Hi, I have recently tried to create a program which outputs the permissions required by a apk using the command "aapt d permissions apkfilename.apk". I tried it on a list of apk files and most of it worked. However there appears to be 1 apk which provides an error stating: dump failed because no AndroidManifest.xml found. There is also another second apk file which provides no error message when the aapt command is used, however no permissions are listed. Based on that observation I have a couple of questions regarding permissions.
1.) I was wondering, is it possible for a apk file to work on a phone despite not having a androidmanifest.xml file (after the apk is installed into the phone)?
2.) In addition to that, is it possible for a apk file (after the apk is installed into the phone) to use permissions without asking the user for permission?
3.)Is there any another file/command which could definitely list the permissions required by the apk, assuming if the person who created the apk tried to hide the permissions required?
4.)The aapt program output two types of permission, uses-permission and permission. What are the differences between the two?
dk3498 said:
Hi, I have recently tried to create a program which outputs the permissions required by a apk using the command "aapt d permissions apkfilename.apk". I tried it on a list of apk files and most of it worked. However there appears to be 1 apk which provides an error stating: dump failed because no AndroidManifest.xml found. There is also another second apk file which provides no error message when the aapt command is used, however no permissions are listed. Based on that observation I have a couple of questions regarding permissions.
1.) I was wondering, is it possible for a apk file to work on a phone despite not having a androidmanifest.xml file (after the apk is installed into the phone)?
Click to expand...
Click to collapse
To my knowledge, no, it wouldn't work.
dk3498 said:
2.) In addition to that, is it possible for a apk file (after the apk is installed into the phone) to use permissions without asking the user for permission?
Click to expand...
Click to collapse
Yes, this is possible. This is usually done by malicious applications.
dk3498 said:
3.)Is there any another file/command which could definitely list the permissions required by the apk, assuming if the person who created the apk tried to hide the permissions required?
Click to expand...
Click to collapse
XPrivacy, an android app, could be of use here.
dk3498 said:
4.)The aapt program output two types of permission, uses-permission and permission. What are the differences between the two?
Click to expand...
Click to collapse
See here.
Hi Theonew, thanks for the help :good:. So am i right to assume that malicious apk files could avoid stating the permission used/required in the androidmanifest.xml but still be able to use it behind the scenes?
dk3498 said:
Hi Theonew, thanks for the help :good:. So am i right to assume that malicious apk files could avoid stating the permission used/required in the androidmanifest.xml but still be able to use it behind the scenes?
Click to expand...
Click to collapse
Yes, this is possible. XPrivacy comes in handy here since it shows you the permissions which the app requested upon installation (hence you granted), and also shows the permissions the app actually used. Sometimes these include ones which were not requested/granted.
This and this may be in your interest. If not, they're still interesting reads .
Related
I am trying to sync a rostering app between two devices using dropsync.
The .db files that need syncing are in the /data/data/com.blah.blah/databases directory. Using Root explorer I can change the permissions to give full rw permission to others. The two .db files will then upload to the dropsync server.
The problem is that whenever the app is opened and anything modified, the permissions change back to default and thus dropsync can't access the modified .db
Is there anyway to change this or am I wasting my time? what is the 'sticky' box option in RE?
I'm not sure precisely what "sticky" means, but it's not what you want--it doesn't involve persistence or "sticking".
You could try to make the files not owned by the app but set it so the group is the app. Make sure the group can read/write/execute, or whatever it needs. This way, the app can still use the file but won't be able to change its permissions.
Of course, it could see that it doesn't own the file and refuse to run. I'm not sure what sort of checks the program's authors implemented. This also won't work if the file is deleted and created anew--the new file would be owned by the app.
Yeah thanks for that,
I tried the ownership and group swap earlier, and am pretty sure the app re- writes the db.
Don't think is going to work.
cheers
Well its obvious that the app, when opened sets the permissions to the .db files so that they wont be usable by others. The way you describe the problem is more likely to be a file owner problem and not with the permissions. Try to set the app and the files to the same owner and see if that works. You could always make a script that would change the permissions/ownership of the file.
