Primer paso de la investigacion. Se aportan el .apk, las carpetas con el apk extraido y el apk descompilado. El archivo API_DOCUMENTATION.md es un archivo donde se anotaran los descubrimientos del funcionamiento de la API, y los .py son scripts para probar la funcionalidad de la API con los métodos que vayamos encontrando. Finalmente, los archivos .js son scripts de Frida para extraer informacion de la APP durante la ejecucion.
This commit is contained in:
120
apk_decompiled/sources/com/google/android/gms/dynamite/zzb.java
Normal file
120
apk_decompiled/sources/com/google/android/gms/dynamite/zzb.java
Normal file
@@ -0,0 +1,120 @@
|
||||
package com.google.android.gms.dynamite;
|
||||
|
||||
import android.os.Looper;
|
||||
import android.util.Log;
|
||||
|
||||
/* loaded from: classes3.dex */
|
||||
public final class zzb {
|
||||
private static volatile ClassLoader zza;
|
||||
private static volatile Thread zzb;
|
||||
|
||||
public static synchronized ClassLoader zza() {
|
||||
ClassLoader classLoader;
|
||||
synchronized (zzb.class) {
|
||||
try {
|
||||
if (zza == null) {
|
||||
zza = zzb();
|
||||
}
|
||||
classLoader = zza;
|
||||
} catch (Throwable th) {
|
||||
throw th;
|
||||
}
|
||||
}
|
||||
return classLoader;
|
||||
}
|
||||
|
||||
private static synchronized ClassLoader zzb() {
|
||||
synchronized (zzb.class) {
|
||||
ClassLoader classLoader = null;
|
||||
if (zzb == null) {
|
||||
zzb = zzc();
|
||||
if (zzb == null) {
|
||||
return null;
|
||||
}
|
||||
}
|
||||
synchronized (zzb) {
|
||||
try {
|
||||
classLoader = zzb.getContextClassLoader();
|
||||
} catch (SecurityException e4) {
|
||||
Log.w("DynamiteLoaderV2CL", "Failed to get thread context classloader " + e4.getMessage());
|
||||
}
|
||||
}
|
||||
return classLoader;
|
||||
}
|
||||
}
|
||||
|
||||
private static synchronized Thread zzc() {
|
||||
SecurityException e4;
|
||||
Thread thread;
|
||||
Thread thread2;
|
||||
ThreadGroup threadGroup;
|
||||
synchronized (zzb.class) {
|
||||
ThreadGroup threadGroup2 = Looper.getMainLooper().getThread().getThreadGroup();
|
||||
if (threadGroup2 == null) {
|
||||
return null;
|
||||
}
|
||||
synchronized (Void.class) {
|
||||
try {
|
||||
try {
|
||||
int activeGroupCount = threadGroup2.activeGroupCount();
|
||||
ThreadGroup[] threadGroupArr = new ThreadGroup[activeGroupCount];
|
||||
threadGroup2.enumerate(threadGroupArr);
|
||||
int i = 0;
|
||||
int i4 = 0;
|
||||
while (true) {
|
||||
if (i4 >= activeGroupCount) {
|
||||
threadGroup = null;
|
||||
break;
|
||||
}
|
||||
threadGroup = threadGroupArr[i4];
|
||||
if ("dynamiteLoader".equals(threadGroup.getName())) {
|
||||
break;
|
||||
}
|
||||
i4++;
|
||||
}
|
||||
if (threadGroup == null) {
|
||||
threadGroup = new ThreadGroup(threadGroup2, "dynamiteLoader");
|
||||
}
|
||||
int activeCount = threadGroup.activeCount();
|
||||
Thread[] threadArr = new Thread[activeCount];
|
||||
threadGroup.enumerate(threadArr);
|
||||
while (true) {
|
||||
if (i >= activeCount) {
|
||||
thread2 = null;
|
||||
break;
|
||||
}
|
||||
thread2 = threadArr[i];
|
||||
if ("GmsDynamite".equals(thread2.getName())) {
|
||||
break;
|
||||
}
|
||||
i++;
|
||||
}
|
||||
} finally {
|
||||
}
|
||||
} catch (SecurityException e5) {
|
||||
e4 = e5;
|
||||
thread = null;
|
||||
}
|
||||
if (thread2 == null) {
|
||||
try {
|
||||
thread = new zza(threadGroup, "GmsDynamite");
|
||||
try {
|
||||
thread.setContextClassLoader(null);
|
||||
thread.start();
|
||||
} catch (SecurityException e6) {
|
||||
e4 = e6;
|
||||
Log.w("DynamiteLoaderV2CL", "Failed to enumerate thread/threadgroup " + e4.getMessage());
|
||||
thread2 = thread;
|
||||
return thread2;
|
||||
}
|
||||
} catch (SecurityException e7) {
|
||||
e4 = e7;
|
||||
thread = thread2;
|
||||
}
|
||||
thread2 = thread;
|
||||
}
|
||||
}
|
||||
return thread2;
|
||||
}
|
||||
}
|
||||
}
|
||||
Reference in New Issue
Block a user