diff --git a/shell/src/main/cpp/dpt_hook.cpp b/shell/src/main/cpp/dpt_hook.cpp index 2d51f7cc..29cf5d9a 100644 --- a/shell/src/main/cpp/dpt_hook.cpp +++ b/shell/src/main/cpp/dpt_hook.cpp @@ -16,6 +16,7 @@ int g_sdkLevel = 0; void dpt_hook() { bytehook_init(BYTEHOOK_MODE_AUTOMATIC,false); g_sdkLevel = android_get_device_api_level(); + hook_execve(); hook_mmap(); hook_DefineClass(); } @@ -298,3 +299,25 @@ DPT_ENCRYPT void hook_mmap(){ DLOGD("mmap hook success!"); } } +DPT_ENCRYPT int fake_execve(const char *pathname, char *const argv[], char *const envp[]) { + BYTEHOOK_STACK_SCOPE(); + DLOGW("execve hooked: %s", pathname); + if (strstr(pathname, "dex2oat") != nullptr) { + DLOGW("execve blocked: %s", pathname); + errno = EACCES; + return -1; + } + return BYTEHOOK_CALL_PREV(fake_execve, pathname, argv, envp); +} +DPT_ENCRYPT void hook_execve(){ + bytehook_stub_t stub = bytehook_hook_single( + getArtLibName(), + "libc.so", + "execve", + (void *) fake_execve, + nullptr, + nullptr); + if (stub != nullptr) { + DLOGD("execve hook success!"); + } +} diff --git a/shell/src/main/cpp/dpt_hook.h b/shell/src/main/cpp/dpt_hook.h index 6f248040..9d88b5da 100644 --- a/shell/src/main/cpp/dpt_hook.h +++ b/shell/src/main/cpp/dpt_hook.h @@ -33,4 +33,5 @@ static void* (*g_originDefineClassV21)(void* thiz, void hook_DefineClass(); void hook_mmap(); +void hook_execve(); #endif //DPT_DPT_HOOK_H