FYI,
The sticky bit is a special part of the permissions mask for a file or directory. When set on a directory, it tells the system to prevent anyone but a containing file's owner from deleting files in that directory. This is handy if you have a directory that's being used by multiple users on a system as scratch space as it prevents people from wiping out others' files.
For files....the behavior isn't defined.
Hope this helps,
- chris
Hi to all
My Streak 5 is running DSC ROM v1.1 and am using the included Android stock browser (v2.3.3).
When I try to view adfly web pages (eg *******/), I am not able to see them - I get the 'web page not available' error message.
What do I need to do to both view these kind of web pages and also for them to load properly in the Android browser? I can see the pages on any PC but have singularly failed to find a way via the browser on my phone
Many many thanks to anyone who can put me out my misery..
This may be due to the modified hosts file that is included with DSC. Look in /system/etc/ and find a file named hosts. Make a backup of it. Open the original in a text editor and remove everything but this line:
127.0.0.1 localhost
Leave a blank line at the end of the file, save and exit.
It may require a reboot to be effective. If it doesn't work, just revert to your backup.
lordmorphous said:
This may be due to the modified hosts file that is included with DSC. Look in /system/etc/ and find a file named hosts. Make a backup of it. Open the original in a text editor and remove everything but this line:
127.0.0.1 localhost
Leave a blank line at the end of the file, save and exit.
It may require a reboot to be effective. If it doesn't work, just revert to your backup.
Click to expand...
Click to collapse
Thanks very much for the quick reply - much appreciated. Your suggestion about the hosts file gave me a clue.
I have AdAway installed, which blocks ads (on both webpages and those sent/displayed by apps and games) by modifying the hosts file. I disabled AdAway and reverted to the DSC ROM hosts file - and I can now see adfly pages on the browser.
However, I still wish to block ads on web pages, while still being able to use adfly-type sites. I also don't want to lose the ability to block ads shown/sent by apps & games. Is there an alternative method to block these?
AdAway was extremely effective at doing its job and I'd be loath to lose that functionality. For example on my PC, I use Chrome with AdBlockPlus extension which allows me to see and navigate through adfly-type sites while not being subject to ads.
Any advice or suggestions would be gratefully received. Thanks again for your help.
Cheers
AdAway and other such programs only combine the lists of blocked sites compiled by well-known sites into a single HOSTS file. They currently cannot exclude specific sites. For that, you have to edit the file manually.
Continue using AdAway, but use a text editor afterward to manually update the HOSTS file to exclude the site you want to see.
Strephon Alkhalikoi said:
AdAway and other such programs only combine the lists of blocked sites compiled by well-known sites into a single HOSTS file. They currently cannot exclude specific sites. For that, you have to edit the file manually.
Continue using AdAway, but use a text editor afterward to manually update the HOSTS file to exclude the site you want to see.
Click to expand...
Click to collapse
Actually AdAway has a whitelist facility. I've added ******* to it but can still see all the ads, unlike when I use AdBlock Plus under Chrome on a PC. Guess that'll have to do, unless anyone knows of a more elegant solution..
Cheers
I've used AdAway for months now and didn't realize it had a whitelist. Good to know the feature exists, though I am unlikely EVER to use it.
lordmorphous said:
This may be due to the modified hosts file that is included with DSC. Look in /system/etc/ and find a file named hosts. Make a backup of it. Open the original in a text editor and remove everything but this line:
127.0.0.1 localhost
Leave a blank line at the end of the file, save and exit.
It may require a reboot to be effective. If it doesn't work, just revert to your backup.
Click to expand...
Click to collapse
thanks bro!!!
I stop using adaway due to this problem. SO many website can't be opened. MOdify the host file and now things work again or just click disable adaway and it will modify the host file for you
For the app, you might want to use lucky patcher to block the ads
lordmorphous said:
This may be due to the modified hosts file that is included with DSC. Look in /system/etc/ and find a file named hosts. Make a backup of it. Open the original in a text editor and remove everything but this line:
127.0.0.1 localhost
Leave a blank line at the end of the file, save and exit.
It may require a reboot to be effective. If it doesn't work, just revert to your backup.
Click to expand...
