dexposed enable 'god' mode for single android application.

Related tags

Hook dexposed
Overview

What is it?

Download Software License Join the chat at https://gitter.im/alibaba/dexposed

Dexposed is a powerful yet non-invasive runtime AOP (Aspect-oriented Programming) framework for Android app development, based on the work of open-source Xposed framework project.

The AOP of Dexposed is implemented purely non-invasive, without any annotation processor, weaver or bytecode rewriter. The integration is as simple as loading a small JNI library in just one line of code at the initialization phase of your app.

Not only the code of your app, but also the code of Android framework that running in your app process can be hooked. This feature is extremely useful in Android development as we developers heavily rely on the fragmented old versions of Android platform (SDK).

Together with dynamic class loading, a small piece of compiled Java AOP code can be loaded into the running app, effectively altering the behavior of the target app without restart.

Typical use-cases

  • Classic AOP programming
  • Instrumentation (for testing, performance monitoring and etc.)
  • Online hot patch to fix critical, emergent or security bugs
  • SDK hooking for a better development experience

Integration

Directly add dexposed aar to your project as compile libraries, it contains a jar file "dexposedbridge.jar" two so files "libdexposed.so libdexposed_l.so" from 'dexposed' directory.

Gradle dependency like following:

	dependencies {
	    compile 'com.taobao.android:dexposed:0.1.1@aar'
	}

Insert the following line into the initialization phase of your app, as early as possible:

    public class MyApplication extends Application {

        @Override public void onCreate() {        
            // Check whether current device is supported (also initialize Dexposed framework if not yet)
            if (DexposedBridge.canDexposed(this)) {
                // Use Dexposed to kick off AOP stuffs.
                ...
            }
        }
        ...
    }

It's done.

Basic usage

There are three injection points for a given method: before, after, replace.

Example 1: Attach a piece of code before and after all occurrences of Activity.onCreate(Bundle).

        // Target class, method with parameter types, followed by the hook callback (XC_MethodHook).
		DexposedBridge.findAndHookMethod(Activity.class, "onCreate", Bundle.class, new XC_MethodHook() {
        
            // To be invoked before Activity.onCreate().
			@Override protected void beforeHookedMethod(MethodHookParam param) throws Throwable {
				// "thisObject" keeps the reference to the instance of target class.
				Activity instance = (Activity) param.thisObject;
        
				// The array args include all the parameters.
				Bundle bundle = (Bundle) param.args[0];
				Intent intent = new Intent();
				// XposedHelpers provide useful utility methods.
				XposedHelpers.setObjectField(param.thisObject, "mIntent", intent);
		
				// Calling setResult() will bypass the original method body use the result as method return value directly.
				if (bundle.containsKey("return"))
					param.setResult(null);
			}
					
			// To be invoked after Activity.onCreate()
			@Override protected void afterHookedMethod(MethodHookParam param) throws Throwable {
		        XposedHelpers.callMethod(param.thisObject, "sampleMethod", 2);
			}
		});

Example 2: Replace the original body of the target method.

		DexposedBridge.findAndHookMethod(Activity.class, "onCreate", Bundle.class, new XC_MethodReplacement() {
		
			@Override protected Object replaceHookedMethod(MethodHookParam param) throws Throwable {
				// Re-writing the method logic outside the original method context is a bit tricky but still viable.
				...
			}

		});

Checkout the example project to find out more.

Support

Dexposed support all dalvik runtime arm architecture devices from Android 2.3 to 4.4 (no include 3.0). The stability has been proved in our long term product practice.

Follow is support status.

Runtime Android Version Support
Dalvik 2.2 Not Test
Dalvik 2.3 Yes
Dalvik 3.0 No
Dalvik 4.0-4.4 Yes
ART 5.0 Testing
ART 5.1 No
ART M No

Contribute

We are open to constructive contributions from the community, especially pull request and quality bug report. Currently, the support for new Android Runtime (ART) is still in early beta stage, we value your help to test or improve the implementation.

Dexposed is aimed to be lightweight, transparent and productive. All improvements with these principal in mind are welcome. At the same time, we are actively exploring more potentially valuable use-cases and building powerful tools based upon Dexposed. We're interested in any ideas expanding the use-cases and grateful for community developed tools on top of Dexposed.

Comments
  • Why can't support YunOS?

    Why can't support YunOS?

