Android security question (4) preemptive startup-Result

Introduction: The following example describes how to enable a static broadcast receiver to receive unordered broadcasts.

(Note: the text only states the result, so it is called the result article, and the subsequent articles will provide the source code analysis)

First, let's talk about broadcast and broadcast receivers in Android.
Broadcast can be divided into three types: ordered, unordered, and sticky.
Broadcast receivers can be divided into static and dynamic

First, we need to clarify two issues
1. The order in which receivers receive unordered broadcasts is ordered.
2. Receivers that receive unordered broadcasts can also set their priority.

Here, we will mainly talk about the order in which static broadcast receivers in multiple applications receive unordered broadcasts with the same priority.
Note: here we will mainly describe the conclusion and give the detailed principle in the future.
Note: As mentioned in this article, static receivers on the same device have the same priority by default, which is very important.

Let's take the broadcast Android. Intent. Action. boot_completed sent during startup as an example. This is an unordered broadcast.
If the application wants to enable auto-start, it must listen to this broadcast. Before the program starts, the dynamic broadcast receiver is definitely unavailable. I believe you have no doubt about this.
If you receive it first, the program will be started first. As for the advantages of starting first, I think those who can't wait are more clear than anyone else.

What is the order of receipt? To tell the truth, I don't know, but don't rush to pat me. I don't know at all ......
The order is the same as that of the resolution application, but what is the order of the resolution application?
First of all, it has nothing to do with the file name of your APK!
For example, if A is an application like a.apkw. B .apk, the result does not guarantee that a can receive the result first than B, or B can receive the result first than.
Then I will tell you that this is related to the APK file name!
That's right, but why?
There are several steps to install an application.
1. Download an application and set it to new.apk.
2 installation. In general, the user will operate on the phone, click the file, and then the system will install the page ...... Then everyone knows. In another case, programmers may like to use ADB install-r new.apk.
As we all know, third-party applications are stored in the/data/APP directory.
When the installation is complete, let's look at it and find out that you cannot find a file named new.apk!
What will you find? You will find a file whose name starts with the package name new.apk, and then may follow "-number .apk", such as: com.android.test-1.apk
The order of receipt is related to this name! So what is the relationship?
When the system is started, the APK will be parsed in a sequence
1. First, it will parse the/system/framework directory in the phone, in the native system, this is an APK-framework-res.apk
Of course, each manufacturer will also add internal content, which is better than my own directory with com.htc.resources.apk.
2. The folders that are attached are listed in order:
/System/APP
/Vendor/APP
/Data/APP
/DRM/APP-Private
(Code analysis is provided in the next blog)

What is the parsing order in each folder?
First, we only check the/data/APP, that is, the storage location of third-party applications installed by the user.

This is consistent with the order in which the following code returns results.

File file = new File("/data/app/");String[] files = file.list();

That is to say, we can print this array in order to know which receiver will receive the broadcast first and which one will receive it later (why is the result consistent with this result? Next article analysis)

(Remember: The default receiver mentioned in this article assumes that the receiver has the same priority. If the priority is different, of course, the receiver has a higher priority first)

Now you may have the following questions:

1. String [] java. Io. file. List (), what is the order of the returned results of this function?

2. How to execute the above Code?

First, answer question 1.

I don't know!

Let's take a look at the description provided by javadoc.

Javadoc wrote that there is no guarantee that the name strings in the resulting array will appear in any specific order; they are not, in particle, guaranteed to appear in alphabetical order.

People don't give you any guarantee.

It is said that when running in windows, the results will be listed in alphabetical order. Unfortunately, Android is a Linux

However, we can make a joke and print the above results. If your application is behind the scenes, change the package name until you can rank it first. Of course, this is not a good solution, but I have no better solutions.

Answer question 2 now

The root permission is required to execute this code, because the application generally does not have the permission to read this directory.

What if the mobile phone does not have root? You won't find a root user to check the results ......

I did an experiment. I wrote a few applications that only use the pluer, and set their package names to the commonly used and relational application package names.

Fetion: cn.com. fetion

LBE Privacy Guard: COM. LBE. Security. Lite

Handsent: COM. handsent. nextsms

Kingsoft mobile GUARD: COM. ijinshan. mguard

360 mobile GUARD: COM. qihoo360.mobilesafe

Qq Mobile Phone Manager: COM. Tencent. qqpimsecure

One test application: COM. example. boottest

File file = new File("/data/app/");String[] files = file.list();for (int i = 0; i < files.length; i++) {System.out.println("/data/app/:files["+(i+1)+"]:" + files[i]);}

Result:

/Data/APP/: files [8]: com.tencent.qqpimsecure-1.apk

/Data/APP/: files [9]: com.qihoo360.mobilesafe-1.apk

/Data/APP/: files [10]: com.ijinshan.mguard-1.apk

/Data/APP/: files [11]: cn.com.fetion-1.apk

/Data/APP/: files [12]: com.lbe.security.lite-1.apk

/Data/APP/: files [13]: com.handsent.nextsms-1.apk

/Data/APP/: files [14]: com.example.boottest-1.apk

The actual receiving order is:

12-06 15:19:58. 187: I/system. Out (1880): getpackagename: COM. Tencent. qqpimsecure

12-06 15:19:58. 288: I/system. Out (1893): getpackagename: COM. qihoo360.mobilesafe

12-06 15:19:58. 378: I/system. Out (1906): getpackagename: COM. ijinshan. mguard

12-06 15:19:58. 488: I/system. Out (1920): getpackagename: cn.com. fetion

12-06 15:19:58. 608: I/system. Out (1933): getpackagename: COM. LBE. Security. Lite

12-06 15:19:58. 718: I/system. Out (1946): getpackagename: COM. handsent. nextsms

12-06 15:19:58. 908: I/system. Out (1959): getpackagename: COM. example. boottest

If one of them has a higher priority, such as cn.com. fetion, the actual receiving order is

Getpackagename: cn.com. fetion
Getpackagename: COM. Tencent. qqpimsecure
Getpackagename: COM. qihoo360.mobilesafe
Getpackagename: COM. ijinshan. mguard
Getpackagename: COM. LBE. Security. Lite
Getpackagename: COM. handsent. nextsms
Getpackagename: COM. example. boottest

Note:

The above is just a simple test, not that these applications are in this order, because their priorities may be inconsistent, or the file names in/data/APP may be inconsistent, resulting in inconsistent order

But here, you should know how to start it before it starts.

For the root server

For everyone, if I am a virus, what should I do?

Obviously, the most ideal way is to find a shell application and put the object virus apk in the/system/framework directory. Of course, don't forget to set your priority to the highest level. Otherwise, it would be a waste of time.

Security issues after Android phone root (1)

Security issues after Android mobile phone root (2)

Security issues after Android mobile phone root (3)

Security issues after Android mobile phone root (4)

Android security question (1) Mute photo and photograph

Android security question (2) program lock

Android security question (3) phishing programs

Android security question (4) preemptive startup-Result

Android security question (5) preemptive interception of text messages-Result

Please do not use the root mobile phone to download software at will, or use any excuse to create any virus!

Repost the following link

My blog address

Http://su1216.iteye.com/

Http://blog.csdn.net/su1216/