I'm trying to compile Python code directly on my Android phone via QPython 3L and it's fine for some initial examples.
Now I want to read the call log and here is my code.
from androidhelper import sl4a
droid = sl4a.Android()
myconst = droid.getConstants("android.provider.CallLog$Calls").result
print(myconst['CONTENT_URI'])
calls=droid.queryContent(myconst['CONTENT_URI'],["number","duration","date","type"]).result
At the last line above it throws a NullPointerException and - after many trials&errors and searches on Google - I'm pretty sure that the root cause is a lack of authorization.
Can you confirm if this is the case (or you spot a bug, contrary to what I believe) and please point me to some documentation, for adding the authorization request, if that is appropriate to my specific code context?
Sometimes to solve programming issues like this, one needs luck, a lot of fantasy and an extreme willpower.
The solution (once one really knows what to do and where to search) can be found on this github page.
The FAQ reads:
A: Why are there so many branches? Q: Because Google Play and some
appstores have strict requirements for application permissions, they
require different permissions, we use different branch codes, for
example, 3 means it is QPython3, L means LIMITED, S means SENSITIVE
permission is required.
After a special (one-off) installation via download on Android, you have to manually add the Telephone permission to the application, using Android permission management. The downloaded app will replace the one installed via Google Play and you'll find your script already there, ready to be run, hopefully without the NPE.
Related
I have an app that accepts certain data from other apps. Those other apps typically check to see if my app is installed. For some reason some of those other app developers do some convoluted checks and sometimes those fail. This often leads to me getting bad reviews because those apps tell the users to install my app and they do but then it keeps telling them that because it can't find my app.
So I decompiled one of those apps and I think I found the issue. They get a list of installed apps like this:
getPackageManager().getInstalledApplications(128)
128 appears to be PackageManager.GET_META_DATA but I have no idea what that means and why my app doesn't appear on the list when that is called?
I've read on this post Android PackageManager can only detect system apps on physical devices that it could be related to package visibility on Android 11 https://medium.com/androiddevelopers/package-visibility-in-android-11-cc857f221cd9 however I tried adding that <queries> element and it didn't help at all. Is that something they need to add or something I need to add?
Edit: Figured out how the <queries> thing works. The app searching for my app must have it. So this doesn't really help me. Is there any way to get my app to show up for those apps when they query packages?
I have no idea what that means
It means that the returned data will include contents of <meta-data> elements in your manifest.
why my app doesn't appear on the list when that is called?
It is unlikely that the problem has to do with GET_META_DATA directly.
However, IIRC, those PackageManager methods are capacity-limited and may not return all results if there are too many or they are too large. In that respect, GET_META_DATA will increase the size of the response and may cause that response to be incomplete in terms of the elements in the list. If your app is missed as a result, then that would give you the behavior that you are seeing.
IOW, the real problem is that they are calling getInstalledApplications() in the first place. GET_META_DATA just makes the situation worse.
For some reason some of those other app developers do some convoluted checks and sometimes those fail
Consider supplying an SDK that handles the check, using more focused techniques than "getting the list of all installed applications along with their <meta-data> contents". Depending on the nature of your app, that SDK might also include code for checking the signature of your app to confirm it matches an expected value, so the other apps don't try communicating with some imposter or cracked version of your app.
I've seen plenty of ways of getting system logs in Android with logcat and the like, but not so much about app logs (except for the usual USB + adb solution).
My B2B Android app produces useful logging created with Log.i calls. Whilst in Studio these are very useful for debugging, it would also be useful to get these from customer's installs when things go wrong, i.e. from a release build out in the wild. Customers are generally not techies so getting logs via adb isn't really an option.
Is there a way within the app code itself to grab all the log contents?
Perhaps the SDK provides a way to do this?
I could then send that to my server or by email. I'm thinking it'll be useful for my customers to just hit a button so I can get an instantaneous snapshot of what is happening in the app.
Thanks in advance
UPDATE
There doesn't seem to be a way to do this, aside from writing to a file and sending that file. Which I guess is a good a solution as any.
Two other interesting ones that have come up are:
Firebase (from Mohammed's comment) - can log events:https://firebase.google.com/docs/analytics/android/events
Instabug
we can write write logs to file using java.util.logging.Logger API.
How to write logs in text file when using java.util.logging.Logger
Check out here for writting crash log to a file
I've tried a number of searches but can't find anything applicable, it may be because I'm just not asking the right question! So please feel free to redirect me if this has been covered elsewhere.
I'm new to Android and to development, but have an idea to use an Application to check other simple apps on the device for potential security holes (this is to design a prototype as part of a course of study).
Before I go any further, is it feasible to use an application to check through/parse/inspect the source code of another app, searching for instances of text/commands/permissions etc (similar to a grep in Linux for example)? Any starting points would be greatly appreciated, things like inter-app communication, converting code into text, searching through that text and reporting and the like.
I think the key might be using an app to inspect a Manifest file of another for permissions settings etc. I've learnt that Dalvik compiled code has big differences to the original Android 'Java'. Is it even possible to use an app to read the Manifest file of another app?
If u use Android Studio try 'code inspect' , 'code analyze'.
I'm trying to install Kik Messenger twice. I have two accounts and don't like to log out because I lose all of my conversation history. I'm currently using Titanium backup's profile feature, which is a very nice fix, but it's still a pain having to switch back and forth between profiles. I might be looking for "perfect" when perfect doesn't exist. I am completely new to modding apks and Android in general, all of my work on this so far has been "trial and error". Anyways, here's what I have:
I have the Google Play version of Kik installed on my phone. I have extracted that app and modified the package name successfully using apktool. However, when I try to install, I get an error saying something about duplicate provider authority. So I did some research and learned that I'm supposed to edit this part of the AndroidManifest. So I have played around with that a little bit and after I change the authorities, I am able to install the modded app. However, it crashes immediately.
Does anyone know how to fix this problem with the provider/authorities?
The issue you're hitting is that the app has registered certain classes to handle particular events. These need to be unique across all installed apps and point to existing classes in the app that will perform some activity with the supplied information.
You bypassed the safety check when installing by changing the defined handlers in the Manifest but that didn't really fix it as they still need to actually point to a valid, working class that can handle the requests/events.
You would need to decompile, rename the classes involved and all references made to them and recompile the whole app to really fix the problem. However, I'd assume that it would likely be against the license. If the code is open source then it wouldn't be too big a task to rename some classes & packages then build the app. If it's closed source then it is a harder task.
What you can do is either set up your device to use multiple accounts (the OS not the app) as each user has a separate data storage and preference location that should allow you to have two configurations. Or you can request that the developers include some sort of multiple account handling or easy account swap feature.
I am performing some experiments where I want to replay a previously captured packet trace from Android. So far I have written my own application to replay the trace and get then answer back from the server. Timing accuracy is not a big problem as long as is within reasonable bounds (e.g., some milliseconds).
However, I would prefer to use a tested tool like tcpreplay. Is there any project that have ported tcpreplay to Android? Given that libpcap is available, there should be something available, but I could not find anything.
Thanks for your help
I'm the author of tcpreplay, and I can't say I'm aware of an Android port. Never owned an Android device so can't say one is coming anytime soon.
I've got it running on my tab, you need to install GNUroot and Debian no root, they are both from the same developer... After get it, open GNUroot, check emulate new root, create rootfs and run the rootfs, after this "apt-get install tcpreplay". If you want to capture use TpacketCapture in the play store, you can also get Tpacketcapture Pro to use the capture in only one app.
If you are planning to hack games don't publish it, cause this vulnerability can be easily patched...
any question email me.