    Then we may failed to hook mobiles running on YunOS, is there any explanation?

        public static synchronized boolean isDeviceSupport(Context context) {
        // return memory checked value.
        try {
            if (isCheckedDeviceSupport)
                return isDeviceSupportable;

            if (!isX86CPU() && !isYunOS()) {
                isDeviceSupportable = true;
            } else {
                isDeviceSupportable = false;
            }
        } finally {
            Log.d("hotpatch", "device support is " + isDeviceSupportable + "checked" + isCheckedDeviceSupport);
            isCheckedDeviceSupport = true;
        }
        return isDeviceSupportable;
    }
    opened by xworks 12
  • dexposed2.3 is missing

    dexposed2.3 is missing

    private static boolean loadDexposedLib(Context context) { // load xposed lib for hook. try { if (android.os.Build.VERSION.SDK_INT == 10 || android.os.Build.VERSION.SDK_INT == 9) { System.loadLibrary("dexposed2.3"); } else if (android.os.Build.VERSION.SDK_INT > 19){ System.loadLibrary("dexposed_l"); } else { System.loadLibrary("dexposed"); } return true; } catch (Throwable e) { return false; } }

    we could see there is three kind of so file,but there is nowhere to find dexposed2.3

    opened by ASCE1885 7
  • support x86 and art 5.1

    support x86 and art 5.1

    主要做了如下几个改动:

    整个项目都切换为studio 工程

    这样就可以使用studio 的native debugger进行调试 当前studio 版本: 1.4 preview3 gradle版本: gradle-experimental:0.2.0

    art 和 delvik runtime 都支持x86

    在Genymotion android的几个虚拟机测试通过:

    • 4.4.4 api19
    • 5.0.0 api21
      • 5.1.1 api22

    增加一个dexposed-patch 子项目

    之前沟通, 编译依赖的android头文件和libxxx.so, 我提出来放到这个单独的项目中了, 并作为submodule

    增加一个dexposed 项目

    用来发布到maven, 因为studio的原因, 不能很好的引用native lib项目; 所以单独提一个项目出来专门用作发布; 它没有代码, 依赖dexposedbridge, 分别软链三个对应的so

    至于为何不像原来一样跟dexposedbridge放到一起, 因为如果dexposed_art需要单独进行native调试, 那么dexposed_art必须依赖dexposedbridge, 那放到一起的话dexposedbridge中的libdexposed_art.so 会跟dexposed_art本身编译出来的so冲突, 所以我选择干脆提出来单独发布的模块好了;这样dexposed_art和dexposed_dalvik都可以改成app单独进行natvie调试

    dexposed_art 生成5.0 和5.1两个lib

    art运行时支持, 因为5.0和5.1的dexposed.cpp区别很小, 所以用一套代码, 建了两个productFlavors来分别使用5.0和5.1头文件进行编译出两个so

    dexposed.cpp

    • 修改了invokeOriginalMethod的方式
    • 5.0的 SetNativeMethod 在5.1 被定义为SetEntryPointFromJni

    关于5.0和5.1的兼容

    因为art中使用了很多内敛函数, 而且访问类属性的时候大多用了偏移量的做法; 但是5.0和5.1的类结构又不同, 所以导致5.0和5.1不兼容; 就比如 ArtMethod::GetAccessFlags 这个方法, 5.0实际上是访问&ArtMethod+56, 而5.1是访问&ArtMethod+20

    可以做个转化来兼容, 具体可以看我的分支compatible_with_19_22, 主要是art_method_proxy.h 做了个ArtMethod属性访问的代理; 在5.0和5.1虚拟机测试通过

    但是5.0和5.1很多类的结构体好像都改了, 就像是ObjectArray::Set() 函数都会不兼容的, 经过我debug发现好像是Runtime::GetHeap() 的指针异常; 所以在我的兼容分支粗暴的改成了 SetFieldObjectWithoutWriteBarrier, 可以正常; 但是以我的知识...我不知道WriteBarrier作用是啥...

