Open melonaerial opened 8 years ago
mingwayzhang
commented
8 years ago @melonaerial I think you should know what you are doing. Many malware use reflection to invoke sensitive API. Eliminating this hook will make lots of behaviors invisible...
idanr1986
commented
8 years ago i agree this hook give good insight in case of obfuscation using reflection, if someone doesn't need it he can remove it form the hooks file
Hello. I've found some not good behaviour when hook java.lang.reflection.Method->invoke is activated. So I think better to see my conversation with author of Xposed Framework here https://github.com/rovo89/XposedBridge/issues/106 . So, I don't think is hook is really needed, case what we are looking for with Droidmon is calls of Andorid API and there is no difference for us was call from Java reflection API or not. We just can don't care. Because setting that hook will be really problematic for Xposed Framework and I think it is better to delete that hook from hooks.json file and write some comment for it, in case somebody set it.