My plan is to make a mobile application that traces system calls of other mobile application like strace. I read some papers but they uses custom kernel or rooted device(emulator). Also I used frida but it requires root privilege.
I want to trace system calls using my mobile application with not rooted device. Is there any way to do this?
There might be a way, but there is no official way.
Each app in Android is run in a Sandbox which it can't escape. The System has its own Sandbox (sometimes multiple), which you can't access.
This is a security measure.
The only thing you can track are broadcasts.
Without root privilegs it is imho impossible to access system calls.
it would be a huge security issue for android systems if applications could do that.
Related
I know I can use "su" to execute commands as root. Android pops up a user-dialogue to ask whether the app should be allowed to use su, and whether is should remember the user's decision for next time.
Are there things an app can do on a rooted phone, that they can't on an unrooted phone.
If so, what are they, and how are they enabled in the manifest?
I want to make the context plain.
I have a supposedly rooted Android device with no access to the Android marketplace.
I have not yet found a way of downloading apks from the play store without putting information about my phone into Chrome extensions which I do not trust.
I need to write a small app to find out if the device is rooted.
Many apps require rooted devices, so if I can write an app that does the same as them, I will know if the device is rooted.
One of the things I would like to do on this rooted device is to shut it down without user interaction.
Are there things an app can do on a rooted phone, that they can't on an unrooted phone.
Yes, in the same way that there are things that a super user can do on a Linux computer that a normal user cannot.
If so, what are they, and how are they enabled in the manifest?
There isn't really a list of things only available to rooted users. The number of things is long, depends on the device, and likely wouldn't really address your real question anyway.
In short, the answer is that you can perform privileged actions that are typically not available to applications or users using the command line.
In practice, this means you can access restricted parts of the filesystem (such as the Android system directory), including data from other applications (such as the normally protected SharedPreferences). This also means that you can access restricted commands/applications, such as sqlite3 (if installed).
If you are looking for a reason to write an application that leverages root access, you are likely going about this the wrong way. Instead, think of what functionality you want and determine if you need root access after that.
I have brought one plus one and tried to install an app. But then it says your phone it's rooted.. Finally it didn't install. I'm aware that if a phone is rooted, then there are two disadvantage . One your phone warranty will not work if the phone is damaged while rooting. And two.. You will get support user acces .
My question is what is the problem from an application perspective, if a phone is rooted.? Why few apps are blocked to get installed on rooted phon . ?
Functions of some apps require root access to the operating system. For example, they might require tuning the kernel options, writing to a raw device or accessing privileged resources.
Android apps typically run in a closed "jail" to protect the system and other apps from contamination of a malicious or poorly written app.
By rooting your phone, you take the risk of this contamination on yourself. It is why carriers will often not honor the warranty after rooting.
That being said, there are often methods of flashing back to a non-rooted version if you do need to claim a warranty. It really depends on your skill level and patience. If you are interested in rooting, there are many resources out there. If it sounds scary, it probably isn't for you, and the app that requires root probably isn't something you should mess with.
How to develop an application in android that will block particular website in device without uninstalling it from device?
If Android OS on the phone is not rooted you won't be able to block another application. Os doesn't give rights to do that. Android runs on Linux, Linux provides sandbox system call API and dictates rules.
http://developer.android.com/guide/topics/security/permissions.html
Basically you can do what is allowed to do. Intercept call's, block camera via device admin manager, read data of another apps if they share that data and only what they share, use some common resources, but not more than that. To do what you want to do your app has to be a root, but standard third party apps don't get root privileges. And your solution is to change firmware, bind your app into it with root privileges.
Though some application gives the same functionality. Those apps apparently pre-built with Android firmware. Manufacturers get firmware before it goes to the rest of the world. Make necessary changes to give more privileges to their app and bind it with Android ROM. You cannot uninstall those apps.
The only resolution is could prefer is to have root privileges to block other apps. And you will only get them on a rooted device.
I suspect that I already know the answer to this question, but I wanted to ask the experts anyway.
Would it be possible to use the FileObserver class to monitor changes to files belonging to other apps (i.e. things in the /data directory that don't belong to the app implementing the FileObserver)?
It seems that even if I had a rooted device, there isn't a way to have my monitoring application run as root.
The only possible (and unappealing) solution I've come up with, is having a rooted device, and changing the privileges on all the files on the device so that they would be accessible by the monitoring app.
Thanks,
Jarabek
This would almost certainly have to be done in native code, and would only work on rooted devices.
You should look into inotify.
Is there any way of blocking websites programmatically on an Android device? I would like to have a blacklist of URLs that are populated into a continually running service. When the user running under restricted terms opens a browser, it should check that blacklist.
I've thought of modifying the hosts.allow and hosts.deny files, but those are protected.
I'm pretty sure it is possible on a rooted device - there are some free firewalls. But on a regular device this might not be possible.. I think it would require Kiosk mode in Android