This was built using Tasker but I'll share the extracted APK from App Factory below so it can be used without Tasker.
This is similar to ADB App Control for PC in its functioning. It has several executable commands that can be performed on applications in batches. Current commands are: Install, Enable, Disable, Uninstall, Uninstall Updates, and Reinstall. Requires ADB WiFi access to use. ROOT NOT REQUIRED. Can perform all commands on system applications.
In a nutshell, it makes debloating and re-bloating automated and quick. Can filter applications to show: System, User, Enable, Disabled, and Uninstalled. Also can combine filters and color code applications by their current state. Recently added the ability to save custom lists for quick recall of certain applications.
No experience with ADB necessary.
If you're not sure what uninstalling or disabling system applications can do to your device, you should probably not use this. I take no responsibility for any software issues that occur as a result from using this tool.
TaskerNet Task Import: CLICK HERE
Direct APK for use without Tasker below
Related
Hi,
I am developing a statistics gathering application for one of the local vendors. I need to grant the PACKAGE_USAGE_STATS permission without user intervention.
As I see it on a factory reset phone certain apps which are pre-installed in the phone already have this enabled. Even if I install the apk as a system app. I still need to enable the permission manually under Settings->Security->Apps With Data Usage.
Any insight on how I can accomplish this?
DISCLAIMER:
It is extremely illegal to use this app against networks you don't own or don't have a permission to attack. I am not responsible for how you use it and any damage you may cause. Consider yourself warned.
Hijacker is a Graphical User Interface for the wireless auditing tools airodump-ng, aireplay-ng and mdk3. It offers a simple and easy UI to use these tools without typing commands in a console and copy&pasting MAC addresses.
This application requires an android device with a wireless adapter that supports Monitor Mode. A few android devices do, but none of them natively. This means that you will need a custom firmware. Nexus 5 and any other device that uses the BCM4339 (and BCM4358 (although injection is not yet supported so no aireplay or mdk)) chipset will work with Nexmon. Also, devices that use BCM4330 can use bcmon.
The required tools are included in the app. To install them go to Settings and click "Install Tools". This will install everything in the directory you select. If you have already installed them, you don't have to do anything. You can also have them at any directory you want and set the directories in Settings, though this might cause the wireless tools not being found. The Nexmon driver and management utility is also included.
Root is also necessary, as these tools need root to work. If you don't grant root permissions to it, it hangs... for some reason... don't know why...
Features:
View a list of access points and stations (clients) around you (even hidden ones)
View the activity of a network (by measuring beacons and data packets) and its clients
Deauthenticate all the clients of a network
Deauthenticate a specific client from the network it's connected
MDK3 Beacon Flooding
MDK3 Authentication DoS for a specific network or to everyone
Try to get a WPA handshake or gather IVs to crack a WEP network
Statistics about access points (only encryption for now)
See the manufacturer of a device (AP or station) from a OUI database (pulled from IEEE)
See the signal power of devices and filter the ones that are closer to you
Leave the app running in the background, optionally with a notification
Copy commands or MAC addresses to clipboard, so you can run them in a terminal if something goes wrong
Include the tools
Reaver WPS cracking (pixie-dust attack using NetHunter chroot)
.cap files cracking with custom wordlist
Let the user create custom commands to be ran on an access point or a client with one click.
Installation:
Make sure:
you are on Android 5+
you are rooted. SuperSU is required. If you are on CM, install SuperSU
have installed busybox (opened and installed the tools)
have a firmware to support Monitor Mode on your wireless interface
Download the latest version here.
When you run Hijacker for the first time, you will be asked whether you want to set up the tools or go to home screen. If you have installed your firmware and all the tools, you can just go to the home screen. Otherwise, click set up to install the tools. You can change the directories in which they will be installed, but I recommend that you leave them unchanged. The app will check what directories are available and select the best for you. Keep in mind that on some devices, installing files in /system might trigger an Android security feature and your system partition will be restored when you reboot. After installing the tools and the firmware (only Nexmon) you will land on the home screen and airodump will start. If you don't see any networks, make sure you have enabled your WiFi and it's in monitor mode. If you have a problem, go to settings and click "Test Tools". If they all pass, you probably don't have monitor mode enabled. If something fails, click "Copy test command" and select the tool that fails. A sample command will be copied to your clipboard so you can open a terminal, run it, and see what's wrong.
