From 40594e973a1f4d812055fbec01dcf7a4c4bdc298 Mon Sep 17 00:00:00 2001 From: Jake Valletta Date: Mon, 19 Jun 2017 13:40:23 -0700 Subject: [PATCH 1/2] Updated gradle build versions --- app/build.gradle | 2 +- build.gradle | 2 +- gradle/wrapper/gradle-wrapper.properties | 4 ++-- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/app/build.gradle b/app/build.gradle index 74f4db8..665c7b3 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -2,7 +2,7 @@ apply plugin: 'com.android.application' android { compileSdkVersion 22 - buildToolsVersion '22.0.1' + buildToolsVersion '25.0.2' defaultConfig { applicationId 'just.trust.me' minSdkVersion 16 diff --git a/build.gradle b/build.gradle index a6fcfe1..5966013 100644 --- a/build.gradle +++ b/build.gradle @@ -5,7 +5,7 @@ buildscript { jcenter() } dependencies { - classpath 'com.android.tools.build:gradle:1.5.0' + classpath 'com.android.tools.build:gradle:2.3.3' // NOTE: Do not place your application dependencies here; they belong // in the individual module build.gradle files diff --git a/gradle/wrapper/gradle-wrapper.properties b/gradle/wrapper/gradle-wrapper.properties index 4c47442..bb2164f 100644 --- a/gradle/wrapper/gradle-wrapper.properties +++ b/gradle/wrapper/gradle-wrapper.properties @@ -1,6 +1,6 @@ -#Tue Dec 16 21:30:06 EST 2014 +#Sat Apr 08 16:14:51 PDT 2017 distributionBase=GRADLE_USER_HOME distributionPath=wrapper/dists zipStoreBase=GRADLE_USER_HOME zipStorePath=wrapper/dists -distributionUrl=https\://services.gradle.org/distributions/gradle-2.2.1-all.zip +distributionUrl=https\://services.gradle.org/distributions/gradle-3.3-all.zip From e9bbd648b61cd153dea1ffe843a67e27a0631407 Mon Sep 17 00:00:00 2001 From: Jake Valletta Date: Mon, 19 Jun 2017 13:40:37 -0700 Subject: [PATCH 2/2] Updated TrustManagerImpl Support The previous versions were only hooking 1 of 3 methods used to perform server certificate checks. This commit adds the remaining 2 methods. --- app/src/main/java/just/trust/me/Main.java | 93 ++++++++++++++--------- 1 file changed, 59 insertions(+), 34 deletions(-) diff --git a/app/src/main/java/just/trust/me/Main.java b/app/src/main/java/just/trust/me/Main.java index 6e84d4c..ec6cf59 100644 --- a/app/src/main/java/just/trust/me/Main.java +++ b/app/src/main/java/just/trust/me/Main.java @@ -6,38 +6,38 @@ import android.util.Log; import android.webkit.SslErrorHandler; import android.webkit.WebView; -import java.io.IOException; -import java.net.Socket; -import java.net.UnknownHostException; -import java.util.ArrayList; -import java.util.List; - -import java.security.SecureRandom; -import java.security.KeyStore; -import java.security.KeyStoreException; -import java.security.cert.CertificateException; -import java.security.cert.X509Certificate; -import java.security.KeyManagementException; -import java.security.NoSuchAlgorithmException; -import java.security.UnrecoverableKeyException; - -import javax.net.ssl.HostnameVerifier; -import javax.net.ssl.KeyManager; -import javax.net.ssl.SSLContext; -import javax.net.ssl.TrustManager; -import javax.net.ssl.X509TrustManager; - import org.apache.http.conn.ClientConnectionManager; import org.apache.http.conn.scheme.HostNameResolver; import org.apache.http.conn.scheme.PlainSocketFactory; -import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.conn.scheme.Scheme; +import org.apache.http.conn.scheme.SchemeRegistry; import org.apache.http.conn.ssl.SSLSocketFactory; import org.apache.http.impl.client.DefaultHttpClient; import org.apache.http.impl.conn.SingleClientConnManager; import org.apache.http.impl.conn.tsccm.ThreadSafeClientConnManager; import org.apache.http.params.HttpParams; +import