I have been trying to run a few Linux commands on my android phone with
Process process = Runtime.getRuntime().exec(COMMAND);
BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
And noticed that I can only run specific commands and get the proper output even if the device is rooted with SuperSU (I have also tested it with a device without SuperSU on it).
For example, if I run ls and try to put it on a screen (through a TextView) as follows:
public void onBtnClick(View view) {
try {
EditText commandLine = findViewById(R.id.commandText);
Process process = Runtime.getRuntime().exec(commandLine.getText().toString());
BufferedReader in = new BufferedReader(new InputStreamReader(process.getInputStream()));
((TextView) findViewById(R.id.mainTextView)).setText(((TextView) findViewById(R.id.mainTextView)).getText() + "\n" + in.readLine());
commandLine.setText("");
} catch (IOException e) {
e.printStackTrace();
}
}
the output is acct which makes sense.
But on the other hand, if lets say I run pwd it gives me the following error:
W/System.err: java.io.IOException: Error running exec(). Command:
[pwd] Working Directory: null Environment: null
I did some research online and stumbled upon Termux that can have complete control over the phone through a terminal which is exactly what I'm looking to make (for my own learning and testing purposes).
And although it's just an emulator it can do exactly what I want but the only problem is that it requires I input the commands through the terminal.
What I'm here for is to sort of replicate what Termux does for myself so that I could run Linux commands properly from the Java code of the application, not requiring the user to actually input commands.
Can anyone help me with where to start and the basics of running those commands properly on my device?
Termux states that it doesn't work as a traditional Linux bash does since it sets its own virtual-ish environment when first setting up in its data directory in /data/data/com.termux/files/usr see here and here
Also, according to the official android docs, the exec(command) method,
Executes the specified string command in a separate process.
This is a convenience method. An invocation of the form exec(command)
behaves in exactly the same way as the invocation exec(command, null,
null).
So if it's a separate process, when executing a command, it will run it inside that process' directory (Each process in Linux gets its directory and is assigned an PID which os uses). So what the ls command gives you is simply whatever's inside that process' directory. You should be somewhere like /proc/31415/ and there's only a acct file (cgroup in regular Linux).
What you should be doing is running the command inside a directory by declaring it when invoking getRuntime().exec() see the link above to find the right one you'll need. I'd suggest using the override which handles all the parameters.
You'll need something like this:
String[] cmd = {"mkdir", "testDir"};
File env = new File(getFilesDir().getAbsolutePath());
Runtime.getRuntime().exec(cmd, null, env);
Also, it doesn't hurt to take a look at Termux's installer code (exec(). It'll give you a good overlook to setting up your environment as well as working with basic commands.
Also, I think you've done it already but double check to make sure that you're requesting WRITE_EXTERNAL_STORAGE permission for your application.
Related
I want to write an application which roots the device on which it is installed, I mean by installing this app you will be able to root your device without a computer, just like the app in the following link,
http://www.kingoapp.com/root-tutorials/how-to-root-android-without-computer.htm
I've searched a lot on how to do that using Java code for Android devices, but there was no clear solution to me. Based on my research, I think we need the following steps:
1- Being able to use shell commands in Android using Runtime.getRuntime().exec();
2- Executing a command that gains root privileges (I think su, but this needs a rooted device to be executed).
3- Initiate a root command that will root the device.
I couldn't find a code explanation on how to do the steps above. I want to understand this process first, the commands that can be used in it, then I want to try to implement it by myself. Since there are many apps on the store that offer this feature, then implementing it must be feasible.
Could anyone please explain to me how to implement this process?
Also, is there a possibility to write a code for the opposite process, which is unrooting the device?
Any help is appreciated.
Thanks.
To run root commands, you have to use the following format:
public void RunAsRoot(String[] cmds){
Process p = Runtime.getRuntime().exec("su");
DataOutputStream os = new DataOutputStream(p.getOutputStream());
for (String tmpCmd : cmds) {
os.writeBytes(tmpCmd+"\n");
}
os.writeBytes("exit\n");
os.flush();
}
where you pass in an array of strings, each string being a command that needs to be executed. For example:
String[] cmds = {"sysrw", "rm /data/local/bootanimation.zip", "sysro"};
As the question title suggest, I'm going to use atinout library in my android application to be able to send AT Commands to my device's gsm modem and get the response back.
I've searched the SO and other blogs and the best code I got is something like this, which does not cauese anything to be written to output :
Runtime r = Runtime.getRuntime();
Process process = r.exec(new String[] {"su", "-c", "echo -n -e 'AT\r' > /dev/smd0"});
BufferedReader in = new BufferedReader( new InputStreamReader(process.getInputStream()));
String line = "";
while ((line = in.readLine()) != null)
{
output+= line ;
}
tv.setText(output);
So my main concerns are :
1- How to send a simple AT commmad (like AT Ok) to the device's gsm modem and "print" the response back ?