Keep in mind that Hijacker is just a GUI for these tools. The way it runs the tools is fairly simple, and if all the tests pass and you are in monitor mode, then you should be getting the results you want. But also keep in mind that these are AUDITING tools. This means that they are used to TEST the integrity of your network, so there is a chance (and you should hope for it) that the attacks don't work on a network. It's not the app's fault, it's actually something to be happy about (given that this means that your network is safe). However, if an attack works when you type a command in a terminal, but not with the app, feel free to post here to resolve the issue. This app is still under development so bugs are to be expected.
Troubleshooting:
First of all, if the app happens to crash at a random time, run it again and close it properly. This is to make sure that there are not any tools still running in the background, as this can cause battery drain. If it crashes during startup or exiting, open a terminal, run `ps | busybox grep -e air -e mdk` and kill the processes you see.
Most of the problems arise from the binaries not being installed (correctly or at all). If that's the case, go to settings, click "install tools", choose directories for binaries and the lib (libfakeioctl.so) and click install. If the directory for your binaries is included in PATH, then you don't have to do anything else. If it's not, the you need to adjust the absolute paths of the binaries, right below the "install tools" option. This might also cause problems (especially with mdk) since these programs require the wireless tools to be installed, and they won't find them if you install them anywhere other than the paths included in your PATH variable. If you don't know what the PATH variable is, then you probably shouldn't be using any of these programs.
If you are certain that there is problem with the app itself and not the tools installation, open an issue here so I can fix it. Make sure to include precise steps to reproduce the problem and a logcat (having the logcat messages options enabled in settings). If the app happens to crash, a new activity should start which will generate a report in /sdcard and give you the option to email it to me directly. I suggest you do that, and if you are worried about what will be sent you can check it out yourself, it's just a txt file and it will be sent as an email attachment to me.
XDA:DevDB Information
Hijacker, App for all devices (see above for details)
Contributors
chrisk44
Source Code: https://github.com/chrisk44/Hijacker
Version Information
Status: Testing
Current Stable Version: v1-RC.4
Stable Release Date: 2016-12-23
Created 2016-11-14
Last Updated 2016-12-26
Reserved
thank you
works great on my nexus 5 and note 3
not working on s6 edge problem i dont know i already installed in my device correctly and also hijacker airdump shows networks for attacking but not do real attack
In any ROM (even without gapps) there will always be automatic connections with Google(captive portal mode, ntp) and Qualcomm (ntp, gps) The theory says that we have to deactivate automatic date and time and use only the integrated GPS (or otherwise contact Google / Qualcomm) but in practice these hosts will connect to the internet when they can ... The file in a LineageOs ROM is usually in /vendor/etc/gps.conf. On the other hand, there are geolocation alternatives, such as theUnifiedNIp project. Later, we can use other servers such as Mozilla. For this purpose we need to have MicroG installed, although I leave the information in case you are interested in.
The exception would supposedly be Replicant, but it supports few devices.
To avoid the espionage of Google we need the following:
-Before installing / formatting / flashing, we export our contacts in .vcf format and then recover them by importing the file from the Contacts application. If you want synchronization you can use, for instance,DAVdroid in Nextcloud / Ownclowd. This file and our photos / videos are taken to the PC and viceversa using a wire. We also download F-Droid, Afwall firewall and Adaway apks. We do not connect to the internet till I say even we have to avoid mobile data or wifi in the setupwizard.
-We flash a LineageOs ROM, without gapps and without MicroG(because it generates too many connections with Google). In your options we will uncheck Automatic Date / Time. We become root with Magisk or su.
-The next step is to deactivate the captive portal mode. All Android phones send a ping to Google to verify that the internet works. In Development Options we will enable the Local Terminal / Shell. Afterwards, we look for the new app and we open it.
In order to have root access we write:su
Then we will put:settings put global captive_portal_mode 0
And finally:reboot (also in the terminal, because if we restart manually it will be activated again)
-We disable "Intent Filter Verification" system app. It connects to Google and Amazon to verify the net. It is not necessary to be root. We force stopping and afterwards we disable it.
