Wednesday, May 10, 2017

WiFi Overview 360 2 00 6 Apk Download

WiFi Overview 360 2 00 6 Apk Download


shell

If you have a rooted Android phone, you are probably using a variation of JesusFrekes RC30 image. With JFs image, there are two ways you can get root:

  • For remote root, you can adb shell into the phone
  • For local root, run the root setuid su from Terminal Emulator or pTerminal.

The problem with the latter version is that any application can run su and get full unfettered access to everything on the phone. This leaves the door open to malicious applications. However, the answer is not simply removing the su file, as then there is no way to perform superuser tasks from within legitimate applications.

To that end, I wrote the Superuser application that fixes the security hole, and also allows you or any application to get root when properly authorized. Ive also written a Shell application to demonstrate how an application can request authorization.

How Superuser sets itself up:

  • The standard RC30 install will have a setuid /system/bin/su. (if you deleted disabled it, reenable it for setup)
  • Install the Superuser Java application to your phone and run it.
  • Superuser will create a copy of su named superuser.
  • Superuser will chown superuser to user "root" and group app_gid (where app_gid is the group id of the Superuser application as determined by Android)
  • The superuser binary will also be chmod 4750 superuser, so that the Superuser Java application, and only that application, can execute it as root.
  • Finally, Superuser will chmod 4700 su to close the security hole.

How other applications get root access with the users permissions:

  • Any application can fire an intent to request access to the locked down /system/bin/su.
  • When that happens, Superuser will catch the intent and ask the user if it should grant that application root permissions.
  • If allowed, Superuser will chown 0:app_gid /system/bin/su (where app_gid is the gid of the requesting application).
  • That application can then use /system/bin/su as normal.

Notes:

  • /system/bin/su will get reset to chown 0:0 after 10 seconds, so the requesting application must start the instance of su up within that grace period. This is a bit of a kludge, but Im a Linux newbie and dont know a better/cleaner way to do it.
  • Since this is an unmodified version of su, 3rd party applications dont have to worry about piping in passwords and such.
  • This is using the standard Linux level permissions and restrictions, as well as the Android framework permissions present at the Java level.

Full source code to Superuser and Shell are at the bottom of this post.

So, heres what it the user experience looks like when running Shell and requesting root access:

First, we start up shell and try to run su. Note that running su is not allowed (as the uid of the process did not change). Shell needs to request permission to access su first:

nosu

This menu button fires the intent to request permission to su:

surequest

Superuser receives the request and asks the user if they wish to grant Shell superuser permissions:


suconfirm

Once granted, the user can properly execute su (as indicated by the root id in the prompt):

suworking

 

Superuser and Shell APK install files (will be on the market too soon).

Superuser and Shell Source Code.


Go to link for download

Posted by at
Labels: , , , , , , ,