Abstract image of a woman sitting on books and studying on a laptop

Null Xposed Framework internals and writing modules

Abhinav Chourasia, GMOB, profile picture
Abhinav Chourasia, GMOB

The document discusses the Xposed framework, detailing its internal operations, the Android boot process, and how it interacts with app processes and the zygote. It provides insights into file system profiling and references notable modules like JustTrustMe and RootCloak. Additionally, it includes various resources and links for further exploration of Android internals and development tutorials.

Software
Related topics:
Information Security
1 of 10
Downloaded 28 times
1
2
3
4
5
6
7
8
9
10
XPOSED INTERNALS What — Why — How — Examples — How-to — Demo
/usr/bin/whoami ~Security enthusiast ~Hobby programmer ~Python lover ~In search of the truth ! — Can be ignored :)
Std. Android Boot-up • DADDY SPACE # include Boot Rom ROM # include Boot Loader Boot Media # load kernel # init h/w, drivers # mount / Memory USER SPACE
Zygote Time ! • BETA SPACE # load init.rc Kernel # run /system/bin/app_process (C++ exe) # name the process ZYGOTE init.rc # start the DALVIK VM # start the SYSTEM SERVER # register SOCKET for Zygote to start apps # run in Select Loop Mode to actually start other apps Zygote
Xposed • What ? • Why ? • How ?
XPOSED
File System Profiling — • app_process • XposedBridge.jar • hookMethodNative() - links argument method to it’s own native implementation.
Null Xposed Framework internals and writing modules
Interesting Modules • JustTrustMe - https://github.com/Fuzion24/ JustTrustMe/ • RootCloak- https://github.com/devadvance/ rootcloak • SQLCipeherHook - https://github.com/jakev/ SqlCipherHook
References • http://elinux.org/Android_Booting • http://elinux.org/Android_Zygote_Startup • https://github.com/rovo89/XposedBridge/wiki/Development-tutorial • http://forum.xda-developers.com/ • https://groups.google.com/forum/#!topic/android-platform/ • http://anatomyofandroid.com/2013/10/15/zygote/ • http://allenlsy.com/android-kernel-3/ • https://raw.githubusercontent.com/android/platform_frameworks_base/ • http://developer.android.com/ • http://stackoverflow.com/ • https://docs.oracle.com/javase/tutorial/reflect/

More Related Content

PDF
OSS AWS 핸즈온 강의
Juhong Jung
 
PDF
@arzumy Dev Setup #klxrb
Arzumy MD
 
PDF
Porting your favourite cmdline tool to Android
Vlatko Kosturjak
 
ODP
Ripping web accessible .git files
Vlatko Kosturjak
 
ODP
Wonderful world of (distributed) SCM or VCS
Vlatko Kosturjak
 
ODP
Os Bernier
oscon2007
 
PPTX
Elephant bird build Error
Kapil Dewade
 
ODP
Ubuntu presentation
Prakhar Gupta
 
OSS AWS 핸즈온 강의
Juhong Jung
 
@arzumy Dev Setup #klxrb
Arzumy MD
 
Porting your favourite cmdline tool to Android
Vlatko Kosturjak
 
Ripping web accessible .git files
Vlatko Kosturjak
 
Wonderful world of (distributed) SCM or VCS
Vlatko Kosturjak
 
Os Bernier
oscon2007
 
Elephant bird build Error
Kapil Dewade
 
Ubuntu presentation
Prakhar Gupta
 

What's hot (20)

ODP
Buildout: creating and deploying repeatable applications in python
CodeSyntax
 
PDF
Django Dev Environment Howto
Tzu-ping Chung
 
PPTX
20160929 android taipei Sonatype nexus on amazon ec2
TSE-JU LIN(Louis)
 
