How to hook BTServer correctly?

I’m trying to hook the BTServer (MobileBluetooth.framework), with the help of this reversed engineered header:
https://code.google.com/p/iphone-bluetooth/source/browse/btGpsServer/MobileBluetooth.h?name=experimental

This is my target method:
int BTDeviceConnectServices(BTDEVICE device, int services);

And this is my code

int (*oldBTDeviceConnectServices)(BTDEVICE device, int services);

int newBTDeviceConnectServices(BTDEVICE device, int services){
    printf("hooked!");
    return oldBTDeviceConnectServices(device,services);
}

%ctor{
    MSHookFunction(&BTDeviceConnectServices, &newBTDeviceConnectServices, &oldBTDeviceConnectServices);
}

.

But it couldn’t compile ;(

Making all for tweak Alerting... Linking tweak Alerting... Undefined symbols for architecture armv7: "_BTDeviceConnectServices", referenced from: _logosLocalCtor_8b131269() in Tweak.xm.8f96d575.o ld: symbol(s) not found for architecture armv7 clang: error: linker command failed with exit code 1 (use -v to see invocation)

Have no idea on hooking C++ function, would be great if anyone could give some hints :smiley:

1 个赞

Add
extern "C" int BTDeviceConnectServices(BTDEVICE device, int services);
at the top of your code

And remember to import MobileBluetooth.framework in your Makefile

1 个赞

Thanks for the prompt response, after adding MobileBluetooth into the MakeFile:
Alerting_FRAMEWORKS = UIKit MobileBluetooth

I got this error instead:
ld: framework not found MobileBluetooth

This is how I placed the header file, did I do it wrongly or?

thanks a lot!! :smiley:

That’s because MobileBluetooth is a private framework.
The problem may be solved by simply adding a new line
Alerting_PRIVATE_FRAMEWORKS = MobileBluetooth
under
Alerting_FRAMEWORKS = UIKit

1 个赞

That works perfectly, thanks a lot

At least I can find out that BTDeviceConnectServices(BTDEVICE device, int services) will only be called once on first pairing, once the device is paired, reconnecting will not called this function again :\