    一句话就是, 如果要搞proxy的话要搞好多xxx_porxy, 代价太高了... 而且不知道会不会带来其他问题...所以我还是选择老老实实编译两个so分别加载算了

    opened by pangliang 6
  • 转成android studio工程, 并且让它支持x86

    转成android studio工程, 并且让它支持x86

    你好:

    我打算用这个东西来做个插件, 并且希望它支持x86, 所以自己fork了一个做了修改 主要是整个项目换成android studio的工程, dalvik, bridge, art分别作为library model

    dalvik和art模块都可以直接在android studio中编译成功, 应该会方便修改和调试

    另外, 我已经把dalvik的部分完成了了x86的支持 art的因为有个关联armeabi-v7a的汇编, 暂时不知道怎么弄

    我的分支地址: https://github.com/pangliang/dexposed/tree/android_studio 你们看是否能接受, 可以的话我就推个PR

    opened by pangliang 6
  • Patch成功,但是Hook的函数没有被替换

    Patch成功,但是Hook的函数没有被替换

    执行时,有系统异常,提示如下: `DexOpt: --- BEGIN 'patch_my.apk' (bootstrap=0) --- 02-18 18:14:03.712 26653-26653/com.ruowen.hookdexposed D/dalvikvm﹕ DexOpt: --- END 'patch_my.apk' (success) --- 02-18 18:14:03.712 26653-26653/com.ruowen.hookdexposed D/dalvikvm﹕ DEX prep '/storage/emulated/0/Android/data/com.ruowen.hookdexposed/cache/patch_my.apk': unzip in 0ms, rewrite 99ms 02-18 18:14:03.722 26653-26653/com.ruowen.hookdexposed D/dalvikvm﹕ DexOpt: --- BEGIN 'patch_my.apk' (bootstrap=0) --- 02-18 18:14:03.812 26653-26653/com.ruowen.hookdexposed D/dalvikvm﹕ DexOpt: --- END 'patch_my.apk' (success) --- 02-18 18:14:03.812 26653-26653/com.ruowen.hookdexposed D/dalvikvm﹕ DEX prep '/storage/emulated/0/Android/data/com.ruowen.hookdexposed/cache/patch_my.apk': unzip in 0ms, rewrite 91ms

    /*******************此处提示有未实现的本地方法************************************_/ 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/dalvikvm﹕ No implementation found for native Lcom/taobao/android/dexposed/DexposedBridge;.hookMethodNative:(Ljava/lang/reflect/Member;Ljava/lang/Class;ILjava/lang/Object;)V 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ java.lang.UnsatisfiedLinkError: Native method not found: com.taobao.android.dexposed.DexposedBridge.hookMethodNative:(Ljava/lang/reflect/Member;Ljava/lang/Class;ILjava/lang/Object;)V /_****************_此处提示有未实现的本地方法_***********************************/

    02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.android.dexposed.DexposedBridge.hookMethodNative(Native Method) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.android.dexposed.DexposedBridge.hookMethod(DexposedBridge.java:158) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.android.dexposed.DexposedBridge.findAndHookMethod(DexposedBridge.java:192) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.patch.BtnClickPatch.handlePatch(BtnClickPatch.java:24) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.patch.PatchCallback.handlePatch(PatchCallback.java:35) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.patch.PatchCallback.call(PatchCallback.java:31) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.patch.PatchCallback.callAll(PatchCallback.java:16) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.taobao.patch.PatchMain.load(PatchMain.java:95) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.ruowen.hookdexposed.MainActivity.runPatchApk(MainActivity.java:76) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.ruowen.hookdexposed.MainActivity.onClick(MainActivity.java:52) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at android.view.View.performClick(View.java:4444) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at android.view.View$PerformClick.run(View.java:18457) 02-18 18:14:03.822 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at android.os.Handler.handleCallback(Handler.java:733) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at android.os.Handler.dispatchMessage(Handler.java:95) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at android.os.Looper.loop(Looper.java:136) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at android.app.ActivityThread.main(ActivityThread.java:5049) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at java.lang.reflect.Method.invokeNative(Native Method) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at java.lang.reflect.Method.invoke(Method.java:515) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:793) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:609) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed W/System.err﹕ at dalvik.system.NativeStart.main(Native Method) 02-18 18:14:03.832 26653-26653/com.ruowen.hookdexposed E/Hotpatch﹕ patch success!`

    opened by Ruowenmei 3
  • ART系统类方法Hook支持

    ART系统类方法Hook支持

    1.对ART的支持现在是否还有人在继续开发?

    2.手淘是否使用了其他的方案来代替dexposed?

