def do_delete(self, args):
"""
Delete from the specified content uri
usage: delete Uri [--where <where>] [--selectionArgs <arg> [<arg> ...]]
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='delete', add_help=False)
parser.add_argument('--where', '-w', metavar='<where>')
parser.add_argument('--selectionArgs',
'-sa',
nargs='+',
metavar='<arg>')
parser.add_argument('Uri')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "delete",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_read(self, args):
"""
Read from the specified content uri using openInputStream
usage: read [--output <file>] Uri
--------------------------------
Example - attempting a directory traversal on a content provider that does not support file reading
--------------------------------
*mercury#provider> read content://settings/secure/../../../../../../../../../../../system/etc/hosts
No files supported by provider at content://settings/secure/../../../../../../../../../../../system/etc/hosts
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='read', add_help=False)
parser.add_argument('Uri')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "read",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_attacksurface(self, args):
"""
Examine the attack surface of the given package
usage: attacksurface [--output <file>] packageName
--------------------------------
Example - finding the attack surface of the built-in browser
--------------------------------
*mercury#packages> attacksurface com.android.browser
5 activities exported
3 broadcast receivers exported
1 content providers exported
0 services exported
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'attacksurface', add_help = False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("packages", "attacksurface", {'packageName':splitargs.packageName}).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about exported broadcast receivers
usage: info [--filter <filter>] [--permissions <filter>] [--output <file>]
--------------------------------
Example - finding which broadcast receivers have the word "bluetooth" in them
--------------------------------
*mercury#broadcast> info -f bluetooth
Package name: com.android.bluetooth
Receiver: com.android.bluetooth.opp.BluetoothOppReceiver
Required Permission: null
Package name: com.android.bluetooth
Receiver: com.android.bluetooth.pbap.BluetoothPbapReceiver
Required Permission: null
Package name: com.android.bluetooth
Receiver: com.android.bluetooth.sap.BluetoothSapReceiver
Required Permission: null
Package name: com.android.bluetooth
Receiver: com.android.bluetooth.sap.BluetoothSapNotification
Required Permission: null
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.add_argument('--permissions', '-p', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
#print self.session.executeCommand("service", "info", {'filter':splitargs.filter} if splitargs.filter else None).getPaddedErrorOrData()
print self.session.executeCommand("broadcast", "info", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_persistent(self, args):
"""
Execute Linux commands in a persistent shell within the context of Mercury. The use of the word "persistent" means that a connection is maintained to the same shell session. This means that the state of the shell persists. If root were to be obtained on this shell, it would persist across the life of the shell connection.
usage: persistent [--new]
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='persistent', add_help=False)
parser.add_argument('--new', '-n', action='store_const', const=True)
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
if splitargs.new:
self.session.executeCommand("shell", "newMercuryShell", None)
prompt = ""
while (prompt.upper() != "BACK"):
self.session.executeCommand("shell", "executeMercuryShell",
{'args': prompt})
read = self.session.executeCommand("shell", "readMercuryShell",
None)
sys.stdout.write(
read.getErrorOrData().replace(prompt, "", 1).strip() + " ")
prompt = raw_input().replace(
"$BB", "/data/data/com.mwr.mercury/busybox")
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_launchintent(self, args):
"""
Get the launch intent of the given package
usage: launchintent [--output <file>] packageName
--------------------------------
Example - getting the main activity of the Android browser package
--------------------------------
*mercury#activity> launchintent com.android.browser
Intent { act=android.intent.action.MAIN flg=0x10000000 cmp=com.android.browser/.BrowserActivity }
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='launchintent', add_help=False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand(
"activity", "launchintent", {
'packageName': splitargs.packageName
}).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_fileinfo(self, args):
"""
Get size and MD5 of specified file on the device
usage: fileinfo [--output <file>] path
--------------------------------
Example - getting information about a file on the Android device
--------------------------------
*mercury#tools> fileinfo /data/data/com.mwr.mercury/test.txt
Size (bytes) = 182208
MD5 = 3fae15887320940b88df79fe01e62bd8
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'fileinfo', add_help = False)
parser.add_argument('path')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
fileSize = self.session.executeCommand("core", "fileSize", {"path":splitargs.path})
if (fileSize.isError()):
