I am creating an app with a frontend interface for the user to customize module settings. In my frontend, I have a button to test the module settings.
When working "behind the scenes" like my module is supposed to (receiving a notification from 3rd party app I am writing the module for), the constructor and method hooks works just fine. However, when I utilize the test button I have implemented, I get a nullpointerexception like this:
java.lang.NullPointerException
at de.robv.android.xposed.XposedHelpers.findMethodBestMatch(XposedHelpers.java:223)
at de.robv.android.xposed.XposedHelpers.findMethodBestMatch(XposedHelpers.java:284)
at de.robv.android.xposed.XposedHelpers.callStaticMethod(XposedHelpers.java:985)
What I THINK is causing this is the fact that my test button does not run this from inside of an XC_MethodHook. My "behind the scenes" code that works is called from inside the XC_MethodHook.
Is this assumption correct, or would you like me to post code?
Related
Hi!
In order to automatically switch to Wifi Keyboard as my current input method when plugging my phone (Atrix, Android 2.2.2) into my computer, I am looking to circumvent the security restrictions preventing that. Normally, applications are not given the permission to change input methods due to them being in control of the system, possibly with malicious intent.
Now, my phone is rooted, and root shall be your god, so this must be possible. To further complicate matters, I am trying to acieve this through Tasker (which does not know about root), as it already provides the several other tasks I want to achieve and can trigger them in any context imaginable. It is, however, able to run scripts - so if there is a way to do this by script, I'm set.
Google gave me a link to the developer.android.com reference to InputMethodManager (which I am not allowed to post here yet...), which says, among other things, the following:
The input method manager as expressed by this class is the central point of the system that manages interaction between all other parts. It is expressed as the client-side API here which exists in each application context and communicates with a global system service that manages the interaction across all processes.
An input method (IME) implements a particular interaction model allowing the user to generate text. The system binds to the current input method that is use, causing it to be created and run, and tells it when to hide and show its UI. Only one IME is running at a time.
Multiple client applications arbitrate with the input method manager for input focus and control over the state of the IME. Only one such client is ever active (working with the IME) at a time.
Click to expand...
Click to collapse
Only the system is allowed to directly access an IME's InputMethod interface, via the BIND_INPUT_METHOD permission. This is enforced in the system by not binding to an input method service that does not require this permission, so the system can guarantee no other untrusted clients are accessing the current input method outside of its control.
Click to expand...
Click to collapse
A client application can ask that the system let the user pick a new IME, but can not programmatically switch to one itself. This avoids malicious applications from switching the user to their own IME, which remains running when the user navigates away to another application. An IME, on the other hand, is allowed to programmatically switch the system to another IME, since it already has full control of user input.
Click to expand...
Click to collapse
The identification of the current IME is represented by this:
IBinder imeToken Supplies the identifying token given to an input method when it was started, which allows it to perform this operation on itself.
Click to expand...
Click to collapse
I take from this that I either have to
a) gimme that BIND_INPUT_METHOD permission,
b) remove that whole restriction at least temporarily,
c) impersonate being the currently active IME by taking the imeToken away or
d) tell the IME that it should switch to another one.
Unfortunately, my programming experience is limited to C (on microcontrollers...), Python and PHP, and I have no greater experience with fitting my scripts into lager-scale frameworks, only in small ones for personal or limited use. So, well, I have no idea how to achieve any of these goals.
Could someone tell me if what I want to do is even possible, and if so, how? I don't need the full code, if there is much to it, but rather some directions, altough I certainly would not mind it
Thanks a bunch for any advice in advance!
V
PS: I hope it is not rude for me to ask this in here, but well, it's kinda-sorta dev stuff, and neither Google nor the Forum search turned up anything even close to an answer.
Use "Secure Settings". It will allow you to switch keyboard input using Tasker. It also lets you turn gps on and off as well as some other things.
Sent from my MB860 using xda premium
Hi there,
i got a little problem:
I got a Loxon (loxone.com) home automation system.
In there, there's a function to open app from URLs, as far as i understood it works through the intent service, for example i tested with success the yatse xbmc remote.