    3.我测试了ART下自定义函数的可以hook,但是对于View的方法比如performClick不可以hook, dexposed/dexposed_so/dexposed_art/dexposed.cpp里的EnableXposedHook

    static void EnableXposedHook(JNIEnv* env, ArtMethod* art_method, jobject additional_info)
      // Create a backup of the ArtMethod object
      ArtMethod* backup_method = down_cast<ArtMethod*>(art_method->Clone(soa.Self()));
      // Set private flag to avoid virtual table lookups during invocation
      backup_method->SetAccessFlags(backup_method->GetAccessFlags() /*| kAccXposedOriginalMethod*/);
      // Create a Method/Constructor object for the backup ArtMethod object
      jobject reflect_method;
      if (art_method->IsConstructor()) {
        reflect_method = env->AllocObject(WellKnownClasses::java_lang_reflect_Constructor);
      } else {
        reflect_method = env->AllocObject(WellKnownClasses::java_lang_reflect_Method);
      }
      env->SetObjectField(reflect_method, WellKnownClasses::java_lang_reflect_AbstractMethod_artMethod,
          env->NewGlobalRef(soa.AddLocalReference<jobject>(backup_method)));
      // Save extra information in a separate structure, stored instead of the native method
      DexposedHookInfo* hookInfo = reinterpret_cast<DexposedHookInfo*>(calloc(1, sizeof(DexposedHookInfo)));
      hookInfo->reflectedMethod = env->NewGlobalRef(reflect_method);
      hookInfo->additionalInfo = env->NewGlobalRef(additional_info);
      hookInfo->originalMethod = backup_method;

      jstring shorty = (jstring)env->GetObjectField(additional_info,additionalhookinfo_shorty_field);
      hookInfo->shorty = env->GetStringUTFChars(shorty, 0);
      LOG(INFO) << "dexposed: >>> EnableXposedHook shorty:" << hookInfo->shorty;

    #if PLATFORM_SDK_VERSION < 22
        art_method->SetNativeMethod(reinterpret_cast<uint8_t *>(hookInfo));
    #else
        art_method->SetEntryPointFromJni(reinterpret_cast<void *>(hookInfo));
    #endif

      art_method->SetEntryPointFromQuickCompiledCode(GetQuickDexposedInvokeHandler());
      //art_method->SetEntryPointFromInterpreter(art::artInterpreterToCompiledCodeBridge);
      // Adjust access flags
      art_method->SetAccessFlags((art_method->GetAccessFlags() & ~kAccNative) /*| kAccXposedHookedMethod*/);

    是什么原因导致的这个问题呢? 另外xposed也支持了6.0的hook,在android_art/runtime/art_method.cc里的

    void ArtMethod::EnableXposedHook(ScopedObjectAccess& soa, jobject additional_info) {

  // Create a backup of the ArtMethod object
  auto* cl = Runtime::Current()->GetClassLinker();
  ArtMethod* backup_method = cl->AllocArtMethodArray(soa.Self(), 1);
  backup_method->CopyFrom(this, cl->GetImagePointerSize());
  backup_method->SetAccessFlags(backup_method->GetAccessFlags() | kAccXposedOriginalMethod);

  // Create a Method/Constructor object for the backup ArtMethod object
  mirror::AbstractMethod* reflect_method;
  if (IsConstructor()) {
    reflect_method = mirror::Constructor::CreateFromArtMethod(soa.Self(), backup_method);
  } else {
    reflect_method = mirror::Method::CreateFromArtMethod(soa.Self(), backup_method);
  }
  reflect_method->SetAccessible<false>(true);

  // Save extra information in a separate structure, stored instead of the native method
  XposedHookInfo* hookInfo = reinterpret_cast<XposedHookInfo*>(calloc(1, sizeof(XposedHookInfo)));
  hookInfo->reflectedMethod = soa.Vm()->AddGlobalRef(soa.Self(), reflect_method);
  hookInfo->additionalInfo = soa.Env()->NewGlobalRef(additional_info);
  hookInfo->originalMethod = backup_method;
  SetEntryPointFromJni(reinterpret_cast<uint8_t*>(hookInfo));

  ThreadList* tl = Runtime::Current()->GetThreadList();
  soa.Self()->TransitionFromRunnableToSuspended(kSuspended);
  tl->SuspendAll("Hooking method");
  {
    MutexLock mu(soa.Self(), *Locks::thread_list_lock_);
    tl->ForEach(StackReplaceMethod, this);
  }
  tl->ResumeAll();
  soa.Self()->TransitionFromSuspendedToRunnable();

  SetEntryPointFromQuickCompiledCode(GetQuickProxyInvokeHandler());
  SetEntryPointFromInterpreter(artInterpreterToCompiledCodeBridge);

