I was wondering if it is possible to load a kernel module from an application using jni as is done in hardware/libhardware_legacy/wifi/wifi.c
The main issue I see is that this would probably require the application/user to have root. I am trying to find if this is in fact the case.
If one does need root to do such an activity, is there any other way to hook netfilter? I am not trying to work on tethering, in case people are wondering.
Hi, despite using JNI, you will still need root to insmod the kernel module.
I have quite a bit of experience with Netfilter and LKM development, what is it you're trying to do precisely?
I am more interested in developing a firewall/application monitor, because I have an Incredible and after the update I was a little upset by all of the applications that a) get loaded and b) start up from boot and finally c) stay loaded and wont ever close. But if I am unable to do this without root it is kind of a worthless application for the average person. It could still be beneficial for root users to see who is connecting to the web at any given time and monitor which applications use it or setup rules like block everyone but who one would like to allow the ability to access the outside world.
Thanks for the reply though.
Related
"Give a man a fish and he will eat for a day. Teach a man to fish and he will eat for a lifetime.”
What i am trying to say is if someone can lay down the foundation of Rooting an Android Device. I am not talking about any specific device, or the different Methods of Rooting (i.e. through recovery, through script, etc.) I am speaking about what file systems/files are being modified, replace, etc?
From what i understand Android release their OS's rooted, then third parties, (i.e. Samsung, Moto, Tmobile etc) take those releases and make changes. What changes do they make besides the themed, and service ones? the changes that unroot the phone.
If you wish you can lay down the foundation of sudo/su thats cool. However, i am not asking for the history of it.
Side Note:
Pls no trolling.
Posting comments like- "you shouldn't try this..", "Leave it to the experts..", and "You're going to break your device..." are Un-Welcome.
Thanx.
Rooting my touch 4g benefits or drawbacks
I wanted to find out if there are things that work differently like the market or other things if you root a phone. What are some of the benefits to rooting? I want to use my phone as a wifi hotspot for our computer without paying for it. Is that only possible with a rooted phone? Is a phone able to be unrooted if it needs to be? Thank you for your help.
rooted the HTC BEE WILDFIRE CDMA
i have rooted the HTC BEE WILDFIRE CDMA. it is different than the HTC BUZZ WILDFIRE GSM. using the [APP]SuperOneClick v1.5.5 (Root, Unroot, Enable Non-Market App, Get UNLOCK code)
now i cant find a recovery img that will work can any one point me the right way. there is no thread in for this phone.
There's nothing fundamentally changed when you root your phone. Make yourself familiar with Linux security and you're (almost) done. Your phone executes under the control of this model, be it rooted or not. In an unrooted phone, there are nevertheless a lot of processes running with root privileges so of course there's a "root" in an unrooted phone. But it is not available to the normal user, only to system processes.
The only difference is that on a rooted phone there is a way for a non-root process to acquire root privileges, i.e. run as root. That's just about all. Except for some, umhh, minor thing: You cannot install the program required to do so (e.g., su) as long as you're non-root. Only root can install any piece of code which changes the current user into root. Apps run as their own user (to each app, a separate user "account" is assigned, none of those having root privileges) and so can't install such a thing, at least not normally.
Some trick is needed (running an exploit, changing the ROM) to achieve this and this is what makes rooting such a tricky thing.
The fundamental thing to understand what is changed when you root your phone (and that barely anything changes really) is the Linux user/group security concept. It's all open, there's no hidden secret.
mizch said:
There's nothing fundamentally changed when you root your phone. Make yourself familiar with Linux security and you're (almost) done. Your phone executes under the control of this model, be it rooted or not. In an unrooted phone, there are nevertheless a lot of processes running with root privileges so of course there's a "root" in an unrooted phone. But it is not available to the normal user, only to system processes.
The only difference is that on a rooted phone there is a way for a non-root process to acquire root privileges, i.e. run as root. That's just about all. Except for some, umhh, minor thing: You cannot install the program required to do so (e.g., su) as long as you're non-root. Only root can install any piece of code which changes the current user into root. Apps run as their own user (to each app, a separate user "account" is assigned, none of those having root privileges) and so can't install such a thing, at least not normally.
Some trick is needed (running an exploit, changing the ROM) to achieve this and this is what makes rooting such a tricky thing.
The fundamental thing to understand what is changed when you root your phone (and that barely anything changes really) is the Linux user/group security concept. It's all open, there's no hidden secret.
