What is the best method to pass some data to the hooked method in recent android versions?
I want to set some variables through ADB and I thought I could simply add a file with the variable contents.
As I understand, the method runs as the App I am hooking so this does not seem to be trivial.
File access is most likely limited.
I have seen people use shared preferences by setting MODE_WORLD_READABLE but this does not seem to work anymore in recent versions.
It could be possible to use a ContentProvider but I think here it is needed that the hooked app requests permissions in the AndroidManifest for this to work since Android 11.
Is there a method that is still usable?
Related
is there anyway to root or jailbreak the lumia 521?
only had it for one day and i hate it.. anyone find a root or jailbreak?
1) Learn to search.
2) Not yet (duh, if you'd searched you'd know).
3) Why the heck did you get a phone without doing even basic research?
4) Is there something *specific* you want to do? There are some tricks possible with stock dev-unlock.
All of the above and what do you think your going to be able to do once its "broken" ...there's not a lot really hidden from you at the moment. One of the beauties of WM is there's practically no real need to root it or at least no huge gain atm.
Sent from my RM-878_nam_usa_100 using Tapatalk
Oh, I *quite* disagree with that last statement. Things that I've done, even with the limited control available right now:
Moved the map data folder to the SD card.
Made my ATIV S show three normal tile columns on Start.
Been able to sideload more than 10 applications at once (and 10 is the limit for a paid account; free ones get 2 or 3).
Been able to directly sideload my ebooks.
Make an app to enable wired tethering on my phone (isn't limited like WiFi tethering, which doesn't work for me anyhow... another thing I hope to fix, though).
Set up custom theme colors.
Access the certificate store.
Edit the HOSTS file.
Add IE favorites easily.
There's a ton more that I'm still investigating, too:
Changing file associations, even ones that are supposed to be locked to built-in apps (like .MP3).
Custom system components (replace or modify the keyboard or Start screen).
Port Win32 programs, even ones that require drivers such as openvpn.
Change the default search engine.
Make the ringtone volume controllable separately from the system volume.
Toggle services on and off with one tap.
Enable raw network sockets (support other protocols than TCP and UDP, do security testing from my phone, etc.)
Lots more...
GoodDayToDie said:
Oh, I *quite* disagree with that last statement. Things that I've done, even with the limited control available right now:
Moved the map data folder to the SD card.
Made my ATIV S show three normal tile columns on Start.
Been able to sideload more than 10 applications at once (and 10 is the limit for a paid account; free ones get 2 or 3).
Been able to directly sideload my ebooks.
Make an app to enable wired tethering on my phone (isn't limited like WiFi tethering, which doesn't work for me anyhow... another thing I hope to fix, though).
Set up custom theme colors.
Access the certificate store.
Edit the HOSTS file.
Add IE favorites easily.
There's a ton more that I'm still investigating, too:
Changing file associations, even ones that are supposed to be locked to built-in apps (like .MP3).
Custom system components (replace or modify the keyboard or Start screen).
Port Win32 programs, even ones that require drivers such as openvpn.
Change the default search engine.
Make the ringtone volume controllable separately from the system volume.
Toggle services on and off with one tap.
Enable raw network sockets (support other protocols than TCP and UDP, do security testing from my phone, etc.)
Lots more...
Click to expand...
Click to collapse
I was trying to find the practicality on doing it for WP8, but I couldn't recall exactly what all was added feature wise on WP7. This kind of clears things up why InteropUnlock is so valuable.
When developing an application for desktop windows, there's always a way to access functionality - sometimes through back doors like the registry, etc... I'm developing an application for Windows Phone 8.1, but there are certain pieces of functionality that aren't exposed in the PRT APIset that is available to me. For example, we want to ensure that the user has password protection on the lock screen when using the application. There doesn't seem to be any associated APIs to readily use. So my question is, are there back door ways to do such things? How? Is there a way to access ALL system settings - like a registry or something of the like?
proch said:
When developing an application for desktop windows, there's always a way to access functionality - sometimes through back doors like the registry, etc... I'm developing an application for Windows Phone 8.1, but there are certain pieces of functionality that aren't exposed in the PRT APIset that is available to me. For example, we want to ensure that the user has password protection on the lock screen when using the application. There doesn't seem to be any associated APIs to readily use. So my question is, are there back door ways to do such things? How? Is there a way to access ALL system settings - like a registry or something of the like?
Click to expand...
Click to collapse
Another question would be - if something like intune can enforce lock screen password policies, shouldn't I be able to do it the same way that intune does it? If so, how? If not - why not?