  // Adjust access flags
  SetAccessFlags((GetAccessFlags() & ~kAccNative & ~kAccSynchronized) | kAccXposedHookedMethod);

    是否可以借鉴一下?

    opened by mimers 3
  • Build.VERSION.SDK_INT >= 21不支持吗

    Build.VERSION.SDK_INT >= 21不支持吗

    在使用5.0.1手机测试时发现load的是libdexposed_l.so成功 PatchResult result = PatchMain.load(context, apkPath, null);也返回true 但运行时程序崩溃,请问下现在还不支持5.0(API 21)以上的系统吗? 如果支持该怎么配置?谢谢

    opened by kingJ430 3
  • native_dependencies does not work

    native_dependencies does not work

    Error:Execution failed for task ':app:resolveNativeDependencies'.

    Could not resolve all dependencies for configuration 'detachedConfiguration1'. Could not find any matches for com.taobao.dexposed:dexposed_l:0.2+ as no versions of com.taobao.dexposed:dexposed_l are available. Searched in the following locations: https://jcenter.bintray.com/com/taobao/dexposed/dexposed_l/maven-metadata.xml https://jcenter.bintray.com/com/taobao/dexposed/dexposed_l/

    opened by ASCE1885 3
  • Duplicate files copied in APK

    Duplicate files copied in APK

    Last summer, I used dexposed library by downloading jar and so files. I guess you moved to Maven repositories and one line dependency works with gradle now. However, I'm facing following error with current version.

    Error:Execution failed for task ':sample:transformNative_libsWithMergeJniLibsForDebug'.
> com.android.build.api.transform.TransformException: com.android.builder.packaging.DuplicateFileException: Duplicate files copied in APK lib/armeabi/libdexposed_l.so
    File1: D:\Works\android-windows\ScreenRecord\sample\build\intermediates\exploded-aar\com.taobao.android\dexposed\0.1.1\jni
    File2: D:\Works\android-windows\ScreenRecord\sample\build\intermediates\exploded-aar\ScreenRecord\library\unspecified\jni
    opened by halilozercan 2
  • Build Issues with AOSP

    Build Issues with AOSP

    [Question] I have build Android source code successfully and have placed dexposed dalvik code at right places. When I run mmm -B dexposed_dalvik, it starts to compile. But the output is not generated. I have used android-4.3_r2.2.

    opened by azeemsamma 2
  • hook Fragment onCreate onDestroy not work

    hook Fragment onCreate onDestroy not work

    DexposedBridge.findAndHookMethod(Fragment.class, "onCreate", Bundle.class, onCreateHook); DexposedBridge.findAndHookMethod(Fragment.class, "onDestroy", onDestroyHook); 不起作用