print fileSize.getPaddedError()
else:
print "\nSize (bytes) = " + fileSize.data
print "MD5 = " + self.session.executeCommand("core", "fileMD5", {"path":splitargs.path}).data + "\n"
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Show information about debuggable apps on the device with optional filter
usage: info [--filter <filter>] [--output <file>]
Note: it is possible to use -f instead of --filter as shorthand
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='info', add_help=False)
parser.add_argument('--filter', '-f', metavar='<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
response = self.session.executeCommand("debuggable", "info", {
'filter': splitargs.filter
} if splitargs.filter else None).getPaddedErrorOrData()
if response.strip() == "":
print "\nNo debuggable applications found\n"
else:
print response
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_download(self, args):
"""
Download a file from the device
usage: download path downloadfolder
--------------------------------
Example - downloading a file to the Desktop
--------------------------------
*mercury#tools> download /mnt/sdcard/test.txt /home/mwrlabs/Desktop/
File downloaded successfully
MD5 = 3fae15887320940b88df79fe01e62bd8
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'download', add_help = False)
parser.add_argument('path')
parser.add_argument('downloadfolder')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
response = self.session.downloadFile(splitargs.path, splitargs.downloadfolder)
if response.isError():
print "\n" + response.error + "\n"
else:
print "\nFile downloaded successfully\nMD5 = " + response.data + "\n"
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_list(self, args):
"""
List all available modules with optional filter
usage: list [--filter <filter>] [--output <file>]
Note: it is possible to use -f instead of --filter as shorthand
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'list', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Iterate and display according to filter
print ""
for module in sorted(self.modules):
if (splitargs.filter):
if splitargs.filter in module:
print module
else:
print module
print ""
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_columns(self, args):
"""
Get the columns of the specified content uri
usage: columns [--output <file>] uri
--------------------------------
Example - finding the columns on content://settings/secure
--------------------------------
*mercury#provider> columns content://settings/secure
_id | name | value
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='columns', add_help=False)
parser.add_argument('uri')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = {}
if (splitargs.uri):
request['uri'] = splitargs.uri
print self.session.executeCommand("provider", "columns",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about a custom module
usage: info module
Type "list" to get a list of all available modules
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('module')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Load module
mod = self.modules.get(splitargs.module, None)
if (mod):
# Instantiate the module and ask for information
print "\n" + mod.__class__.__doc__ + "\n"
else:
print "\nFailed to get info about module\n"
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_run(self, args):
"""
Run a custom module
usage: run [--args arg=value [arg=value ...]] [--output <file>] module
These modules are developed by various members of the community, please feel free to contribute new modules! To find out more information about a module, use "info module"
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'run', add_help = False)
parser.add_argument('module')
parser.add_argument('--args', '-a', nargs = '+', metavar = 'arg=value')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
if not splitargs:
return
# Compile stated arguments to send to execute
args = vars(splitargs)['args']
# Convert to a dict
args_dict = {}
if args:
for arg in args:
split = arg.split('=')
if split:
args_dict[split[0]] = split[1]
# Load module
mod = self.modules.get(splitargs.module, None)
if (mod):
# Instantiate the module and execute it
mod.execute(self.session, args_dict)
else:
print "\nFailed to execute module\n"
# FIXME: Choose specific exceptions to catch
except Exception, e:
print "Exception:", str(e)
def do_attacksurface(self, args):
"""
Examine the attack surface of the given package
usage: attacksurface [--output <file>] packageName
--------------------------------
Example - finding the attack surface of the built-in browser
--------------------------------
*mercury#packages> attacksurface com.android.browser
5 activities exported
3 broadcast receivers exported
1 content providers exported
0 services exported
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'attacksurface', add_help = False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("packages", "attacksurface", {'packageName':splitargs.packageName}).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_persistent(self, args):
"""
Execute Linux commands in a persistent shell within the context of Mercury. The use of the word "persistent" means that a connection is maintained to the same shell session. This means that the state of the shell persists. If root were to be obtained on this shell, it would persist across the life of the shell connection.
