From 18904bced1269c90bbeca7bbf0d47d20c76af0ce Mon Sep 17 00:00:00 2001 From: Gaurav Date: Thu, 8 Feb 2024 02:22:10 +0530 Subject: [PATCH] Fix hookPackageManagerGetPackageInfo & update logging. --- app/src/main/cpp/nativehooks.cpp | 4 ++-- .../com/gauravssnl/bypassrootcheck/pro/MainModule.kt | 9 +++------ 2 files changed, 5 insertions(+), 8 deletions(-) diff --git a/app/src/main/cpp/nativehooks.cpp b/app/src/main/cpp/nativehooks.cpp index 6211b7b..514cd3d 100644 --- a/app/src/main/cpp/nativehooks.cpp +++ b/app/src/main/cpp/nativehooks.cpp @@ -51,7 +51,7 @@ NativeOnModuleLoaded native_init(const NativeAPIEntries *entries) { FILE *fake_fopen(const char *filename, const char *mode) { LOGD("Inside fake_fopen. Filename :: %s", filename); if (is_file_related_to_root(filename)) { - LOGD("App tried to check root related files, so bypass it"); + LOGI("App tried to check root related files, so bypass it"); return nullptr; } return original_fopen(filename, mode); @@ -60,7 +60,7 @@ FILE *fake_fopen(const char *filename, const char *mode) { int fake_stat(const char *filename, struct stat *file_info) { LOGD("Inside fake_stat. Filename :: %s ", filename); if (is_file_related_to_root(filename)) { - LOGD("App tried to check root related files, so bypass it"); + LOGI("App tried to check root related files, so bypass it"); return -1; } return original_stat(filename, file_info); diff --git a/app/src/main/java/com/gauravssnl/bypassrootcheck/pro/MainModule.kt b/app/src/main/java/com/gauravssnl/bypassrootcheck/pro/MainModule.kt index 074e72d..2887bcb 100644 --- a/app/src/main/java/com/gauravssnl/bypassrootcheck/pro/MainModule.kt +++ b/app/src/main/java/com/gauravssnl/bypassrootcheck/pro/MainModule.kt @@ -59,13 +59,11 @@ class MainModule(base: XposedInterface, param: ModuleLoadedParam) : XposedModule @JvmStatic @BeforeInvocation fun beforeInvocation(callback: BeforeHookCallback): MyHooker { -// module.log("Inside beforeInvocation()") when (callback.member.name) { "setLogging" -> callback.args[0] = true // enable logging "exists" -> { val file = callback.thisObject as File val fileName = file.absolutePath -// module.log("Filename being accessed :: $fileName") // we immediately return false if root related files are checked if (isFileRootAccessRelated(fileName)) { module.log("App tried to access root related file :: $fileName , so bypass it") @@ -77,11 +75,11 @@ class MainModule(base: XposedInterface, param: ModuleLoadedParam) : XposedModule if(knownRootAppsPackages.contains(packageName) || knownDangerousAppsPackages.contains(packageName) || knownRootCloakingPackages.contains(packageName)) { - callback.returnAndSkip(PackageManager.NameNotFoundException(packageName)) + module.log("App tried to read root related Android apps :: $packageName , so bypass it") + callback.throwAndSkip(PackageManager.NameNotFoundException(packageName)) } } "exec" -> { -// module.log("Inside exec hook. Callback args :: ${callback.args.contentToString()}") // Args can be either String or Array; so we need to handle val command: String = try { callback.args[0] as String @@ -110,7 +108,6 @@ class MainModule(base: XposedInterface, param: ModuleLoadedParam) : XposedModule @JvmStatic @AfterInvocation fun afterInvocation(callback: AfterHookCallback, param: MyHooker) { -// module.log("Inside afterInvocation()") when(callback.member.name) { "get" -> { val propName = callback.args[0] as String @@ -139,7 +136,7 @@ class MainModule(base: XposedInterface, param: ModuleLoadedParam) : XposedModule @SuppressLint("PrivateApi") private fun hookPackageManagerGetPackageInfo(classLoader: ClassLoader) { - val clazz = classLoader.loadClass("android.content.pm.PackageManager") + val clazz = classLoader.loadClass("android.app.ApplicationPackageManager") clazz.declaredMethods.filter { it.name == "getPackageInfo" }.forEach{ hook(it, MyHooker::class.java) }