Secret codes, or as I wrote my application for android
I think everyone who has a device based on the Android OS, although I would have heard a bit about the “secret codes”.
However, a search on Habr showed that there is not a single article on this topic. But some codes are quite powerful: for example, one of the codes on my Samsung Galaxy Tab allows you to set up GPS, which speeds up the search for satellites, the other is to set the connection mode with the network (GPRS, EDGE, 3G ...) in places with unstable communication to save battery on jumps between modes.
But I’m telling the story not so much about the possibilities of codes, but about the study of the mechanism of launching applications by codes in the Android OS, how to find all the codes (and the application in which it all turned out). And a little more about how to make an application that will respond to your code.
Under the cut there are 6 pictures, a bit of code and a lot of text ... I’m asking the most impatient to immediately post results at the end of the article and then read the technology.
I heard about Android codes for a long time. The most common is * # * # 4636 # * # * - this is information about the phone, battery, network status, etc.
But recently I installed the Autostarts program for myself , did a search for installed applications, and ( lo and behold !) I saw the strange event “Secret Code Entered”. A whole bunch of applications answered it! This fact led me to a deeper search on this topic. Here is what I found out:
')
{Not wanting to load the main part of the public with unnecessary explanations, I solemnly swear to chew more details in incomprehensible sections in the comments if I become a member of a respected community.}
As you know, every Android application contains a manifest. This is a specially crafted XML file containing information about which target OS version, which resolution options the application needs to work, etc. The most interesting part of this manifesto is the sections describing BroadcastReceivers. These are classes that respond to certain events. There are many of these events, for example: an outgoing call is made (android.intent.action.NEW_OUTGOING_CALL), the status of the flight mode has changed (android.intent.action.ACTION_AIRPLANE_MODE_CHANGED) ... The official list can be seen on the Android website .
However, the list is by no means full. each application can create its own event. This causes some chaos in the documentation when trying to figure out what the application might react to.
It was in this chaos that an event that is of great interest successfully hid: android.provider.Telephony.SECRET_CODE
As shown by the opening of the source codes of the regular dialer in Android, when you enter something starting with * # * and ending with # * # * in the dialer, the message is sent and transmitted to that BroadcastRecever that is listening to this particular code (what is between * # * # and # * # *)
Now let's see what is required from the application to react to the occurrence of this event:
Where:
<receiver android: name = ". receivers.DebugReceiver"> - the beginning of the BroadcastReceiver section and an indication of which Receiver should be called when this event occurs.
<action android: name = "android.provider.Telephony.SECRET_CODE" /> is the event to which the receiver responds, a set of code.
<data android: scheme = "android_secret_code" android: host = "727" /> - and here is the most interesting place. The data block is responsible for additional event parameters and for a secret code event - mandatory. The android: host field here means exactly the code that awakens our sleeping beauty from sleep.
Those. to run Receiver ".receivers.DebugReceiver", applications from the manifest of which this block (about it a little later), you need to dial * 7 * # 727 # * # *
As you can see, it’s very easy to add hidden features to your Android apps.
What do I do in Receiver, I will keep silent, there is already your own path, personally I - cause a debugging Activity.
We now turn to the search for Receivers reacting to codes. The first thought (and the first implementation) was the following code:
I don’t remember exactly the code, it was overwritten as unnecessary since a better solution was found. This solution simply enumerates all codes from 0 to 10,000, the range in which a significant part of the codes are located. But not all.
It was this “not all” that prompted me to a more detailed search and led to a new solution:
1) Take a list of all installed applications via PackageManager:
2) From each package we take out its manifest:
3) Simple magic with the analysis of the manifest and the search for the necessary Receivers, IntentFilters, Actions.
4) Profit.
