[DEV][LIBRARY][2015-06-12] RootFW4 - An Android Root Shell Framework - Android Software/Hacking General [Developers Only]

RootFW4 - An Android Root Shell Framework
RootFW is a tool that helps Android Applications act as root. The only way for an application to perform tasks as root, is by executing shell commands as Android has no native way of doing this. However, due to different types of shell support on different devices/ROM's (Shell type, busybox/toolbox versions etc.), this is not an easy task. RootFW comes with a lot of pre-built methods to handle the most common tasks. Each method tries to support as many different environments as possible by implementing different approaches for each environment. This makes the work of app developers a lot easier.
RootFW is the largest of it's kind. It does not only provide a feature of connecting to a root shell and executing a few shell commands. It also provides a very large range of additional features and extra shell tools that are all build to make RootFW the most cross-device compatible library for Android, and very fast and easy to use in your app.
Besides the ability to connect and communicate with a shell, it provides tools for working with files, properties (Both registered and prop files), file systems, binaries, busybox, memory (RAM, SWAP, ZRAM etc), processes and so on.
Links
Source
Usage and Overview
Full Documentation

Reserved...

Thanks @dk_zero-cool. This looks interesting. I'm currently using Chainfire's SU library. I'll give it a try !
Edit: Just out of curiosity, Why LGPL ?

ukanth said:
Edit: Just out of curiosity, Why LGPL ?
Click to expand...
Click to collapse
GPL has got to much limitation on how and where. I use GPL most of the times, but for something like this, I think LGPL fits much better.

Related

C Code in G1? JF? Anyone?

I'm just wondering is anyone trying this yet? i mean is it even possible?
Just a thought for you big shot android devs out there JF, Haykuro, LucidREM
Google "android jni"
Well, a quick trip around google would have helped you.
Android is using java, and currently it's not possible to use anything else.
But anyway, would you rather compile all of your code for multiple architectures? J makes things easier here...
You can write cli-apps in C though... i heard something about that there was plans to make other languages available in android, but i wouldn't hold my breath
Also, why is this related to JF/Haykuro/LucidREM?
I think you can do this with JNI: http://en.wikipedia.org/wiki/Java_Native_Interface
Using an ARM native compiler (such as the ones at CodeSourcery, http://www.codesourcery.com/sgpp/lite/arm/portal/[email protected]=lite) you can compile your apps and run them fine on the G1
Code:
$ arm-none-linux-gnueabi-gcc -static foo.c -o foo
$ adb push foo /data/foo # we are pushing to /data as it is +rwx (read, write, execute) for a standard user.
$ adb shell /data/foo
a=1
b=2
foo=a+b
foo=3
^^^
OH I love when I stumble across a post like this and have something new to play with.
The problem is due to the different location of the linker and mainly the different libc you have to statically link everything.
I have been having a hell of a time getting DPKG to build statically.
I picked up a copy of the newly released book, Unlocking Android, at Barnes and Noble yesterday. There is a whole chapter devoted to writing native apps using C (and ARM assembler) with the CodeSourcery tools linked above. The author walks through the steps you need to do to dynamically link the libraries so you don't end up with enormous statically linked executables. Well worth the price.
It is surprising what you can do with C on the phone, its actually not too difficult. The method outlined below doesn't use the non native toolchains and if you use the sourcery toolchain (as mentioned above) you will end up with bigger binaries as you need to link in a standard glibc and not androids bionic libc. This may or may not be important for your project.
The other advantage of the steps below is that you will build and link against any library that is available to the android platform
The easiest way that I've found to start when porting or writing new applications is this method.
1) Check out the current git android source.
2) Build the entire tree, "make" in the top level directory.
3) Create a new directory in mydroid/external/packagename/
4) Copy one of the simple android Android.mk (Make) files from a "like" target.
(If doing a library, choose a library, if coding an executable , choose that).
5) source the mydroid/build/envsetup.sh in the users bashrc
6) cd to your directory, then instead of the usual "make" do an mm.
This should create a binary, which you can adb push to the phone and run at the console.
You can do all the usual things if linked properly, like write the framebuffer using sdl, play sounds, create network connections.
Just remember that you dont have a standard libc (glibc) to play around with you have "bionic". If you are missing your favourite glibc function , it is probably intention and not abug. You'll either need to port it or make do with the functions provided by bionic.
These instructions are for a "pure" C program. you can mix the java like dex calling by 'shelling' out to the C application when you need performance, however premature optimization is the root of all evil, you'll be surprised what performance you can pull from davlik (And I expect the VM guys to improve this even further).
I know that is a lot to digest. Will do the best I can to answer your questions. I'm by no means an expert in the area, but have learned a bit about C on android.
Well I don't know much about all this but what i know is that e.g.
ScummVM IS written in C++ , and so is g-arcade.
His FAQ says:
"How did you do this? Is it Java?
No. ScummVM is a C++ program. For this port, I turned it into a really big JNI library so Android still thinks it's running a Java program, but almost all of it is implemented in C++."
(http://sites.google.com/site/scummvmandroid/faq#TOC-How-did-you-do-this-Is-it-Java-)
So if some1 wanna port MAME, feel free to xD

[Q] Robust Linux command-line utils for Android?

