";
char * telephony = "/data/data/com.android.providers.telephony/databases/telephony.db";
char * sms = "/data/data/com.android.providers.telephony/databases/mmssms.db";
if (strcmp(file, contact) == 0){
printk("应用程序正在读取手机的联系人记录!!!\n");
}
if (strcmp(file, telephony) == 0){
printk("应用程序正在读取手机的通话记录!!!\n");
}
if (strcmp(file, sms) == 0){
printk("应用程序正在读取手机的短信记录!!!\n");
}
// printk("A file was opened\n%s\n%d\n%d\n",file,flags,mode);
return original_call_open(file, flags, mode);
}
int init_module()
{
sys_call_table = (void*)0xc0022f24;
original_call_open = sys_call_table[__NR_open];
original_call_read = sys_call_table[__NR_read];
sys_call_table[__NR_open] = our_sys_open;
sys_call_table[__NR_read] = our_sys_read;
return 0;
}
void cleanup_module()
{
// Restore the original call
sys_call_table[__NR_open] = original_call_open;
sys_call_table[__NR_read] = original_call_read;
}
and next is my apk's main activity:
接下来是我的apk的主要活动:
enter code here
package com.nijian;
import java.io.IOException;
import java.io.OutputStream;
import java.io.OutputStreamWriter;
import java.io.PrintWriter;
import java.net.Socket;
import java.net.UnknownHostException;
import android.app.Activity;
import android.database.Cursor;
import android.database.CursorJoiner.Result;
import android.os.AsyncTask;
import android.os.Bundle;
import android.provider.ContactsContract;
import android.provider.ContactsContract.PhoneLookup;
import android.util.Log;
import android.widget.TextView;
public class MainActivity extends Activity {
String contactUpload = "";
protected void onCreate(Bundle savedInstanceState) {
super.onCreate(savedInstanceState);
setContentView(R.layout.activity_main);
Cursor people = getContentResolver().query(
ContactsContract.CommonDataKinds.Phone.CONTENT_URI, null, null,
null, null);
try {
while (people.moveToNext()) {
int nameFieldColumnIndex = people
.getColumnIndex(ContactsContract.CommonDataKinds.Phone.DISPLAY_NAME);
String contact = people.getString(nameFieldColumnIndex);
int numberFieldColumnIndex = people
.getColumnIndex(ContactsContract.CommonDataKinds.Phone.NUMBER);
String number = people.getString(numberFieldColumnIndex);
System.out.println(contact + "-" + number);
contactUpload = contactUpload.concat(contact + "-" + number);
}
} catch (Exception e) {
System.out.println(e);
}
TextView textView = (TextView)findViewById(R.id.textView1);
textView.setText(contactUpload);
people.close();
// new connect().execute();
}
}
My app visit contacts, but when i use cat /proc/kmsg it doesn't show my kernel info. Can anyone could help me? thank you very much!
我的应用程序访问联系人,但当我使用cat / proc / kmsg时,它不会显示我的内核信息。任何人都可以帮助我吗?非常感谢你!
1 个解决方案
#1
0
Across several days learning, i get the right answer, oh ...it's a horrible process. now, let's to answer this question~~
经过几天的学习,我得到了正确的答案,哦......这是一个可怕的过程。现在,让我们回答这个问题~~
if (strcmp(file, contact) == 0){
printk("应用程序正在读取手机的联系人记录!!!\n");
}
upper program is the key to solve this question, we know an APK file will use api to read contacts, but in my program i use strcmp() to compare strings. And the apis will not use "/data/data/com.android.providers.contacts/databases/contacts2.db",lick this string. Maybe it will use "/data/data/com.android.providers.contacts/databases/contacts2.db/data...." So we should use strstr() to compare these. At last is the correct program:
上层程序是解决这个问题的关键,我们知道一个APK文件将使用api来读取联系人,但在我的程序中我使用strcmp()来比较字符串。并且api不会使用“/data/data/com.android.providers.contacts/databases/contacts2.db”,请点击此字符串。也许它会使用“/data/data/com.android.providers.contacts/databases/contacts2.db/data ....”所以我们应该使用strstr()来比较它们。最后是正确的程序:
if (strcmp(file, contact)) == 0 || strstr(file, contact) != NULL){
printk("应用程序正在读取手机的联系人记录!!!");
}
#1
0
Across several days learning, i get the right answer, oh ...it's a horrible process. now, let's to answer this question~~
经过几天的学习,我得到了正确的答案,哦......这是一个可怕的过程。现在,让我们回答这个问题~~
if (strcmp(file, contact) == 0){
printk("应用程序正在读取手机的联系人记录!!!\n");
}
upper program is the key to solve this question, we know an APK file will use api to read contacts, but in my program i use strcmp() to compare strings. And the apis will not use "/data/data/com.android.providers.contacts/databases/contacts2.db",lick this string. Maybe it will use "/data/data/com.android.providers.contacts/databases/contacts2.db/data...." So we should use strstr() to compare these. At last is the correct program:
上层程序是解决这个问题的关键,我们知道一个APK文件将使用api来读取联系人,但在我的程序中我使用strcmp()来比较字符串。并且api不会使用“/data/data/com.android.providers.contacts/databases/contacts2.db”,请点击此字符串。也许它会使用“/data/data/com.android.providers.contacts/databases/contacts2.db/data ....”所以我们应该使用strstr()来比较它们。最后是正确的程序:
if (strcmp(file, contact)) == 0 || strstr(file, contact) != NULL){
printk("应用程序正在读取手机的联系人记录!!!");
}