Skip to content

Instantly share code, notes, and snippets.

View steadfasterX's full-sized avatar
😆
stateless but steadfast

steadfasterX steadfasterX

😆
stateless but steadfast
View GitHub Profile
@steadfasterX
steadfasterX / android_debug_guide.md
Last active October 25, 2024 13:35
Android debugging
@steadfasterX
steadfasterX / android_selinux.md
Last active October 27, 2024 11:00
SELinux guides

About

SELinux is a security enhancement to Linux which allows users and administrators more control over access control.

Access can be constrained on such variables as which users and applications can access which resources. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications.

SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such as network resources and interprocess communication (IPC).

Deeper understanding

frameworks/base/services/core/java/com/android/server/wm/AppWarnings.java
/**
* Shows the "deprecated abi" warning, if necessary.
*
* @param r activity record for which the warning may be displayed
*/
public void showDeprecatedAbiDialogIfNeeded(ActivityRecord r) {
final String appAbi = r.info.applicationInfo.primaryCpuAbi;
@steadfasterX
steadfasterX / guide.md
Last active August 8, 2024 05:04
adb_boot_debug

Here are 3 ways to allow debugging on boot by connecting to adb. This is often called "insecure adb" - while it is not as "insecure" as you might think 😉

STEP 1

Prepare authorization

Since A7 you have to authorize your adb server which either requires to add your adb pub key into the ramdisk (directly on / ) or you must put it in /data/misc/adb/adb_keys, e.g when in recovery. Details here. This method will not work on FDE encrypted devices though. for this you need to mod the boot.img (see "Option A: Modding an existing boot.img").

important is that it has to have proper label and permission set. e.g when in recovery:

##################################################
# tracing process(es)
# (scroll down for tracing a service)
##################################################
--------------------------------------------------
the following is assumed for all commands before:
--------------------------------------------------
adb shell
@steadfasterX
steadfasterX / trace-an-android-service
Last active November 13, 2020 11:24
(s)tracing an android service is not straight forward but possible and needed in order to get all from the start
If it is required to debug a service from its very start, the sigstop service option is added.
This option will send SIGSTOP to a service immediately before calling exec.
This gives a window where developers can attach a debugger, strace, etc before continuing the service with SIGCONT.
This flag can also be dynamically controlled via the ctl.sigstop_on and ctl.sigstop_off properties.
Below is an example of dynamically debugging logd via the above:
# prepare service, yes even start it!
stop <service-name>
setprop ctl.sigstop_on <service-name>
start <service-name>
@steadfasterX
steadfasterX / slack_alert.py
Last active March 20, 2020 14:52 — forked from ashishterp/slack_alert.py
Splunk Alerting to Slack
# Instructions:
# 1. Go to https://[yourdomain].slack.com/services/new
# 2. Configure a new Incoming WebHook and paste the URL below on Line 14
# 3. Copy this file into $SPLUNK_HOME$/bin/scripts
# 4. Configure your saved search to run slack_alert.py
from time import gmtime, strftime
import httplib, json
import getopt, sys, os
import subprocess
@steadfasterX
steadfasterX / autorun_on_boot.cmd
Last active March 28, 2024 08:18 — forked from LiamKarlMitchell/HideVirtualBox.bat
Hide Virtual Machine
rem Autorun script needed to run on every boot with admin perms!
rem Important: you need to use hideVBoxVM.py <name> on your VM as well, this cmd alone is not enough
@echo off
set TARGET="HPE"
@reg copy HKLM\HARDWARE\ACPI\DSDT\VBOX__ HKLM\HARDWARE\ACPI\DSDT\%TARGET%__ /s /f
@reg delete HKLM\HARDWARE\ACPI\DSDT\VBOX__ /f
@steadfasterX
steadfasterX / gist:8f05f6f222d8ed4e2bb8b0883b1af282
Last active May 12, 2019 18:23
selinux: permissive or enforcing?
adb logcat -b kernel |grep avc:
> 05-12 20:10:27.665 0 0 E [ 16.154118 / 05-12 18:10:27.658][1] selinux: avc: denied { set } for
property=ro.bluetooth.sap pid=3540 uid=0 gid=0 scontext=u:r:qti_init_shell:s0 tcontext=u:object_r:default_prop:s0
tclass=property_service permissive=1
--------------------------
adb shell getenforce
adb shell find system -name nfc_nci.msm8992.so
-------------------------------------------------------------------
> system/vendor/lib64/hw/nfc_nci.msm8992.so
> system/vendor/lib/hw/nfc_nci.msm8992.so
product/nfc.mk
-------------------------------------------------------------------
PRODUCT_PACKAGES += \