PDF
Aide 2014 - Fundamentals of Linux Privilege Escalation
nullthreat
 
PDF
Testing your infallibleness
Corey Osman
 
PDF
D1T3-Anto-Joseph-Droid-FF
Anthony Jose
 
PDF
dockerはじめました。 GDG京都 2014年忘れ勉強会 LT
Satoshi Noda
 
PDF
Exploiting Llinux Environment
Enrico Scapin
 
PPTX
Workshop on Source control, git merge walkthroughs
David Lawrence
 
PPTX
Git cli
ohb0312
 
PDF
Docker on Windows
Carl Su
 
PDF
Golang workshop
Victor S. Recio
 
PDF
A Look at Command Line Swift
JoshuaKaplan22
 
PDF
Killer R10K Workflow - PuppetConf 2014
Puppet
 
PPTX
Archlinux dev environment
Luke Luo
 
PPSX
Linux booting process
Prashant Hegde
 
PDF
Puppet at GitHub
Puppet
 
PDF
Git Quick Intro
Corneliu Claudiu Prodescu
 
ODP
5 minute intro to virtualenv
amenasse
 
PPTX
Central Iowa Linux Users Group October Meeting: Centos 8
Andrew Denner
 
Buildout: creating and deploying repeatable applications in python
CodeSyntax
 
Django Dev Environment Howto
Tzu-ping Chung
 
20160929 android taipei Sonatype nexus on amazon ec2
TSE-JU LIN(Louis)
 
Aide 2014 - Fundamentals of Linux Privilege Escalation
nullthreat
 
Testing your infallibleness
Corey Osman
 
D1T3-Anto-Joseph-Droid-FF
Anthony Jose
 
dockerはじめました。 GDG京都 2014年忘れ勉強会 LT
Satoshi Noda
 
Exploiting Llinux Environment
Enrico Scapin
 
Workshop on Source control, git merge walkthroughs
David Lawrence
 
Git cli
ohb0312
 
Docker on Windows
Carl Su
 
Golang workshop
Victor S. Recio
 
A Look at Command Line Swift
JoshuaKaplan22
 
Killer R10K Workflow - PuppetConf 2014
Puppet
 
Archlinux dev environment
Luke Luo
 
Linux booting process
Prashant Hegde
 
Puppet at GitHub
Puppet
 
Git Quick Intro
Corneliu Claudiu Prodescu
 
5 minute intro to virtualenv
amenasse
 
Central Iowa Linux Users Group October Meeting: Centos 8
Andrew Denner
 
Ad

Viewers also liked (9)

PPTX
Analisis propuesta general
Jonathan MH
 
PDF
Gitxaala Nation et al. v. Canada, 2016 FCA 187
Gordon Scott Campbell
 
PDF
The woodlands home sales rpt january 2016
jchellew
 
PPT
Presentation battle briefing mwell's conflicted copy 2016 13-06
chrisseth
 
PDF
Slideshare
Nayely Quispe Quispe
 
PDF
стронговська ми діти неньки одної
RuslanStrilchuk
 
PDF
C13_GaugeKeeper_englisch
Ebi Jose, PhD
 
PPTX
BeCommerce X-mas 2015 - sale 2016
Carmen Machiels
 
DOCX
diploma masterr
Mr. Zeljko.Krstovic
 
Analisis propuesta general
Jonathan MH
 
Gitxaala Nation et al. v. Canada, 2016 FCA 187
Gordon Scott Campbell
 
The woodlands home sales rpt january 2016
jchellew
 
Presentation battle briefing mwell's conflicted copy 2016 13-06
chrisseth
 
Slideshare
Nayely Quispe Quispe
 
стронговська ми діти неньки одної
RuslanStrilchuk
 
C13_GaugeKeeper_englisch
Ebi Jose, PhD
 
BeCommerce X-mas 2015 - sale 2016
Carmen Machiels
 
diploma masterr
Mr. Zeljko.Krstovic
 
Ad

Similar to Null Xposed Framework internals and writing modules (20)

