mindmac / androideagleeye Goto Github PK

I use ndk-build build my "libeagleeyenative.so", but it doesn't work on my phone .
i just replace my libeagleeyenative.so in original edition EagleEye.apk ,and signed it ,is there some problems?

Hello,

I am searching instrumentation solutions for Android apps, and happen to see your project. I had some experiment. However, no log relevant to EagleEye is shown in the logcat.

My device is a Samsung GS4, I installed Xposed 2.6.1 on it, EagleEye module is also enabled.

The properties are also set, as can be seen in the following command result:

root@android:/ # ps |grep eagle
u0_a249 7321 219 901924 74188 ffffffff 40329004 S com.mindmac.eagleeyetest
u0_a248 7540 219 873920 47048 ffffffff 40329004 S com.mindmac.eagleeye

root@android:/ # getprop | grep eag
rw.eagleeye.fr.uids: 10248|10249
rw.eagleeye.n1t.uids: 10248|10249

Do you know what might be the problem? Or how to debug?

Since I am quite new to this area, can you recommend any practical and stable solution to profile/trace app behaviors. Thanks,

Luke

Nexus 6 and Android 5.1.1
First, I download the zip, and install the EagleEye.apk and EagleEyeTest.apk on my phone, i followed step but when i restart EagleEyeTest, the log print like this:
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_open
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_socket
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_connect
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_bind
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_listen
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_accept
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_read
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_write
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_sendto
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_recvfrom
12-07 15:40:55.749: D/EagleEye(26426): hook info node: system_hook_info_execve
12-07 15:40:55.749: D/EagleEye(26426): Try to hook open in lib libc
12-07 15:40:55.760: D/EagleEye(26426): cannot find function: open
12-07 15:40:55.760: D/EagleEye(26426): can't find: open
12-07 15:40:55.760: D/EagleEye(26426): Try to hook socket in lib libc
12-07 15:40:55.776: D/EagleEye(26426): cannot find function: socket
12-07 15:40:55.776: D/EagleEye(26426): can't find: socket
12-07 15:40:55.776: D/EagleEye(26426): Try to hook connect in lib libc
12-07 15:40:55.789: D/EagleEye(26426): cannot find function: connect
12-07 15:40:55.789: D/EagleEye(26426): can't find: connect
12-07 15:40:55.789: D/EagleEye(26426): Try to hook bind in lib libc
12-07 15:40:55.798: D/EagleEye(26426): cannot find function: bind
12-07 15:40:55.798: D/EagleEye(26426): can't find: bind
12-07 15:40:55.798: D/EagleEye(26426): Try to hook listen in lib libc
12-07 15:40:55.807: D/EagleEye(26426): cannot find function: listen
12-07 15:40:55.807: D/EagleEye(26426): can't find: listen
12-07 15:40:55.807: D/EagleEye(26426): Try to hook accept in lib libc
12-07 15:40:55.815: D/EagleEye(26426): cannot find function: accept
12-07 15:40:55.815: D/EagleEye(26426): Try to hook read in lib libc
12-07 15:40:55.825: D/EagleEye(26426): cannot find function: read
12-07 15:40:55.825: D/EagleEye(26426): can't find: read
12-07 15:40:55.825: D/EagleEye(26426): Try to hook write in lib libc
12-07 15:40:55.836: D/EagleEye(26426): cannot find function: write
12-07 15:40:55.836: D/EagleEye(26426): can't find: write
12-07 15:40:55.836: D/EagleEye(26426): Try to hook sendto in lib libc
12-07 15:40:55.845: D/EagleEye(26426): cannot find function: sendto
12-07 15:40:55.845: D/EagleEye(26426): can't find: sendto
12-07 15:40:55.845: D/EagleEye(26426): Try to hook recvfrom in lib libc
12-07 15:40:55.856: D/EagleEye(26426): cannot find function: recvfrom
12-07 15:40:55.856: D/EagleEye(26426): can't find: recvfrom
12-07 15:40:55.856: D/EagleEye(26426): Try to hook execve in lib libc
12-07 15:40:55.872: D/EagleEye(26426): cannot find function: execve
12-07 15:40:55.872: D/EagleEye(26426): can't find: execve
so ,can you fix it?

adb shell su -c setprop rw.eagleeye.fr.uids "6471"
restart app
adb logcat -s EagleEye:I

--------- beginning of /dev/log/main
--------- beginning of /dev/log/system

nothing
my rom is sony
when i used
"adb shell su -c chmod 777 /system/lib/libfd2path.so " to initialization
it tell me libfd2path.so notfound

here is the logcat:
I/dalvikvm: Rejecting re-init on previously-failed class Lcom/mindmac/eagleeye/NativeEntry; v=0x0

and there is no app method output logcat which is what I want to hook.There is only system api hook logcat output.

After following the readme I get not output in logcat, I assume the hook didn't work.
Using genymotion, Galaxy S6, Android 5.1.

When I compile using ndk-build I meet this exception:

jni/base/hook.c:43:5: error: unknown register name 'r0' in asm
                :       "r0", "r1", "r7"

For this method:

void inline hook_cacheflush(unsigned int begin, unsigned int end)
{

	const int syscall = 0xf0002;
	__asm __volatile (
		"mov	 r0, %0\n"			
		"mov	 r1, %1\n"
		"mov	 r7, %2\n"
		"mov     r2, #0x0\n"
		"svc     0x00000000\n"
		:
		:	"r" (begin), "r" (end), "r" (syscall)
		:	"r0", "r1", "r7"
		);

}

Do you have any idea for fixing this. thanks.

For example I want to hook a method named hook_method in two module liba and libb

int hook_method(void *ctx);
HOOK_INFO custom_hook_info_hook_method={{}, "liba", "hook_method", hook_method, hook_method};
HOOK_INFO custom_hook_info_hook_method={{}, "libb", "hook_method", hook_method, hook_method};

But when compiling, I will meet error:

note: previous definition of 'custom_hook_info_hook_method'

So how can I hook same method name for two different libraries.

Hi, it is a great project!
I tried to add some logic under hookclass package(not a native method), but I couldn't figure out how to rebuild an apk file. Could you pls offer some build guide?
Thanks a lot.

Can eagleeye hook methods, which use classes defined in the target application as parameters?