This method has only one drawback: it was noticed on the ChainsDD SuperUser application. The fact is that this application has a curve manifest that looks something like this:
As you can see, it does not indicate the code to which it should react and Receiver is called when entering any code. By decompiling this program I made sure that it was done by mistake and not following the desire to keep a log of all entered codes, since in Receiver itself, the code is checked for equality of the specified value and if the code is not equal to the specified one, then nothing happens: (i.e. this Receiver is launched each time the code is entered, which could have been avoided by specifying which code should wake Receiver.
The last part left for the presentation of the results.
The result of all these investigations was a wonderful (I’m not afraid of this word) program, which had no analogues on the market: Secret Codes
In addition to the possibility described above, the program also allows you to search for secret codes:
- Run the codes found
- Comment / read other users' comments about codes. This is done so that people who are afraid of FactoryFormat can make sure that the code is safe before it is launched, and the reckless experimenters write what this or that code does. I personally launched ALL the available codes on the Samsung Galaxy Tab 7 "and commented on all the codes that display at least some information. (By the way, I successfully survived FactoryFormat, because I made a backup of all applications and data beforehand.)
- Assign badges to codes for greater visibility of the code list.
For a snack, 6 screenshots:
Main Activity:
Activity search codes:
Code search complete:
List of codes:
Activity code:
Some of the available icons for code designation include:
PS on SreenShot'ah only 3 codes They were made on the emulator. On my Galaxy Tab, there are more than 100 of them.
PPS article was published at the request of Vladislav Aksyonov due to the absence of his account (who liked the article and did not mind the invite, here’s an e-mail, send: grafmailgraf@mail.ru).
Wrote an article BlackSwan . Thanks krovatti for an invite!
Here is the QR-ka:
However, a search on Habr showed that there is not a single article on this topic. But some codes are quite powerful: for example, one of the codes on my Samsung Galaxy Tab allows you to set up GPS, which speeds up the search for satellites, the other is to set the connection mode with the network (GPRS, EDGE, 3G ...) in places with unstable communication to save battery on jumps between modes.
But I’m telling the story not so much about the possibilities of codes, but about the study of the mechanism of launching applications by codes in the Android OS, how to find all the codes (and the application in which it all turned out). And a little more about how to make an application that will respond to your code.
Under the cut there are 6 pictures, a bit of code and a lot of text ... I’m asking the most impatient to immediately post results at the end of the article and then read the technology.
Introduction
I heard about Android codes for a long time. The most common is * # * # 4636 # * # * - this is information about the phone, battery, network status, etc.
But recently I installed the Autostarts program for myself , did a search for installed applications, and ( lo and behold !) I saw the strange event “Secret Code Entered”. A whole bunch of applications answered it! This fact led me to a deeper search on this topic. Here is what I found out:
')
{Not wanting to load the main part of the public with unnecessary explanations, I solemnly swear to chew more details in incomprehensible sections in the comments if I become a member of a respected community.}
Part one. Android events
As you know, every Android application contains a manifest. This is a specially crafted XML file containing information about which target OS version, which resolution options the application needs to work, etc. The most interesting part of this manifesto is the sections describing BroadcastReceivers. These are classes that respond to certain events. There are many of these events, for example: an outgoing call is made (android.intent.action.NEW_OUTGOING_CALL), the status of the flight mode has changed (android.intent.action.ACTION_AIRPLANE_MODE_CHANGED) ... The official list can be seen on the Android website .
However, the list is by no means full. each application can create its own event. This causes some chaos in the documentation when trying to figure out what the application might react to.
It was in this chaos that an event that is of great interest successfully hid: android.provider.Telephony.SECRET_CODE
As shown by the opening of the source codes of the regular dialer in Android, when you enter something starting with * # * and ending with # * # * in the dialer, the message is sent and transmitted to that BroadcastRecever that is listening to this particular code (what is between * # * # and # * # *)
Part two. We respond to the code
Now let's see what is required from the application to react to the occurrence of this event:
<receiver android:name=".receivers.DebugReceiver">
<intent-filter>
<action android:name="android.provider.Telephony.SECRET_CODE" />
<data android:scheme="android_secret_code" android:host="727" />
</intent-filter>
Where:
<receiver android: name = ". receivers.DebugReceiver"> - the beginning of the BroadcastReceiver section and an indication of which Receiver should be called when this event occurs.
