search

iqiyi / xHook

🔥 A PLT hook library for Android native ELF.
Other
4.08k stars 760 forks source link

hook libc.so android_getaddrinfofornet ,貌似没hook成功 #16

Closed Guolei1130 closed 6 years ago

Guolei1130 commented 6 years ago

机型:小米6 Android8.0.0

将libc.so换成libjavacore.so是可以成功hook的,但是这样无法解决Webview的DNS解析问题。

代码:

static int new_android_getaddrinfofornet(const char *hostname, const char *servname,
                                         const struct addrinfo *hints, unsigned netid,
                                         unsigned mark, struct addrinfo **res) {
    log_error("hahahha,wo hook dao l ->android_getaddrinfofornet ");
    log_error("下面是hostname");
    log_error(hostname, "");
    if (hints->ai_flags == AI_NUMERICHOST) {
        if (fp) {
            fp(hostname, servname, hints, netid, mark, res);
        }
    } else {
        const char *ip = getIpByHttpDns(hostname);
        if (ip != NULL) {
            log_error("httpdns 解析成功,直接走IP");
            log_error("下面是ip");
            log_error(ip, "");
            fp(ip, servname, hints, netid, mark, res);
        } else {
            fp(hostname, servname, hints, netid, mark, res);
        }

    }

    return 0;
}

    xhook_register("/system/lib/libc.so", "android_getaddrinfofornet",
                   (void *) new_android_getaddrinfofornet, reinterpret_cast<void **>(&fp));
    xhook_enable_debug(1);
    xhook_refresh(1);

日志:

08-28 14:53:01.919 30014-30014/com.example.guolei.myapplication I/xhook: libxhook 1.1.9 (arm)
08-28 14:53:01.925 30014-30118/com.example.guolei.myapplication I/xhook: init OK: /system/lib/libc.so (REL GNU_HASH PLT:5392 DYN:11968 ANDROID:0)
    hooking android_getaddrinfofornet in /system/lib/libc.so
08-28 14:53:01.932 30014-30118/com.example.guolei.myapplication I/xhook: map refreshed

greadelf 工具查看sysbol

greadelf -s lib/libc.so| grep 'addrinfo'
    81: 000282e1    84 FUNC    GLOBAL DEFAULT   13 getaddrinfo@@LIBC
   618: 00028335    80 FUNC    GLOBAL DEFAULT   13 android_getaddrinfofornet@@LIBC_PRIVATE
   661: 00028271    30 FUNC    GLOBAL DEFAULT   13 freeaddrinfo@@LIBC
  1480: 00028385  2112 FUNC    GLOBAL DEFAULT   13 android_getaddrinfofornet@@LIBC_PRIVATE
  2253: 00028d99  1148 FUNC    LOCAL  DEFAULT   13 _dns_getaddrinfo
  2254: 00028bc5   468 FUNC    LOCAL  DEFAULT   13 _files_getaddrinfo
  8415: 00028385  2112 FUNC    GLOBAL DEFAULT   13 android_getaddrinfofornet
  8417: 00028271    30 FUNC    GLOBAL DEFAULT   13 freeaddrinfo
  8418: 00028335    80 FUNC    GLOBAL DEFAULT   13 android_getaddrinfofornet
  8420: 000282e1    84 FUNC    GLOBAL DEFAULT   13 getaddrinfo
caikelun commented 6 years ago

xhook只支持PLT/GOT方式的hook,就是hook“调用方so中的对外调用点”。android_getaddrinfofornet函数的实现在libc.so中,需要hook android_getaddrinfofornet的调用方,可以:

xhook_register(".*/libwebviewchromium\\.so$", "android_getaddrinfofornet", new_android_getaddrinfofornet, NULL);

或者:

xhook_register(".*\\.so$", "android_getaddrinfofornet", new_android_getaddrinfofornet, NULL);
Guolei1130 commented 6 years ago

好的,谢谢了

caikelun commented 6 years ago

不客气。