It's not possible to check if user enabled lock screen password or not as far as I know
but if you want to made your app secure (because it may include important data)
you can create a password for your own application !
I did it in a little notepad app my password page allow user to set a password with all English and Persian Characters , numbers and special Chars like [email protected]#$ and etc.
Sent from my RM-994_eu_poland_1183 using Tapatalk
It's pretty easy to check, using the registry, but at least in 8.0 that's not allowed at all for store apps (your app would get rejected). I don't know if the rules changed for 8.1. There are ways to sneak past the store checks, but they could pull your app from the store if they ever found out. I know of at least three ways to access the registry APIs (4 in WP8.1) and two of them are pretty hard to detect unless somebody checks for them specifically... but they're the kind of technique that malware uses, so such checks may be in place.
I don't know what InTune is doing, specifically - I'd need to pull the app apart to see - but there are special application capabilities (not normally available to third-party developers) that can query and even set policies. Apps without those capabilities will get Access Denied if they try to use the same methods though, and normally you can't add those capabilities to your app.
GoodDayToDie said:
It's pretty easy to check, using the registry, but at least in 8.0 that's not allowed at all for store apps (your app would get rejected). I don't know if the rules changed for 8.1. There are ways to sneak past the store checks, but they could pull your app from the store if they ever found out. I know of at least three ways to access the registry APIs (4 in WP8.1) and two of them are pretty hard to detect unless somebody checks for them specifically... but they're the kind of technique that malware uses, so such checks may be in place.
I don't know what InTune is doing, specifically - I'd need to pull the app apart to see - but there are special application capabilities (not normally available to third-party developers) that can query and even set policies. Apps without those capabilities will get Access Denied if they try to use the same methods though, and normally you can't add those capabilities to your app.
Click to expand...
Click to collapse
Thanks for this great and detailed information. See, that's exactly what I'd do if I were developing a desktop app - since i know that intune does it, I'd figure out how intune does it and voila. I'm finally getting over the idea that the same methodologies apply to windows phone development.
For my own educational purposes (since I want to understand this platform better), I would really like to know specifically how you go about accessing the registry APIs (for example). If there's any way for you to describe any number of these methods, I'd greatly appreciate it. Thanks again!
My NativeAccess libraries (check my signature, or search on the forum or on Codeplex) contain an example of one way to access the registry. The code is open-source; you may use the libraries as-is (don't expect to get them into the store, though I won't stop you from trying), use the source code as a reference, or modify/build them yourself; the license is very liberal (MS Permissive). The functions I use are generally documented on MSDN, in the desktop APIs section; the phone has the same functions, although the DLL names are changed and the header files hide them.
I'd like to hook the query() method in ContentProvider in order to get to know which applications are accessing the personal information(e.g: contacts, sms) stored in the device. By reading the tutorial, we know that we can hook methods in app packages. However, what can we do when the methods we want to hook are in those system components? Any suggestion is appreciated.
x11911778 said:
I'd like to hook the query() method in ContentProvider in order to get to know which applications are accessing the personal information(e.g: contacts, sms) stored in the device. By reading the tutorial, we know that we can hook methods in app packages. However, what can we do when the methods we want to hook are in those system components? Any suggestion is appreciated.
Click to expand...
Click to collapse
Well first off, you can't hook ContentProvider.query() because it's an abstract method (at least one of the two variants). So you would have to hook the subclasses that provide an implementation for this method.
You would also need to clarify what you mean with "system components". I think some of these providers are implemented in system apps, so you would hook them like any other app. Others might be part of the system process (system_server), which also hosts all the system services like package manager etc. Simply use the special package name "android" for these, otherwise handle it like a normal app. And then there might be cases where you want to hook a Android framework method on the whole system. You would do that in initZygote().
In all cases, you would first have do identify a good place to hook into, then find out when to place the hook (as described above) and then use findAndHookMethod().
rovo89 said:
Well first off, you can't hook ContentProvider.query() because it's an abstract method (at least one of the two variants). So you would have to hook the subclasses that provide an implementation for this method.
You would also need to clarify what you mean with "system components". I think some of these providers are implemented in system apps, so you would hook them like any other app. Others might be part of the system process (system_server), which also hosts all the system services like package manager etc. Simply use the special package name "android" for these, otherwise handle it like a normal app. And then there might be cases where you want to hook a Android framework method on the whole system. You would do that in initZygote().
In all cases, you would first have do identify a good place to hook into, then find out when to place the hook (as described above) and then use findAndHookMethod().
Click to expand...
Click to collapse
Thanks a lot, that really helps~
Problem
would you mind give me a example (like a code) about how to hook the query() method? I really confused about that. Thanks a lot!!!!