    opened by hyxbiao 2
  • 小米4 CM13闪退

    小米4 CM13闪退

    日志如下 dev_art的

    03-13 15:23:11.418 22507-22507/? V/Dexposed_Art: JNI_Dexposed_Art_OnLoad
03-13 15:23:11.421 22507-22507/? V/Dexposed_Art: artInterpreterToInterpreterBridge: b498e341
03-13 15:23:11.422 22507-22507/? V/Dexposed_Art: artInterpreterToCompiledCodeBridge: b4b11b8d
03-13 15:23:11.422 22507-22507/? V/Dexposed_Art: art_quick_resolution_trampoline: 0
03-13 15:23:11.429 22507-22507/? D/Dexposed: Using: 16/32-bit Thumb2
03-13 15:23:11.430 22507-22507/? D/Dexposed.Operator: source Method:0xFFFFFFFFAEB6D350
03-13 15:23:11.430 22507-22507/? D/Dexposed.Operator: Orin Method QuickCompiledCode:0x00000000A05FCC95
03-13 15:23:11.430 22507-22507/? D/Dexposed.Memory: Reading 8 bytes from: 0xA05FCC94
03-13 15:23:11.431 22507-22507/? D/Dexposed.Memory: 0xA05FCC90:             AD F5 00 5C  DC F8 00 C0
03-13 15:23:11.431 22507-22507/? V/Dexposed_Art: dexposed_getBridgeFunction b395d809
03-13 15:23:11.432 22507-22507/? D/Dexposed: targetAddress:0xFFFFFFFFB395D809
03-13 15:23:11.432 22507-22507/? D/Dexposed: sourceAddress:0xFFFFFFFFAEB6D350
03-13 15:23:11.432 22507-22507/? D/Dexposed.Memory: Mapped memory of size 72 at 0xB587E000
03-13 15:23:11.432 22507-22507/? D/Dexposed.Memory: Writing memory to: 0xB587E000
03-13 15:23:11.434 22507-22507/? D/Dexposed.Memory: 0xB587E000: AF F3 00 80 DF F8 2C C0  60 45 40 F0 15 80 2D E9 
                                                    0xB587E010: F8 4F 84 B0 CD F8 08 30  6B 46 6B 46 CD F8 00 D0 
                                                    0xB587E020: CD F8 04 90 DF F8 08 C0  E0 47 04 B0 BD E8 F8 8F 
                                                    0xB587E030: 09 D8 95 B3 50 D3 B6 AE  AD F5 00 5C DC F8 00 C0 
                                                    0xB587E040: DF F8 00 F0 9D CC 5F A0
03-13 15:23:11.435 22507-22507/? D/Dexposed: Writing hook to 0xB587E001 in 0xA05FCC94
03-13 15:23:11.435 22507-22507/? D/Dexposed.Memory: Disabling mprotect from 0xA05FCC94
03-13 15:23:11.435 22507-22507/? D/Dexposed.Memory: Writing memory to: 0xA05FCC94
03-13 15:23:11.436 22507-22507/? D/Dexposed.Memory: 0xA05FCC90:             DF F8 00 F0  01 E0 87 B5
03-13 15:23:11.436 22507-22507/? D/Dexposed.Memory: Mapped memory of size 40 at 0xB586B000
03-13 15:23:11.437 22507-22507/? D/Dexposed: backAddress:0xFFFFFFFFB586B000
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler arm32
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler method: 0xaeb6d350
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler arg2: 0x12dc8d50
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler arg3: 0x10
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler sp1: 0xbefdfe18
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe18 sp[0]: 0xbefdfe18
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe1c sp[1]: 0xb4cf6500
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe20 sp[2]: 0x12dc8000
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe24 sp[3]: 0x0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe28 sp[4]: 0x12dc8000
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe2c sp[5]: 0x0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe30 sp[6]: 0x12da7620
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe34 sp[7]: 0x71036af0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe38 sp[8]: 0x12c3a880
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe3c sp[9]: 0x0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe40 sp[10]: 0xb4cf6500
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe44 sp[11]: 0x12c3a880
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe48 sp[12]: 0x12d42180
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe4c sp[13]: 0xa0601025
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe50 sp[14]: 0xb0631738
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe54 sp[15]: 0x12dc8d50
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe58 sp[16]: 0x12e80490
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe5c sp[17]: 0x12dc14c0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe60 sp[18]: 0x12d3f220
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe64 sp[19]: 0x0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe68 sp[20]: 0x1
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe6c sp[21]: 0x12dc8d50
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe70 sp[22]: 0x84
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe74 sp[23]: 0x2710
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe78 sp[24]: 0x0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe7c sp[25]: 0x7411bec5
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe80 sp[26]: 0x12c893e0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe84 sp[27]: 0x12dc8d50
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe88 sp[28]: 0x12dc14c0
03-13 15:23:11.438 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe8c sp[29]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe90 sp[30]: 0x12dc1500
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe94 sp[31]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe98 sp[32]: 0x12da7620
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfe9c sp[33]: 0x7419e81d
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfea0 sp[34]: 0x718bad08
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfea4 sp[35]: 0x12da7620
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfea8 sp[36]: 0x71036af0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfeac sp[37]: 0x12c3a880
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfeb0 sp[38]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler1 0xbefdfeb4 sp[39]: 0x12c3a880
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler size:0
03-13 15:23:11.439 22507-22507/? D/Dexposed.Entry: isStatic:false
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[0]: 0x10
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[1]: 0x12dc8000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[2]: 0x1000000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[3]: 0xb4d00140
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[4]: 0xb4c21e00
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[5]: 0xc000000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[6]: 0xb4c21da0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[7]: 0x1000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[8]: 0xb4cfb0a0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[9]: 0x200000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[10]: 0x1000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[11]: 0x800000
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[12]: 0xb4bfbbac
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[13]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[14]: 0xb4bfbb84
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[15]: 0x1f4
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[16]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[17]: 0xb4cca0c8
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[18]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler xargs[19]: 0x0
03-13 15:23:11.439 22507-22507/? V/Dexposed_Art: artQuickDexposedInvokeHandler returnType:17
03-13 15:23:11.440 22507-22507/? A/libc: Fatal signal 11 (SIGSEGV), code 1, fault addr 0x0 in tid 22507 (io.virtualapp:x)
03-13 15:23:11.440 277-277/? I/DEBUG: property debug.db.uid not set; NOT waiting for gdb.
03-13 15:23:11.440 277-277/? I/DEBUG: HINT: adb shell setprop debug.db.uid 100000
03-13 15:23:11.440 277-277/? I/DEBUG: HINT: adb forward tcp:5039 tcp:5039
03-13 15:23:11.544 277-277/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
03-13 15:23:11.544 277-277/? A/DEBUG: CM Version: 'unknown'
03-13 15:23:11.545 277-277/? A/DEBUG: Build fingerprint: 'Xiaomi/cancro/cancro:6.0.1/MMB29M/6.5.12:userdebug/test-keys'
03-13 15:23:11.545 277-277/? A/DEBUG: Revision: '0'
03-13 15:23:11.545 277-277/? A/DEBUG: ABI: 'arm'
03-13 15:23:11.546 277-277/? A/DEBUG: pid: 22507, tid: 22507, name: io.virtualapp:x  >>> io.virtualapp:x <<<
03-13 15:23:11.546 277-277/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0x0
03-13 15:23:11.633 277-277/? A/DEBUG:     r0 b4cbc000  r1 b4cf6500  r2 12dc8d50  r3 00000000
03-13 15:23:11.633 277-277/? A/DEBUG:     r4 00000011  r5 00000000  r6 00100021  r7 b3960734
03-13 15:23:11.633 277-277/? A/DEBUG:     r8 00000000  r9 b4cf6500  sl 12c3a880  fp 12d42180
03-13 15:23:11.633 277-277/? A/DEBUG:     ip befdf910  sp befdfdb8  lr b395dba9  pc 00000000  cpsr 600f0010
03-13 15:23:11.635 277-277/? A/DEBUG: backtrace:
03-13 15:23:11.635 277-277/? A/DEBUG:     #00 pc 00000000  <unknown>
03-13 15:23:11.635 277-277/? A/DEBUG:     #01 pc 00002ba7  /data/app/io.virtualapp-2/lib/arm/libdexposed_art.so (artQuickDexposedInvokeHandler+926)
03-13 15:23:11.635 277-277/? A/DEBUG:     #02 pc 00000029  <unknown>
03-13 15:23:12.170 277-277/? A/DEBUG: Tombstone written to: /data/tombstones/tombstone_01
    opened by dovewi 2
  • StackOverflowError

