Sorry if this is a common question, but I failed to find anything. Feel free to close this thread if I am asking something that has been asked multiple times.
I want to learn what to look for when trying to find root exploits. I just don't know where to begin. I thought a reasonable process would be to look at all of the old root exploits and see where they looked and get a rough idea of what to look for from those. The problem is all the root exploits come in a one click .exe or an .apk so it is impossible to learn from what they do. Does anyone have suggestions? And just for the record, I am not some young kid who has no experience or knowledge of linux, oo programming, scripting languages, assembly language, etc. I will be finishing up my final year of college and will be in need of a hobby when I graduate
I'd actually like to know about this too, or at least what could I do to help the expert developers obtain root on new devices. (I have a Droid 3) It'd be a learning experience - if only we knew where to start looking to learn how.
andmaf said:
Sorry if this is a common question, but I failed to find anything. Feel free to close this thread if I am asking something that has been asked multiple times.
I want to learn what to look for when trying to find root exploits. I just don't know where to begin. I thought a reasonable process would be to look at all of the old root exploits and see where they looked and get a rough idea of what to look for from those. The problem is all the root exploits come in a one click .exe or an .apk so it is impossible to learn from what they do. Does anyone have suggestions? And just for the record, I am not some young kid who has no experience or knowledge of linux, oo programming, scripting languages, assembly language, etc. I will be finishing up my final year of college and will be in need of a hobby when I graduate
Click to expand...
Click to collapse
A root exploit is usually found in a program that is pre-installed on the phone, and has write access to the usually read-only parts of the phone's memory. People mess around with these programs until they find a loophole that allows them to use the programs write access to write whatever they want to the phone.
One of the Evo 4G's root methods involved opening Flash Lite's settings page and running a script within it that gave you root access. (Source)
Those are the easier roots though. Found by pure luck, when someone says "Hey, what happens if I try and do X while the phone is doing Y?"
Some of them are more complicated. For example, the current Evo 3D root (My phone) was found by a team of professional developers who intentionally crashed the phones kernal, and found a bug in the kernal itself that allowed files to be pushed through it.
Brush up on how exploits are found and exploited in the desktop world - it's the same stuff for mobile. Usually called "privilege escalation".
Be warned, though, it is extremely tedious and difficult. It can be pretty dull.
It takes a lot of time, just like finding an exploit on a linux program. But it's too harder, since the great part of the OS is written in java
Thanks for the replies. I thought that it might be similar to privilege escalation on a linux box. I did not know that some of the exploits were found through programs that were already installed on the phone...that is very interesting.
Related
Dumbest question yet:
I have no coding or developement background, but have recently become fascinated by the android os and what you, the developers, are able to do with it. I am toying with the idea of obtaining root and running jf's mod, but feel as if I am disrepecting all of the work that all have contributed by simply following a list of instructions, and not truly understanding what each step and its outcome means.
What steps can I take to fully understand your (the community) work and to someday contribute something of my own.
Classes, recomended reading, recomended os to switch to (currently mac 10.4), coding languages in what order?
Please help turn an advanced casual user into a baby, even fetus, even embryo, of a developer.
there's an android 'boot camp' in Georgia next month if you have 3500 to throw down. i too have jumped on the wannabeadeveloper wagon. i'm sure there will be books coming out in the near future on beginning android development. i kind of just jumped right into it all, downloaded the sdk, got root, and tried to become more familiar on how it works. get the engineers bootloader if you are going to be working on your phone. and I dont know if its the best os to switch to but i just killed xp and installed ubuntu 8.10 on my comp so i can become more familiar with codes and commands. i'm sure real devs could probably help you out more, but check out some guides, read some tutorials.
fattywarbucks said:
but feel as if I am disrepecting all of the work that all have contributed by simply following a list of instructions, and not truly understanding what each step and its outcome means.
Click to expand...
Click to collapse
Just having read the directions is probably respect enough. If you want to actually understand the computer science behind the hacks, you should check out some books on Linux fundamentals and shell scripting from your local library.
If you want to develop applications for Android, then you could either get some books on teaching yourself Java or sign up for an Intro to Java course at your local community college.
p.s.: it was a very good question and not at all dumb.
Yes I am asking you!
Your personal experience on how you learned coding!
Feel free to vent, my eyes are wide open
my reason? Why I have a book on coding (for Andriod) and the coding package (Eclipse, Andriod SDK, and SO ON)
but is this enough?
How did you start? What was your motivation?
is it fun!?
Please if anyone replies to it, i'd be very happy
Many moons ago, there was a magazine called BBC Micro User, and in it there were pages and pages of code for games written in BASIC.
Normally the code was wrong in places, which meant you had to debug and therefore learn how it worked rather than just copying it verbatum.
This is of course related to our phones as the BBC B was an ancestor to them (now there's a thought!)
Problems? No problems! You need a small program to make your life easier? Go and read in all forums! Ask questions! Start programing by leaning by doing.
Mizulunaris said:
Yes I am asking you!
