Isolated APK with Andr.Exploit.CVE_2014_7911 on S9+ - Security Discussion

Hello,
Thanks for letting me join your forum.
I've isolated an APK from my system files that contains the Andr.Exploit.CVE_2014_7911
This has been confirmed on hybrid-analysis and I have decompiled it at javadecompilers.com. The problem is I can see an horrific amount of permission requests, but I want to try and see where they are being sent or accessed. Is this something anyone could advise on or assist with? Might be quite simple for someone who knows their way around java?
Thanks in advanve

Related

Strongly need your advice

Hello everybody,
I am new to Android and web development in general. Recently Igot into a situation that is hard to figure out. I hope your professional advice can help me to solve the problem. A couple of months ago I realized that software dvelopment is a great way to earn money online. Making applications seemed to me the best way to have passive income streams bringing me cash from ads right into the pocket. I tried to code but it turned out to be so completely foreign to my mind and my nature, that I simply could not proceed.
Then, I decided to look for a company that actually develops software and knows how to do it. I found one company that looked legit and so we started working together. They created an app, implemented the ads and I uploaded it on the Android Market. It got really popular and I was so glad!
However, in a couple of months I noticed there was a new app that was EXACTLY like mine and it literally was stealling potential users that would choose MY app. I tried to contact the person but he said he had created the application before me. WTF! I saw he uploaded it AFTER I did.
What should I do? I see his app is increasing in downloads while mine is decreasing.
Report!! Perhaps???
Sent from my WT19i using xda premium
If I Have Helped You Can You Press
.
.
THANKS BUTTON
.
.
To support Me.
Welcome to the world of application development. Unless he literally stole your code, there really isn't much you can do about it. All you can do is to update your app to make it more appealing than his application. Have you also stopped to think that you two might be working with the same company? Double-dipping much?
prantoroy said:
Report!! Perhaps???
Sent from my WT19i using xda premium
If I Have Helped You Can You Press
.
.
THANKS BUTTON
.
.
To support Me.
Click to expand...
Click to collapse
Thank you. I pressed the Thank you button. I was thinking about it too but the thing is, how are they going to figure things out?
syung said:
Welcome to the world of application development. Unless he literally stole your code, there really isn't much you can do about it. All you can do is to update your app to make it more appealing than his application. Have you also stopped to think that you two might be working with the same company? Double-dipping much?
Click to expand...
Click to collapse
Thank you for your reply. Not many replied in my thread so I paticulary appreciate al the feedback I get
Is there a way to write an identical app ising a different code? I don't know about it.
Or, another qustion. Suppose he downloaded my app. How can he actually edit it? Does he use some sort of software? I was told, the apk file is like an archive that one can unzip and zip back again. But how would he do it, I wonder?
May be you are right and we are working with the same company although it's hard to imagine. There are thousands of companies in the world adn how in the world would we "meet" at one company? Here is thier website, by the way, may be it will help you to answer my questions --> a1qa website
May be you know better, I am a noob at software development, and I realize it.
Klaipedos said:
Thank you for your reply. Not many replied in my thread so I paticulary appreciate al the feedback I get
Is there a way to write an identical app ising a different code? I don't know about it.
Or, another qustion. Suppose he downloaded my app. How can he actually edit it? Does he use some sort of software? I was told, the apk file is like an archive that one can unzip and zip back again. But how would he do it, I wonder?
May be you are right and we are working with the same company although it's hard to imagine. There are thousands of companies in the world adn how in the world would we "meet" at one company? Here is thier website, by the way, may be it will help you to answer my questions --> a1qa website
May be you know better, I am a noob at software development, and I realize it.
Click to expand...
Click to collapse
You can easily unzip an apk file by using any Archive manager like WInZip, WinRAR , or 7-zip ... But can't actually make great changes like that ... But there is something called as Decompiling an apk, .. which will actually compiled the compiled java classes.dex file into .smali files... Now .. you can easily do some basic or sometimes even advanced changes to the app ... like for example .. you can change the app name by simply editing the string.xml in the res folder... then again recompile it into an apk and redistribute under a different name .. it's quite possible ... If you want to reduce the risk of such problems ... i'd recommend you have a look at ProGuard.
The ProGuard tool shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names. The result is a smaller sized .apk file that is more difficult to reverse engineer.
Click to expand...
Click to collapse
It is possible that someone can decompile your apk and read your source code if they had enough time and resources. If you are worried about such things you might have to begin using other techniques such as code obfuscation or encrypted compilers to protect your source code. And yes, it is possible to have two program do the same thing but have different source code to do it. Although there might be some parts that are the same, how you write you code will be different than how they write it.
You should be aware that making a lawsuit will cost you more money than you earned and if somebody makes something that does the same thing as you ddid, that still does not mean that they have stolen something from you. Jeez, how can somebody who hosts apps not know this, are you teenager or something?
Yes, in programming, it is possible to write programs in 50 different ways and do the same thing.
You cannot copyright ideas, only source code and functions...unless you are apple of course. They can copyright rectangular shapes.
What you should do? Get his app, and compare it to yours. I dont know if you can access source code in android apps because I dont develop aps yet, but if you can, you should compare his fuctions with yours. If the code is 80% simmilar, it is stolen.

