Merge commit '7e2c9349bccb364862b0a969724bda97c66f3ba8'

asLody · Jul 25, 2016 · 0f50719 · 0f50719
2 parents bb11cd5 + 7e2c934
commit 0f50719
Show file tree

Hide file tree

Showing 29 changed files with 3,436 additions and 0 deletions.
diff --git a/VirtualApp/lib/build.gradle b/VirtualApp/lib/build.gradle
@@ -9,6 +9,13 @@ android {
         targetSdkVersion 22
         versionCode 1
         versionName "1.0"
+        ndk {
+            moduleName "iohook"
+            cFlags '-std=c++11 -fexceptions -frtti -fpermissive'
+            stl "gnustl_static"
+            ldLibs "log"
+            abiFilters "armeabi"//, "x86"
+        }
     }
     buildTypes {
         release {

diff --git a/VirtualApp/lib/src/main/java/com/lody/virtual/IOHook.java b/VirtualApp/lib/src/main/java/com/lody/virtual/IOHook.java
@@ -0,0 +1,68 @@
+package com.lody.virtual;
+
+import android.os.Build;
+
+/**
+ * Created by Xfast on 2016/7/21.
+ */
+public class IOHook {
+    private static boolean sLoaded;
+
+    static {
+        try {
+            System.loadLibrary("iohook");
+            sLoaded = true;
+        } catch (Throwable e) {
+            e.printStackTrace();
+        }
+    }
+
+    public static String getRedirectedPath(String orgPath) {
+        try {
+            return nativeGetRedirectedPath(orgPath);
+        } catch (Throwable e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    public static String restoreRedirectedPath(String orgPath) {
+        try {
+            return nativeRestoreRedirectedPath(orgPath);
+        } catch (Throwable e) {
+            e.printStackTrace();
+        }
+        return null;
+    }
+
+    public static void redirect(String orgPath, String newPath) {
+        try {
+            nativeRedirect(orgPath, newPath);
+        } catch (Throwable e) {
+            e.printStackTrace();
+        }
+    }
+
+    public static void hook() {
+        try {
+            nativeHook(Build.VERSION.SDK_INT);
+        } catch (Throwable e) {
+            e.printStackTrace();
+        }
+    }
+
+    //    private static native void nativeRejectPath(String path);
+
+    private static native String nativeRestoreRedirectedPath(String redirectedPath);
+
+    private static native String nativeGetRedirectedPath(String orgPath);
+
+
+    public static boolean init() {
+        return sLoaded;
+    }
+
+    private static native void nativeRedirect(String orgPath, String newPath);
+
+    private static native void nativeHook(int apiLevel);
+}
diff --git a/VirtualApp/lib/src/main/jni/MSHook/ARM.cpp b/VirtualApp/lib/src/main/jni/MSHook/ARM.cpp
@@ -0,0 +1,137 @@
+#include "ARM.h"
+#include "PosixMemory.h"
+
+void ARM::SubstrateHookFunctionARM(SubstrateProcessRef process, void *symbol, void *replace, void **result) {
+    if (symbol == NULL)
+        return;
+
+    uint32_t *area(reinterpret_cast<uint32_t *>(symbol));
+    uint32_t *arm(area);
+
+    const size_t used(8);
+
+    uint32_t backup[used / sizeof(uint32_t)] = {arm[0], arm[1]};
+
+    if (MSDebug) {
+        char name[16];
+        sprintf(name, "%p", area);
+        MSLogHexEx(area, used + sizeof(uint32_t), 4, name);
+    }
+
+    if (result != NULL) {
+
+    if (backup[0] == A$ldr_rd_$rn_im$(A$pc, A$pc, 4 - 8)) {
+        *result = reinterpret_cast<void *>(backup[1]);
+        return;
+    }
+
+    size_t length(used);
+    for (unsigned offset(0); offset != used / sizeof(uint32_t); ++offset)
+        if (A$pcrel$r(backup[offset])) {
+            if ((backup[offset] & 0x02000000) == 0 || (backup[offset] & 0x0000f000 >> 12) != (backup[offset] & 0x0000000f))
+                length += 2 * sizeof(uint32_t);
+            else
+                length += 4 * sizeof(uint32_t);
+        }
+
+    length += 2 * sizeof(uint32_t);