usage: persistent [--new]
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'persistent', add_help = False)
parser.add_argument('--new', '-n', action = 'store_const', const = True)
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
if splitargs.new:
self.session.executeCommand("shell", "newMercuryShell", None)
prompt = ""
while (prompt.upper() != "BACK"):
self.session.executeCommand("shell", "executeMercuryShell", {'args':prompt})
read = self.session.executeCommand("shell", "readMercuryShell", None)
sys.stdout.write(read.getErrorOrData().replace(prompt, "", 1).strip() + " ")
prompt = raw_input().replace("$BB", "/data/data/com.mwr.mercury/busybox")
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_columns(self, args):
"""
Get the columns of the specified content uri
usage: columns [--output <file>] uri
--------------------------------
Example - finding the columns on content://settings/secure
--------------------------------
*mercury#provider> columns content://settings/secure
_id | name | value
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'columns', add_help = False)
parser.add_argument('uri')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = {}
if (splitargs.uri):
request['uri'] = splitargs.uri
print self.session.executeCommand("provider", "columns", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_read(self, args):
"""
Read from the specified content uri using openInputStream
usage: read [--output <file>] Uri
--------------------------------
Example - attempting a directory traversal on a content provider that does not support file reading
--------------------------------
*mercury#provider> read content://settings/secure/../../../../../../../../../../../system/etc/hosts
No files supported by provider at content://settings/secure/../../../../../../../../../../../system/etc/hosts
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'read', add_help = False)
parser.add_argument('Uri')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "read", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_launchintent(self, args):
"""
Get the launch intent of the given package
usage: launchintent [--output <file>] packageName
--------------------------------
Example - getting the main activity of the Android browser package
--------------------------------
*mercury#activity> launchintent com.android.browser
Intent { act=android.intent.action.MAIN flg=0x10000000 cmp=com.android.browser/.BrowserActivity }
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'launchintent', add_help = False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("activity", "launchintent", {'packageName':splitargs.packageName}).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Show information about apps on the device containing native code with optional filter
usage: info [--filter <filter>] [--output <file>]
Note: it is possible to use -f instead of --filter as shorthand
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
response = self.session.executeCommand("native", "info", {'filter':splitargs.filter} if splitargs.filter else None).getPaddedErrorOrData()
if response.strip() == "":
print "\nNo applications found containing native code\n"
else:
print response
# FIXME: Choose specific exceptions to catch
except:
pass
def do_shareduid(self, args):
"""
Get which packages share a UID
usage: shareduid [--uid <uid>] [--output <file>]
--------------------------------
Example - finding all the packages that have the shared-UID of 10011
--------------------------------
*mercury#packages> shareduid -u 10011
UID: 10011 (com.motorola.blur.uid.provider_authenticator:10011)
Package name: com.motorola.blur.provider.photobucket
Package name: com.motorola.blur.provider.picasa
Package name: com.motorola.blur.provider.yahoo
Package name: com.motorola.blur.provider.twitter
Package name: com.motorola.blur.provider.fixedemail
Package name: com.motorola.blur.provider.motorola.app
Package name: com.motorola.blur.provider.orkut
Package name: com.motorola.blur.provider.email
Package name: com.motorola.blur.provider.facebook
Package name: com.motorola.blur.provider.lastfm
Package name: com.motorola.blur.provider.linkedin
Package name: com.motorola.blur.provider.youtube
Package name: com.motorola.blur.provider.skyrock
Package name: com.motorola.blur.provider.activesync
Package name: com.motorola.blur.provider.flickr
Accumulated permissions: com.motorola.blur.setupprovider.Permissions.ACCESS_ACCOUNTS; com.motorola.blur.permission.ACCESS_POLICY_MANAGER; com.motorola.blur.permission.ACCESS_POLICY_MANAGER_ADVANCED; android.permission.AUTHENTICATE_ACCOUNTS; android.permission.GET_ACCOUNTS; android.permission.MANAGE_ACCOUNTS; android.permission.READ_CONTACTS; com.motorola.blur.friendfeed.permission.READ; android.permission.ACCESS_NETWORK_STATE; android.permission.WRITE_SYNC_SETTINGS; com.motorola.blur.service.blur.Permissions.INTERACT_BLUR_SERVICE; com.motorola.blur.service.email.Permissions.INTERACT; android.permission.WRITE_EXTERNAL_STORAGE; android.permission.INTERNET; android.permission.BIND_DEVICE_ADMIN;
