From b282268d452a8dbce6548db98741f43a3ddf6000 Mon Sep 17 00:00:00 2001 From: Ryan Welton Date: Thu, 24 Jul 2014 19:47:28 -0400 Subject: [PATCH] Compile against, but don't include xposed + rework method hooks --- app/build.gradle | 13 +++-- app/src/main/AndroidManifest.xml | 1 - app/src/main/assets/xposed_init | 2 +- app/src/main/java/just/trust/me/Main.java | 68 +++++++++-------------- 4 files changed, 35 insertions(+), 49 deletions(-) diff --git a/app/build.gradle b/app/build.gradle index 34881c3..0149b1d 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -2,24 +2,25 @@ apply plugin: 'com.android.application' android { compileSdkVersion 20 - buildToolsVersion "20.0.0" - + buildToolsVersion '20.0.0' defaultConfig { - applicationId "me.trust.just.justtrustme" + applicationId 'me.trust.just.justtrustme' minSdkVersion 16 targetSdkVersion 20 versionCode 1 - versionName "1.0" + versionName '1.0' } + buildTypes { release { runProguard false proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro' } } + productFlavors { + } } dependencies { - compile fileTree(dir: 'libs', include: ['*.jar']) - compile files('libs/XposedBridgeApi.jar') + provided fileTree(dir: 'libs', include: ['*.jar']) } diff --git a/app/src/main/AndroidManifest.xml b/app/src/main/AndroidManifest.xml index ff378b7..32b1b2f 100644 --- a/app/src/main/AndroidManifest.xml +++ b/app/src/main/AndroidManifest.xml @@ -4,7 +4,6 @@ diff --git a/app/src/main/assets/xposed_init b/app/src/main/assets/xposed_init index 980f5ec..018bba4 100644 --- a/app/src/main/assets/xposed_init +++ b/app/src/main/assets/xposed_init @@ -1 +1 @@ -just.trust.me.Main +just.trust.me.Main \ No newline at end of file diff --git a/app/src/main/java/just/trust/me/Main.java b/app/src/main/java/just/trust/me/Main.java index 061bbfb..92decb8 100644 --- a/app/src/main/java/just/trust/me/Main.java +++ b/app/src/main/java/just/trust/me/Main.java @@ -1,11 +1,16 @@ package just.trust.me; -import org.apache.http.conn.ssl.SSLSocketFactory; +import javax.net.ssl.SSLSocketFactory; +import java.lang.reflect.Array; import java.lang.reflect.Method; +import java.net.Socket; +import java.security.SecureRandom; import java.security.cert.CertificateException; import java.security.cert.X509Certificate; +import javax.net.ssl.HostnameVerifier; +import javax.net.ssl.KeyManager; import javax.net.ssl.SSLContext; import javax.net.ssl.TrustManager; import javax.net.ssl.X509TrustManager; @@ -14,82 +19,63 @@ import de.robv.android.xposed.IXposedHookLoadPackage; import de.robv.android.xposed.XC_MethodHook; import de.robv.android.xposed.XC_MethodReplacement; import de.robv.android.xposed.XposedBridge; -import de.robv.android.xposed.XposedHelpers; import de.robv.android.xposed.callbacks.XC_LoadPackage.LoadPackageParam; -import static de.robv.android.xposed.XposedHelpers.findMethodExact; +import static de.robv.android.xposed.XposedHelpers.findAndHookMethod; public class Main implements IXposedHookLoadPackage { - abstract class XposedMethodReplacement extends XC_MethodReplacement - { - public XposedMethodReplacement(){} - Method replacedMethod; - public void setReplacedMethod(Method m){ - replacedMethod = m; - } - - } - - public static XC_MethodHook.Unhook findAndHookMethod(String clazz, java.lang.ClassLoader classLoader, String methodName, XposedMethodReplacement xmp) { - Method m = findMethodExact(clazz, classLoader, methodName); - xmp.setReplacedMethod(m); - return XposedBridge.hookMethod(m, xmp); - } - - public void handleLoadPackage(final LoadPackageParam lpparam) throws Throwable { - findAndHookMethod("javax.net.ssl.TrustManagerFactory", lpparam.classLoader, "getTrustManagers", new XposedMethodReplacement() { + findAndHookMethod("javax.net.ssl.TrustManagerFactory", lpparam.classLoader, "getTrustManagers", new XC_MethodReplacement() { @Override protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { return new TrustManager[]{new ImSureItsLegitTrustManager()}; } }); - findAndHookMethod("javax.net.ssl.HttpsURLConnection", lpparam.classLoader, "setSSLSocketFactory", new XposedMethodReplacement() { + findAndHookMethod("javax.net.ssl.SSLContext", lpparam.classLoader, "init", new XC_MethodHook() { @Override - protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { - SSLContext context = SSLContext.getInstance("TLS"); - context.init(null, new TrustManager[]{new ImSureItsLegitTrustManager()}, null); - this.replacedMethod.invoke(param.thisObject, context.getSocketFactory()); - return null; + protected void beforeHookedMethod(MethodHookParam param) throws Throwable { + param.args[0] = null; + param.args[1] = new TrustManager[]{new ImSureItsLegitTrustManager()}; + param.args[2] = null; } }); - findAndHookMethod("javax.net.ssl.SSLContext", lpparam.classLoader, "init", new XposedMethodReplacement() { + + findAndHookMethod("javax.net.ssl.HttpsURLConnection", lpparam.classLoader, "setSSLSocketFactory", new XC_MethodHook() { @Override - protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { + protected void beforeHookedMethod(MethodHookParam param) throws Throwable { + super.beforeHookedMethod(param); SSLContext context = SSLContext.getInstance("TLS"); - context.init(null, new TrustManager[]{new ImSureItsLegitTrustManager()}, null); - this.replacedMethod.invoke(param.thisObject, null, new TrustManager[]{new ImSureItsLegitTrustManager()}, null); - return null; + context.init(null, new TrustManager[]{new ImSureItsLegitTrustManager()}, null); + param.args[0] = context.getSocketFactory(); } }); - findAndHookMethod("org.apache.http.conn.ssl.SSLSocketFactory", lpparam.classLoader, "isSecure", new XposedMethodReplacement() { + + findAndHookMethod("org.apache.http.conn.ssl.SSLSocketFactory", lpparam.classLoader, "isSecure", new XC_MethodReplacement() { @Override protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { return true; } }); - findAndHookMethod("javax.net.ssl.HttpsURLConnection", lpparam.classLoader, "setHostnameVerifier", new XposedMethodReplacement() { + findAndHookMethod("javax.net.ssl.HttpsURLConnection", lpparam.classLoader, "setHostnameVerifier", new XC_MethodHook() { @Override - protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { - this.replacedMethod.invoke(param.thisObject, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - return null; + protected void beforeHookedMethod(MethodHookParam param) throws Throwable { + param.args[0] = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; } }); - findAndHookMethod("javax.net.ssl.HttpsURLConnection", lpparam.classLoader, "setDefaultHostnameVerifier", new XposedMethodReplacement() { + findAndHookMethod("javax.net.ssl.HttpsURLConnection", lpparam.classLoader, "setDefaultHostnameVerifier", new XC_MethodHook() { @Override - protected Object replaceHookedMethod(MethodHookParam param) throws Throwable { - this.replacedMethod.invoke(param.thisObject, SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER); - return null; + protected void beforeHookedMethod(MethodHookParam param) throws Throwable { + param.args[0] = org.apache.http.conn.ssl.SSLSocketFactory.ALLOW_ALL_HOSTNAME_VERIFIER; } }); }