Skip to content

Commit d32c1df

Browse files
IPMegladonIPMegladon
authored
(fix) Few bugfixes and QoL changes.
* (feat) Attempt attach using identifier. * (feat) Job handler fixes, and additional error detection. * (fix) Compatibility with Apktool 2.12.0 and fix passing cli args.
1 parent e282ea0 commit d32c1df

File tree

9 files changed

+193
-88
lines changed

9 files changed

+193
-88
lines changed

agent/src/android/pinning.ts

Lines changed: 12 additions & 6 deletions
Original file line numberDiff line numberDiff line change
@@ -120,9 +120,10 @@ const okHttp3CertificatePinnerCheck = (ident: number): Promise<any | undefined>
120120
return CertificatePinnerCheck;
121121

122122
} catch (err) {
123-
if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {
123+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") !== 0) {
124124
throw err;
125125
}
126+
return null;
126127
}
127128
});
128129
};
@@ -162,9 +163,10 @@ const okHttp3CertificatePinnerCheckOkHttp = (ident: number): Promise<any | undef
162163
return CertificatePinnerCheckOkHttp;
163164

164165
} catch (err) {
165-
if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {
166+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") !== 0) {
166167
throw err;
167168
}
169+
return null;
168170
}
169171
});
170172
};
@@ -192,9 +194,10 @@ const appceleratorTitaniumPinningTrustManager = (ident: number): Promise<any | u
192194
return PinningTrustManagerCheckServerTrusted;
193195

194196
} catch (err) {
195-
if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {
197+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") !== 0) {
196198
throw err;
197199
}
200+
return null;
198201
}
199202
});
200203
};
@@ -233,9 +236,10 @@ const trustManagerImplVerifyChainCheck = (ident: number): Promise<any> => {
233236
return TrustManagerImplverifyChain;
234237

235238
} catch (err) {
236-
if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {
239+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") !== 0) {
237240
throw err;
238241
}
242+
return null;
239243
}
240244
});
241245
};
@@ -271,9 +275,10 @@ const trustManagerImplCheckTrustedRecursiveCheck = (ident: number): Promise<any>
271275
return TrustManagerImplcheckTrustedRecursive;
272276

273277
} catch (err) {
274-
if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {
278+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") !== 0) {
275279
throw err;
276280
}
281+
return null;
277282
}
278283
});
279284
};
@@ -303,9 +308,10 @@ const phoneGapSSLCertificateChecker = (ident: number): Promise<any> => {
303308
return SSLCertificateCheckerExecute;
304309

305310
} catch (err) {
306-
if ((err as Error).message.indexOf("ClassNotFoundException") === 0) {
311+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") !== 0) {
307312
throw err;
308313
}
314+
return null;
309315
}
310316
});
311317
};

agent/src/android/root.ts

Lines changed: 123 additions & 66 deletions
Original file line numberDiff line numberDiff line change
@@ -44,15 +44,18 @@ const testKeysCheck = (success: boolean, ident: number): any => {
4444
send(c.blackBright(`[${ident}] `) + `Marking "test-keys" check as ` + c.green(`failed`) + `.`);
4545
return false;
4646
};
47+
48+
return JavaString.contains;
4749
});
4850
};
4951

5052
const execSuCheck = (success: boolean, ident: number): any => {
5153
return wrapJavaPerform(() => {
5254
const JavaRuntime: Runtime = Java.use("java.lang.Runtime");
5355
const iOException: IOException = Java.use("java.io.IOException");
56+
const JavaRuntime_exec = JavaRuntime.exec.overload("java.lang.String");
5457

55-
JavaRuntime.exec.overload("java.lang.String").implementation = function (command: string) {
58+
JavaRuntime_exec.implementation = function (command: string) {
5659
if (command.endsWith("su")) {
5760
if (success) {
5861
send(c.blackBright(`[${ident}] `) + `Check for 'su' using command exec detected, allowing.`);
@@ -66,6 +69,8 @@ const execSuCheck = (success: boolean, ident: number): any => {
6669
// call the original method
6770
return this.exec.overload("java.lang.String").call(this, command);
6871
};
72+
73+
return JavaRuntime_exec;
6974
});
7075
};
7176

@@ -93,6 +98,8 @@ const fileExistsCheck = (success: boolean, ident: number): any => {
9398
// call the original method
9499
return this.exists.call(this);
95100
};
101+
102+
return JavaFile.exists;
96103
});
97104
};
98105

