Hi.
For research purposes, I am trying to see how much an app can get about IPC
calls it generates.
To do so and using the droid_injectso lib, I hook the ioctl call, based
for instance on the following code:
int hooked_ioctl(int fd, int cmd, void *data)
{
LOGI("[+] ioctl is invoked ...");
LOGI("ioctl.cmd: %zu\n", cmd);
LOGI("wait for: %zu\n", BINDER_WRITE_READ);
int ret = (*orig_ioctl)(fd, cmd, data);
return ret;
}
However, I never succeed to capture BINDER_WRITE_READ commands.
As per documentation, research papers and IPCThreadState.cpp, this should
work.
The hooking concept is a slight review of the injectso lib as the app does
not need to inject into another process but into its own process:
void so_entry(char *p)
{
char *sym = "ioctl";
char *module_path = "/system/lib/libbinder.so";
orig_ioctl = do_hook(module_path, hooked_ioctl, sym);
if ( orig_ioctl == 0 )
{
LOGE("[-] hook %s failed", sym);
return ;
}
LOGI("[+] orignal %s: 0x%x", sym, orig_ioctl);
}
and, on the main Activity,
static {
try {
System.loadLibrary("hook_ioctl");
// System.loadLibrary("arthook");
} catch (Throwable e) {
Log.e(TAG, Log.getStackTraceString(e));
}
}
So any idea why I am only getting ioctl.cmd: 3222823425 instead of
3224396289 ?
Thank you.
--
You received this message because you are subscribed to the Google Groups
"Android Developers" group.
To unsubscribe from this group and stop receiving emails from it, send an email
to [email protected].
To post to this group, send email to [email protected].
Visit this group at https://groups.google.com/group/android-developers.
To view this discussion on the web visit
https://groups.google.com/d/msgid/android-developers/4ec2c247-3dbd-479a-8db8-9f5976a3aa3c%40googlegroups.com.
For more options, visit https://groups.google.com/d/optout.