I launched the app through yatse:// as defined on the yatse developers web page.
So and now my problem:
as far as i understand the apps developer needs to define a custom intent sheeme in the apps manifest.xml
But there aren't many app developers using the custom intents, so i want to add the feature by myself.
I read about it on many websites but never got it to work. i don't need actions defined, such as open sms app and preinsert the number, just open the apps, for example squeezeplayer:// for the squeeze box apk.
Could anyone please give me a before-after example for an app? That would be awesome.
I know about decompiling apks, editing the manifest so no need for an detailed step-by step.
I know about a negative side effect after editing the manifest if an app update is installed the changes go away, but thats sometihing i can live with. (set aut update off):silly:
Thanks in advance
Edit
: i found this on stack overflow for opening apps through url but never got it to work:
http://stackoverflow.com/questions/2958701/launch-custom-android-application-from-android-browser
Hello all,
I am currently trying to build an Xposed Module to disable the location consent dialog at least for just my phone.
I have a rooted VZW LG G4 on Lollipop 5.1 - VS98613B
It is an annoyance to have to agree every time I turn on location or network data.
There is an Xposed Module that disables the location consent dialog, but this module is for the "Google Analytics" agreement, that Google will automatically collect anonymous data. It can be found here:
Code:
repo.xposed.info/module/com.mohammadag.disablelocationconsent
PLEASE NOTE: What I am trying to disable is a similar dialog, BUT IS NOT THE SAME. I have tried this module, along with a LL compatible "Deny Location Consent" module, and neither are targeted for the dialog I get.
I am not able to post links or pictures, but if you go to "i67.tinypic.com/2zzkenq.png" you can see the dialog.
I would like help trying to find the method that calls this dialog to appear, so that I can hook it and replace it with a (I'm assuming a 'return true;') method of my own. I have scoured GrepCode for the right Java class, but don't have much experience on where to look or even what really to look for. The closest I think I have gotten is in com.android.systemui.statusbar.policy.LocationControllerImpl at the link:
Code:
grepcode.com/file/repository.grepcode.com/java/ext/com.google.android/android/5.1.0_r1/com/android/systemui/statusbar/policy/LocationController.java#LocationController.setLocationEnabled%28boolean%29
Any and all help would be greatly appreciated!
TL;DR: I need help finding the method that calls the Location Consent dialog (not for Google) so that I can create an Xposed Module to bypass it.
I was struggling not to make that kind of posts but as far I can see, I definitely need help in order to proceed.
I need help with hacking an app. The application in question utilizes AES encryption for some subset of web requests. As I understand, the key for encryption is generated by the app at native code level which then used for encrypting/decrypting internet traffic, using shared library. In addition to that, there is a method to fetch the encryption key, if my understanding of the process is correct.
Personally, I don't follow the whole sequence of actions it does to encode/decode data (app heavily utilizes both java, native arm code and server-obfuscated JS code so it'd a bit complicated to follow). So, I thought that it might be faster and more effective to go straight for the key, so the plan was writing xposed module which would fetch it.
I haven't developed for Android platform before so please bear with my ignorance. As I understand, if the method in shared library is called Java_<class>_<method> then it can be declared in that class and be called from there. If the library is checked using IDA Pro, you could see a bunch of method following that naming approach in Exports tab. The problem is that the key fetching method uses different naming/declaration - <ClassA>::<ClassB>::<Method> (and its export name is something like _ZN3ClassA6ClassB9MethodEv). While I have a vague idea of calling typical native class methods (Java_.... ones), I don't have a slightest idea if <Class1>::<Class2>::<method> could be called from Java code somehow.
Any help would be appreciated.
I understand that the instrumentation api was removed from android but is there any way that i can intercept method executions to inspect the parameters/state at runtime?
Let's say that i see a file on my device called "bobby.dat" and i want to understand what it's about, i would activate the interceptor and when i see a method using a "bobby.dat" i would be able to inspect that class in particular to see what is going on rather than trying to go through 50k classes of that apk to try and find who may be using that.