    StackOverflowError

    AndroidRuntime: FATAL EXCEPTION: main java.lang.StackOverflowError at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.DexposedBridge.log(DexposedBridge.java:84) at com.taobao.android.dexposed.D

    opened by huxian99 0
  • method循环调用

    method循环调用

    hi,你好,我在使用dexposed在art中的时候出现了循环调用的现象。 在hook完之后 正常的调用逻辑应该是:before -> original -> after 但是当我调用如下函数的时候,又会hook住。 com_taobao_android_dexposed_DexposedBridge_invokeOriginalMethodNative

    最终变成了这样: before -> original -> before -> original .... .... 请问这个是目前已知的问题么?

    opened by w5678912345 3
Owner
Alibaba
Alibaba Open Source
Alibaba
GitHub
Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstall apk.

Tinker Tinker is a hot-fix solution library for Android, it supports dex, library and resources update without reinstalling apk. Getting started Add t

Tencent 16.6k Dec 29, 2022
A hotfix library for Android platform, and not just this...

中文版 wiki (deprecated) changelog Amigo Service Platform (Amigo backend service is no longer supported) Amigo is a hotfix library which can fix everythi

eleme 1.4k Nov 25, 2022
AndFix is a library that offer hot-fix for Android App.

AndFix AndFix is a solution to fix the bugs online instead of redistributing Android App. It is distributed as Android Library. Andfix is an acronym f

Alibaba 6.9k Dec 29, 2022
xLua is a lua programming solution for C# ( Unity, .Net, Mono) , it supports android, ios, windows, linux, osx, etc.

(English Documents Available) C#下Lua编程支持 xLua为Unity、 .Net、 Mono等C#环境增加Lua脚本编程的能力,借助xLua,这些Lua代码可以方便的和C#相互调用。 xLua的突破 xLua在功能、性能、易用性都有不少突破,这几方面分别最具代表性的

Tencent 8.1k Jan 3, 2023
dexposed enable 'god' mode for single android application.