[Completed] Compiling an App

Hello, first I want to apologize if I am in the wrong area.
On to the question/assistance, something or other.
I am trying to modify an App, a game to be specific, to be more enjoyable for me. So far, I've been able to open it up, find the locations where the files I need to place/overwrite are located. I did so, and closed up the package, however, most of the times I tried it, it would always say something about not being able to "Parse" it. Eventually I got it so that it installs and runs, but the changes don't seem to appear.
This game, Uplink, used to be a PC exclusive, and it was very mod-heavy. Most of the "mods" were simply pictures with a txt file pointing to specific pixels for locations of other things, nothing complicated. I feel that it should be possible with the Android version as well.
I've looked around, and I can't seem to find anything that helps. There is a post on the Uplink section of the Introversion Forums that explains it a little, but no one has gotten back to me.
Can anyone help me? If anyone would be willing to assist me, whether by pointing me in the right direction, or taking, or walking through, or however, I would be grateful.
I could post the APK, tools that were mentioned else, and links I found.
Again, sorry if this isn't the place to ask for help with this particular problem of mine.
Hi!
Perhaps you should ask here...
> Android Development and Hacking > Android Q&A, Help & Troubleshooting
I'm sure someone there can offer some advice.

[HELP] Lloyds TSB apk

I've managed to rip the APK file right down all the way into the classes.dex, I'm looking for someone to assist me on either disabling the root detection or finding their method out that detects root and completely changing it so that I can have my damn phone rooted like I like it and still use the app, I'm willing to share all my current findings with anyone that is interested.
NOTE:
If I am not allowed to post about this subject please can a moderator or admin remove this post as I do not want to be found in violation of your terms of agreement or your set rules.
Regards,
Ezit

[Completed] Modding APK Files need help

I'm trying to create a WhatsApp Plus like application . But not the same - Plus was illegal this will be lack of any of its features so it will be legal but the only difference between normal WhatsApp and mine will be the online toast notify. When my friend be online it will send me a notification that's all I'm going to do. So here we go, I DO NOT need a application to decompile apk I already done it but I can't access the WhatsApp's UI. I can only see the codes. I wanna see UI of it, I wanna mod it like I'm doing with VisualStudio. Anything available like this I think this exists because people can mod WhatsApp UI. If its illegal please warn me so I will take my hands off from it.
Hi, thank you for using XDA Assist. Our mission at XDA Assist is to point users in the right direction to get help on their device's. So your question is outside the scope of XDA Assist.
Thread closed.

HELP!! (Will donate)

I am willing to donate $100 to whoever answers my questions. I have been looking for an answer for almost 2 weeks now but no success..I hope you guys can help me out!
Let us say there is a game I play called xxx and in this game you have to upgrade buildings and do researches if you want to advance.Now my questions are:
1-When you upgrade the buildings to a certain level, they change their look.I have looked into the res folder of the apk but couldnt find any pictures of the buildings..Where are the pictures stored?
2-There are a lot of researches to do and each level of research requires a certain amount of resources.Now where in the apk can I find information regarding this ( the amount of resources, time etc of each research)?
3-I found alot of pkm files in the apk.I tried to open them with Notepad++ but all I see is symbols..Could this mean the file is encrypted?.If so, how can I decrypt it?
I know it is too much, sorry
Thank you for your time!
No need to create multiple threads. And see my comments here, http://forum.xda-developers.com/general/off-topic/help-donate-t3449036
Thread closed.

Categories

Resources