Click to collapse
Can't find system , can you be more specific , not able to find in file manager
pramodb said:
Can't find system , can you be more specific , not able to find in file manager
Click to expand...
Click to collapse
You need to be using a file manager that allows root functions, such as ES File Explorer, Root Explorer, etc. A non-root enabled file explorer won't allow you to see /system/
lordmorphous said:
You need to be using a file manager that allows root functions, such as ES File Explorer, Root Explorer, etc. A non-root enabled file explorer won't allow you to see /system/
Click to expand...
Click to collapse
Dude , I used es explorer and I'm still not able to find system
pramodb said:
Dude , I used es explorer and I'm still not able to find system
Click to expand...
Click to collapse
Did you enable the root explorer features of ES? I'm not sure where to go from here to help you. Finding /system/ is pretty basic stuff.
If you are familiar with using adb, you can use it to pull the file to your computer, edit it, and push it back into place. The command would be:
adb pull /system/etc/hosts
adb push hosts /system/etc/hosts
There are lots of guides available for using adb and it is a worthwhile tool to know and use.
I like Notepad ++ for editing files on my computer. It's free and simple to use.
I'm willing to help, but keep in mind that I no longer have this phone as I moved on to the S3 last July.
lordmorphous said:
Did you enable the root explorer features of ES? I'm not sure where to go from here to help you. Finding /system/ is pretty basic stuff.
If you are familiar with using adb, you can use it to pull the file to your computer, edit it, and push it back into place. The command would be:
adb pull /system/etc/hosts
adb push hosts /system/etc/hosts
There are lots of guides available for using adb and it is a worthwhile tool to know and use.
I like Notepad ++ for editing files on my computer. It's free and simple to use.
I'm willing to help, but keep in mind that I no longer have this phone as I moved on to the S3 last July.
Click to expand...
Click to collapse
Okay , got it but it is already in the way you said of should he , what do you suggest I do now
lordmorphous said:
Did you enable the root explorer features of ES? I'm not sure where to go from here to help you. Finding /system/ is pretty basic stuff.
If you are familiar with using adb, you can use it to pull the file to your computer, edit it, and push it back into place. The command would be:
adb pull /system/etc/hosts
adb push hosts /system/etc/hosts
There are lots of guides available for using adb and it is a worthwhile tool to know and use.
I like Notepad ++ for editing files on my computer. It's free and simple to use.
I'm willing to help, but keep in mind that I no longer have this phone as I moved on to the S3 last July.
Click to expand...
Click to collapse
Okay , I got it and its in the way you said it should be , so any suggestions. And BTW I'm using gt-p5100 on job 4.2.2 via CyanogenMod
Well, that ruled out the hosts file. I'm stumped now. If I think of something I'll post it.
lordmorphous said:
Well, that ruled out the hosts file. I'm stumped now. If I think of something I'll post it.
Click to expand...
Click to collapse
Hi
I had the same problem like others had so what i did , i just move the host file from system/etc to just system , now i can open adf and other sites but now i can see ads running in my apps and games . Now i want to manually edit the hosts file so that the ads won't run in apps & games but it won't block adf . So can u tell me which data to remove from the host file ??
Okay i just remove the adf (dot)ly and cdn(dot)adf(dot)ly from the hosts and now i can open adf and also no ads in the apps or games.
But has problem with the linkbucks , still can't open it and can't find it in the hosts also
easy video tutorial made by me
https://www.youtube.com/watch?v=Kaochdv3cbs
Hi
hi
after doing that i have this error
unable to connect proxy server
how to fix this?
Hello I am working i a idea of mounting a windows share and reproducing all the contents with a specific program, for example all images files to open in full screen with gallery or a slideshow program, if a movie with video program etc etc...
i already mount the windows share and i am able to print all the files names but i am struggling a lot on this does anyone knows an app that do this or any thoughts about how to do it from command line?
any idea is really appreaciate
Regards,
"ls"? Or do I misunderstand the question?
thewadegeek said:
"ls"? Or do I misunderstand the question?
Click to expand...
Click to collapse
sorry maybe i didnt make myself clear.
what i need is moreless complex.
I need to make a slideshow of all the content i have in a folder. The problem is that some files are not just images, some are videos.....
