Android security issues preemptive intercept SMS

As in the previous article, only the results are stated here, and the code analysis is given later

Introduction: This article describes how to first in some pseudo-antivirus software, viruses, general software to obtain text messages

As we all know, the Android system will send a broadcast when the message is received, but this broadcast is ordered broadcast, that is to say: First received the radio, if the mood is not good, it will not pass this broadcast, the people will not know that there is a message coming

This is different from out-of-order broadcasting, the disordered broadcast is not really no sequence (just seems to be used to call it), the receiver of the disordered broadcast is also waiting for the broadcast, but in the transmission process, we must abide by the rules, has been to pass the message to the last person can

with regard to the order of reception of the disordered broadcast and the static receiver, the previous article has been very clear.

Since the program did not start after the boot, so want to automatically run must be received

Now let's take a look at what happens after the program starts, as an example of receiving short messages that everyone cares about.

To receive text messages in your program, you should receive the following broadcasts

Android.provider.Telephony.SMS_RECEIVED

The system sends it as an orderly broadcast, so who is the first to receive the message will become crucial, whether you are anti-virus software, anti-virus software, viruses or ordinary programs

previously said the receiving order of the static receivers

What about dynamic receivers versus static receivers?

If you are receiving static broadcasts

The answer is that the static receiver takes precedence over the dynamic receiver, that is, no matter how high a static receiver and how low-level dynamic receivers are receiving the same broadcast, will always be the dynamic receiver first received!

The dynamic receiver is set in the code, so we need to start the program before we can receive the broadcast, which is why we can't use it to receive a start-up broadcast.

If you are receiving dynamic broadcasts

with priority, the dynamic receiver receives the broadcast first, and then receives the

Similarly, a dynamic receiver can set priority, and a high-priority receiver will receive a broadcast before a low-priority receiver

So, what is the order in which the broadcast is received by a dynamic receiver of the same priority?

Fortunately, their rules differ from those of static receivers.

a dynamic receiver of the same priority, who first registers to the system, and who is to receive the broadcast

Although the above is purely textual narrative, but I believe that everyone is also aware of the

Here's a summary of how you can ensure your program gets the SMS from other programs

1. According to the previous article, to ensure that you start before other programs

2. Start the first thing to turn on the service, dynamically register the broadcast, and set the priority to the highest

Code implementation is also very simple

A receiver

PrivateDynamicreceiver Dynamicreceiver =Newdynamicreceiver (); Public classDynamicreceiver extends Broadcastreceiver { Public voidOnReceive (Context context, Intent Intent) {log.e (Smsutil.tag,"Dynamic receiver"); String Action=intent.getaction (); if(SmsUtil.SMS_ACTION.equals (ACTION)) {Context.startservice (smsutil.getintent (context, Mainservice.class, Intent,"Dynamic receiver")); }    }}

Dynamic registration

 Public Static " Android.provider.Telephony.SMS_RECEIVED "  New  intentfilter (sms_action); intentfilter.setpriority (integer.max_value); registerreceiver (Dynamicreceiver, intentfilter);

Finally, the order in which the receivers receive the broadcasts is summarized .

Before due to the influence of the previous memory, the wrong conclusion, sorry to bring trouble to everyone

Later finishing the principle of time, carefully read the source to find, hereby corrected

Universal principles

A dynamic receiver of equal priority, first registered first received

Static receivers of equal priority, the order in which the broadcasts are received is consistent with the order of string[] Java.io.File.list ()

ordered broadcast

Assuming 5 receivers like the next priority

1. Dynamic A (priority =1)

2. Dynamic B (priority =2)

3. Dynamic C (priority =2)

4. Static d (priority =1)

5. Static e (priority =2)

and b is registered prior to C

Then the actual receive order should be

B C E A D

That is, if the static receiver takes precedence over the priority of the dynamic receiver, then the static receiver receives the broadcast first (such as receiving a text message)

non-ordered broadcast

dynamic Receiver High-priority > Dynamic receiver Low priority > static receiver High priority > static receiver low-priority

Before the end, say humorous digression.

Some broadcasts, we can't receive with static receivers

such as action_screen_on, when the screen is lit, the system sends this broadcast

If you try to register receiver in manifest to receive it, it will fail.

Let's see how the system is sending this broadcast.

void Com.android.server.PowerManagerService.initInThread ()

void Initinthread () {    ...     New Intent (intent.action_screen_on);    Mscreenonintent.addflags (intent.flag_receiver_registered_only);     New Intent (intent.action_screen_off);    Mscreenoffintent.addflags (intent.flag_receiver_registered_only);    ...}

They have set up intent.flag_receiver_registered_only in intent, so if you want to receive it, you must register the broadcast receiver dynamically

So is Action_screen_off.

(This paragraph should put the previous Android security issue (iii) in the Phishing program, now fill up)

Notes on the Flag_receiver_registered_only

Public static final int flag_receiver_registered_onlyAdded in API Level 1

If set, when sending a broadcast only registered receivers would be called – no broadcastreceiver components would be launc Hed.

Constant value:1073741824 (0x40000000)

Looking for a broadcast, action_battery_changed.

The system sends this broadcast when the battery charge changes

void Com.android.server.BatteryService.sendIntent ()

Private void sendintent () {    //Pack up-the  values and broadcast them to everyone    new Intent (intent.action_battery_changed);    Intent.addflags (intent.flag_receiver_registered_only            |  intent.flag_receiver_replace_pending);    ...}

So we have to dynamically receive

Android security issues preemptive intercept SMS