I have a hook that redirects the loading of a library to the sdcard or any other location and it works fine mostly fine (like if the app has sdcard read or I have to put in hooked applications data folder). But what I would like to do is redirect this to a library that is packaged within my xposed app apk install location. There seems to be a couple problems with this though.
1) Since I'm within a hook, how do I get the location of my library(since this may change with different phone builds)
2) Android doesn't allow application to access resources from other application for obvious reasons. If I'm within the hook what would be a elegant way of access this. I have permission injection but I feel like this is convoluted(mostly because it requires a reboot).
And ideas would be greatly appreciated, ty!
so basically i want to monitor system wide app installation and uninstallation, including sideloading with dates? if possible to have it create a log and store it in a specific folder that is locked or can't be accessed or deleted without code. and to do a daily or weekly check to see if any changes were made.
also is there a task to block all installations including sideloading?
any help would be appreciated.
@ktmom
So tracking installed and uninstalled apps is straightforward.
I'm not aware of a way to lock the resulting file per se. Encrypt it, probably. But to prevent any other app from accessing it, I don't know how to do that. It could be uploaded to the cloud, e.g. Google drive. Then the local copy deleted. That's kinda fussy. Saving it as a variable array is doable, then Tasker can be locked.
If on every install / uninstall, the log is updated, why does there need to be a daily/weekly check?
I would have to test and see if the package manager can be "locked".
Is the device in question rooted?
This kinda sounds like something I might do to my kids phone [emoji6]. If this is actually the case, the file could be sent to your device or email on update. It wouldn't matter if the local copy was edited. You also could know immediately if an app had changed.
I asked in the other thread, do you have any familiarity with tasker?
@ktmom
device is non rooted,
file sent to email would be fine if that will get rid of daily/weekly checks. (<--- this was just something I wanted that maybe i'll just use in notepad++ to highlight the differences for a quick way of seeing changes.)
i have dabbled in tasker many years ago, only to enable/disable wifi and turn on vpn in geo fenced locations.
I haven't forgotten you. I should post a solution by the weekend. I'm just spending some time to make sure the kinks are out. You will need the MailTask plugin. I personally use a script in termux (requires cURL) to send via Google servers, but that is harder to setup, particularly with OATH. The plugin makes life much easier.
ktmom said:
I haven't forgotten you. I should post a solution by the weekend. I'm just spending some time to make sure the kinks are out. You will need the MailTask plugin. I personally use a script in termux (requires cURL) to send via Google servers, but that is harder to setup, particularly with OATH. The plugin makes life much easier.
Click to expand...
Click to collapse
ok great, thank you!
@BobMcGeez
Finally, I think I have this stable and able to handle multiple consecutive app installations and removals. I am working under the assumption that the use for this project is to monitor possible dangerous activity on a child’s device. I do not condone the use of this for monitoring a device without adult consent.
This project will send an email notification when a new app is installed or an existing app is removed. The email will include a CSV file with the remaining still installed apps. It should ignore apps that are being updated (they remove then install). The emails are sent silently and there should not be any indication to the user this is happening in the background. The CSV file is saved in the {storage}/Tasker/tasks/ directory. Each time an email is sent, the stored file is also updated. One instance of the previous file is saved as well.
First, you need MailTask installed. Please ensure that the MailTask plugin is fully configured and tested before installing this project. We are using OAuth Gmail authentication, so ignore SMTP stuffs.
Also, IMHO, I would use a GMail account maybe even created for this purpose, but at least one not setup to routinely access by the device user. This way, the user’s account will not reflect the sent messages.
To configure and test MailTask
Open MailTask from the app drawer on your device
Perform “Authorize Gmail Access” Use the account for the “from” you want to use in this project
Perform “Grant access to primary storage”
If your device has an SDcard, perform “Grant access to Sd card”
Now if you want, you can create a task in your Tasker installation to test the MailTask plugin
Create a test task
Add a MailTask action (Plugin -> MailTask -. send email)
Configuration:
From = Account used to Authorize Gmail Access above
To = Account where to send email
Subject = Testing MailTask
Body = Some text to take up space
Attachments = choose a basic file using the paperclip icon just for there to be an attachment
Test plugin by manually running the task.
If all is good, you can delete this test
Now install the project (taskernet link). On install, accept enabling the profiles. If you do, then the Installation task should run automatically. If you prefer not to, or if you need to re-run the installation, manually run the “Initial Setup” task.
This project may be shared under GNU v2. You may share, modify and use it provide you don't charge, the code is open and credit is provided.