Click to expand...
Click to collapse
thanx for taking the time to write this but i am hoping for something alittle more descriptive.
I've got an HTC Desire and want to root it in order to install some lag-fix to make smoother.
Question is: will rooting affect the updates I get from HTC?
Sent from my HTC Desire using XDA App
Hi.
I'm experimenting to write a personal app to help me get to know more songs. I want to catch the spotify intent that indicates when the track changes and use the data on my app.
I have been investigating how to do it and tried multiple lines of code like this (iF.addAction("com.android.music.metachanged"); ), but no luck yet. Everybody (stackoverflow) says there is no way to get that info. But the fact is that there is one app that is able to catch that info: musiXmatch. It is able to detect when the track on the spotify free radio changes and deliver the corresponding lyric.
So, I tried decompiling both the musicXmatch and spotify apks using apktool but wasn't able to find the way the apps comunicate with one another. I have yet to get deeper on smali but by what I see this far, the answer isn't there.
So, the next thing I was thinking I'd try was to make an AOSP rom with some extra logging habilities so that i can listen to the communication between the apps (namely, the broadcastreceiver).
My question: ¿Is there such an aosp distro? One that has extra sniffing/logging capabilities. Also, Anyone has an extra idea on how to accomplish my goal, or maybe some reason for which it will be impossible for me to do it (like for example the intent from spotify being explicit).
Thank you very much in advance for your time.
I solved it. I got the intent.
In case anyone wonders how I did it, here it is:
Rooted my phone (I have a Nexus 4 which lost root with one OTA update and never bothered to recover it)
Installed CydiaSubstrate. A wonderful piece of software by @saurik that allows you to literally modify any java or native C/C++ class during runtime seamlessly. It also does lots of other stuff I don't really understand.
Had to put SELinux to permissive on KitKat because it is on enforced by default since 4.3, in order for the Substrate to work
Got IntroSpy from git and wrote a Custom Hook for IntentReceiver startActivity() method
Enabled IntroSpy for musicXmatch app and it dumped all the app's intents to logcat
ztrange said:
I solved it. I got the intent.
In case anyone wonders how I did it, here it is:
Rooted my phone (I have a Nexus 4 which lost root with one OTA update and never bothered to recover it)
Installed CydiaSubstrate. A wonderful piece of software by @saurik that allows you to literally modify any java or native C/C++ class during runtime seamlessly. It also does lots of other stuff I don't really understand.
Had to put SELinux to permissive on KitKat because it is on enforced by default since 4.3, in order for the Substrate to work
Got IntroSpy from git and wrote a Custom Hook for IntentReceiver startActivity() method
Enabled IntroSpy for musicXmatch app and it dumped all the app's intents to logcat
Click to expand...
Click to collapse
Thanks, are you going to share said intents?
Nice work, but it would have been great with some more details...
Hi, please we need a follow up.
PenTesters_Paradise
Code:
[b][center]DISCLAMER[/center][/b]
I can not be held responsible for how you use this package.
I am also not to be held responsible if flashing this package
damages your device in anyway. This package is for
educational use only and should not be taken lightly. This is
the exact package that I use for my 2nd job, and is not meant
to just be played with willy nilly. Ask permission before doing
anything in public OR private.
PenTesters_ParadiseThis package was originally supposed to be a custom ROM, but I wanted to give everyone an equal opportunity to enjoy this package, so I converted it to something everyone can use! This package isn't for the faint of heart. This is for those of you curious about Pen Testing and for those who basically want to feel like they're bringing Watch_Dogs to the real world. Below I will explain the package, and what each item can actually do. I will also have YouTube videos (when I get the time to record them) explaining each app and package. I also have some custom content coming, some that will be shown off and not released as well. Please enjoy and remember to play it safe and always ask permission first before using any of these packages or tweaks.
What's A Pen Tester?If you're asking yourself this question, this package MIGHT NOT be for you. A Pen Tester is either a White Hat or Grey Hat hacker that gets hired by individuals or companies to basically purposely hack their products, networks, or any other sorts of electronically based applications. Pen Testers are becoming a big deal especially in the Gaming world. Dev companies are starting to get smart and are realizing that they honestly can't BEAT the hackers with out TRUE HACKERS of their own. This is slowly becoming a big money life style and more and more people want into it. This is basically your "License to Kill" when it comes to a product/project/ect. when the company or individual gives you the green light to crack in and have at it.