So i was thinking that maybe i can do a script in the command line but i need some commands to:
how to open an app
how to pass parameter to it,
i have read that all of it i can find it in manifest file but i also dont know where it is in each application installed.
Another way is if you know any apk that can work.
PLeaseeeee any ideaS?
Google "java find all images in folder".
Sent from my SCH-R760 using Tapatalk 2
thewadegeek said:
Google "java find all images in folder".
Sent from my SCH-R760 using Tapatalk 2
Click to expand...
Click to collapse
i am not doing a apk i am trying to do a script to do what i want, actually i have made some progress, what i now need is how can i now the command an apk accept and his package name, i read this comes in a manifest but where it is in my android system?
eagoweb said:
i am not doing a apk i am trying to do a script to do what i want, actually i have made some progress, what i now need is how can i now the command an apk accept and his package name, i read this comes in a manifest but where it is in my android system?
Click to expand...
Click to collapse
I'm trying dude, but your grammar is killing me. What do you need from a APK and why?
alrededoresfoterp
thewadegeek said:
I'm trying dude, but your grammar is killing me. What do you need from a APK and why?
Click to expand...
Click to collapse
Sorry so true, i was writing really fast...
ok
i need to play all the content in a folder my problem is that i don't know how to determine the name of package and commands of the applications i want to call, here is the code i am using in line command:
This display all the names of all files in the folder
PHP:
for file in 'dir -d *'; do
echo $file\n
done
Then i did another test to try to open an application form line command
PHP:
am start -a android.intent.action.VIEW [weblink]
All this worked
What i want to determine is how can i obtain those package names and commands,for the different applications i install in the android tv box.:
"android.intent.action.VIEW"
But at the same time, the goal of all this is to open all files from a folder like a slideshow of photos and videos.
OK now i am opening astro player from command line, but if i add a new item to the folder how can i send a command to astro player to exit and open again so that he can detect the new file?
is there a 'am stop' command?
Hi,
A friend of mine recently returned from China with a Coolpad 8675, which he gave to me. I tried to install various apps such as Google Search and the Play Store, to no avail. This makes it impossible to use apps like Google+ and Ingress. This is quite annoying, and i was wondering if there was a solution to this problem. I really have no idea how android phones work or how to do stuff like rooting, so basic solutions would be appreciated!
Thanks,
LeCrazyPanda
same here
I am having the same issue.
I installed Google account log in service, and Google play store with successfully I even found those on the Chinese coolpad app store.
My trouble comes with trying to install Google play services, as even when I download it from the coolpad store, the install always fails.
SOLVED
Hi I have one and i had same problem.
First you must root phone, that is simple and here is instructions:
https://translate.google.cz/translate?hl=cs&sl=zh-CN&tl=en&u=http%3A%2F%2Fsjbbs.zol.com.cn%2F166%2F1606_1657041.html
after that you can manualy install GAPPS.
I get Universal Pico from Paranoid then unzip it on pc and create this pack https://drive.google.com/file/d/0BzMLUR1MF4g3RHBqQjBsTGlyVm8/view?usp=sharing
You must copy to Phone disk and manualy copy to system folder directories.
EACH FILE YOU MUST MANUALY SET PERMISSION 644
AND DIRECTORY \etc\preferred-apps\ THAT YOU CREATE MUST SET PERMISSION 755
After that you must restart phone and enjoy
For Copy and set permissions i use Root Explorer that you must manualy install from disk
Sorry for my bad English
Hagen656 said:
Hi I have one and i had same problem.
First you must root phone, that is simple and here is instructions:
https://translate.google.cz/translate?hl=cs&sl=zh-CN&tl=en&u=http%3A%2F%2Fsjbbs.zol.com.cn%2F166%2F1606_1657041.html
I' don't find anywhere this "1, in the mobile phone standby interface, click to enter [Cool housekeeper] - [Settings] (Click pinion upper right corner) - [on], as shown below;"
Please can you help me to perform this fisrt part of instructions?
Click to expand...
Click to collapse
Phenomen said:
Hagen656 said:
Hi I have one and i had same problem.