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'shareduid', add_help = False)
parser.add_argument('--uid', '-u', metavar = '<uid>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("packages", "shareduid", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_manifest(self, args):
"""
Examine the AndroidManifest.xml of the given package
usage: manifest [--output <file>] packageName
-------------------------------------------------------------------
Example - getting the manifest of Mercury and outputting to a file
-------------------------------------------------------------------
*mercury#packages> manifest com.mwr.mercury -o /home/test/Desktop/AM-mercury.xml
<manifest versionCode="2" versionName="1.1" package="com.mwr.mercury">
<uses-sdk minSdkVersion="8" targetSdkVersion="4">
</uses-sdk>
<uses-permission name="android.permission.INTERNET">
</uses-permission>
<application label="@2130968576" icon="@2130837504" debuggable="true">
<activity label="@2130968576" name=".Main">
<intent-filter>
<action name="android.intent.action.MAIN">
</action>
<category name="android.intent.category.LAUNCHER">
</category>
</intent-filter>
</activity>
<service name=".ServerService" enabled="true">
</service>
</application>
</manifest>
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'manifest', add_help = False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("packages", "manifest", {'packageName':splitargs.packageName}).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about exported activities on the device
usage: info [--filter <filter>] [--output <file>]
Note: it is possible to use -f instead of --filter as shorthand
--------------------------------
Example - finding which activities are exported by the Android browser package
--------------------------------
*mercury#activity> info -f com.android.browser
Package name: com.android.browser
Activity: com.android.browser.BrowserActivity
Package name: com.android.browser
Activity: com.android.browser.CombinedBookmarkHistoryActivity
Package name: com.android.browser
Activity: com.android.browser.ShortcutBookmarksPage
Package name: com.android.browser
Activity: com.android.browser.BookmarkSearch
Package name: com.android.browser
Activity: com.android.browser.AddBookmarkPage
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='info', add_help=False)
parser.add_argument('--filter', '-f', metavar='<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("activity", "info", {
'filter': splitargs.filter
} if splitargs.filter else None).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_shareduid(self, args):
"""
Get which packages share a UID
usage: shareduid [--uid <uid>] [--output <file>]
--------------------------------
Example - finding all the packages that have the shared-UID of 10011
--------------------------------
*mercury#packages> shareduid -u 10011
UID: 10011 (com.motorola.blur.uid.provider_authenticator:10011)
Package name: com.motorola.blur.provider.photobucket
Package name: com.motorola.blur.provider.picasa
Package name: com.motorola.blur.provider.yahoo
Package name: com.motorola.blur.provider.twitter
Package name: com.motorola.blur.provider.fixedemail
Package name: com.motorola.blur.provider.motorola.app
Package name: com.motorola.blur.provider.orkut
Package name: com.motorola.blur.provider.email
Package name: com.motorola.blur.provider.facebook
Package name: com.motorola.blur.provider.lastfm
Package name: com.motorola.blur.provider.linkedin
Package name: com.motorola.blur.provider.youtube
Package name: com.motorola.blur.provider.skyrock
Package name: com.motorola.blur.provider.activesync
Package name: com.motorola.blur.provider.flickr
Accumulated permissions: com.motorola.blur.setupprovider.Permissions.ACCESS_ACCOUNTS; com.motorola.blur.permission.ACCESS_POLICY_MANAGER; com.motorola.blur.permission.ACCESS_POLICY_MANAGER_ADVANCED; android.permission.AUTHENTICATE_ACCOUNTS; android.permission.GET_ACCOUNTS; android.permission.MANAGE_ACCOUNTS; android.permission.READ_CONTACTS; com.motorola.blur.friendfeed.permission.READ; android.permission.ACCESS_NETWORK_STATE; android.permission.WRITE_SYNC_SETTINGS; com.motorola.blur.service.blur.Permissions.INTERACT_BLUR_SERVICE; com.motorola.blur.service.email.Permissions.INTERACT; android.permission.WRITE_EXTERNAL_STORAGE; android.permission.INTERNET; android.permission.BIND_DEVICE_ADMIN;
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'shareduid', add_help = False)
parser.add_argument('--uid', '-u', metavar = '<uid>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("packages", "shareduid", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_delete(self, args):
"""
Delete from the specified content uri
usage: delete Uri [--where <where>] [--selectionArgs <arg> [<arg> ...]]