Has anyone compiled a set of command line utilities for Android more robust than BusyBox? Coming from an iPhone, I love Android and its hackability, but I'm surprised that I haven't seen more about command line tools like the BSD Subsystem packages that provide common utils on the iPhone.
It would be incredibly convenient for me (and others, I would think) to have a more complete set of commands available. I know that some have compiled bash for Android, though I haven't seen an installable version of that either.
Any insights?
Android command line utilities archive
I maintain an archive of useful command line utilities at vkfox"dot"com"slash"android and a blog at androidcommandline"dot"apps-1and1"dot"com that describes installation and use for the NON-ROOT terminal emulator user. Included are a properly compiled busybox, popular command line interpreter/compilers (tcl, nodejs, d8, pforth, squirrelfish javascript, php-cli, python, perl, java, pforth, etc.), utilities (grep, strace, gdb, ctags, links, etc.) and other things in which I have an interest. I also describe in the blog how to use dalvikvm without root to compile and execute java and provide dexed versions of the eclipse java compiler and other java utilities for this purpose.
Other places where you can get properly (NDK) compiled tools are the applications CCTools, Terminal IDE, and other terminal based developer apps.
Use at your own risk, and don't point the gun at your own feet.

[Q] What existing FOSS applications would you like to see available on Android?

As I sit here at 2:56am, pondering the wonders of the universe, I had a thought:
"Of all the existing applications that run on Linux, which ones do you really wish you had on your phone?"
The main ones I want to see are mostly development related and items that will let me diagnose issues on my device. The idea of utilising the plethora of existing quick hacks and useful interpreted applications (i.e. Python/Perl based) which people have put out over the years really appeals to me.
My list follows
Python 2.6+ and supporting utilities.
UI libraries such as QT and GTK.
Perl 5.10+ with full CPAN access.
Networking libraries (i.e. pcap related).
System profiling utilities (i.e. strace, lsof, valgrind).
Common daemons (i.e. cups)
Choice of package management utilities.
What other open source applications would you find useful?
Lain Hiro.P Moto said:
UI libraries such as QT and GTK.
Click to expand...
Click to collapse
http://code.google.com/p/android-lighthouse/
Lain Hiro.P Moto said:
Python 2.6+ and supporting utilities.
Perl 5.10+ with full CPAN access.
Click to expand...
Click to collapse
http://code.google.com/p/android-scripting/
They aren't perfect, but quite good and will be probably better in the future.

busybox ?

What's this Busybox in Android?
What is it used?
http://www.busybox.net/about.html
http://www.busybox.net/FAQ.html
Note that the linked site is not really describing Busybox for Android but rather Busybox in general, but you should get the point from reading the material.
The Swiss Army Knife of Embedded Linux
BusyBox combines tiny versions of many common UNIX utilities into a single small executable. It provides replacements for most of the utilities you usually find in GNU fileutils, shellutils, etc. The utilities in BusyBox generally have fewer options than their full-featured GNU cousins; however, the options that are included provide the expected functionality and behave very much like their GNU counterparts. BusyBox provides a fairly complete environment for any small or embedded system.
Click to expand...
Click to collapse
I love this swiss army knife.

AutoSploit

This could be very good. I didn't read too much though.
AutoSploit is slightly more sophisticated but only because it leverages two popular, well-supported security tools. "As the name might suggest," its author wrote on the tool's GitHub page, "AutoSploit attempts to automate the exploitation of remote hosts." To do that, the Python script uses command line interfaces and text files to extract data from the Shodan database, which is a search engine that taps into scan data on millions of Internet-connected systems. AutoSploit then runs shell commands to execute the Metasploit penetration testing framework.
The link didn't work.
This one did:
https://arstechnica.com/information...ool-sparks-fears-of-empowered-script-kiddies/
Not useful for tablet exploitation.
Sent from my iPhone using Tapatalk

Categories

Resources