@@ -101,7 +108,9 @@ const fileExistsCheck = (success: boolean, ident: number): any => {
101108
const rootBeerIsRooted = (success: boolean, ident: number): any => {
102109
return wrapJavaPerform(() => {
103110
const RootBeer = Java.use("com.scottyab.rootbeer.RootBeer");
104-
RootBeer.isRooted.overload().implementation = function () {
111+
const RootBeer_isRooted = RootBeer.isRooted.overload();
112+
113+
RootBeer_isRooted.implementation = function () {
105114
if (success) {
106115
send(
107116
c.blackBright(`[${ident}] `) +
@@ -116,6 +125,8 @@ const rootBeerIsRooted = (success: boolean, ident: number): any => {
116125
);
117126
return false;
118127
};
128+
129+
return RootBeer_isRooted;
119130
});
120131
};
121132

@@ -137,6 +148,8 @@ const rootBeerCheckForBinary = (success: boolean, ident: number): any => {
137148
);
138149
return false;
139150
};
151+
152+
return RootBeer.checkForBinary;
140153
});
141154
};
142155

@@ -158,13 +171,17 @@ const rootBeerCheckForDangerousProps = (success: boolean, ident: number): any =>
158171
);
159172
return false;
160173
};
174+
175+
return RootBeer.checkForDangerousProps;
161176
});
162177
};
163178

164179
const rootBeerDetectRootCloakingApps = (success: boolean, ident: number): any => {
165180
return wrapJavaPerform(() => {
166181
const RootBeer = Java.use("com.scottyab.rootbeer.RootBeer");
167-
RootBeer.detectRootCloakingApps.overload().implementation = function () {
182+
const RootBeer_detectRootCloakingApps = RootBeer.detectRootCloakingApps.overload();
183+
184+
RootBeer_detectRootCloakingApps.implementation = function () {
168185
if (success) {
169186
send(
170187
c.blackBright(`[${ident}] `) +
@@ -179,6 +196,8 @@ const rootBeerDetectRootCloakingApps = (success: boolean, ident: number): any =>
179196
);
180197
return false;
181198
};
199+
200+
return RootBeer_detectRootCloakingApps;
182201
});
183202
};
184203

@@ -200,6 +219,8 @@ const rootBeerCheckSuExists = (success: boolean, ident: number): any => {
200219
);
201220
return false;
202221
};
222+
223+
return RootBeer.checkSuExists;
203224
});
204225
};
205226

@@ -221,34 +242,46 @@ const rootBeerDetectTestKeys = (success: boolean, ident: number): any => {
221242
);
222243
return false;
223244
};
245+
246+
return RootBeer.detectTestKeys;
224247
});
225248
};
226249

227250
const rootBeerCheckSeLinux = (success: boolean, ident: number): any => {
228251
return wrapJavaPerform(() => {
229-
const Util = Java.use("com.scottyab.rootbeer.util");
230-
Util.isSelinuxFlagInEnabled.overload().implementation = function () {
231-
if (success) {
252+
try {
253+
const Util = Java.use("com.scottyab.rootbeer.util");
254+
Util.isSelinuxFlagInEnabled.overload().implementation = function () {
255+
if (success) {
256+
send(
257+
c.blackBright(`[${ident}]`) +
258+
`Rootbeer.util->isSelinuxFlagInEnabled() check detected, marking as ${c.green("true")}`,
259+
);
260+
return true;
261+
}
262+
232263
send(
233-
c.blackBright(`[${ident}]`) +
234-
`Rootbeer.util->isSelinuxFlagInEnabled() check detected, marking as ${c.green("true")}`,
264+
c.blackBright(`[${ident}] `) +
265+
`Rootbeer.util->isSelinuxFlagInEnabled() check detected, marking as ${c.green("false")}`,
235266
);
236-
return true;
237-
}
238-
239-
send(
240-
c.blackBright(`[${ident}] `) +
241-
`Rootbeer.util->isSelinuxFlagInEnabled() check detected, marking as ${c.green("false")}`,
242-
);
243-
return false;
244-
};
267+
return false;
268+
};
269+
270+
return Util.isSelinuxFlagInEnabled;
271+
} catch (err) {
272+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") === 0) {
273+
return null;
274+
};
275+
throw err;
276+
}
245277
});
246278
};
247279

