search

sensepost / objection

📱 objection - runtime mobile exploration
GNU General Public License v3.0
7.23k stars 829 forks source link

Watching android class ignores dump-args, etc. #220

Closed aph3rson closed 2 weeks ago

aph3rson commented 5 years ago

Describe the bug When using the android hooking watch class ... function, the CLI suggests the --dump-args, --dump-backtrace, and --dump-return arguments. However, these don't appear to be respected.

To Reproduce Steps to reproduce the behavior:

  1. Launch objection pointed at an Android application
  2. Pick a random class with callable/called functions
  3. Run android hooking watch class clazzhere --dump-args --dump-backtrace --dump-return, as suggested

Expected behavior Similar functionality to the android hooking watch class_method clazzhere.method() --dump-args --dump-backtrace --dump-return function.

Evidence / Logs / Screenshots

[snip] on (motorola: 8.0.0) [usb] # android hooking watch class md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService --dump-args --dump-backtrace --dump-return
(agent) Hooking md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService.n_onMessageReceived(java.lang.String, android.os.Bundle)
(agent) Hooking md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService.monodroidAddReference(java.lang.Object)
(agent) Hooking md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService.monodroidClearReferences()
(agent) Hooking md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService.onMessageReceived(java.lang.String, android.os.Bundle)
(agent) Registering job 5x7tkubrrr8. Type: watch-class for: md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService
[snip] on (motorola: 8.0.0) [usb] # (agent) [5x7tkubrrr8] Called md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService.onMessageReceived(java.lang.String, android.os.Bundle)
(agent) [5x7tkubrrr8] Called md516ef28f71f9f0e023f0313a9e26e6e29.MyGcmListenerService.n_onMessageReceived(java.lang.String, android.os.Bundle)
[snip] on (motorola: 8.0.0) [usb] #

Environment (please complete the following information):

Additional context If it matters at all, the app I'm testing is a Xamarin app - hence the weird class path.

amina-wahba commented 2 years ago

Has this ever been addressed?

IPMegladon commented 2 weeks ago

Fixed in repo source, not yet in release.