登录

App is divided into two kinds of permissions, system permissions and root privileges

Android
0 53

App is divided into two kinds of permissions system permissions and root privileges(Apk get system permissions and root privileges)

Get system permission:

method one

  1. Add the attribute to the manifest tag of the manifest: android:sharedUserId="android.uid.system"

The same uid can access resources to each other as if it were in the same process with the same permissions but must be signed with the same key.

  2. Add LOCAL_CERTIFICATE := platform to Android.mk(In this way only the permissions of the apk can be upgraded to the system level. Files that require root privileges in the system can be accessed. The apk still cannot be accessed.)

  1. Compile with the mm command the generated APK has system privileges.

method two

  1. 1. Specify LOCAL_CERTIFICATE as the platform and use the platform.x509.pem and platform.pk under build\target\product\security as the key to sign the apk.
  1. 2. Compile with the mmm command. Otherwise you need to use the tool to sign the generated apk
  1. 3. The key pair must be the same key pair as the target system version.

Get root privileges:

1. First there must be a su program: there is a su.c in /system/extras/su many manufacturers will remove this program to prevent being rooted

2. Make the owner of the su.c file root and set the suid bit chmod 6777 file. Because rws its execution permission flag is an s and s represents that any user has the file when executing the file. The owner's permission the linux system the program executed by the current user the effective user ID (Effective UID) of the program process is the current user but the program with s (set uid) permission the effective user ID of the process is this program Owner. In other words a program with set uid permission after running is equivalent to the owner running the program if the owner is root then the process also has root privileges. To put it simply no matter who executes this file he executes it as root. That is to say even if I am not root it is possible to execute the program as root.

3. Then call the shell in the code then call the su command to get a process with root privileges through which to read and write the directory that requires root privileges.

Generally linux obtains the root privilege by executing the su command. Can you also execute the command in the apk program? We know that in linux programming there are exec function families:

Pasted Graphic 6

In java we can use Runtime.getRuntime(). Exec (String command) access to the underlying Linux program or script so that you can execute the su command so that apk has root privileges can access the program or script in the system that requires root privileges to execute.

specific examples:

package com.visit.dialoglog;
import java.io.DataInputStream;
import java.io.DataOutputStream;
import java.io.IOException;
import android.app.Activity;
import android.os.Bundle;
import android.util.Log;
public class VisitRootfileActivity extends Activity {
    private static final String TAG = "VisitRootfileActivity";
    Process process = null;
    Process process1 = null;   
    DataOutputStream os = null;
    DataInputStream is = null;
    /** Called when the activity is first created. */
    @Override
    public void onCreate(Bundle savedInstanceState) {
        super.onCreate(savedInstanceState);
        setContentView(R.layout.main);
        try {
            process = Runtime.getRuntime().exec("/system/xbin/su"); /*这里可能需要修改su
                       的源代码 (注掉  if (myuid != AID_ROOT && myuid != AID_SHELL) {*/
 
            os = new DataOutputStream(process.getOutputStream());
            is = new DataInputStream(process.getInputStream());
            os.writeBytes("/system/bin/ls" + " \n");  //这里可以执行具有root 权限的程序了  
              os.writeBytes(" exit \n");
            os.flush();
            process.waitFor();
        } catch (Exception e) {            
            Log.e(TAG "Unexpected error - Here is what I know:" + e.getMessage());
        } finally {
            try {
                if (os != null) {
                    os.close();
                }
                if (is != null) {
                    is.close();
                }
                process.destroy();
            } catch (Exception e) {
            }
        }// get the root privileges
    }
}

Android keystore file signature【Signature (program package)】

What is the signature for?

Simply put signatures ensure that our app can be upgraded and not overwritten by others.

It is a logo.

Tools

   1.  Keytool is a key and certificate management tool that can be used to generate certificates.

   2. The jarsigner tool uses the information in the keystore to generate or verify the digital signature of a Java archive (JAR) file

Generate a certificate using keytool:

  • keytool -genkey -keystore test.keystore  -alias test -keyalg RSA -validity 10000

Parameter explanation:

  1. genkey generates a certificate file

  2. keystore specifies the keystore's .keystore file

  3. keyalg Specifies the algorithm of the key specified here as RSA (Asymmetric Key Algorithm)

  4. validity is the number of days the certificate is valid. Here we write 10000 days.

  5. alias generates an alias

Pasted Graphic

In addition the keytool can also view information:

Pasted Graphic 1

signature

You can use jarsigner to sign examples are as follows:

-  jarsigner -verbose -keystore test.keystore -signedjar -signed.apk unsigned.apk test

Parameter explanation:

  1. 1. verbose: specifies to generate verbose output
  2. 2. keystore: specifies the digital certificate storage path
  3. 3. signedjar: The three parameters of this option are the signed apk package. The unsigned apk package. The digital certificate alias (note the order)

Another way to sign is to put the .keystore file generated in the first step into androidstudio or eclipse to generate a signed apk.

Pasted Graphic 2

Pasted Graphic 3

Pasted Graphic 4

Pasted Graphic 5

In order to facilitate our packaging each time we can set the default two for each package. Add the following configuration to the build.gradle corresponding to the app and then sync now.

signingConfigs {
    debug {
        v1SigningEnabled true
        v2SigningEnabled true
    }
    release {
        v1SigningEnabled true
        v2SigningEnabled true
    }
}

本网站所收集的部分公开资料来源于互联网,转载的目的在于传递更多信息及用于网络分享,并不代表本站赞同其观点和对其真实性负责,也不构成任何其他建议。本站部分作品是由网友自主投稿和发布、编辑整理上传,对此类作品本站仅提供交流平台,不为其版权负责。如果您发现网站上有侵犯您的知识产权的作品,请与我们取得联系,我们会及时修改或删除。 本网站所提供的信息,只供参考之用。本网站不保证信息的准确性、有效性、及时性和完整性。本网站及其雇员一概毋须以任何方式就任何信息传递或传送的失误、不准确或错误,对用户或任何其他人士负任何直接或间接责任。在法律允许的范围内,本网站在此声明,不承担用户或任何人士就使用或未能使用本网站所提供的信息或任何链接所引致的任何直接、间接、附带、从属、特殊、惩罚性或惩戒性的损害赔偿

发表评论

0 个回复