PDF
Django dev-env-my-way
Robert Lujo
 
PDF
Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Cheng-Yi Yu
 
PPT
Learning AOSP - Android Booting Process
Nanik Tolaram
 
PPTX
Installing odoo v8 from github
Antony Gitomeh
 
PPTX
Linux container internals
Ashwin Bilgi
 
PDF
Dependencies Managers in C/C++. Using stdcpp 2014
biicode
 
PPTX
Building Embedded Linux UDOONEO
NEEVEE Technologies
 
PDF
Deliver Python Apps with Docker
Anton Egorov
 
PDF
Wrangling 3rd Party Installers from Puppet
Puppet
 
PPTX
Stm32 develop tool introduction
冠宇 陳
 
PDF
Deep Dive into the AOSP
Dr. Ketan Parmar
 
PPTX
Android build on windows
Addweup
 
PDF
The Modern Developer Toolbox
Pablo Godel
 
PDF
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
NETWAYS
 
PDF
A million ways to provision embedded linux devices
Mender.io
 
PPTX
How to configure PyCharm for Odoo development in Windows?
Celine George
 
PDF
Deploying to Ubuntu on Linode
WO Community
 
PDF
Build your own embedded linux distributions by yocto project
Yen-Chin Lee
 
PDF
An Introduction To Linux
Ishan A B Ambanwela
 
PDF
Odoo V8 Installation
Emipro Technologies Pvt. Ltd.
 
Django dev-env-my-way
Robert Lujo
 
Android Security Development - Part 2: Malicious Android App Dynamic Analyzi...
Cheng-Yi Yu
 
Learning AOSP - Android Booting Process
Nanik Tolaram
 
Installing odoo v8 from github
Antony Gitomeh
 
Linux container internals
Ashwin Bilgi
 
Dependencies Managers in C/C++. Using stdcpp 2014
biicode
 
Building Embedded Linux UDOONEO
NEEVEE Technologies
 
Deliver Python Apps with Docker
Anton Egorov
 
Wrangling 3rd Party Installers from Puppet
Puppet
 
Stm32 develop tool introduction
冠宇 陳
 
Deep Dive into the AOSP
Dr. Ketan Parmar
 
Android build on windows
Addweup
 
The Modern Developer Toolbox
Pablo Godel
 
OSDC 2016 - Continous Integration in Data Centers - Further 3 Years later by ...
NETWAYS
 
A million ways to provision embedded linux devices
Mender.io
 
How to configure PyCharm for Odoo development in Windows?
Celine George
 
Deploying to Ubuntu on Linode
WO Community
 
Build your own embedded linux distributions by yocto project
Yen-Chin Lee
 
An Introduction To Linux
Ishan A B Ambanwela
 
Odoo V8 Installation
Emipro Technologies Pvt. Ltd.
 

Recently uploaded (20)

PDF
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
PDF
Visual explanation of Dijkstra's Algorithm using Python
Universidad Nacional de Ingenieria
 
DOCX
Modern SharePoint Intranet Templates That Boost Employee Engagement in 2025.docx
Sharepoint Designs
 
PPTX
Tech Workshop Escape Room Tech Workshop
muthuiyad
 
DOCX
How to Use SharePoint as an ISO-Compliant Document Management System
Sharepoint Designs
 
PDF
Multiverse AI Review 2025: Access All TOP AI Model-Versions!
Moshiur Rahman Jisan
 
PPTX
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
PDF
MCP Security Tutorial - Beginner to Advanced
Harish Ramadoss
 
PDF
Website Design Services for Small Businesses.pdf
ecomme9
 
PDF
Product Update: Alluxio AI 3.7 Now with Sub-Millisecond Latency
Alluxio, Inc.
 