Your personal experience on how you learned coding!
Feel free to vent, my eyes are wide open
my reason? Why I have a book on coding (for Andriod) and the coding package (Eclipse, Andriod SDK, and SO ON)
but is this enough?
How did you start? What was your motivation?
is it fun!?
Please if anyone replies to it, i'd be very happy
Click to expand...
Click to collapse
Why did you buy a book to find out about technology?!? That book will be outdated tomorrow...I suggest looking up info on the internet and there's this cool thing that's called google that lets you ask any question you want...check it out.
Hope this helped Mizu Luna!
Thank you all for relpying !
think the book is already out dated XD
It was made when android 2.2 just came out....I figured any info toget me startd would be nice.....
I still haven't gotten into the gist of the forum though.....I still don't know many of the terms and aren't familiar to a lot of things talked about...or where things are placed.....and no formal training to help me.....
I guess I'll read on a bit until I can properly place my feet
I couldn't even tell you how I started, I was like 8 years old and just playing around for the hell of it. Been switching around and trying languages ever since. As for motivation, the only reason I ever write a program is because I need something done... I'll feel like I wish my PC/phone/website did something differently - so I make it do that
Really, the best thing to do is just dive right into it. If you want to start with Android, find a good tutorial that at least has you get an IDE and build environment set up... Then from there just start experimenting with some example code, or apps others have written as you go through more tutorials.
If you want to properly learn how to code though, most would suggest starting with something on a PC rather than diving right into Android dev. Starting with an easy-to-use scripting language or interpreter (like Python) is a good way to start playing around - and then you can move on to other languages such as Java with a solid understanding of how programming languages work.
It's all personal preference though, just find a solid tutorial and stick with it. Try to experiment as you go along, try things with the code, and actually understand what it's telling you.
I started with webpage design and slowly moved into other venues. I became interested in making apps for ideas that I had and started to search google on how to code specific tasks that I wanted in my apps and then mixing it all together and making small changes in the code and watching to see what it did.
NEWBIE...Im fairly new into the developing world, but I have a solid background in anything computer orrientated. I started with a droid x, rooted it, and have never looked back. I'm taking java classes and learning as much as I can about programming. Any helpfull advice for someone starting a career/lifelong hobby in this feild? Reading a lot of books and blogs, but any other resources would be greatly appreciated.
Thx to all the professional devs out there who make it a fun digital world to cusomize!!!!
http://goo.gl/xB9rK
Lets start by using the search function.
This question gets asked and answered several times per week...
Personally i would skip the books.
I started by an idea in my mind what i wanted my app to do and taught myself through tutorials, stackoverflow, irc and lots of google...
Start something small, maybe an app that plays a single mp3 file.
Now you think, how can i choose different ones -> make a file explorer.
And so on... kinda like reading wikipedia, you start with some topic but end up in another topic far away ;-).
Thats if you want to program apps... there are lots of types of devs.... apps, roms, themes, kernel...
Now don't say you want to learn everything .
Thanks & more
Thanks for being the first to reply! And also for the info. I've done a little programming, vb and java, but am more interested in the rom/kernal side of things. Seen the vid before! Awesome!
I tried searching the site for what I'm looking for but unsuccesfull, figured the best way to get forward in this site, and get specific info, was to post a thread in one of the only places I could. Reread the rules and newbie posts, and figured out the reasons but they dont bother meat all.
Guess I'm looking more of an answer to this question, from everyone who replies:
How did u get to where u are now? (be it app dev, device help, other software dev)
Again thx for the help! P.S. what software do u use to program? And which os is preferred, linux, windows, mac?
I'm learning linux as fast as I can and wouldn't mind help there either if its out there.
Sent from my Xoom. Via whatever the heck I want!
I started with knowledge in C++,C,SystemC and some script languages from university + plus some knowledge about programming in general.
We had to use java in the university but i never properly learned it (just couldnt be bothered). I knew the ideas behind it and some concepts.
I actually only started learning java after i had written the exams (one which was about java but thank god didn't require actual working code in the exam ).
This was winter 2010.
So after i no longer had to learn it, i wanted to learn it and started out pretty basic.
Used google alot tried the basic tutorials, i.e. button doing something and so on.
After that got boring i was looking for an app with an actual purpose.
I made a voice recording app, did some bounty requests, wrote a control app for a modification from another xda member and some other stuff, cba to list it all now .
I use the android sdk + eclipse. Currently on windows 7, but that doesn't really matter. I've got a laptop with linux and a virtual machine with it too. It just that i also play video games for which windows is somewhat required and so i'm programming on it too. But it doesn't really matter. Eclipse and android sdk don't really differ on the OSs.
For compiling kernels, you might need linux, but maybe its possible under windows too... (cygwin)... don't really know ;-)
The thing is, you don't need to read 5 books, have 2 degrees in X to start.
Let's take custom ROMs.
No one actually builds those things from scratch.
90% of them are just other ROMs(custom or stock) that have been modified to some extend.
