natzDev / javasnoop

Automatically exported from code.google.com/p/javasnoop
0 stars 0 forks source link

Improvement - supporting method reimplementation #30

Open GoogleCodeExporter opened 9 years ago

GoogleCodeExporter commented 9 years ago
Hello Arshan,

I just wanted to submit you an improvement I made about JavaSnoop.

With the current version, you can only insert custom script before and after a 
hook. According to the Javassist documentation (and tests), the inserted code 
with insertBefore() or insertAfter() can not access local variables neither 
modify the current hooked method implementation, we can't really instrument 
hooks as we'd like to: we can't nuke routines that perform checks (like a 
Certificate Pinning routine) returning void.

As a consequence, I currently replaced the insertAfter() custom script panel by 
a panel where you can insert custom code that'll be executed IN PLACE of the 
hooked one, using the Javassist setBody() function.

You can find the different patchs here:
* 
https://github.com/maaaaz/misc_hookons_avec_javasnoop/commit/d00e4d04da0dffcefab
596b060a42b579dc5617b#diff-7f0dc9d8a99cbc4231ce262b1fa80ac5

* 
https://github.com/maaaaz/misc_hookons_avec_javasnoop/commit/d00e4d04da0dffcefab
596b060a42b579dc5617b#diff-2feae6f1b47318dec42bdb9b569a4160

It would be great if you manage to integrate this improvement in the next 
JavaSnoop version, for instance adding a third custom script panel in order to 
keep the insertAfter() one.

By the way, you code "MonitoredVmUtil.isKernelVM(mvm)" in 
ChooseProcessView.java does not compile anymore (oracle jdk or openjdk). I just 
commented it : 
https://github.com/maaaaz/misc_hookons_avec_javasnoop/commit/d00e4d04da0dffcefab
596b060a42b579dc5617b#diff-ac3063cd13567bb52d4f27ff747e23eb

Cheers.

Original issue reported on code.google.com by tdeb...@gmail.com on 21 Sep 2014 at 11:45