Skip to content

Commit

Permalink
app: hooks: migrate to YukiHookAPI 1.2.0
Browse files Browse the repository at this point in the history 
Signed-off-by: BlackMesa123 <giangrecosalvo9@gmail.com>
  • Loading branch information
@salvogiangri
salvogiangri committed Nov 30, 2023
1 parent d48ac3f commit ae4caaa
Show file tree
Hide file tree
Showing 6 changed files with 133 additions and 158 deletions.
8 changes: 4 additions & 4 deletions app/src/main/java/io/mesalabs/knoxpatch/MainHook.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -21,7 +21,7 @@ package io.mesalabs.knoxpatch
import com.highcapable.yukihookapi.YukiHookAPI.encase
import com.highcapable.yukihookapi.annotation.xposed.InjectYukiHookWithXposed
import com.highcapable.yukihookapi.hook.factory.configs
import com.highcapable.yukihookapi.hook.log.loggerE
import com.highcapable.yukihookapi.hook.log.YLog
import com.highcapable.yukihookapi.hook.xposed.proxy.IYukiHookXposedInit

import io.mesalabs.knoxpatch.hooks.KnoxSDKHooks
Expand Down Expand Up @@ -61,16 +61,16 @@ object MainHook : IYukiHookXposedInit {
*/
when {
sepVersion == -1 -> {
loggerE(msg = "$TAG: onHook: This module only supports One UI running devices.")
YLog.error(msg = "$TAG: onHook: This module only supports One UI running devices.")
return@encase
}
sepVersion < Constants.ONEUI_1_0 -> {
loggerE(msg = "$TAG: onHook: unknown SEP version: $sepVersion")
YLog.error(msg = "$TAG: onHook: unknown SEP version: $sepVersion")
return@encase
}
sepVersion > Constants.ONEUI_6_0 -> {
val oneUiVersion: String = BuildUtils.getFormattedOneUIVersion()
loggerE(msg = "$TAG: onHook: One UI $oneUiVersion is not yet supported.")
YLog.error(msg = "$TAG: onHook: One UI $oneUiVersion is not yet supported.")
return@encase
}
}
Expand Down
19 changes: 9 additions & 10 deletions app/src/main/java/io/mesalabs/knoxpatch/hooks/KnoxSDKHooks.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,26 +19,25 @@
package io.mesalabs.knoxpatch.hooks

import com.highcapable.yukihookapi.hook.entity.YukiBaseHooker
import com.highcapable.yukihookapi.hook.log.loggerD
import com.highcapable.yukihookapi.hook.factory.method
import com.highcapable.yukihookapi.hook.log.YLog
import com.highcapable.yukihookapi.hook.type.java.IntType

object KnoxSDKHooks : YukiBaseHooker() {
private const val TAG: String = "KnoxSDKHooks"

override fun onHook() {
loggerD(msg = "$TAG: onHook: loaded.")
YLog.debug(msg = "$TAG: onHook: loaded.")

/* Disable Knox support */
findClass("com.samsung.android.knox.EnterpriseDeviceManager").hook {
injectMember {
method {
name = "getAPILevel"
emptyParam()
returnType = IntType
}
"com.samsung.android.knox.EnterpriseDeviceManager".toClass()
.method {
name = "getAPILevel"
emptyParam()
returnType = IntType
}.hook {
replaceTo(-1)
}
}
}

}
48 changes: 23 additions & 25 deletions app/src/main/java/io/mesalabs/knoxpatch/hooks/PropSpoofHooks.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,22 +19,23 @@
package io.mesalabs.knoxpatch.hooks

import com.highcapable.yukihookapi.hook.entity.YukiBaseHooker
import com.highcapable.yukihookapi.hook.log.loggerD
import com.highcapable.yukihookapi.hook.factory.constructor
import com.highcapable.yukihookapi.hook.factory.method
import com.highcapable.yukihookapi.hook.log.YLog
import com.highcapable.yukihookapi.hook.type.java.StringClass

object PropSpoofHooks : YukiBaseHooker() {
private const val TAG: String = "PropSpoofHooks"

override fun onHook() {
loggerD(msg = "$TAG: onHook: loaded.")
YLog.debug(msg = "$TAG: onHook: loaded.")

/* Spoof critical system props */
findClass("java.lang.ProcessBuilder").hook {
injectMember {
constructor {
param(Array<String>::class.java)
}
beforeHook {
"java.lang.ProcessBuilder".toClass()
.constructor {
param(Array<String>::class.java)
}.hook {
before {
val cmdarray: Array<String> = args(0).array()

// Fix SPCMAgent (SAK)
Expand All @@ -48,16 +49,14 @@ object PropSpoofHooks : YukiBaseHooker() {
}
}
}
}

findClass("android.os.SemSystemProperties").hook {
injectMember {
method {
name = "get"
param(String::class.java)
returnType = StringClass
}
beforeHook {
"android.os.SemSystemProperties".toClass()
.method {
name = "get"
param(String::class.java)
returnType = StringClass
}.hook {
before {
val key: String = args(0).string()

// Fixes:
Expand All @@ -70,13 +69,13 @@ object PropSpoofHooks : YukiBaseHooker() {
}
}

injectMember {
method {
name = "get"
param(String::class.java, String::class.java)
returnType = StringClass
}
beforeHook {
"android.os.SemSystemProperties".toClass()
.method {
name = "get"
param(String::class.java, String::class.java)
returnType = StringClass
}.hook {
before {
val key: String = args(0).string()
val def: String = args(1).string()

