Reputation: 3042
Intercepting Android Methods
Is their any way to intercept any existing methods of android and rewrite our implementation to it ?
I have found some techniques like method swizzling in iOS which helps us to do us can we do the same in android .
Can we have generalized technique to intercept a certain function of all the applications installed on a android phone. e.g. I want to intercept onCreate Method of all the android applications present on my android phone.
Upvotes: 0
Views: 1809
Answers (4)
Reputation: 6288
This is possible with a combination Magisk and then writing a Xposed module. Write a Android app using the API and then enable it as an module in the Xposed manager.
NOTE: Obviously this requires a rooted device. It will never be allowed to play around with other applications and packages in the wild on unrooted phones.
Upvotes: 0
Reputation: 40347
It's easiest to do this if you can either:
A) modify the installation of Android itself, changing the behavior of the runtime
B) modify particular apk's of interest before installation, replacing the symbolic names in the smali code with your alternatives.
For those calls which involve Binder IPC (most things of interest do, but perhaps not at the level where they are most easily interpreted, and usually not at a level considered portable across versions), another option might be to intercept that traffic, either with a modified Binder driver in the kernel, by pointing /dev/binder at a proxy, or at the level of C library open/ioctl/etc calls using something like an LD_PRELOAD when starting zygote or otherwise modifying the C library.
You might also be able to do something by modifying dalvik (though beware of the dex optimization process resolving symbolic name at install time rather than run time - so perhaps do the substitutions during odexing).
Another possibility would be debugging the application, at either jdwp or native level, and thus trapping whatever is interesting.
Finally, it may be possible to run an app in a virtual execution environment, where you have the chance to proxy all interactions with the actual hosting Android system.
From a security perspective, all of these methods require either an exception to the usual Android security model (root, system install ability, or security bug), cooperation of the user (modifying apk before installation, or installing it in virtual environment rather than directly), or cooperation of the app developer (leaving debug flag on, building the interception into your own app)
Upvotes: 1
Reputation: 1006614
I want to intercept onCreate Method of all the android applications present on my android phone.
Fortunately, this is not possible, for blindingly obvious security reasons, except maybe if you root your phone and replace the Android framework JAR with one that adds in your desired security flaws.
Upvotes: 2
Related Questions
- Capturing/Intercepting Android Intents during runtime
- Intercepting method calls
- Interceptor in Android
- Access method in class
- Android utility method that receives Activity
- How can I intercept a method call to a library class in Java or Android?
- Java - Use annotations and intercept methods?
- Intercepting call in Android
- In Android, how do I find caller of a method efficiently
- Android: Is it possible to observe system calls?