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'delete', add_help = False)
parser.add_argument('--where', '-w', metavar = '<where>')
parser.add_argument('--selectionArgs', '-sa', nargs = '+', metavar = '<arg>')
parser.add_argument('Uri')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "delete", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about exported broadcast receivers
usage: info [--filter <filter>] [--output <file>]
Note: it is possible to use -f instead of --filter as shorthand
--------------------------------
Example - finding which broadcast receivers have the word "bluetooth" in them
--------------------------------
*mercury#broadcast> info -f bluetooth
Package name: com.android.bluetooth
Receiver: com.android.bluetooth.opp.BluetoothOppReceiver
Package name: com.android.bluetooth
Receiver: com.android.bluetooth.pbap.BluetoothPbapReceiver
Package name: com.android.settings
Receiver: com.android.settings.bluetooth.DockEventReceiver
Package name: com.android.settings
Receiver: com.android.settings.bluetooth.BluetoothPairingRequest
Package name: com.android.settings
Receiver: com.android.settings.bluetooth.BluetoothPermissionRequest
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("broadcast", "info", {'filter':splitargs.filter} if splitargs.filter else None).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_upload(self, args):
"""
Upload a file to the device
usage: upload [--uploadFolder <uploadFolder>] localPath
--------------------------------
Example - uploading a file from the Desktop to the Mercury data directory
--------------------------------
*mercury#tools> upload /home/tyrone/Desktop/upload.txt
File uploaded successfully to /data/data/com.mwr.mercury/
MD5: 3fae15887320940b88df79fe01e62bd8
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'upload', add_help = False)
parser.add_argument('localPath')
parser.add_argument('--uploadFolder', '-u', metavar = '<uploadFolder>')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Check for specified upload dir. Defaults to Mercury data dir
if splitargs.uploadFolder:
uploadDir = splitargs.uploadFolder
else:
uploadDir = "/data/data/com.mwr.mercury/"
response = self.session.uploadFile(splitargs.localPath, uploadDir)
if (response.isError()):
print response.getPaddedError()
else:
print "\nFile uploaded successfully to " + uploadDir + "\nMD5: " + response.data + "\n"
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about exported activities on the device
usage: info [--filter <filter>] [--output <file>]
Note: it is possible to use -f instead of --filter as shorthand
--------------------------------
Example - finding which activities are exported by the Android browser package
--------------------------------
*mercury#activity> info -f com.android.browser
Package name: com.android.browser
Activity: com.android.browser.BrowserActivity
Package name: com.android.browser
Activity: com.android.browser.CombinedBookmarkHistoryActivity
Package name: com.android.browser
Activity: com.android.browser.ShortcutBookmarksPage
Package name: com.android.browser
Activity: com.android.browser.BookmarkSearch
Package name: com.android.browser
Activity: com.android.browser.AddBookmarkPage
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
print self.session.executeCommand("activity", "info", {'filter':splitargs.filter} if splitargs.filter else None).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_intents(self, args):
"""
List all actions/categories/extras with optional search filter
usage: intents [--filter <filter>] [--output <file>]
--------------------------------
Example - getting all the intents actions with the keyword "call" in them
--------------------------------
*mercury#tools> intents -f call
android.intent.action.CALL
android.intent.action.CALL_BUTTON
android.intent.action.NEW_OUTGOING_CALL
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'intents', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args),)
print ""
for value in sorted(intentDictionary.itervalues()):
if splitargs.filter == None or value.upper().find(splitargs.filter.upper()) > -1:
print value
print ""
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
List all installed packages on the device with optional filters. It is possible to search for keywords in package information and permissions using the filters.