Package Includes
Screen Shots will be added to the 3rd post of this thread, tutorials for each app and the change log to the 2nd
AnDOSid
This app is an Android-based DOS attacker. Basically, this app allows you to simulate a DOS attack (Denial of Service) as a HTTP POST flood attack on either another person or a web server.
NetSpoofer
Network Spoofer lets you change websites on other people’s computers from an Android phone. Simply log onto a Wifi network, choose a spoof to use and press start. This can be a lot of fun, but always ask first.
AndroidVNC
please see this thread for all the info about this
http://forum.xda-developers.com/showthread.php?t=497187
aWPScan
This app lets you scan wordpress based sites for exploitable entrances to the sites admin panel. Fairly simple to use and can sometimes come in handy when working for a client and building them a WP based site.
DroidSheep and FaceNiff
These apps were popular for a very short time but are very powerful. They both kind of have the same functions as they work as a MITM (Man In The Middle) attacker service. Basically, login to any WiFi hot spot, and you will start capturing web traffic. You can manipulate the web traffic to do as you want from here.
DroidSheep Guard
This app guards you from anyone else using Droid Sheep. I'm not entirely sure if it will guard against FaceNiff as well.
DriveDroid
This app turns your device basically into a disc image mounting device. Basically, you can take an ISO or IMG file, mount it with this app, and install full operating systems to another PC. Read below on how to work it with the Galaxy S5 Specifically, as there's 1 special step you need to know
1.) Run the app and go through the setup.
2.) When you get to the selection about selecting a driver, select the 3rd item, which should be a "Legacy USB Driver"
3.) When you get to the point abut TESTING it and restarting your PC, this is where the trick lies.
3a.) As your PC boots up, boot directly to your BIOS (for HP and ASUS its either Escape or F2. not sure about others off the top of my head)
4.) From here, make sure your phone as connected successfully in MTP mode.
4a.) Go into Drive Droid (After MTP has been set), and select the IMG or ISO you wish to emulate from your device.
4b.) In the BIOS, Save Settings and restart (I know you didn't change anything, hear me out)
5.) From here, you need to test...
5a.) You'll either (after the bios loading screen) boot directly to the ISO or IMG, or into your standard OS.
6.) If you boot directly to your standard OS, reattempt from step 3 onwards, but at step 5, go to 6a
6a.) When the PC restarts, bring up your Boot Menu of options (F12 I believe on ASUS and HP)
6b.) From here, select the Samsung device listed, and it should boot!
dSploit
dSploit is a package of all sorts of tools ranging from MITM attacks to DOS attacks, and other testing abilities. Plenty of videos around on how to use this app.
HackAppData
This is for any app on your device. This app lets you modify the AppData of any application installed on your device.
Hackers Keyboard
Just a highly customizable keyboard.
Network Mapper
This app simply maps out the WiFi Network you are currently connected to, showing you every device connected.
Shark
Basically WireShark for Android. Lets you see incoming and outgoing data packets from your device and other things on the network.
Penetrate Pro
No this isn't a dirty joke (couldn't resist), This app works with decoding WiFi connections to allow you to connect to locked and private connections.
SQLMap
SQLMap is one of the most highly used tools around for SQL Injection attacks as its basically the best automated tool for it. There's tons of tutorials out there about it and soon I'll post one of my own.
LockScreen Widgets Tweak
Created by BigBot96, this tweak lets you apply Widgets to your lock screen. PLEASE Make sure you download the correct file. Currently, only the NE9 builds are supported with this tweak, but I'll have an option available for you to not have to worry about this.
Coming Soon...
Future Additions will be coming around soon for this, so keep checking the thread!
Kali Linux NetHunter Features.
So far, only supported by the Nexus devices, I'm attempting to port over the apps and data for this to the S5 as the first non-Nexus device to have support for Kali Linux control. Below will be the list of what will be included.
KaliLauncher
This is the heart of the NetHunter features. This controls everything, and launches all the different exploits available through Kali Linux. To learn more, keep reading
BadUSB
BadUSB is a form of undetectable Malware that is applied to specific USB devices that match the exploit. Basically, this hijacks your USB plug while your device is connected to a computer (windows based), and lets you install a faulty driver to it that houses your malware files. You could use this to transfer things like BotNets, Trojans, and many other forms of malware to a users system and they'd never even know.
