Android Black technology, read user SMS + Modify system SMS Database

Source: Internet
Author: User

The Android system is moreIosSystem's biggest shortcomings, I believe we all know, is the system security problem. This blog will show a wave“Black Tech".

Read user sms

Android app can read the SMS on the user's mobile phone, I believe it is not something new, such as we received the SMS verification code, some apps will be able to automatically get and fill in the verification code, save us to manually fill in the verification code. The principle is to access the SMS database of the system indirectly through the Android ContentProvider component, and get all the SMS content. Here's a demonstration.

The layout is simple, as follows:

The code is as follows:

 Public classMainactivityextendsActivity {List<Message>smslist; @Overrideprotected voidonCreate (Bundle savedinstancestate) {Super. OnCreate (savedinstancestate);                Setcontentview (R.layout.activity_main); Smslist=NewArraylist<message>(); }     Public voidClick (View v) {//Access content providers get text messagesContentresolver CR =Getcontentresolver (); //host name of the SMS content providercursor cursor = cr.query (Uri.parse ("Content://sms"),Newstring[]{"Address", "date", "Body", "type"},                 NULL,NULL,NULL);  while(Cursor.movetonext ()) {String address= cursor.getstring (0); LongDate = Cursor.getlong (1); String Body= Cursor.getstring (2); String type= Cursor.getstring (3); Message SMS=NewMessage (Body, type, address, date);            Smslist.add (SMS); LOG.E ("TAG", sms.tostring ()); }    }         Public voidClick2 (View v) {XmlSerializer xs=Xml.newserializer (); File File=NewFile ("Sdcard/sms.xml");        FileOutputStream Fos; Try{fos=Newfileoutputstream (file); Xs.setoutput (FOS,"Utf-8"); Xs.startdocument ("Utf-8",true); Xs.starttag (NULL, "message");  for(Message sms:smslist) {Xs.starttag (NULL, "SMS"); Xs.starttag (NULL, "Body");                Xs.text (Sms.getbody ()); Xs.endtag (NULL, "Body"); Xs.starttag (NULL, "Date"); Xs.text (Sms.getdate ()+ ""); Xs.endtag (NULL, "Date"); Xs.starttag (NULL, "type");                Xs.text (Sms.gettype ()); Xs.endtag (NULL, "type"); Xs.starttag (NULL, "Address");                Xs.text (Sms.getaddress ()); Xs.endtag (NULL, "Address"); Xs.endtag (NULL, "SMS"); } Xs.endtag (NULL, "message");        Xs.enddocument (); } Catch(Exception e) {//TODO auto-generated Catch blockE.printstacktrace (); }    }    }

The following analysis of the code: the first button through the ContentProvider indirectly obtained some text message information, saved in a list array. We take a look at the SMS table of the Android system:

There are a total of 17 fields so much, obviously not we all care, here as long as the address,date, body, type four fields, respectively, the number of the other, the text message time, SMS content, send or receive. The second button stores message-related information in a serialized XML file for easy viewing.

Put the XML:

You can see that at this time there are 5 messages on the phone, done.

Modify the System SMS database

The real black technology came, I believe you know some criminals can impersonate various numbers to release false information, such as 10086 what, the following demonstration to use 95533 (CCB) to send an April Fool's card.

The code is as follows:

 Public classMainactivityextendsActivity {@Overrideprotected voidonCreate (Bundle savedinstancestate) {Super. OnCreate (savedinstancestate);    Setcontentview (R.layout.activity_main); }     Public voidClick (View v) {Thread T=NewThread () {@Override Public voidrun () {contentresolver CR=Getcontentresolver (); Contentvalues Values=Newcontentvalues (); Values.put ("Address", 95533); Values.put ("Type", 1); Values.put ("Date", System.currenttimemillis ()); Values.put ("Body", "you tail number for 9999 of the credit card received 1,000,000RMB transfer, please pay attention to check"); Cr.insert (Uri.parse ("Content://sms"), values);        }        };    T.start (); }    }

The idea is similar to the previous step, but here is inserting a message. Implementation results:

Incidentally, from the beginning of Android 5.0, the default SMS application software can not be written in the form of short message database (write SMS) text message, that is, the modification of the system text message database does not work, but read the user text message this bug has not been fixed yet. So don't want to be cheated of children's shoes or feel upgrade more than 5.0 version of it ^_^

Android Black technology, read user SMS + Modify system SMS Database

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.