Hooking using Xposed framework
Xposed is a framework that enables developers to write custom modules for hooking into Android apps and thus modifying their flow at runtime. The Xposed framework was released by rovo89 in 2012. The Xposed framework works by placing an app_process
binary in a /system/bin/
directory and thus replacing the original app_process
binary. app_process
is the binary responsible for starting the zygote process. Basically, when an Android phone is booted, init
runs the /system/bin/app_process
and gives the resulting process the name Zygote
. We can hook into any process that is forked from the Zygote process using the Xposed framework.
To demonstrate the capabilities of the Xposed framework, I have developed a custom vulnerable ...
Get Hacking Android now with the O’Reilly learning platform.
O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.