<action android: name = "android.provider.Telephony.SECRET_CODE" /> is the event to which the receiver responds, a set of code.
<data android: scheme = "android_secret_code" android: host = "727" /> - and here is the most interesting place. The data block is responsible for additional event parameters and for a secret code event - mandatory. The android: host field here means exactly the code that awakens our sleeping beauty from sleep.
Those. to run Receiver ".receivers.DebugReceiver", applications from the manifest of which this block (about it a little later), you need to dial * 7 * # 727 # * # *
As you can see, it’s very easy to add hidden features to your Android apps.
What do I do in Receiver, I will keep silent, there is already your own path, personally I - cause a debugging Activity.
Part Three We are looking for partisans
We now turn to the search for Receivers reacting to codes. The first thought (and the first implementation) was the following code:
for(int i=0;i<10000;i++)
{
Intent intent = new Intent("android.provider.Telephony.SECRET_CODE",
Uri.parse("android_secret_code://"+ i.toString()));
ComponentName cn = intent.resolveActivity(pm);
....
}
I don’t remember exactly the code, it was overwritten as unnecessary since a better solution was found. This solution simply enumerates all codes from 0 to 10,000, the range in which a significant part of the codes are located. But not all.
It was this “not all” that prompted me to a more detailed search and led to a new solution:
1) Take a list of all installed applications via PackageManager:
List<android.content.pm.PackageInfo> pil = pm.getInstalledPackages(PackageManager.GET_DISABLED_COMPONENTS);
2) From each package we take out its manifest:
AssetManager am = context.createPackageContext(p.packageName, 0).getAssets();
xml = assets.openXmlResourceParser("AndroidManifest.xml");
3) Simple magic with the analysis of the manifest and the search for the necessary Receivers, IntentFilters, Actions.
4) Profit.
This method has only one drawback: it was noticed on the ChainsDD SuperUser application. The fact is that this application has a curve manifest that looks something like this:
<receiver android:name=".receivers.DebugReceiver">
<intent-filter>
<action android:name="android.provider.Telephony.SECRET_CODE" />
<data android:scheme="android_secret_code"/>
</intent-filter>
As you can see, it does not indicate the code to which it should react and Receiver is called when entering any code. By decompiling this program I made sure that it was done by mistake and not following the desire to keep a log of all entered codes, since in Receiver itself, the code is checked for equality of the specified value and if the code is not equal to the specified one, then nothing happens: (i.e. this Receiver is launched each time the code is entered, which could have been avoided by specifying which code should wake Receiver.
Part last. For the most patient.
The last part left for the presentation of the results.
The result of all these investigations was a wonderful (I’m not afraid of this word) program, which had no analogues on the market: Secret Codes
In addition to the possibility described above, the program also allows you to search for secret codes:
- Run the codes found
- Comment / read other users' comments about codes. This is done so that people who are afraid of FactoryFormat can make sure that the code is safe before it is launched, and the reckless experimenters write what this or that code does. I personally launched ALL the available codes on the Samsung Galaxy Tab 7 "and commented on all the codes that display at least some information. (By the way, I successfully survived FactoryFormat, because I made a backup of all applications and data beforehand.)
- Assign badges to codes for greater visibility of the code list.
For a snack, 6 screenshots:
Main Activity:
Activity search codes:
Code search complete:
List of codes:
Activity code:
Some of the available icons for code designation include:
PS on SreenShot'ah only 3 codes They were made on the emulator. On my Galaxy Tab, there are more than 100 of them.
Wrote an article BlackSwan . Thanks krovatti for an invite!
Here is the QR-ka:
Source: https://habr.com/ru/post/141890/
All Articles