int isHookPMS(JNIEnv *env){
jobject cPMSO = getCurrentPMSObject(env);
jclass cPMSC = (*env)->GetObjectClass(env, cPMSO);
jclass cPMSFC =(*env)->GetSuperclass(env,cPMSC);
jclass proxyClass = (*env)->FindClass(env,"java/lang/reflect/Proxy");
if((*env)->IsAssignableFrom(env, cPMSFC,proxyClass)){
//PMS被Hook
(*env)->DeleteLocalRef(env, cPMSO);
(*env)->DeleteLocalRef(env, cPMSC);
(*env)->DeleteLocalRef(env, cPMSFC);
(*env)->DeleteLocalRef(env, proxyClass);
return 1;
}else{
(*env)->DeleteLocalRef(env, cPMSO);
(*env)->DeleteLocalRef(env, cPMSC);
(*env)->DeleteLocalRef(env, cPMSFC);
(*env)->DeleteLocalRef(env, proxyClass);
return 0;
}
}
jobject getCurrentPMSObject(JNIEnv *env){
jclass activityThreadClass = (*env)->FindClass(env,"android/app/ActivityThread");
jmethodID currentActivityThreadMethod = (*env)->
GetStaticMethodID(env,activityThreadClass,"currentActivityThread","()Landroid/app/ActivityThread;");
jobject currentActivityThread = (*env)->CallStaticObjectMethod(env,activityThreadClass,currentActivityThreadMethod);
jfieldID sPackageManagerFieldId = (*env)->GetStaticFieldID(env,activityThreadClass,"sPackageManager","Landroid/content/pm/IPackageManager;");
jobject sPackageManager = (*env)->GetStaticObjectField(env,currentActivityThread,sPackageManagerFieldId);
(*env)->DeleteLocalRef(env, activityThreadClass);
(*env)->DeleteLocalRef(env, currentActivityThreadMethod);
(*env)->DeleteLocalRef(env, currentActivityThread);
return sPackageManager;
}
扫一扫
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