-If we use Android Pie we change Private DNS from automatic (default) to No.
-Install the firewall Afwall + We will give access only to the apps that interest us. However, there is a "bug" in Android that produces another inevitable data leak for any Firewall. This occurs at the boot of the system in which the program is incapable because it is loaded later, and the OS takes advantage to skip the locks. In its experimental options, there is one that controls this behavior. "Fix the data leak at boot" To let us mark the option, which by default will be gray, we must indicate in the immediately superior option "Path of the home directory for script", the first one that appears/sbin/.core /img/.core/service.d. Besides, we mark IPv6 compatibility. Thus, Afwall could "see" some IP's and block them. Nowadays I do not know what they are but there are several (an failed) unknown connections.
-AdAway. Now It is the moment to connect to the internet. We add the lists I put below, update the app and reboot. We are going to block Google servers (time.google.com) and Qualcomm servers (Izat, izatcloud.net) because despite blocking them in the firewall, disabling automatic date / time and using only the integrated GPS for time, they will try to connect to the time servers as soon as the phone connects.
To simplify, we added the host that I created for that purpose:
https://gitlab.com/Jorgu81/hosts/raw/master/HostsGoogle
Most recommended is Steven Black, although it is not essential:
https://raw.githubusercontent.com/StevenBlack/hosts/master/hosts
- After that, we install the F-Droid store. We are going to avoid Yalp Store/Aurora because they generate too many connections with Google, but you can install / uninstall if you need any app.
-IceCat web browser. Startpage, Qwant or SearX search engines. The reason, here:
https://spyware.neocities.org/articles/browsers.html
First of all we disable its addons because they break the webs. Afterwards, we put the ublock addon Origin.. If you want to avoid Google webcrawling we must block its domains with the aforementioned add-on. These are some of its trackers:
adservice.google.com
admob.com
adwords.com
adservice.google.es
adservice.google.com
doubleclick.net
googleapis.com beware! Some forums will not load correctly if we block ajax.googleapis.com
google-analytics.com
googletagservices.com
googleusercontent.com
googletraveladservices.com
googlesyndication.com
googleadservices.com
gstatic.com (it tends to break many websites, so use it manually where possible)
-SD Maid. This program is very complete and with it we can disable system applications or avoid autobooting them. But what interests us is to remove tracking permissions of the apps, specifically those referred to Google. These are boot (auto-start),analytics, tracking, firebase and in general those that refer to google. If the apps contain any of them, we will remove them. We look for "Application Control" (previously we can mark it to indicate also those of the System in Settings) and after selecting them, we select the app and choose "Permission Manager". Do not forget to give the 3 points above (Other) to see all of them. Example with Whatsapp. Uncheck "com.whatsapp.Bootreceiver","google.android.gms.measurement.AppMeasurement Receiver","com.google.firebase.iid.FirebaseInstanceIdReceive r","com.google.android.gms.measurement.AppMeasurementInstallReferrerReceiver"
https://sdmaid.darken.eu/download/production/
If we want to avoid its automatic connections we could disable the options in Settings, General Settings, Bug reporting.
Do not forget Trust in LineageOs in order to change, deny or allow permissions of our installed apps.
With this we have finished the initial configuration to avoid, as far as possible, the espionage of our system.
----------------------------------------------------------------------------------------
Applications / recommended settings (from F-Droid, as usual):
-Beta Updater for WhatsApp. To update the well-known application.
-XprivacyLua. We need Xposed:
Xposed (not Android 9)
https://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053
EdXposed (Android 9, alpha)
https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513
It will block all the information from our terminal that apps can takefor their indeterminate purposes. Few of them will make an incorrect use of it because they come from F-Droid. If we use WhatsApp we have to leave at least permission to clipboard and Contacts. In IceCat only for clipboard.
Removed old info.
Updated info:
-Disabling Intent Filter Verification due to its connections with Google, Amazon, and so on...
Another update and I hope the last...
We mark IPv6 compatibility in the firewall. Thus, Afwall could "see" some IP's and block them. Nowadays I do not know what they are but there are several (an failed) unknown connections.