+
+    uint32_t *buffer(reinterpret_cast<uint32_t *>(mmap(
+        NULL, length, PROT_READ | PROT_WRITE, MAP_ANON | MAP_PRIVATE, -1, 0
+    )));
+
+    if (buffer == MAP_FAILED) {
+        MSLog(MSLogLevelError, "MS:Error:mmap() = %d", errno);
+        *result = NULL;
+        return;
+    }
+
+    if (false) fail: {
+        munmap(buffer, length);
+        *result = NULL;
+        return;
+    }
+
+    size_t start(0), end(length / sizeof(uint32_t));
+    uint32_t *trailer(reinterpret_cast<uint32_t *>(buffer + end));
+    for (unsigned offset(0); offset != used / sizeof(uint32_t); ++offset)
+        if (A$pcrel$r(backup[offset])) {
+            union {
+                uint32_t value;
+
+                struct {
+                    uint32_t rm : 4;
+                    uint32_t : 1;
+                    uint32_t shift : 2;
+                    uint32_t shiftamount : 5;
+                    uint32_t rd : 4;
+                    uint32_t rn : 4;
+                    uint32_t l : 1;
+                    uint32_t w : 1;
+                    uint32_t b : 1;
+                    uint32_t u : 1;
+                    uint32_t p : 1;
+                    uint32_t mode : 1;
+                    uint32_t type : 2;
+                    uint32_t cond : 4;
+                };
+            } bits = {backup[offset+0]}, copy(bits);
+
+            bool guard;
+            if (bits.mode == 0 || bits.rd != bits.rm) {
+                copy.rn = bits.rd;
+                guard = false;
+            } else {
+                copy.rn = bits.rm != A$r0 ? A$r0 : A$r1;
+                guard = true;
+            }
+
+            if (guard)
+                buffer[start++] = A$stmdb_sp$_$rs$((1 << copy.rn));
+
+            buffer[start+0] = A$ldr_rd_$rn_im$(copy.rn, A$pc, (end-1 - (start+0)) * 4 - 8);
+            buffer[start+1] = copy.value;
+
+            start += 2;
+
+            if (guard)
+                buffer[start++] = A$ldmia_sp$_$rs$((1 << copy.rn));
+
+            *--trailer = reinterpret_cast<uint32_t>(area + offset) + 8;
+            end -= 1;
+        } else
+            buffer[start++] = backup[offset];
+
+    buffer[start+0] = A$ldr_rd_$rn_im$(A$pc, A$pc, 4 - 8);
+    buffer[start+1] = reinterpret_cast<uint32_t>(area + used / sizeof(uint32_t));
+
+    if (mprotect(buffer, length, PROT_READ | PROT_EXEC) == -1) {
+        MSLog(MSLogLevelError, "MS:Error:mprotect():%d", errno);
+        goto fail;
+    }
+
+    *result = buffer;
+
+    if (MSDebug) {
+        char name[16];
+        sprintf(name, "%p", *result);
+        MSLogHexEx(buffer, length, 4, name);
+    }
+
+    }
+
+    {
+        SubstrateHookMemory code(process, symbol, used);
+
+        arm[0] = A$ldr_rd_$rn_im$(A$pc, A$pc, 4 - 8);
+        arm[1] = reinterpret_cast<uint32_t>(replace);
+    }
+
+    if (MSDebug) {
+        char name[16];
+        sprintf(name, "%p", area);
+        MSLogHexEx(area, used + sizeof(uint32_t), 4, name);
+    }
+}
+
+
diff --git a/VirtualApp/lib/src/main/jni/MSHook/ARM.h b/VirtualApp/lib/src/main/jni/MSHook/ARM.h
@@ -0,0 +1,81 @@
+/* Cydia Substrate - Powerful Code Insertion Platform
+ * Copyright (C) 2008-2011  Jay Freeman (saurik)
+*/
+
+/* GNU Lesser General Public License, Version 3 {{{ */
+/*
+ * Substrate is free software: you can redistribute it and/or modify it under
+ * the terms of the GNU Lesser General Public License as published by the
+ * Free Software Foundation, either version 3 of the License, or (at your
+ * option) any later version.
+ *
+ * Substrate is distributed in the hope that it will be useful, but WITHOUT
+ * ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
+ * FITNESS FOR A PARTICULAR PURPOSE.  See the GNU Lesser General Public
+ * License for more details.
