ELFHooker

by MelonWXD

MelonWXD / ELFHooker

兼容Android 32位和64位。基于EFL文件格式Hook的demo,hook了SurfaceFlinger进程的eglSwapBuffers函数,替换为new_eglSwapBuffers

133 Stars 41 Forks Last release: Not found 14 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

ELFHooker

基于EFL文件格式Hook的demo,hook了SurfaceFlinger进程的eglSwapBuffers函数,替换为new_eglSwapBuffers。

兼容Android 32位和64位。

注入系列笔记:

ELF格式分析
so文件加载流程
Inject和Hook

使用

准备: - 一台root的android设备 - ndk编译环境

分别开2个终端来查看日志: - adb logcat | grep INJECT - adb logcat | grep ELFHooker

如果日志太多了可以用

adb logcat -c
来清理一下日志

然后在新的终端中执行: - git clone [email protected]:MelonWXD/ELFHooker.git - cd ELFHooker/jni - ndk-build - cd ../libs/arm64-v8a/ (or ../libs/armeabi// if your device is 32-bit) - adb push .* /data/local/tmp - adb shell - su - cd /data/local/tmp - chmod 755 inject - chmod 755 libelfHooker.so

找到

/system/bin/surfaceflinger
这个进程的pid: - ps | grep surfaceflinger (如果要在代码中实现的话,可以遍历/proc/pid/cmdline文件来找到你某个进程名对应的pid) - ./inject -p pid -l /data/local/tmp/libelfHooker.so

查看日志输出:

参考

Lody's elfHook
Android中的so注入(inject)和挂钩(hook) - For both x86 and arm

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.