Skip to content

Instantly share code, notes, and snippets.

View steadfasterX's full-sized avatar
😆
stateless but steadfast

steadfasterX steadfasterX

😆
stateless but steadfast
90 followers · 2 following
View GitHub Profile
@steadfasterX
steadfasterX / Android.md
Created January 12, 2024 11:25
SELinux guides

About

SELinux is a security enhancement to Linux which allows users and administrators more control over access control.

Access can be constrained on such variables as which users and applications can access which resources. These resources may take the form of files. Standard Linux access controls, such as file modes (-rwxr-xr-x) are modifiable by the user and the applications which the user runs. Conversely, SELinux access controls are determined by a policy loaded on the system which may not be changed by careless users or misbehaving applications.

SELinux also adds finer granularity to access controls. Instead of only being able to specify who can read, write or execute a file, for example, SELinux lets you specify who can unlink, append only, move a file and so on. SELinux allows you to specify access to many resources other than files as well, such as network resources and interprocess communication (IPC).

Deeper understanding

@steadfasterX
steadfasterX / AppWarnings.java
Last active January 20, 2024 13:13
DivestOS issue for 32bit: https://github.com/Divested-Mobile/DivestOS-Build/blob/master/Patches/Common/android_frameworks_base/0007-ABI_Warning.patch#L83
frameworks/base/services/core/java/com/android/server/wm/AppWarnings.java
/**
* Shows the "deprecated abi" warning, if necessary.
*
* @param r activity record for which the warning may be displayed
*/
public void showDeprecatedAbiDialogIfNeeded(ActivityRecord r) {
final String appAbi = r.info.applicationInfo.primaryCpuAbi;
@steadfasterX
steadfasterX / guide.md
Last active July 17, 2023 13:02
adb_boot_debug

Here are 3 ways to allow debugging on boot by connecting to adb. This is often called "insecure adb" - while it is not as insecure as you might thing 😉

STEP 1

Prepare authorization

Since A7 you have to authorize your adb server which either requires to add your adb pub key into the ramdisk (directly on / ) or you must put it in /data/misc/adb/adb_keys, e.g when in recovery. Details here.

important is that it has to have proper label and permission set. e.g when in recovery:

@steadfasterX
steadfasterX / strace snippets
Last active October 21, 2021 09:43
##################################################
# tracing process(es)
# (scroll down for tracing a service)
##################################################
--------------------------------------------------
the following is assumed for all commands before:
--------------------------------------------------
adb shell
@steadfasterX
steadfasterX / trace-an-android-service
Last active November 13, 2020 11:24
(s)tracing an android service is not straight forward but possible and needed in order to get all from the start
If it is required to debug a service from its very start, the sigstop service option is added.
This option will send SIGSTOP to a service immediately before calling exec.
This gives a window where developers can attach a debugger, strace, etc before continuing the service with SIGCONT.
This flag can also be dynamically controlled via the ctl.sigstop_on and ctl.sigstop_off properties.
Below is an example of dynamically debugging logd via the above:
# prepare service, yes even start it!
stop <service-name>
setprop ctl.sigstop_on <service-name>
start <service-name>
@steadfasterX
steadfasterX / slack_alert.py
Last active March 20, 2020 14:52 — forked from ashishterp/slack_alert.py
Splunk Alerting to Slack
# Instructions:
# 1. Go to https://[yourdomain].slack.com/services/new
# 2. Configure a new Incoming WebHook and paste the URL below on Line 14
# 3. Copy this file into $SPLUNK_HOME$/bin/scripts
# 4. Configure your saved search to run slack_alert.py
from time import gmtime, strftime
import httplib, json
import getopt, sys, os
import subprocess
@steadfasterX
steadfasterX / autorun_on_boot.cmd
Last active March 28, 2024 08:18 — forked from LiamKarlMitchell/HideVirtualBox.bat
Hide Virtual Machine
rem Autorun script needed to run on every boot with admin perms!
rem Important: you need to use hideVBoxVM.py <name> on your VM as well, this cmd alone is not enough
@echo off
set TARGET="HPE"
@reg copy HKLM\HARDWARE\ACPI\DSDT\VBOX__ HKLM\HARDWARE\ACPI\DSDT\%TARGET%__ /s /f
@reg delete HKLM\HARDWARE\ACPI\DSDT\VBOX__ /f
@steadfasterX
steadfasterX / gist:8f05f6f222d8ed4e2bb8b0883b1af282
Last active May 12, 2019 18:23
selinux: permissive or enforcing?
adb logcat -b kernel |grep avc:
> 05-12 20:10:27.665 0 0 E [ 16.154118 / 05-12 18:10:27.658][1] selinux: avc: denied { set } for
property=ro.bluetooth.sap pid=3540 uid=0 gid=0 scontext=u:r:qti_init_shell:s0 tcontext=u:object_r:default_prop:s0
tclass=property_service permissive=1
--------------------------
adb shell getenforce
@steadfasterX
steadfasterX / gist:1f5cfc003aadd8bd91ee33d5c18c1bc1
Last active April 30, 2019 15:21
nfc bug
adb shell find system -name nfc_nci.msm8992.so
-------------------------------------------------------------------
> system/vendor/lib64/hw/nfc_nci.msm8992.so
> system/vendor/lib/hw/nfc_nci.msm8992.so
product/nfc.mk
-------------------------------------------------------------------
PRODUCT_PACKAGES += \
@steadfasterX
steadfasterX / gist:108c1c424f5a237d7e08afc6be34185b
Created April 30, 2019 14:13
tombstone: mm-qcamera-daemon
*** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
LineageOS Version: '16.0-20190430-UNOFFICIAL-h815_usu'
Build fingerprint: 'lge/p1_global_com/p1:6.0/MRA58K/152940055675e:user/release-keys'
Revision: '0'
ABI: 'arm'
pid: 1438, tid: 1438, name: mm-qcamera-daem >>> /system/vendor/bin/mm-qcamera-daemon <<<
signal 6 (SIGABRT), code -6 (SI_TKILL), fault addr --------
Abort message: '*** timed out in posting event. please refer to tombstones ***'
r0 00000000 r1 0000059e r2 00000006 r3 00000008
r4 0000059e r5 0000059e r6 ffc496fc r7 0000010c