PDF
EaseUS PDF Editor Pro 6.2.0.2 Crack with License Key 2025
halimaanam8
 
PPTX
CNN LeNet5 Architecture: Neural Networks
DrRPonnusamyCIT
 
PPTX
Computer Software - Technology and Livelihood Education
ShielaGuevarra6
 
PPTX
assetexplorer- product-overview - presentation
nonameist3434
 
PDF
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
PPTX
Advanced SystemCare Ultimate Crack + Portable (2025)
adanataj41
 
PDF
Time Tracking Features That Teams and Organizations Actually Need
Orangescrum
 
PDF
AI Guide for Business Growth - Arna Softech
Arna Softech
 
PDF
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
PPTX
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 
How AI/LLM recommend to you ? GDG meetup 16 Aug by Fariman Guliev
HusseinMalikMammadli
 
Visual explanation of Dijkstra's Algorithm using Python
Universidad Nacional de Ingenieria
 
Modern SharePoint Intranet Templates That Boost Employee Engagement in 2025.docx
Sharepoint Designs
 
Tech Workshop Escape Room Tech Workshop
muthuiyad
 
How to Use SharePoint as an ISO-Compliant Document Management System
Sharepoint Designs
 
Multiverse AI Review 2025: Access All TOP AI Model-Versions!
Moshiur Rahman Jisan
 
Log360_SIEM_Solutions Overview PPT_Feb 2020.pptx
nonameist3434
 
MCP Security Tutorial - Beginner to Advanced
Harish Ramadoss
 
Website Design Services for Small Businesses.pdf
ecomme9
 
Product Update: Alluxio AI 3.7 Now with Sub-Millisecond Latency
Alluxio, Inc.
 
EaseUS PDF Editor Pro 6.2.0.2 Crack with License Key 2025
halimaanam8
 
CNN LeNet5 Architecture: Neural Networks
DrRPonnusamyCIT
 
Computer Software - Technology and Livelihood Education
ShielaGuevarra6
 
assetexplorer- product-overview - presentation
nonameist3434
 
Salesforce Agentforce AI Implementation.pdf
Robert Mark
 
Advanced SystemCare Ultimate Crack + Portable (2025)
adanataj41
 
Time Tracking Features That Teams and Organizations Actually Need
Orangescrum
 
AI Guide for Business Growth - Arna Softech
Arna Softech
 
Designing Intelligence for the Shop Floor.pdf
nikglvk
 
Weekly report ppt - harsh dattuprasad patel.pptx
bikerslovers123
 

Null Xposed Framework internals and writing modules

  • 1. XPOSED INTERNALS What — Why — How — Examples — How-to — Demo
  • 2. /usr/bin/whoami ~Security enthusiast ~Hobby programmer ~Python lover ~In search of the truth ! — Can be ignored :)
  • 3. Std. Android Boot-up • DADDY SPACE # include Boot Rom ROM # include Boot Loader Boot Media # load kernel # init h/w, drivers # mount / Memory USER SPACE
  • 4. Zygote Time ! • BETA SPACE # load init.rc Kernel # run /system/bin/app_process (C++ exe) # name the process ZYGOTE init.rc # start the DALVIK VM # start the SYSTEM SERVER # register SOCKET for Zygote to start apps # run in Select Loop Mode to actually start other apps Zygote
  • 5. Xposed • What ? • Why ? • How ?
  • 7. File System Profiling — • app_process • XposedBridge.jar • hookMethodNative() - links argument method to it’s own native implementation.
  • 9. Interesting Modules • JustTrustMe - https://github.com/Fuzion24/ JustTrustMe/ • RootCloak- https://github.com/devadvance/ rootcloak • SQLCipeherHook - https://github.com/jakev/ SqlCipherHook
  • 10. References • http://elinux.org/Android_Booting • http://elinux.org/Android_Zygote_Startup • https://github.com/rovo89/XposedBridge/wiki/Development-tutorial • http://forum.xda-developers.com/ • https://groups.google.com/forum/#!topic/android-platform/ • http://anatomyofandroid.com/2013/10/15/zygote/ • http://allenlsy.com/android-kernel-3/ • https://raw.githubusercontent.com/android/platform_frameworks_base/ • http://developer.android.com/ • http://stackoverflow.com/ • https://docs.oracle.com/javase/tutorial/reflect/