First you must root phone, that is simple and here is instructions:
https://translate.google.cz/translate?hl=cs&sl=zh-CN&tl=en&u=http%3A%2F%2Fsjbbs.zol.com.cn%2F166%2F1606_1657041.html
I' don't find anywhere this "1, in the mobile phone standby interface, click to enter [Cool housekeeper] - [Settings] (Click pinion upper right corner) - [on], as shown below;"
Please can you help me to perform this fisrt part of instructions?
Click to expand...
Click to collapse
Hi sorry for my late respond.
This is in Setting - Security - CoolManager
Click to expand...
Click to collapse
Hagen656 said:
Hi I have one and i had same problem.
First you must root phone, that is simple and here is instructions:
https://translate.google.cz/translate?hl=cs&sl=zh-CN&tl=en&u=http%3A%2F%2Fsjbbs.zol.com.cn%2F166%2F1606_1657041.html
after that you can manualy install GAPPS.
I get Universal Pico from Paranoid then unzip it on pc and create this pack https://drive.google.com/file/d/0BzMLUR1MF4g3RHBqQjBsTGlyVm8/view?usp=sharing
You must copy to Phone disk and manualy copy to system folder directories.
EACH FILE YOU MUST MANUALY SET PERMISSION 644
AND DIRECTORY \etc\preferred-apps\ THAT YOU CREATE MUST SET PERMISSION 755
After that you must restart phone and enjoy
For Copy and set permissions i use Root Explorer that you must manualy install from disk
Sorry for my bad English
Click to expand...
Click to collapse
Hi
Can you specify where to put those apks exactly. Thanks for your time.
mirchichamu said:
Hi
Can you specify where to put those apks exactly. Thanks for your time.
Click to expand...
Click to collapse
Hi directories from my zip (app, etc, framework, lib, priv-app) must extract to /system directory. Means
files from zip/GAPPS/app/*.apk copy to /system/app/*.apk on your phone
files from zip/GAPPS/etc/permissions/*.xml copy to /system/etc/permissions/*.xml on your phone
files from zip/GAPPS/etc/preferred-apps/*.xml copy to /system/etc/preferred-apps/*.xml on your phone
files from zip/GAPPS/framework/*.jar copy to /system/framework/*.jar on your phone
files from zip/GAPPS/lib/*.so copy to /system/lib/*.so on your phone
files from zip/GAPPS/priv-app/*.apk copy to /system/priv-app/*.apk on your phone
EACH FILE YOU MUST MANUALY SET PERMISSION 644
AND DIRECTORY \etc\preferred-apps\ THAT YOU CREATE MUST SET PERMISSION 755
Hagen656 said:
Hi directories from my zip (app, etc, framework, lib, priv-app) must extract to /system directory. Means
files from zip/GAPPS/app/*.apk copy to /system/app/*.apk on your phone
files from zip/GAPPS/etc/permissions/*.xml copy to /system/etc/permissions/*.xml on your phone
files from zip/GAPPS/etc/preferred-apps/*.xml copy to /system/etc/preferred-apps/*.xml on your phone
files from zip/GAPPS/framework/*.jar copy to /system/framework/*.jar on your phone
files from zip/GAPPS/lib/*.so copy to /system/lib/*.so on your phone
files from zip/GAPPS/priv-app/*.apk copy to /system/priv-app/*.apk on your phone
EACH FILE YOU MUST MANUALY SET PERMISSION 644
AND DIRECTORY \etc\preferred-apps\ THAT YOU CREATE MUST SET PERMISSION 755
Click to expand...
Click to collapse
Thank you very much.
Sent from my HUAWEI MT7-TL10 using Tapatalk
Didnt get that screen
Hagen656 said:
Phenomen said:
Hi sorry for my late respond.
This is in Setting - Security - CoolManager
Click to expand...
Click to collapse
I dont get that screen. i get this:
Click to expand...
