Simple Android virus analysis and its effects

Today in the group to see everyone sent a link, a virus display way, quite fun, Imitation wrote the next.

http://mt.sohu.com/20150517/n413220620.shtml?qq-pf-to=pcqq.c2c

This realization is not very difficult, mainly is the idea above can understand is very simple.

Depending on the text, we can directly consider how to assign a value to TextView in Android.

Textview.settext (charsequence)

This method enables the assignment of the text to be displayed, so the substrate framework is used to simply write the next hook script.

<span style= "FONT-SIZE:18PX;" >public class Main {public static void Initialize () {ms.hookclassload ("Android.widget.TextView", New MS.  Classloadhook () {@Overridepublic void classloaded (class<?> arg0) {//TODO auto-generated method Stubmethod smstest  try {smstest=arg0.getmethod ("SetText", Charsequence.class),} catch (SecurityException e) {//TODO auto-generated catch Blocksmstest=null;e.printstacktrace ();} catch (Nosuchmethodexception e) {//TODO auto-generated catch block Smstest=null;e.printstacktrace ();} if (smstest!=null) {final MS. Methodpointer old = new MS. Methodpointer (); Ms.hookmethod (arg0, Smstest, new MS. Methodhook () {@Overridepublic object invoked (object arg0, Object ... arg1) throws Throwable {//TODO auto-generated method s TUBLOG.D ("Ggz", "I am hook in------->"); String bb= (String) arg1[0]; LOG.D ("Ggz", "string is----->" +bb); bb= "Love Hack, Love ghost brother";   LOG.D ("Ggz", "now string is--->" +bb); return Old.invoke (arg0, BB); }}, old);    }}      }); }}</span> 

Then we run to look at our defined log log:

The logs are displayed properly, so we'll look at the phone:

All right, it's the same as the viral pattern.

If the virus to do, you can directly through the custom hook way to achieve, do not rely on these open injection framework such as Xposed,cydia substrate, can be written by the injection framework can also be very convenient to implement this principle.

about how hooks are used, my blog also has a brief introduction of Cydia substrate from the beginning of teaching, we are interested to see.

This article is for research purposes only and should not be used illegally.

Simple Android virus analysis and its effects