DNSSpoofer
Basically, this tool just spoofs the DNS connection you're using or the other person/s are using and lets you reroute people. DNS Attacks are few and far between, but they're slowly getting easier.
PowerSploit
I'll admit, I haven't read up on this yet, but when I have, I'll edit this lol.
NoUpStream
This stops any up stream data entirely.
Other Future Additions
Basically, I'd like to convert this to something like a "Mini-ROM" that gives you a Launcher, themed Gapps, themed system apps, and much more, but for now, this is the temp solution. Next Update should have at least a custom boot animation.
How-To Install1.) Transfer the Zip file that matches your device to your SD card or Internal Storage
2.) Boot up into recovery mode and Flash the ZIP
3.) Done!
Special thanks to the creators of all these apps, scripts and tweaks that are being applied to this package. The ZIP packages below simply just need to be flashed to your Android device via SafeStrap (only method I can test). If someone could test a standard TWRP on a Dev Edition or another unlocked device, that'd be awesome.
Download Links Below
UPLOADING NEW ONES AFTER THE NEXT FLASH Test.
Thought it was ready, and realized it wasn't.
All apps are force closing -_- I'll fix it when I wake up. I've been at it for 12 hours now
Planning on updating this/adding a download?
Nice waiting anxiously for this
Waiting like wagging dog.... I went to source and got working nice..like to wait for add ons.
http://forum.xda-developers.com/showthread.php?p=3518324
Subscribed.
Sent from my SM-G900V using Tapatalk
lol he posted this weeks ago.. he respondin in his rom thread also saying he was working on a new rom which isnt out yet and said a week or two ago that his tmo budfy got 5.0 lollipop which was false lol so not sure if and when this will actually be uploaded.. its been here for weeks with no zip or apks at all in the themes n apps section..
most of these apks are stuff you can manually install if you dont want to wait :-/
Reinventing the wheel
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
dmayniak said:
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
Click to expand...
Click to collapse
lol the last comment was me about 2 years ago
elliwigy said:
lol the last comment was me about 2 years ago
Click to expand...
Click to collapse
i know right? lol i gave up on this because at the time i sucked at making flashable zip's
Vortell said:
It would be cool if you started it back up!
Click to expand...
Click to collapse
The reason I haven't is because Kali Linux has an official release for this phone as long as your bootloader is unlocked and you're on CM
Thank you in advance. First of all I am still a beginner in knowledge here. My Alcatel fierce 4 TCL 5056N seems to have been hacked and is now being remotely accessed and controlled by an unauthorized 3rd party. I may be way off base but I think my phone may have been exposed to a R.A.T.. Temporarily rooted long enough for someone to modify the kernel and other system coding, which I cannot access myself with an unrooted phone, installing some sort of sub-OS with limited user setting options and a completely different named storage platform,( I.e. emulated, bdef55, self), and not even factory resetting my device helps because it reboots into the sub-OS they installed. They are screen overlaying buttons, and toggles are being reversed in real time before my eyes, settings and options are disappearing from one minute to the next and I've somehow found myself poking around in some windows software on a PC that is used to develop Android software, maybe sdk, not sure but was Linux coding and looked like it was meant for me. I was on the other end of this hack for a few minutes tho but my lack of knowledge made this useless to me. I have downloaded many an app trying to combat this issue but to no avail. Although unsuccessful I have seen a few thing I don't understand but could possibly be helpful for you to identify exactly what my issue is. One thing is an app I downloaded said that a trust cert has enabled a malicious trust agent and my system is being remotely accessed by a third party. The rest is beyond my understanding but I'm going to list a few tidbits you may recognize. LIB, Kinguser, kingroot, persist, unremovable/???/xxx, code Aurora, bootstrap something, libnfc, system/framework/Apache/xml, bin, user value=0 or 1/2, managed provisioning, also a .base ext. on a bunch of sytem apps below the same app without and a few of others. I don't know if that's helpful but it's all I can remember. Symptoms are apps closing on their own, microphone and camera being remotely enabled, unable to update Google play services or store and being forced to use an obviously older and modified version with possible replica apps with restrictions, unexpected reboots, in settings/apps/permissions apps like gallery, when you click battery and then the little i button for info, it says it's a system app and all of the sudden the disable and force close buttons become un-highlighted and unusable and so on and so forth. Lastly, my home wifi is infected I think as well because my roommate is having the same issues. I've tried(unsuccessfully) to root my phone so I could manually remove some of these apps and extra coding and such but it seems impossible because of a locked bootloader. Tried about 10 different ways without success so I've just about given up and smashed the damn thing but then you geniuses popped into my head so I beg of you, please help me or if nothing else, tell me to proceed with the smashing...lol! Thank you very much for your time. P. s. I'm new to XDA dev website so maybe drop me a line at [email protected] with directions back to this thread. Had a bit if trouble navigating here. Thanks again and have a great day! -Spencer