Expand All @@ -88,7 +87,6 @@ object PropSpoofHooks : YukiBaseHooker() {
}
}
}
}
}

}
83 changes: 38 additions & 45 deletions app/src/main/java/io/mesalabs/knoxpatch/hooks/RootDetectionHooks.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,10 @@ import android.os.Build
import java.io.IOException

import com.highcapable.yukihookapi.hook.entity.YukiBaseHooker
import com.highcapable.yukihookapi.hook.factory.constructor
import com.highcapable.yukihookapi.hook.factory.field
import com.highcapable.yukihookapi.hook.log.loggerD
import com.highcapable.yukihookapi.hook.factory.method
import com.highcapable.yukihookapi.hook.log.YLog
import com.highcapable.yukihookapi.hook.type.java.BooleanType
import com.highcapable.yukihookapi.hook.type.java.IntType
import com.highcapable.yukihookapi.hook.type.java.StringClass
Expand Down Expand Up @@ -57,7 +59,7 @@ object RootDetectionHooks : YukiBaseHooker() {
)

override fun onHook() {
loggerD(msg = "$TAG: onHook: loaded.")
YLog.debug(msg = "$TAG: onHook: loaded.")

/* Spoof root checks */
if (Build.TAGS.contains("test-keys")) {
Expand All @@ -67,64 +69,58 @@ object RootDetectionHooks : YukiBaseHooker() {
}.get(null).set("release-keys")
}

findClass("java.io.File").hook {
injectMember {
constructor {
param(String::class.java)
}
beforeHook {
"java.io.File".toClass()
.constructor {
param(String::class.java)
}.hook {
before {
val pathname: String = args(0).string()

if (pathname.endsWith("su") || pathname.contains("Superuser.apk")) {
args(0).set("/system/xbin/fakefile")
}
}
}

injectMember {
constructor {
param(String::class.java, String::class.java)
}
beforeHook {
"java.io.File".toClass()
.constructor {
param(String::class.java, String::class.java)
}.hook {
before {
val child: String = args(1).string()

if (child == "su" || child == "busybox") {
args(1).set("fakebin")
}
}
}

injectMember {
method {
name = "canWrite"
emptyParam()
returnType = BooleanType
}
"java.io.File".toClass()
.method {
name = "canWrite"
emptyParam()
returnType = BooleanType
}.hook {
replaceToFalse()
}
}

findClass("java.lang.Runtime").hook {
injectMember {
method {
name = "exec"
param(String::class.java)
}
beforeHook {
"java.lang.Runtime".toClass()
.method {
name = "exec"
param(String::class.java)
}.hook {
before {
val command: String = args(0).string()

if (command == "su") {
IOException().throwToApp()
}
}
}

injectMember {
method {
name = "exec"
param(Array<String>::class.java)
}
beforeHook {
"java.lang.Runtime".toClass()
.method {
name = "exec"
param(Array<String>::class.java)
}.hook {
before {
val cmdarray: Array<String> = args(0).array()

for (cmd in cmdarray) {
Expand All @@ -134,15 +130,13 @@ object RootDetectionHooks : YukiBaseHooker() {
}
}
}
}

findClass("android.app.ApplicationPackageManager").hook {
injectMember {
method {
name = "getPackageInfo"
param(String::class.java, IntType)
}
beforeHook {
"android.app.ApplicationPackageManager".toClass()
.method {
name = "getPackageInfo"
param(String::class.java, IntType)
}.hook {
before {
val packageName: String = args(0).string()

for (cmd in rootPackages) {
Expand All @@ -153,7 +147,6 @@ object RootDetectionHooks : YukiBaseHooker() {
}
}
}
}
}

}
28 changes: 13 additions & 15 deletions app/src/main/java/io/mesalabs/knoxpatch/hooks/SamsungKeystoreHooks.kt
View file
Original file line number Diff line number Diff line change
Expand Up @@ -19,31 +19,29 @@
package io.mesalabs.knoxpatch.hooks

import com.highcapable.yukihookapi.hook.entity.YukiBaseHooker
import com.highcapable.yukihookapi.hook.log.loggerD
import com.highcapable.yukihookapi.hook.log.loggerE
import com.highcapable.yukihookapi.hook.factory.method
import com.highcapable.yukihookapi.hook.log.YLog
import com.highcapable.yukihookapi.hook.type.java.BooleanType

object SamsungKeystoreHooks : YukiBaseHooker() {
private const val TAG: String = "SamsungKeystoreHooks"

override fun onHook() {
loggerD(msg = "$TAG: onHook: loaded.")
YLog.debug(msg = "$TAG: onHook: loaded.")

/* Bypass SAK integrity check */
findClass("com.samsung.android.security.keystore.AttestParameterSpec").hook {
injectMember {
method {
name = "isVerifiableIntegrity"
emptyParam()
returnType = BooleanType
}
"com.samsung.android.security.keystore.AttestParameterSpec".toClass()
.method {
name = "isVerifiableIntegrity"
emptyParam()
returnType = BooleanType
}.hook {
replaceToTrue()
}.onAllFailure {
YLog.error(msg = "$TAG: couldn't access class " +
"com.samsung.android.security.keystore.AttestParameterSpec " +
"(${it.javaClass.simpleName})")
}
}.onHookClassNotFoundFailure {
loggerE(msg = "$TAG: couldn't access class " +
"com.samsung.android.security.keystore.AttestParameterSpec " +
"(${it.javaClass.simpleName})")
}
}

}
Loading

0 comments on commit ae4caaa

Please sign in to comment.