Download a ROM, unpack it, swap some files, change some scripts/configs, maybe recolor some things, add some extra apps, maybe a different kernel.
Repack it and XING you made a custom ROM.. now just flash it and see if it works, if it doesn't... well try again
Trial&Error...
You will get more knowledge about what you can change and what can be done with the time.
There is a custom ROM tutorial thread somewhere on xda, just search for it.
I'm going to write a little bit on my next app now
A couple of weeks ago I bought myself my first android device (a cheap LG GT540), and since then I've been playing a lot with it.
Noticed that android hackers community is quite big and there are lots of tools which can do kind of anything, but sadly I'm kind of disappointed because I'm having some issues in understanding HOW things work: in order to root my device, install custom ROMs, resize partitions and so on, I had to use a few tools that I have no idea of what they're doing.
To me it looks like that in this forums it's much easier to find a GUI that does everything you need, rather than understanding what needs to be done and how to do it. IMHO this is bad for a community of hackers.
In particular I'd like to understand how the following tools work (both for personal knowledge, and because some of these only work on windows, and I'd like to port it on Linux), and if available, I'd love to put my hands on their source code:
SwiftBootloaderBuilder: it's a tool used to resize flash partitions. I'm prone to think that it might just be a frontend for fastboot, but hum, the fastboot binary I own seems to be missing the capability of handling partitions...
KDZ: it's a tool to upgrade the firmware which I had to use in order to install on my device a custom ROM with fastboot enabled. How the heck does it work? This tool forced me to find and use a windows system to hack my GT540...
Android Developers is a great place to get started understanding how Android works. There you will find much of what you need to know to get a BASIC understanding of Android. If you follow the guides and advice you can create a basic apk that does little except teach you. CyanogenMod wiki is also a great place to learn. One thing about Android is that is is very much like Linux built for specific hardware. Many, and I do mean many, of the same principles apply to both systems. Digital signatures, ownership privileges, file permissions, compiling from source, git, gerrit, google code etc, are all things that a developer runs into everyday working with open source software of any kind. Go to every place I mentioned, sign up, and start asking more questions. Learn C++ and JAVA. Join freenode irc and find some friends who will answer questions while you learn. XDA is the least resource for the development community. XDA is the expression of ALL the other resources. I am new to this also, and have done what I suggest, except the programming languages, which I am working on. Use root explorer to look at your device file system. Ask the developers of the tools you mentioned to help you understand them. A LOT goes on behind the scenes, but it takes a little direction and determination. Cheers!
First, I know there are some other topics out there asking the same exact thing, but I think my situation is kinda different.
So, want to learn how to develop for Android. Building custom ROMs, Android apps, tweaks, etc. But my actual knowledge is only user lever. I only know what a android user should know (flash ROMs, root, etc). Zero dev knowledge. Nothing.
I want to know with what should I start to learn to do Android dev. Nothing like: 1 hour and you're the best dev out there. I know it takes time. But I want to focus on Android.
So, what do you have to say?
In very general terms it would be to pick one of your favorite roms for your phone, pull it apart and then put it back together until you understand what is going on.
In more "specific" (though this is frankly scratching the surface) terms, you would first spend hours finding out how to back up your phone including the AAA key, the meid and so forth as well as other software compatible with your phone to restore it. As frankly since you're likely using your phone to test, you'll have more than one occasion it will be soft bricked.
Thereafter you would learn more in regards to development tools, in specific over at developer.android.com. Read the dev guide and so on.
Third, decide how you want to implement a unix/linux test environment, unless you're already on linux.
And forth you'd look at your favorite rom developer's build from their development site (the name of the domain escapes me) pull it apart and try to analyze the details.
Last but not least you'd FOLLOW new developments with android and the phone as well as learn to adjust to any new firmware that comes out from the manufacturer.
I'm in the process of learning how to develop myself but I've already discovered a lot more with the phone's underlying structure. That said, a lot of the answers are found in bits and pieces on this forum. But when you start to learn and ask specific questions like "what partition is the system mounted on for a Samsung Galaxy Ace" you'll begin to understand the file structure and then underlying software involved.
This was very helpful. I'm glad to see there are helpful people here that aren't going to talk down to a "new user" and I was also wondering how I could view files on windows 7. For example the structure of apk files or any of the others that say no program found to open this file
For example I want to begin by changing the boot screen from the solar flare looking Android boot screen to scrolling tiles or something of the sort then back can some explain that and I'm sure I can gain quite an understanding on the process that way
Sent from my SGH-I777 using xda premium
If you want to do programming you should start with the Android SDK: http://developer.android.com/sdk/index.html
An apk file is actually a zip file.
If you want to get an idea of all the stuff that is in there, just rename it to .zip and open with your favorite utility.
The contents of this archive file are also in binary form and compressed.
To get down to the lowest level you need to use something like apktool: http://code.google.com/p/android-apktool/
Much obliged I'll do that. Any Intel on boot.img
Sent from my SGH-I777 using xda premium