usage: info [--filter <filter>] [--permissions <filter>] [--output <file>]
--------------------------------
Example - finding which packages contain the keyword "browser" in their information
--------------------------------
*mercury#packages> info -f browser
Package name: com.android.browser
Process name: com.android.browser
Version: 2.3.6
Data directory: /data/data/com.android.browser
APK path: /system/app/Browser.apk
UID: 10014
GID: 3003; 1015;
Shared libraries: /system/framework/com.motorola.android.frameworks.jar; /system/framework/com.motorola.android.storage.jar;
Permissions: android.permission.ACCESS_COARSE_LOCATION; android.permission.ACCESS_DOWNLOAD_MANAGER; android.permission.ACCESS_FINE_LOCATION; android.permission.ACCESS_NETWORK_STATE; android.permission.ACCESS_WIFI_STATE; android.permission.VIBRATE; com.android.launcher.permission.INSTALL_SHORTCUT; android.permission.INTERNET; android.permission.SET_WALLPAPER; android.permission.WAKE_LOCK; android.permission.WRITE_EXTERNAL_STORAGE; android.permission.WRITE_SETTINGS; com.android.browser.permission.READ_HISTORY_BOOKMARKS; com.android.browser.permission.WRITE_HISTORY_BOOKMARKS; android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS; android.permission.SET_PREFERRED_APPLICATIONS; android.permission.WRITE_SECURE_SETTINGS;
--------------------------------
Example - finding which packages have the "INSTALL_PACKAGES" permission
--------------------------------
*mercury#packages> info -p INSTALL_PACKAGES
Package name: com.android.packageinstaller
Process name: com.android.packageinstaller
Version: 2.3.6
Data directory: /data/data/com.android.packageinstaller
APK path: /system/app/PackageInstaller.apk
UID: 10047
GID:
Permissions: android.permission.INSTALL_PACKAGES; android.permission.DELETE_PACKAGES; android.permission.CLEAR_APP_CACHE; android.permission.READ_PHONE_STATE; android.permission.CLEAR_APP_USER_DATA;
Package name: com.android.vending
Process name: com.android.vending
Version: 3.3.12
Data directory: /data/data/com.android.vending
APK path: /system/app/Phonesky.apk
UID: 10070
GID: 3003; 1015;
Permissions: com.android.vending.billing.IN_APP_NOTIFY.permission.C2D_MESSAGE; com.google.android.c2dm.permission.RECEIVE; com.android.vending.BILLING; android.permission.GET_TASKS; android.permission.INTERNET; android.permission.GET_ACCOUNTS; android.permission.MANAGE_ACCOUNTS; android.permission.AUTHENTICATE_ACCOUNTS; android.permission.USE_CREDENTIALS; android.permission.WRITE_EXTERNAL_STORAGE; android.permission.READ_EXTERNAL_STORAGE; android.permission.CLEAR_APP_CACHE; android.permission.CHANGE_COMPONENT_ENABLED_STATE; android.permission.ACCESS_NETWORK_STATE; android.permission.READ_PHONE_STATE; android.permission.CHANGE_NETWORK_STATE; com.google.android.providers.gsf.permission.READ_GSERVICES; com.google.android.providers.gsf.permission.WRITE_GSERVICES; android.permission.ACCESS_DOWNLOAD_MANAGER; android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED; android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS; android.permission.INSTALL_PACKAGES; android.permission.DELETE_PACKAGES; android.permission.NFC; com.android.vending.INTENT_VENDING_ONLY; android.permission.RECEIVE_BOOT_COMPLETED; android.permission.RECEIVE_SMS; com.android.launcher.permission.INSTALL_SHORTCUT; android.permission.STATUS_BAR;
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.add_argument('--permissions', '-p', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("packages", "info", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_match(self, args):
"""
Find which activities on the device can handle the formulated intent
usage: match [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>]
[--flags <0x...>] [--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]] [--output <file>]
--------------------------------
Example - finding activities that can handle web addresses
--------------------------------
*mercury#activity> match --action android.intent.action.VIEW --data http://www.google.com
Intent { act=android.intent.action.VIEW dat=http://www.google.com }:
Package name: com.android.browser
Target activity: com.android.browser.BrowserActivity
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='start', add_help=False)
parser.add_argument('--action', '-a', metavar='<action>')
parser.add_argument('--category',
'-c',
nargs='+',
metavar='<category>')
parser.add_argument('--component',
'-co',
nargs=2,
metavar=('package', 'class'))
parser.add_argument('--data', '-d', metavar='<data>')
parser.add_argument('--flags', '-f', metavar='<0x...>')
parser.add_argument('--mimetype', '-dt', metavar='<mimetype>')
parser.add_argument('--extraboolean',
'-eb',
nargs='+',
metavar='key=value')
parser.add_argument('--extrabyte',
'-eby',
nargs='+',
metavar='key=value')
parser.add_argument('--extradouble',
'-ed',
nargs='+',
metavar='key=value')
