Hi,
I have an apk which is heavily obfuscated using Dexguard and the class and method names are in the following format -
o.ᵋ
o.ᵎ
o.ᵔ
o.ᵗ
o.ᵢ
I tried hooking these classes/method names using xposed framework, but the framework throws an error - 'cannot find the method/class name' . How do i go analyzing such apk using xposed framework?
Please help!
Related
please any one know .how to make xposed changes permanent??
that is it remains there ..... even we uninstall xposed...
AS far as my understanding goes, xposed redirects specific function calls at runtime to other functions with the intend to run different code than the app would normally do. That said, redirecting those calls can not work without xposed framework or without the xposed modules as no changes are made to the apps directly.
Correct me if I'm wrong.
You are absolutely no wrong, however if we decompile the apk that is being modded via some specific module and we change the code of the redirected functions to the one included within module and recompile the apk, we should get an apk working exactly the same as if it was hooked via xposed+module.
Please note that a lot of modules has been originally created basing on reverse idea: first someone made a mod by changing the java/smali code of some apks, then someone wrote a module making same changes but via xposed, on-the-fly.
In my opinion such an automated tool to recompile the apks and change their code basing on the code included in a xposed module IS possible.
No one made it yet, tho...
Definitely not possible. You cannot simply redirect code from one app to another. With xposed, you are always running within app that's being modded.
esgie said:
You are absolutely no wrong, however if we decompile the apk that is being modded via some specific module and we change the code of the redirected functions to the one included within module and recompile the apk, we should get an apk working exactly the same as if it was hooked via xposed+module.
Please note that a lot of modules has been originally created basing on reverse idea: first someone made a mod by changing the java/smali code of some apks, then someone wrote a module making same changes but via xposed, on-the-fly.
In my opinion such an automated tool to recompile the apks and change their code basing on the code included in a xposed module IS possible.
No one made it yet, tho...
Click to expand...
Click to collapse
Im with this guy, and if you read on xposed... yes its code being "injected" into the stock apk ...
What xposed does is creates side files (ran by zygote)
They get copied to /system/bin as app_process(xposed)
Or app_process(origional)
These files act as Init.d scripting... to inject this code...
I assume they make both these copies for reverting back to stock (disable the module)
It IS possible to make these changes permanent and re-compile the apk...
However ... de-coding the module ... to find out what is getting injected where... THATS where im at so far ...
Arter 97 has proven this possible with adaway as a standalone apk in conjuction with his youtube apk... im assuming hes using code to call upon the adaway apk files , and still using it like xposed... but merely without xposed..
If anyone with more experience could point us on how to track down how to find exactly WHAT code is being injected and where... it would be EXTREMELY helpful to many people not wanting to run 3rd party applications to get their desired functions...
Anyone feel free to chime in
Hi,
I have written a module which records the occurrence of specific system APIs in the log file, using "XposedHelpers.findAndHookMethod". My hooked methods simply prints the name of API into the log file. My module works perfectly fine, unless I try to run an app which is instrumented by Emma, in order to measure the code coverage. The problem is that I get "Instrumentation detected, disabling framework for app" error message in the log file.
I decided to change the XposedBridge.java and replace the new XposedBridge.jar with the old one. However, it breaks the Xposed framework and my virtual machine never starts after reboot.
How can I resolve this issue?
Is there any way safe to change XposedBridge.java and replace the XposedBridge.jar?
Thanks.
Hi guys, i'm having a problem and maybe someone can help me.
Everytime i try to hook in classes from the package com.android.internal.telephony.* i get NoClassDefFoundError . I am trying to hook on the method addOrUpdate from com.android.internal.telephony.util.BlacklistUtils class.
The class is inside framework/opt/telephony/src/java/com/android/internal/telephony/util/BlacklistUtils.java in cyanogen sources.
I'm still learning how to make xposed modules, and every thing work great , except on classes from the package com.android.internal.telephony.*
+1 my log checks are not getting called, but no error is being thrown.
salatiel said:
Hi guys, i'm having a problem and maybe someone can help me.
Everytime i try to hook in classes from the package com.android.internal.telephony.* i get NoClassDefFoundError . I am trying to hook on the method addOrUpdate from com.android.internal.telephony.util.BlacklistUtils class.
The class is inside framework/opt/telephony/src/java/com/android/internal/telephony/util/BlacklistUtils.java in cyanogen sources.
I'm still learning how to make xposed modules, and every thing work great , except on classes from the package com.android.internal.telephony.*
Click to expand...
Click to collapse
You may try hooking the class inside initZygote instead of handleLoadPackage.
Hello,
I need some help with xposed and access sqlite database. My problem is i can't access database when i instantiate my DatabaseHelper in classes which are not Activities. The error is only the same nullPointerException in SQL. The problem is because context.
I'm doing that in my main class of xposed (where i implement IXposedHookLoadPackage).
My goal is to get all aplications package name that are saved in database. Any one can give me some help?
Best Regards
Hi all; pardon my lack of knowledge in this subject.
I tried to make a magisk module out of the blackberry productivity edge port found here: https://forum.xda-developers.com/android/apps-games/blackberry-productivity-tab-devices-t3606967
So I tried using the magisk 1500 template and followed the instructions that I found; and the module installs and works fine via TWRP (and magisk recognizes it), but causes the device to lag. And when I try to install it via magisk, I get "installation failed" with no other logs whatsoever. All the module is supposed to do is to mount a few files to the app and priv-app directory in the system. I edited the module.prop and the config.sh. Could anyone check if I had missed something or did a mistake? Thanks in advance.
The module is located here in case anyone wanted to assist:
https://1drv.ms/u/s!AvW_5k8Bkea9sU0SVteHqOoII5N_
Hadi99 said:
Hi all; pardon my lack of knowledge in this subject.
I tried to make a magisk module out of the blackberry productivity edge port found here: https://forum.xda-developers.com/android/apps-games/blackberry-productivity-tab-devices-t3606967
So I tried using the magisk 1500 template and followed the instructions that I found; and the module installs and works fine via TWRP (and magisk recognizes it), but causes the device to lag. And when I try to install it via magisk, I get "installation failed" with no other logs whatsoever. All the module is supposed to do is to mount a few files to the app and priv-app directory in the system. I edited the module.prop and the config.sh. Could anyone check if I had missed something or did a mistake? Thanks in advance.
The module is located here in case anyone wanted to assist:
https://1drv.ms/u/s!AvW_5k8Bkea9sU0SVteHqOoII5N_
Click to expand...
Click to collapse
Nothing looks wrong with the module itself, but you may be missing some libraries or odex/vdex files for the apps you're trying to install. Make sure the entire tree under system/app or system/priv-app is included in the module. The first link you sent tasks about oat subdirectories that are not included in your module.