How to hook system calls of my android app (non rooted device)

Asked 3/5, 2014 at 11:31 Answered 22/8, 2014 at 15:39

Solved android hook system-calls function-interposition library-interposition

I am trying to intercept all system calls made by my Android app on a non rooted device.

So every time my app writes/reads a file, I want to intercept the system call and encrypt/decrypt the stream for security purposes. The encryption part is no problem, but how do I intercept the system calls?

Because parts of the app are modules developed by third party providers of which I can not change the source code, there is no other way to make sure that data is stored securely.

Since I do not have root access I cannot access the address of the system call table as described here and I can not do this through an LKM module as well.

I would appreciate any suggestions, thanks.

Edit:

Ok I got the code link form Simone Margaritelli to work now! the reason why my code kept crashing is because i had to set the right memory access permisions:

uint32_t page_size = getpagesize();
uint32_t entry_page_start = reloc& (~(page_size - 1));
mprotect((uint32_t *)entry_page_start, page_size, PROT_READ | PROT_WRITE);

Thirtytwo answered 3/5, 2014 at 11:31 Comment(4)

I need the solution of exactly similar question. – Glyptics 4/6, 2014 at 12:6

@John did you get any working approach? – Reisman 27/6, 2014 at 6:10

@IndraYadav No I have not. Sadly I have not gotten any new suggestions I could try out. May be with an up vote this question will get more attention. – Thirtytwo 5/7, 2014 at 8:23

Hi, tried your suggestion but I am not able to get it working. Please see the detailed query Here – Freddyfredek 25/11, 2014 at 5:12

This is how you can hook syscalls on Android without root permissions ( only working for your own process of course, this is not system wide ).

Invitation answered 23/5, 2014 at 19:42 Comment(2)

Yes, this is actually exactly what I was looking for. Sadly my app always crashes when trying to run the code. I have tried contacting the owner of the blog, unsuccessfully. – Thirtytwo 10/6, 2014 at 13:56

This blog code is not working in android 6.0 OS. Linker.h member are private in 6.0 OS. Any workaround then please let me know. I ask to owner of this blog but no answer. – Campanulaceous 27/10, 2015 at 8:38

You can reference Suterusu. But it's not thread safe, and I'm also trying to find a thread safe solution.

Panto answered 22/8, 2014 at 15:39 Comment(0)

Recommended topics

Hot tags