Nevertheless, if we do not apply this, we could see data leak (AdAway, wireshark, tcpdump)
Now, there is no automatic connections at all.
On the other hand, I will install Pie soon so I will hope not to find too many problems...
Last update with Pie.
Only strange connections between mobile and router with Private DNS that is in automatic mode by default. We change it and select No.
-Added more hosts
-Changed hosts from GitHub to GitLab.
Now, we have 0 automatic data again when we turn on/off wifi or mobile data.
System Input Method's playstore link
[Playstore link: https://play.google.com/store/apps/d...ster&hl=en_GB]
Application Process: System Input Method (Process Name: com.ss.android.secure.cleanmaster)
listed as a system file.
Installed APK: /data/user/0/com.ss.android.secure.cleanmaster-1/base.apk
/data path: /data/user/0/com.ss.android.secure.cleanmaster
Version: 1.05
Target SDK: 22
Permissions:
Have full network access.
View WiFi connections.
View network connections.
Download files without notification.
Read phone status and identity
Modify or delete the contents of your usb storage.
Read contents of your Usb storage
Prevent phone from sleeping
Retrieve running apps
Draw over other apps
MainService: ime.mobile.ime.main
NOTE: This app written for older Android OS. So if installed in newer android versions, all permissions will be allowed even if you blocked it.
Last edited by SniperAlert2046; Today at 09:27 PM.
Malwarebytes classified it as riskware.
But after uninstalling it, the app came back again at random hours. seemingly downloading and installing other apps (like Haike News - communist news; and Ireader)
Drains battery and used data (to download files and maybe mine for crypto)
tried using ADB to remove it but as the base.apk is stored in root folder, the app can reinstalls itself when triggered (by the programmer / hacker or randomly)
Rooted phone and then installed Afwall+ firewall. But the firewall steathily disables internet filtering at odd hours. (or maybe the firewall is bugged).
So decided to deactivate Updater app (linked to redstone) and the OTAupdater... system app since phoine already rooted and that the Leagoo company does not provide regular OS updates. (except pushing Haike News, System Input Method and H5plugins riskwares to phone).
Well, although AFwall+ firewall did not work, thereby exposing my phone to the internet without filtering IP traffic, the riskwares did not return. So uninstalling Updater (the one with the com.redstone.ota.ui pathname) and the System Update (com.sprd.systemupdate) works for me.
Netguard firewall managed to blocks internet access by system apps. The Leagoo's Built-in Weather app created Baidu folder in root folder (collecting many encrypted log files probably for sending back to Baidu servers in China.). Would be better to uninstall Leagoo Weather app and install a 3rd party one.
Hi all,
Just wanted to share my Bloatware Removal Tool that was designed in Tasker and exported via App Factory. It was optimized to work with app factory. The big difference between the Tasker import and the extracted APK is the colors and progress loading dialogs are disabled in the APK since there was an issue getting them to close.
This application is like a swiss army knife of Wireless Debugging for applications. It has a minimal interface but is a powerful tool to debloat and manage all your applications. Several convenient features were added such as the ability to save preset lists of applications that can be recalled with a tap, rebloating system apps, application filters with options to select multiple at a time to fine tune your results.
Features - Actions Apply To User and System Applications: Enable/Disable/Force Stop/Install/Reinstall/Uninstall/Open Settings/Application Search/Play Store search/Custom ADB WiFi Commands/Batch Execution of Commands/Custom Command Batch Execution (Variables)/Save and Recall App Lists/Copy APK to storage/Display Useful Information about an individual application/APP OPS Management/App Filters/Launch Applications/Duplicate Name Detection and Parsing/Minimal Interface using dialogs/Wireless ADB Debugging/Rebloat Uninstalled System Packages
I worked quite hard on this and I'd like to pass it on. It uses ADB Wireless Debugging to execute commands through port 5555. Wireless Debugging must be configured after every reboot. There are various guides on how to grant access to wireless Debugging, I won't include it here but suffice to say it won't work without it. Recommend using Termux script to easily grant Wireless Debugging. If you have any issues, please let me know.
TaskerNet Import (Tasker Required)
CLICK HERE
Only import this if you have and know what Tasker is. If you don't, download the direct APK file below for use without Tasker and Plugins.