248280
const rootBeerNative = (success: boolean, ident: number): any => {
249281
return wrapJavaPerform(() => {
250282
const RootBeerNative = Java.use("com.scottyab.rootbeer.RootBeerNative");
251-
RootBeerNative.checkForRoot.overload('[Ljava.lang.Object;').implementation = function () {
283+
const RootBeerNative_checkForRoot = RootBeerNative.checkForRoot.overload('[Ljava.lang.Object;');
284+
RootBeerNative_checkForRoot.implementation = function () {
252285
if (success) {
253286
send(
254287
c.blackBright(`[${ident}] `) +
@@ -263,74 +296,98 @@ const rootBeerNative = (success: boolean, ident: number): any => {
263296
);
264297
return 0;
265298
};
299+
300+
return RootBeerNative_checkForRoot;
266301
});
267302
};
268303

269304
// ref: https://www.ayrx.me/gantix-jailmonkey-root-detection-bypass/
270-
const jailMonkeyBypass = (success: boolean, ident: number): any => {
305+
const jailMonkeyBypass = (success: boolean, ident: number): Promise<any> => {
271306
return wrapJavaPerform(() => {
272-
const JavaJailMonkeyModule = Java.use("com.gantix.JailMonkey.JailMonkeyModule");
273-
const JavaHashMap = Java.use("java.util.HashMap");
274-
const JavaFalseObject = Java.use("java.lang.Boolean").FALSE.value;
275-
276-
JavaJailMonkeyModule.getConstants.implementation = function () {
277-
send(
278-
c.blackBright(`[${ident}] `) +
279-
`JailMonkeyModule.getConstants() called, returning false for all keys.`
280-
);
281-
282-
const hm = JavaHashMap.$new();
283-
hm.put("isJailBroken", JavaFalseObject);
284-
hm.put("hookDetected", JavaFalseObject);
285-
hm.put("canMockLocation", JavaFalseObject);
286-
hm.put("isOnExternalStorage", JavaFalseObject);
287-
hm.put("AdbEnabled", JavaFalseObject);
288-
289-
return hm;
290-
};
307+
try {
308+
const JavaJailMonkeyModule = Java.use("com.gantix.JailMonkey.JailMonkeyModule");
309+
const JavaHashMap = Java.use("java.util.HashMap");
310+
const JavaBoolean = Java.use("java.lang.Boolean")
311+
const JavaFalseObject = JavaBoolean.FALSE.value;
312+
const JavaTrueObject = JavaBoolean.TRUE.value;
313+
314+
JavaJailMonkeyModule.getConstants.implementation = function () {
315+
if (success) {
316+
send(
317+
c.blackBright(`[${ident}] `) +
318+
`RootBeer->checkForDangerousProps() check detected, marking as ${c.green("true")} for all keys.`,
319+
);
320+
const hm = JavaHashMap.$new();
321+
hm.put("isJailBroken", JavaTrueObject);
322+
hm.put("hookDetected", JavaTrueObject);
323+
hm.put("canMockLocation", JavaTrueObject);
324+
hm.put("isOnExternalStorage", JavaTrueObject);
325+
hm.put("AdbEnabled", JavaTrueObject);
326+
327+
return hm;
328+
}
329+
send(
330+
c.blackBright(`[${ident}] `) +
331+
`JailMonkeyModule.getConstants() called, returning ${c.green("false")} for all keys.`
332+
);
291333

292-
return JavaJailMonkeyModule;
334+
const hm = JavaHashMap.$new();
335+
hm.put("isJailBroken", JavaFalseObject);
336+
hm.put("hookDetected", JavaFalseObject);
337+
hm.put("canMockLocation", JavaFalseObject);
338+
hm.put("isOnExternalStorage", JavaFalseObject);
339+
hm.put("AdbEnabled", JavaFalseObject);
340+
341+
return hm;
342+
};
343+
344+
return JavaJailMonkeyModule.getConstants;
345+
} catch (err) {
346+
if ((err as Error).message.indexOf("java.lang.ClassNotFoundException") === 0) {
347+
return null;
348+
};
349+
throw err;
350+
}
293351
});
294352
};
295353

296-
export const disable = (): void => {
354+
export const disable = async (): Promise<void> => {
297355
const job: jobs.Job = new jobs.Job(jobs.identifier(), 'root-detection-disable');
298356