Exodus, a popular, albeit closed-source, crypto wallet app recently stopped working on my device. After a few days of back-and-forth troubleshooting via support, they somehow realized that my device is both rooted and running a custom, open source, community-supported ROM. They told me this was no longer allowed because it is far less secure than running the proprietary ROM. I countered with both personal testimony (back when I had a Blu phone, and a year later they got kicked off Amazon due to spyware streaming customer data out without consent) and common fact that OEM ROMs are almost always packed full of bloatware and spyware. I countered that installing a reputable open source ROM with only those apps I want and need is better. I argued that root gives me the ability to use AFWall to block outbound access to apps that I don't want having having access to the Internet without my permission. I could have argue that continuing to use a 1-2 year old phone that no longer receives security updates when I could use an open source ROM that does is better. I also provided a few public articles showing how frequently apps from the Play Store and other "OEM" stores are caught abusing their users' trust and performing malicious action. My point was that it's not correct to just automatically assume that having root and using a non-OEM ROM is less secure. That's a falsehood. But that said, I am interested to know what the XDA community thinks about that. And if the XDA community has any facts about custom, open source, community-supported ROMs being more secure than OEM ROMs, I am interested to further arm myself. And of course, I am completely willing to be instructed by the XDA community that indeed Exodus is right and using a custom ROM and having a rooted phone is completely, inherently, automatically more insecure than using an OEM ROM full of bloatware and spyware, not having root so that any rag-tag app can stream data back to home base, and falling behind with security patches because the vendor is either too slow to release or decides my device is no longer worth supporting.
You can't blame them for not troubleshooting unknown firmware. You changed the playing field.
Less mainstream use and support* is one of the disadvantages of custom roms and rooting.
I run stock and use other methods to kill bloatware. Zero brick risk, little down time and they run well.
I'm not saying don't root etc... but you knew the job was dangerous when you took it.
*this can have potentially far reaching and multifaceted implication$
@blackhawk I'm pretty sure it wasn't broken on my phone. One day I opened the app and it said I needed to update to continue using it. So I thought maybe the app just had failed to automatically update from the Play Store. But shortly thereafter I found it wouldn't update. That led to opening support ticket with them which eventually led to them saying it no longer works on rooted devices. Their argument was that they were attempting to protect me. My rebuttal was that I don't want their protection, I want my freedom back. They should focus on making their app as secure as possible and then, if they discover I am running it on a rooted phone, then give me a warning box and force me to accept it but don't just take away my freedom.
The irony of their stance is that they still provide the Linux program. And who doesn't have root access on their Linux computer? Or their Mac or Windows computer, for that matter? I can completely understand if they don't wish to troubleshoot the installation of the Debian package or even the use of the zip on every Linux version out there. I wouldn't either! But that's completely different than saying, "Oh, you have root access to your Linux/Mac/Windows computer? We can't let you use our program anymore." That makes zero sense, and it's the same nonsensical argument they are making for rooted Android phones.
I run stock N10+'s because they're easier to troubleshoot, maintain and it doesn't trip the Knox efuse. I have to add a package disabler and do some optimizing but it's child's play for me to do it at this point.
Unfortunately if you root you're going to have to suck it up and do the work needed to optimize it.
Same thing I do with stock but with more tools at your disposal... after the learning curve.
It's this learning curve, the chance of bricking and the damage that can be inadvertently done to the OS with no access restrictions are some of the downsides. Rooting takes time to learn and perfect. With unlimited power, blah, blah, blah.
I rather just do basic infrequent troubleshooting and have fun... my current load is over 1.5 yo, still fast and stable.
I don't update the firmware because that breaks things. No updates needed once you optimize it and find any needed work arounds... it's good to go. Anything from Pie up is pretty secure; they have some vulnerabilities but in practice this isn't an issue... unless you do something stupid.