kings0527 comments

Results 12 comments of


                                            kings0527

有研究libsgmain最新版6.5.x Hook的吗

Exception in thread "main" java.lang.IllegalStateException: Unsupported arg: [Ljava.lang.Object;@fbd1f6 直接模拟的打印好的参数 70102 最后一个参数字符串 “r_14” 怀疑这里是寄存器还在调试中

有研究libsgmain最新版6.5.x Hook的吗

> 能调用成功，x-sign和x-mini-wua类的是直接载入apk的吗我只想调试sgmain调用docommand来着不想去调那个noi类

有研究libsgmain最新版6.5.x Hook的吗

> @xuejiandong @kings0527 模拟好环境就行，unidbg本身没问题，有问题是环境没模拟好。 emmm 已经working 只是结果一直null 最新版已经在补代码了有点多。。

> > > @xuejiandong @kings0527 模拟好环境就行，unidbg本身没问题，有问题是环境没模拟好。 > > > emmm 已经working 只是结果一直null > > > 最新版已经在补代码了有点多。。 > > 是的一直返回null 最新版本这边frida hook 因为还有添加了mainload 再加上中间件我的frida脚本没完全写好全时hook 参照老版本是有init操作的需要把load 到docommand的所有前置任务全部做完...

Over time of the using the STF local the `adb devices` failed with error: protocol fault (couldn't read status): Undefined error: 0

same error in ubuntu

trace无效的问题

0x1314 地址的读写倒是符合在ida里面看到的代码

getPackageManager().checkPermission not trans for method proxy in android 11

``` Log.d("checkPermission", "before createPackageContext start "); int ret = VirtualCore.get().getContext().getPackageManager().checkPermission("android.permission.ACCESS_NETWORK_STATE", VirtualCore.get().getContext().getPackageName()); Log.d("checkPermission", "before createPackageContext ret " + ret); // ret 0 Context context = createPackageContext(data.appInfo.packageName); Log.d("checkPermission", "use core context, createPackageContext...

getPackageManager().checkPermission not trans for method proxy in android 11

``` Log.d("checkPermission", "fixContext11111 start "); int ret = context.getPackageManager().checkPermission("android.permission.ACCESS_NETWORK_STATE", context.getPackageName()); Log.d("checkPermission", "fixContext111111 ret " + ret); ContextImpl.mPackageManager.set(context, null); Log.d("checkPermission", "fixContext222222 start "); ret = context.getPackageManager().checkPermission("android.permission.ACCESS_NETWORK_STATE", context.getPackageName()); Log.d("checkPermission", "fixContext2222222 ret "...

getPackageManager().checkPermission not trans for method proxy in android 11

``` final IPackageManager pm = ActivityThread.getPackageManager(); final IPermissionManager permissionManager = ActivityThread.getPermissionManager(); ``` this is android 11 source code I think proxy method maybe not enough in the `PermissionManagerStub`?

getPackageManager().checkPermission not trans for method proxy in android 11

``` @Override public void inject() throws Throwable { final IInterface hookedPM = getInvocationStub().getProxyInterface(); ActivityThread.sPermissionManager.set(hookedPM); BinderInvocationStub pmHookBinder = new BinderInvocationStub(getInvocationStub().getBaseInterface()); pmHookBinder.copyMethodProxies(getInvocationStub()); pmHookBinder.replaceService("permissionmgr"); } ``` set sPermissionManager fix it