I would like to reproduce ArtHook hooking process. I have a Samsung Galaxy Tab SM-T700 with Android 6.0.1.
I used DroidMate2 to create an inlined apk for built by me, simple and oriented to testing the hooking of the (commented) URL sensitive API from DroidMate. After inlining, it gives me the following error. Do you have any idea about why it is breaking? App works okay without inlining.
---------------------------- PROCESS ENDED (11916) for package com.forensicbites.sdk23_droidmate_test ---------------------------- 2024-01-01 16:42:53.980 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'! 2024-01-01 16:42:54.335 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageRemoved :com.forensicbites.sdk23_droidmate_test 2024-01-01 16:42:56.340 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'! 2024-01-01 16:42:56.395 2836-2924 MARsDBManager system_server E insertPackage com.forensicbites.sdk23_droidmate_test uri = content://com.samsung.android.sm/AppFreezer/261 2024-01-01 16:42:56.920 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageAdded :com.forensicbites.sdk23_droidmate_test 2024-01-01 16:42:58.410 12642-12642 SPPClientService com.sec.spp.push E [PackageInfoChangeReceiver] [handlePkgRemovedEvent] PackageName : com.forensicbites.sdk23_droidmate_test ---------------------------- PROCESS STARTED (20840) for package com.forensicbites.sdk23_droidmate_test ---------------------------- 2024-01-01 16:47:05.235 20840-20840 System.out com...sicbites.sdk23_droidmate_test I Extracting lib/armeabi-v7a/libarthook_native.so to: /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_libs/libarthook_native.so 2024-01-01 16:47:05.250 20840-20840 System.out com...sicbites.sdk23_droidmate_test I Extracting lib/armeabi/libarthook_native.so to: /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_libs/libarthook_native.so 2024-01-01 16:47:16.765 20879-20879 dex2oat dex2oat E <SS>: oat location is not valid /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_odex/monitor.dex 2024-01-01 16:47:16.835 20840-20840 BaseAppGuardApplication com...sicbites.sdk23_droidmate_test W Error while initializing monitor. java.lang.InstantiationException: java.lang.Class<org.droidmate.monitor.Monitor> has no zero argument constructor at java.lang.Class.newInstance(Native Method) at com.srt.appguard.loader.MonitorLoader.startAppGuardMonitor(MonitorLoader.java:39) at com.srt.appguard.loader.MonitorLoaderApplication.attachBaseContext(MonitorLoaderApplication.java:13) at android.app.Application.attach(Application.java:211) at android.app.Instrumentation.newApplication(Instrumentation.java:1021) at android.app.Instrumentation.newApplication(Instrumentation.java:1005) at android.app.LoadedApk.makeApplication(LoadedApk.java:670) at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6401) at android.app.ActivityThread.access$1800(ActivityThread.java:229) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1887) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:7331) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) 2024-01-01 16:47:16.870 20840-20840 AndroidRuntime com...sicbites.sdk23_droidmate_test D Shutting down VM 2024-01-01 16:47:16.870 20840-20840 AndroidRuntime com...sicbites.sdk23_droidmate_test E FATAL EXCEPTION: main Process: com.forensicbites.sdk23_droidmate_test, PID: 20840 java.lang.NoClassDefFoundError: Failed resolution of: Lcom/forensicbites/sdk23_droidmate_test/R$layout; at com.forensicbites.sdk23_droidmate_test.MainActivity.onCreate(MainActivity.java:19) at android.app.Activity.performCreate(Activity.java:6904) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) at android.app.ActivityThread.access$1100(ActivityThread.java:229) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:7331) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) Caused by: java.lang.ClassNotFoundException: Didn't find class "com.forensicbites.sdk23_droidmate_test.R$layout" on path: DexPathList[[zip file "/data/app/com.forensicbites.sdk23_droidmate_test-1/base.apk"],nativeLibraryDirectories=[/data/app/com.forensicbites.sdk23_droidmate_test-1/lib/arm, /vendor/lib, /system/lib]] at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56) at java.lang.ClassLoader.loadClass(ClassLoader.java:511) at java.lang.ClassLoader.loadClass(ClassLoader.java:469) at com.forensicbites.sdk23_droidmate_test.MainActivity.onCreate(MainActivity.java:19) at android.app.Activity.performCreate(Activity.java:6904) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) at android.app.ActivityThread.access$1100(ActivityThread.java:229) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:7331) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) Suppressed: java.lang.ClassNotFoundException: com.forensicbites.sdk23_droidmate_test.R$layout at java.lang.Class.classForName(Native Method) at java.lang.BootClassLoader.findClass(ClassLoader.java:781) at java.lang.BootClassLoader.loadClass(ClassLoader.java:841) at java.lang.ClassLoader.loadClass(ClassLoader.java:504) ... 14 more Caused by: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack trace available 2024-01-01 16:47:19.640 20840-20848 art com...sicbites.sdk23_droidmate_test I Debugger is no longer active ---------------------------- PROCESS ENDED (20840) for package com.forensicbites.sdk23_droidmate_test ---------------------------- 2024-01-01 16:52:44.935 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'! 2024-01-01 16:52:45.245 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageRemoved :com.forensicbites.sdk23_droidmate_test 2024-01-01 16:52:57.675 31456-31456 SPPClientService com.sec.spp.push E [PackageInfoChangeReceiver] [handlePkgRemovedEvent] PackageName : com.forensicbites.sdk23_droidmate_test
I would like to reproduce ArtHook hooking process. I have a Samsung Galaxy Tab SM-T700 with Android 6.0.1. I used DroidMate2 to create an inlined apk for built by me, simple and oriented to testing the hooking of the (commented) URL sensitive API from DroidMate. After inlining, it gives me the following error. Do you have any idea about why it is breaking? App works okay without inlining.
---------------------------- PROCESS ENDED (11916) for package com.forensicbites.sdk23_droidmate_test ---------------------------- 2024-01-01 16:42:53.980 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'! 2024-01-01 16:42:54.335 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageRemoved :com.forensicbites.sdk23_droidmate_test 2024-01-01 16:42:56.340 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'! 2024-01-01 16:42:56.395 2836-2924 MARsDBManager system_server E insertPackage com.forensicbites.sdk23_droidmate_test uri = content://com.samsung.android.sm/AppFreezer/261 2024-01-01 16:42:56.920 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageAdded :com.forensicbites.sdk23_droidmate_test 2024-01-01 16:42:58.410 12642-12642 SPPClientService com.sec.spp.push E [PackageInfoChangeReceiver] [handlePkgRemovedEvent] PackageName : com.forensicbites.sdk23_droidmate_test ---------------------------- PROCESS STARTED (20840) for package com.forensicbites.sdk23_droidmate_test ---------------------------- 2024-01-01 16:47:05.235 20840-20840 System.out com...sicbites.sdk23_droidmate_test I Extracting lib/armeabi-v7a/libarthook_native.so to: /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_libs/libarthook_native.so 2024-01-01 16:47:05.250 20840-20840 System.out com...sicbites.sdk23_droidmate_test I Extracting lib/armeabi/libarthook_native.so to: /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_libs/libarthook_native.so 2024-01-01 16:47:16.765 20879-20879 dex2oat dex2oat E <SS>: oat location is not valid /data/user/0/com.forensicbites.sdk23_droidmate_test/files/appguard_monitor_odex/monitor.dex 2024-01-01 16:47:16.835 20840-20840 BaseAppGuardApplication com...sicbites.sdk23_droidmate_test W Error while initializing monitor. java.lang.InstantiationException: java.lang.Class<org.droidmate.monitor.Monitor> has no zero argument constructor at