+ *
+ * You should have received a copy of the GNU Lesser General Public License
+ * along with Substrate.  If not, see <http://www.gnu.org/licenses/>.
+**/
+/* }}} */
+
+#ifndef SUBSTRATE_ARM_HPP
+#define SUBSTRATE_ARM_HPP
+
+#include "CydiaSubstrate.h"
+#include "Log.h"
+#include "Debug.h"
+#include <sys/mman.h>
+#include <stdlib.h>
+#include <stdio.h>
+#include <errno.h>
+#include <stdint.h>
+
+enum A$r {
+    A$r0, A$r1, A$r2, A$r3,
+    A$r4, A$r5, A$r6, A$r7,
+    A$r8, A$r9, A$r10, A$r11,
+    A$r12, A$r13, A$r14, A$r15,
+    A$sp = A$r13,
+    A$lr = A$r14,
+    A$pc = A$r15
+};
+
+enum A$c {
+    A$eq, A$ne, A$cs, A$cc,
+    A$mi, A$pl, A$vs, A$vc,
+    A$hi, A$ls, A$ge, A$lt,
+    A$gt, A$le, A$al,
+    A$hs = A$cs,
+    A$lo = A$cc
+};
+
+#define A$mrs_rm_cpsr(rd) /* mrs rd, cpsr */ \
+    (0xe10f0000 | ((rd) << 12))
+#define A$msr_cpsr_f_rm(rm) /* msr cpsr_f, rm */ \
+    (0xe128f000 | (rm))
+#define A$ldr_rd_$rn_im$(rd, rn, im) /* ldr rd, [rn, #im] */ \
+    (0xe5100000 | ((im) < 0 ? 0 : 1 << 23) | ((rn) << 16) | ((rd) << 12) | abs(im))
+#define A$str_rd_$rn_im$(rd, rn, im) /* sr rd, [rn, #im] */ \
+    (0xe5000000 | ((im) < 0 ? 0 : 1 << 23) | ((rn) << 16) | ((rd) << 12) | abs(im))
+#define A$sub_rd_rn_$im(rd, rn, im) /* sub, rd, rn, #im */ \
+    (0xe2400000 | ((rn) << 16) | ((rd) << 12) | (im & 0xff))
+#define A$blx_rm(rm) /* blx rm */ \
+    (0xe12fff30 | (rm))
+#define A$mov_rd_rm(rd, rm) /* mov rd, rm */ \
+    (0xe1a00000 | ((rd) << 12) | (rm))
+#define A$ldmia_sp$_$rs$(rs) /* ldmia sp!, {rs} */ \
+    (0xe8b00000 | (A$sp << 16) | (rs))
+#define A$stmdb_sp$_$rs$(rs) /* stmdb sp!, {rs} */ \
+    (0xe9200000 | (A$sp << 16) | (rs))
+#define A$stmia_sp$_$r0$  0xe8ad0001 /* stmia sp!, {r0}   */
+#define A$bx_r0           0xe12fff10 /* bx r0             */
+
+static inline bool A$pcrel$r(uint32_t ic) {
+	return (ic & 0x0c000000) == 0x04000000 && (ic & 0xf0000000) != 0xf0000000 && (ic & 0x000f0000) == 0x000f0000;
+}
+
+namespace ARM{
+	extern "C" void SubstrateHookFunctionARM(SubstrateProcessRef process, void *symbol, void *replace, void **result);
+}
+#endif//SUBSTRATE_ARM_HPP
diff --git a/VirtualApp/lib/src/main/jni/MSHook/CydiaSubstrate.h b/VirtualApp/lib/src/main/jni/MSHook/CydiaSubstrate.h
@@ -0,0 +1,15 @@
+#ifndef CYDIASUBSTRATE_H_
+#define CYDIASUBSTRATE_H_
+
+#include <dlfcn.h>
+#include <stdlib.h>
+
+#define _finline \
+    inline __attribute__((__always_inline__))
+#define _disused \
+    __attribute__((__unused__))
+#define _extern \
+    extern "C" __attribute__((__visibility__("default")))
+
+#include "SubstrateStruct.h"
+#endif /* CYDIASUBSTRATE_H_ */