299-
job.addImplementation(testKeysCheck(false, job.identifier));
300-
job.addImplementation(execSuCheck(false, job.identifier));
301-
job.addImplementation(fileExistsCheck(false, job.identifier));
302-
job.addImplementation(jailMonkeyBypass(false, job.identifier));
303-
357+
job.addImplementation(await testKeysCheck(false, job.identifier));
358+
job.addImplementation(await execSuCheck(false, job.identifier));
359+
job.addImplementation(await fileExistsCheck(false, job.identifier));
360+
job.addImplementation(await jailMonkeyBypass(false, job.identifier));
304361
// RootBeer functions
305-
job.addImplementation(rootBeerIsRooted(false, job.identifier));
306-
job.addImplementation(rootBeerCheckForBinary(false, job.identifier));
307-
job.addImplementation(rootBeerCheckForDangerousProps(false, job.identifier));
308-
job.addImplementation(rootBeerDetectRootCloakingApps(false, job.identifier));
309-
job.addImplementation(rootBeerCheckSuExists(false, job.identifier));
310-
job.addImplementation(rootBeerDetectTestKeys(false, job.identifier));
311-
job.addImplementation(rootBeerNative(false, job.identifier));
312-
job.addImplementation(rootBeerCheckSeLinux(false, job.identifier));
362+
job.addImplementation(await rootBeerIsRooted(false, job.identifier));
363+
job.addImplementation(await rootBeerCheckForBinary(false, job.identifier));
364+
job.addImplementation(await rootBeerCheckForDangerousProps(false, job.identifier));
365+
job.addImplementation(await rootBeerDetectRootCloakingApps(false, job.identifier));
366+
job.addImplementation(await rootBeerCheckSuExists(false, job.identifier));
367+
job.addImplementation(await rootBeerDetectTestKeys(false, job.identifier));
368+
job.addImplementation(await rootBeerNative(false, job.identifier));
369+
job.addImplementation(await rootBeerCheckSeLinux(false, job.identifier));
313370

314371
jobs.add(job);
315372
};
316373

317-
export const enable = (): void => {
374+
export const enable = async (): Promise<void> => {
318375
const job: jobs.Job = new jobs.Job(jobs.identifier(), "root-detection-enable");
319376

320-
job.addImplementation(testKeysCheck(true, job.identifier));
321-
job.addImplementation(execSuCheck(true, job.identifier));
322-
job.addImplementation(fileExistsCheck(true, job.identifier));
323-
job.addImplementation(jailMonkeyBypass(true, job.identifier));
377+
job.addImplementation(await testKeysCheck(true, job.identifier));
378+
job.addImplementation(await execSuCheck(true, job.identifier));
379+
job.addImplementation(await fileExistsCheck(true, job.identifier));
380+
job.addImplementation(await jailMonkeyBypass(true, job.identifier));
324381

325382
// RootBeer functions
326-
job.addImplementation(rootBeerIsRooted(true, job.identifier));
327-
job.addImplementation(rootBeerCheckForBinary(true, job.identifier));
328-
job.addImplementation(rootBeerCheckForDangerousProps(true, job.identifier));
329-
job.addImplementation(rootBeerDetectRootCloakingApps(true, job.identifier));
330-
job.addImplementation(rootBeerCheckSuExists(true, job.identifier));
331-
job.addImplementation(rootBeerDetectTestKeys(true, job.identifier));
332-
job.addImplementation(rootBeerNative(true, job.identifier));
333-
job.addImplementation(rootBeerCheckSeLinux(false, job.identifier));
383+
job.addImplementation(await rootBeerIsRooted(true, job.identifier));
384+
job.addImplementation(await rootBeerCheckForBinary(true, job.identifier));
385+
job.addImplementation(await rootBeerCheckForDangerousProps(true, job.identifier));
386+
job.addImplementation(await rootBeerDetectRootCloakingApps(true, job.identifier));
387+
job.addImplementation(await rootBeerCheckSuExists(true, job.identifier));
388+
job.addImplementation(await rootBeerDetectTestKeys(true, job.identifier));
389+
job.addImplementation(await rootBeerNative(true, job.identifier));
390+
job.addImplementation(await rootBeerCheckSeLinux(false, job.identifier));
334391

335392
jobs.add(job);
336393
};

0 commit comments

Comments
 (0)