Click to collapse
Hagen656 said:
Hi directories from my zip (app, etc, framework, lib, priv-app) must extract to /system directory. Means
files from zip/GAPPS/app/*.apk copy to /system/app/*.apk on your phone
files from zip/GAPPS/etc/permissions/*.xml copy to /system/etc/permissions/*.xml on your phone
files from zip/GAPPS/etc/preferred-apps/*.xml copy to /system/etc/preferred-apps/*.xml on your phone
files from zip/GAPPS/framework/*.jar copy to /system/framework/*.jar on your phone
files from zip/GAPPS/lib/*.so copy to /system/lib/*.so on your phone
files from zip/GAPPS/priv-app/*.apk copy to /system/priv-app/*.apk on your phone
EACH FILE YOU MUST MANUALY SET PERMISSION 644
AND DIRECTORY \etc\preferred-apps\ THAT YOU CREATE MUST SET PERMISSION 755
Click to expand...
Click to collapse
I see all these files are APK's. Do I install them like regular APKs? Then how do I grant permissions? I have two left thumbs as far as technology is concerned, so I would sincerely appreciate someone guiding me, step by painful step. Thanks.
DUSANT_AP said:
I see all these files are APK's. Do I install them like regular APKs? Then how do I grant permissions? I have two left thumbs as far as technology is concerned, so I would sincerely appreciate someone guiding me, step by painful step. Thanks.
Click to expand...
Click to collapse
Read my first post
Hagen656 said:
Hi I have one and i had same problem.
First you must root phone, that is simple and here is instructions:
https://translate.google.cz/translate?hl=cs&sl=zh-CN&tl=en&u=http%3A%2F%2Fsjbbs.zol.com.cn%2F166%2F1606_1657041.html
after that you can manualy install GAPPS.
I get Universal Pico from Paranoid then unzip it on pc and create this pack https://drive.google.com/file/d/0BzMLUR1MF4g3RHBqQjBsTGlyVm8/view?usp=sharing
You must copy to Phone disk and manualy copy to system folder directories.
EACH FILE YOU MUST MANUALY SET PERMISSION 644
AND DIRECTORY \etc\preferred-apps\ THAT YOU CREATE MUST SET PERMISSION 755
After that you must restart phone and enjoy
For Copy and set permissions i use Root Explorer that you must manualy install from disk
Sorry for my bad English
Click to expand...
Click to collapse
Hagen656 solution works, tried & tested
DUSANT_AP said:
I see all these files are APK's. Do I install them like regular APKs? Then how do I grant permissions? I have two left thumbs as far as technology is concerned, so I would sincerely appreciate someone guiding me, step by painful step. Thanks.
Click to expand...
Click to collapse
Do exactly as @Hagen656 says: copy ALL files from GAPPS, *.apk *.jar *.xml *.so into the corresponding folders from the /system/ folder on your phone. If the folder is not present in /system/ on your phone, copy the entire folder from GAPSPS. You don't have to install anything, just to change permissions to 755 for /system/etc/preferred-apps/ folder and to 644 for ALL files (including the ones from /system/etc/preferred-apps/).
To understand file permissions in Android, read this:
http://androidforums.com/threads/understanding-android-file-permissions.73177/
For changing file permissions, I used ES File Explorer, you can directly download the .apk from here http://www.estrongs.com/?lang=en
After installing ES File Explorer, you need to install ES Permission Manager plugin, which can be found here http://getandroidapp.org/applications/libraries-demo/93311-es-permission-manager-plugin-1-0.html
Pls how did you change d language of d coolmanager app
Is theres a way to modify and run this apks without unlocking secrecy or auth token? i pulled it from my oppo and when i run the app it'll update the existing app
norimee said:
Is theres a way to modify and run this apks without unlocking secrecy or auth token? i pulled it from my oppo and when i run the app it'll update the existing app
Click to expand...
Click to collapse
You can't modify an APK, as it's in binary. You could remove it though - Let me know if you need help.
An APK ( read: Android Application Package ) file by nature is a ZIP file - not a binray - what can get extracted with any zip utility (e.g. 7zip), you can view all resources correctly but all java files are not correctly decompiled.
Content of an APK file looks like
You can also see the contents of an APK file within the Android device itself, which helps a lot in debugging, using
https://play.google.com/store/apps/details?id=com.dasmic.android.apkpeek
All files including the manifest of an app can be viewed and also shared using email, cloud etc., no rooting required.