What is it? Dexposed is a powerful yet non-invasive runtime AOP (Aspect-oriented Programming) framework for Android app development, based on the work

Alibaba 4.5k Dec 28, 2022
GOD - Goal of the day is the notes app which tracks your daily tasks, most important tasks & monthly goals

GOD - Goal of the day GOD - Goals of the day Problem Statement: People always face problems in finding their goals and keeping track over a period. Th

Shubham Jitiya 1 Jan 16, 2022
Simple library which enable you to add a drawer(slide-out) navigation to your android application

SimpleSideDrawer is an android library to add a drawer navigation into your android application. This library has high affinity with other libraries l

null 217 Nov 25, 2022
An application to enable a user to manage a product listing

iProcureAndroidTest This is an application to enable a user to manage a product listing (in an e-commerce environment). ?? . Written in Kotlin and imp

Kakashi 6 Mar 7, 2022
Simple Android web-view-based application. The primary purpose is to show the website in Kiosk mode.

Kiosk mode app Simple Android web-view-based application. The primary purpose is to show the website in Kiosk mode. By default, the app works in Scree

Mykola Kichatov 1 Oct 25, 2022
This library provides GridAdapters(ListGridAdapter & CursorGridAdapter) which enable you to bind your data in grid card fashion within android.widget.ListView, Also provides many other features related to GridListView.

GridListViewAdapters This libarary enables you to implement GridView like card layout within ListView with added capabilites like Paginations, Additio

Biraj Patel 270 Nov 25, 2022
Enable and customize hidden features on Android 12.

Android 12 Extensions This is a Magisk + Xposed module that adds customization and enables hidden features on Android 12. It also includes a configura

Danny Lin 383 Jan 1, 2023
An android app will start when boot and exit after 1s. Develop for Redmi K40 to enable DC dimming automatically.

An android app will start when boot and exit after 1s. Develop for Redmi K40 to enable DC dimming automatically.

Ovear 4 May 13, 2022
enable users to slide card to the left or right smoothly and continuously

有图有真相 模仿探探首页的卡片滑动效果: 不得不说,探探的ui效果真的很赞。在着手这个project之前,我没有参考过github上其它类似的开源项目。所以,如果这个project重复造了轮子,请不要打我。 在这个仓库竣工之时,有一个小伙伴发了我另一个开源工程,颇有相似之处。我下载了源码,导入了st

stone 2.4k Jan 5, 2023
A library to quickly and easily enable multiple monitoring & support platforms for your mobile apps

You have a small team. Setting up crash reporting tools, event tracking tools, and log management services is not what you want to spend your hours do

Percolate 65 Aug 8, 2022
Google launcher-style implementation of switch (enable/disable) icon

Android-SwitchIcon Google launcher-style implementation of switch (enable/disable) icon Compatibility This library is compatible from API 15 (Android

Zagumennyi Evgenii 2.3k Dec 17, 2022
Gradle Plugin to enable auto-completion and symbol resolution for all Kotlin/Native platforms.

CompleteKotlin Gradle Plugin to enable auto-completion and symbol resolution for all Kotlin/Native platforms. What this plugin provides This zero-conf

Louis CAD 235 Jan 3, 2023
Speech-Text Converter is a simple task that enable the user to convert the speech to text or convert text to speech (by Mic)

Speech-Text Converter About Speech-Text Converter is a simple task that enable the user to convert the speech to text or convert text to speech (by Mi

Kareem Saeed 1 Oct 21, 2021
Force enable gesture for third-party launcher in MIUI.

Fuck MIUI Gesture English Brief Enable this module to allow setting system gesture as nagation when using third party launcher. Strong Mode: Force usi

null 15 Dec 25, 2022
Android library to help enter, and more importantly, leave, android "Immersive Mode".

Immersive Lock Android has various ways to full screen an application including locking the screen to prevent accidentally leaving the app. This is pa

Baby Apps 2 May 20, 2022
LiveEdgeDetection is an Android document detection library built on top of OpenCV. It scans documents from camera live mode and allows you to adjust crop using the detected 4 edges and performs perspective transformation of the cropped image. It works best with a dark background.

LiveEdgeDetection LiveEdgeDetection is an Android document detection library built on top of OpenCV. It scans documents from camera live mode and allo

Aditya Arora 301 Jan 7, 2023