2- I have no idea how to use the atinout library in an android application project, since it is written in C language.
By the way :
I have successfully rooted my Sony Xperia M Dual (C2005) phone and have SuperUser installed on it, so this prerequisite is met.
Also, I think I need some fundamental training on Unix commands and Serial communication and I really love to learn any needed material.
Finally, I'm on a tight deadline ! So the more straightforward , the better!
P.S. I don't want someone to write the code for me, I just need the guidelines.
Thanks for your help.
Step 0. Compile atinout for android and install it. For this I have no experience and cannot give any help other than some general guidelines that you need to replace CC = gcc in the Makefile with an appropriate cross compiler.
Step 1. Write all the AT commands you want to run into a file input.txt (using normal '\n' line endings, there is no need to mess with '\r' here).
Step 2. Change the exec line to
Process process = r.exec(new String[] {"su", "-c",
"atinout input.txt /dev/smd0 output.txt"});
Wait for the process to finish execution (process.waitFor() I think).
Step 3. Open the file output.txt and read the output from this instead of process.getInputStream().
I am trying to execute this code
Process process = new ProcessBuilder().command("mount").start();
process.waitFor();
to find out the sd card location and then afterwards checking if it is managed by vold and if the file system is vfat.
My question is if anyway this code can be comproprised and become a candidate for command injection in Android.
Couple points from my side.
Its not user input so there will be no command injection in that case. Can the whole Android OS environment be changed such that mount command can be ill used ?
cheers,
Saurav
ok...Currently i am reading /proc/mounts replacing the mount command.
Is this is the good way to do.
References for this solution
http://renzhi.ca/2012/02/03/how-to-list-all-sd-cards-on-android/
How can I get the list of mounted external storage of android device
code below
reader = new BufferedReader(new FileReader("/proc/mounts"));
String line;
while ((line = reader.readLine()) != null) {
// Output the line of output from the mount command
logger.debug(" {}", line);
if (line.startsWith("/dev/block/vold/")) {
Can anyone please if this is the correct way to do and is free of any security issues.
cheers,
Saurav
As you said, as long as you don't have any user input you're safe from this kind of injection.
The only case where you could be in trouble is if the mount binary have been replaced by a some malicious binary. To encounter this situation, the user must have had rooted the device and replaced the OS with a custom ROM.
I think you can assume that the mount command should run properly.
I have some test built, and my testing department can't figure out how to use the terminal. Uiautomator test are .jar files so must be ran via terminal. So for convenience, I want to make an app for them with the tests in a list to choose from to execute. Is this possible? My research leads me to believe that the devices will need to be rooted. If that is the case I will not be able to do it. So is there a workaround to this? This is what I have tried:
Runtime rt = Runtime.getRuntime();
try {
Process process = rt.exec("su");
DataOutputStream os = new DataOutputStream(process.getOutputStream());
os.writeBytes("uiautomator runtest test.jar -c ui.test.getData\n");
os.flush();
os.writeBytes("exit\n");
os.flush();
process.waitFor();
} catch (IOException e) {
e.printStackTrace();
} catch (InterruptedException e) {
e.printStackTrace();
}
This code will produce this :
java.io.IOException: Error running exec(). Command: [su] Working Directory: null Environment: null
Please help me with a way to get this to work. Thanks!
Do you have suggestions of something I could do to make it easy for my testing team to run a test of mine?
Create a desktop app that runs the test.
Or, just put a nice batch file/shell script in front of it. Perhaps one that launches the test and displays a photo of a cute kitten in the tester's Web browser.
(testers love cute kittens)
Or, set up a continuous integration server, so testers are not manually running the tests at all -- the tests are run automatically, and the testers are simply examining the results. I presume that somebody has a recipe for Hudson/Jenkins/whatever that can run an uiautomator test. And there may be a separate recipe for integrating photos of cute kittens into the test result reports, though it is possible that you'll be stuck writing your own for that.
I am trying to send terminal commands programmaticly from an android activity. At the moment I'm using something like the following:
Process process = null;
DataOutputStream os = null;
process = Runtime.getRuntime().exec("su");
os = new DataOutputStream(process.getOutputStream());
os.writeBytes("./data/program1\n");
os.writeBytes("./data/program2\n");
os.writeBytes("exit\n");
os.flush();
However, my program1 is failing to run successfully and I believe it is due to inadequate user permissions. Now for my question:
Does anyone know how I can dump the terminal to a file and save it on the phone or sdcard? The program is tying into the terminal to feed it commands, I want to know a way to open a connection the otherway and access the (what is normally visual on a terminal screen) output.
See the sources for the Terminal application, as that is bidirectional.
Sadly, running shell commands or launching native processes is not an officially supported part of android, so no future stability is guaranteed.