ENTRY_PRIVATE(wrap_openat)
mov ip, r7
.cfi_register r7, ip
ldr r7, =__NR_openat
swi
mov r7, ip
.cfi_restore r7
cmn r0,
bxls lr
neg r0, r0
b __carleen_set_errno
END(wrap_openat)
----------------------------------------
LOGI("start check frida loop");
while (loop < 10) {
fd = wrap_openat(AT_FDCWD, "/proc/self/maps", O_RDONLY, 0);
if (fd > 0) {
while ((read_line(fd, buffer, BUFFER_LEN)) > 0) {
if (sscanf(buffer, "%x-%lx %4s %lx %*s %*s %s", &base, &end, perm, &offset, path) !=
5) {
continue;
}
if (perm[0] != 'r') continue;
if (perm[3] != 'p') continue; //do not touch the shared memory
if (0 != offset) continue;
if (strlen(path) == 0) continue;
if ('[' == path[0]) continue;
if (end - base <= 1000000) continue;
if (wrap_endsWith(path, ".oat")) continue;
if (elf_check_header(base) != 1) continue;
if (find_mem_string(base, end, frida_rpc, length) == 1) {
LOGI("frida found in memory!");
wrap_kill(wrap_getpid(),SIGKILL);
break;
}
}
} else {
LOGI("open maps error");
}
wrap_close(fd);
loop++;
sleep(3);