java.lang.Class.newInstance(Native Method) at com.srt.appguard.loader.MonitorLoader.startAppGuardMonitor(MonitorLoader.java:39) at com.srt.appguard.loader.MonitorLoaderApplication.attachBaseContext(MonitorLoaderApplication.java:13) at android.app.Application.attach(Application.java:211) at android.app.Instrumentation.newApplication(Instrumentation.java:1021) at android.app.Instrumentation.newApplication(Instrumentation.java:1005) at android.app.LoadedApk.makeApplication(LoadedApk.java:670) at android.app.ActivityThread.handleBindApplication(ActivityThread.java:6401) at android.app.ActivityThread.access$1800(ActivityThread.java:229) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1887) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:7331) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) 2024-01-01 16:47:16.870 20840-20840 AndroidRuntime com...sicbites.sdk23_droidmate_test D Shutting down VM 2024-01-01 16:47:16.870 20840-20840 AndroidRuntime com...sicbites.sdk23_droidmate_test E FATAL EXCEPTION: main Process: com.forensicbites.sdk23_droidmate_test, PID: 20840 java.lang.NoClassDefFoundError: Failed resolution of: Lcom/forensicbites/sdk23_droidmate_test/R$layout; at com.forensicbites.sdk23_droidmate_test.MainActivity.onCreate(MainActivity.java:19) at android.app.Activity.performCreate(Activity.java:6904) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) at android.app.ActivityThread.access$1100(ActivityThread.java:229) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:7331) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) Caused by: java.lang.ClassNotFoundException: Didn't find class "com.forensicbites.sdk23_droidmate_test.R$layout" on path: DexPathList[[zip file "/data/app/com.forensicbites.sdk23_droidmate_test-1/base.apk"],nativeLibraryDirectories=[/data/app/com.forensicbites.sdk23_droidmate_test-1/lib/arm, /vendor/lib, /system/lib]] at dalvik.system.BaseDexClassLoader.findClass(BaseDexClassLoader.java:56) at java.lang.ClassLoader.loadClass(ClassLoader.java:511) at java.lang.ClassLoader.loadClass(ClassLoader.java:469) at com.forensicbites.sdk23_droidmate_test.MainActivity.onCreate(MainActivity.java:19) at android.app.Activity.performCreate(Activity.java:6904) at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1136) at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:3266) at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:3415) at android.app.ActivityThread.access$1100(ActivityThread.java:229) at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1821) at android.os.Handler.dispatchMessage(Handler.java:102) at android.os.Looper.loop(Looper.java:148) at android.app.ActivityThread.main(ActivityThread.java:7331) at java.lang.reflect.Method.invoke(Native Method) at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:1230) at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:1120) Suppressed: java.lang.ClassNotFoundException: com.forensicbites.sdk23_droidmate_test.R$layout at java.lang.Class.classForName(Native Method) at java.lang.BootClassLoader.findClass(ClassLoader.java:781) at java.lang.BootClassLoader.loadClass(ClassLoader.java:841) at java.lang.ClassLoader.loadClass(ClassLoader.java:504) ... 14 more Caused by: java.lang.NoClassDefFoundError: Class not found using the boot class loader; no stack trace available 2024-01-01 16:47:19.640 20840-20848 art com...sicbites.sdk23_droidmate_test I Debugger is no longer active ---------------------------- PROCESS ENDED (20840) for package com.forensicbites.sdk23_droidmate_test ---------------------------- 2024-01-01 16:52:44.935 2836-2836 SDAgentPac...teReceiver system_server E Not going to handle 'com.forensicbites.sdk23_droidmate_test'! 2024-01-01 16:52:45.245 3466-3466 Launcher.Model com.sec.android.app.launcher E onPackageRemoved :com.forensicbites.sdk23_droidmate_test 2024-01-01 16:52:57.675 31456-31456 SPPClientService com.sec.spp.push E [PackageInfoChangeReceiver] [handlePkgRemovedEvent] PackageName : com.forensicbites.sdk23_droidmate_test