java.io.IOException; +import java.net.Socket; +import java.net.UnknownHostException; +import java.security.KeyManagementException; +import java.security.KeyStore; +import java.security.KeyStoreException; +import java.security.NoSuchAlgorithmException; +import java.security.SecureRandom; +import java.security.UnrecoverableKeyException; +import java.security.cert.CertificateException; +import java.security.cert.X509Certificate; +import java.util.ArrayList; +import java.util.List; + +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.KeyManager; +import javax.net.ssl.SSLContext; +import javax.net.ssl.SSLSession; +import javax.net.ssl.TrustManager; +import javax.net.ssl.X509TrustManager; + import de.robv.android.xposed.IXposedHookLoadPackage; import de.robv.android.xposed.XC_MethodHook; import de.robv.android.xposed.XC_MethodReplacement; @@ -47,10 +47,10 @@ import static de.robv.android.xposed.XposedHelpers.callMethod; import static de.robv.android.xposed.XposedHelpers.callStaticMethod; import static de.robv.android.xposed.XposedHelpers.findAndHookConstructor; import static de.robv.android.xposed.XposedHelpers.findAndHookMethod; +import static de.robv.android.xposed.XposedHelpers.findClass; import static de.robv.android.xposed.XposedHelpers.getObjectField; import static de.robv.android.xposed.XposedHelpers.newInstance; import static de.robv.android.xposed.XposedHelpers.setObjectField; -import static de.robv.android.xposed.XposedHelpers.findClass; public class Main implements IXposedHookLoadPackage { @@ -251,21 +251,46 @@ public class Main implements IXposedHookLoadPackage { /* Only for newer devices should we try to hook TrustManagerImpl */ if (hasTrustManagerImpl()) { + /* TrustManagerImpl Hooks */ + /* external/conscrypt/src/platform/java/org/conscrypt/TrustManagerImpl.java */ + Log.d(TAG, "Hooking com.android.org.conscrypt.TrustManagerImpl for: " + currentPackageName); + + /* public void checkServerTrusted(X509Certificate[] chain, String authType) */ + findAndHookMethod("com.android.org.conscrypt.TrustManagerImpl", lpparam.classLoader, + "checkServerTrusted", X509Certificate[].class, String.class, + new XC_MethodReplacement() { + @Override + protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { + return 0; + } + }); - /* external/conscrypt/src/platform/java/org/conscrypt/TrustManagerImpl.java#217 */ /* public List checkServerTrusted(X509Certificate[] chain, String authType, String host) throws CertificateException */ - Log.d(TAG, "Hooking com.android.org.conscrypt.TrustManagerImpl.checkServerTrusted(X509Certificate[]) for: " + currentPackageName); findAndHookMethod("com.android.org.conscrypt.TrustManagerImpl", lpparam.classLoader, - "checkServerTrusted", X509Certificate[].class, String.class, - String.class, new XC_MethodReplacement() { - @Override - protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { - ArrayList list = new ArrayList(); - return list; - } - }); - } + "checkServerTrusted", X509Certificate[].class, String.class, + String.class, new XC_MethodReplacement() { + @Override + protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { + ArrayList list = new ArrayList(); + return list; + } + }); + + + /* public List checkServerTrusted(X509Certificate[] chain, + String authType, SSLSession session) throws CertificateException */ + findAndHookMethod("com.android.org.conscrypt.TrustManagerImpl", lpparam.classLoader, + "checkServerTrusted", X509Certificate[].class, String.class, + SSLSession.class, new XC_MethodReplacement() { + @Override + protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { + ArrayList list = new ArrayList(); + return list; + } + }); + } + } // End Hooks /* Helpers */