parser.add_argument('--extrafloat',
'-ef',
nargs='+',
metavar='key=value')
parser.add_argument('--extrainteger',
'-ei',
nargs='+',
metavar='key=value')
parser.add_argument('--extralong',
'-el',
nargs='+',
metavar='key=value')
parser.add_argument('--extraserializable',
'-ese',
nargs='+',
metavar='key=value')
parser.add_argument('--extrashort',
'-esh',
nargs='+',
metavar='key=value')
parser.add_argument('--extrastring',
'-es',
nargs='+',
metavar='key=value')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[
0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("activity", "match",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_start(self, args):
"""
Start a service with an intent
usage: start [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>] [--flags <0x...>]
[--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]]
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='start', add_help=False)
parser.add_argument('--action', '-a', metavar='<action>')
parser.add_argument('--category',
'-c',
nargs='+',
metavar='<category>')
parser.add_argument('--component',
'-co',
nargs=2,
metavar=('package', 'class'))
parser.add_argument('--data', '-d', metavar='<data>')
parser.add_argument('--flags', '-f', metavar='<0x...>')
parser.add_argument('--mimetype', '-dt', metavar='<mimetype>')
parser.add_argument('--extraboolean',
'-eb',
nargs='+',
metavar='key=value')
parser.add_argument('--extrabyte',
'-eby',
nargs='+',
metavar='key=value')
parser.add_argument('--extradouble',
'-ed',
nargs='+',
metavar='key=value')
parser.add_argument('--extrafloat',
'-ef',
nargs='+',
metavar='key=value')
parser.add_argument('--extrainteger',
'-ei',
nargs='+',
metavar='key=value')
parser.add_argument('--extralong',
'-el',
nargs='+',
metavar='key=value')
parser.add_argument('--extraserializable',
'-ese',
nargs='+',
metavar='key=value')
parser.add_argument('--extrashort',
'-esh',
nargs='+',
metavar='key=value')
parser.add_argument('--extrastring',
'-es',
nargs='+',
metavar='key=value')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[
0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("service", "start",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_start(self, args):
"""
Start an activity with the formulated intent.
usage: start [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>]
[--flags <0x...>] [--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]]
--------------------------------
Example - starting the browser activity with an explicit intent
--------------------------------
*mercury#activity> start --component com.android.browser com.android.browser.BrowserActivity --flags 0x10000000
Activity started with Intent { flg=0x10000000 cmp=com.android.browser/.BrowserActivity }
--------------------------------
Example - starting a browser activity with an implicit intent
--------------------------------
*mercury#activity> start --action android.intent.action.VIEW --data http://www.google.com --flags 0x10000000
Activity started with Intent { act=android.intent.action.VIEW dat=http://www.google.com flg=0x10000000 }
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='start', add_help=False)
parser.add_argument('--action', '-a', metavar='<action>')
parser.add_argument('--category',
'-c',
nargs='+',
metavar='<category>')
parser.add_argument('--component',
'-co',
nargs=2,
metavar=('package', 'class'))
parser.add_argument('--data', '-d', metavar='<data>')
parser.add_argument('--flags', '-f', metavar='<0x...>')
parser.add_argument('--mimetype', '-dt', metavar='<mimetype>')
parser.add_argument('--extraboolean',
'-eb',
nargs='+',
metavar='key=value')
parser.add_argument('--extrabyte',
'-eby',
nargs='+',
metavar='key=value')
parser.add_argument('--extradouble',
'-ed',
nargs='+',
metavar='key=value')
parser.add_argument('--extrafloat',
'-ef',
nargs='+',
metavar='key=value')
parser.add_argument('--extrainteger',
'-ei',
nargs='+',
metavar='key=value')
parser.add_argument('--extralong',
'-el',
nargs='+',
metavar='key=value')
parser.add_argument('--extraserializable',
'-ese',
nargs='+',
metavar='key=value')
parser.add_argument('--extrashort',
'-esh',
nargs='+',
metavar='key=value')
parser.add_argument('--extrastring',
'-es',
nargs='+',
metavar='key=value')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[
0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("activity", "start",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
List all installed packages on the device with optional filters. It is possible to search for keywords in package information and permissions using the filters.
usage: info [--filter <filter>] [--permissions <filter>] [--output <file>]
--------------------------------
Example - finding which packages contain the keyword "browser" in their information
--------------------------------
*mercury#packages> info -f browser
Package name: com.android.browser
Process name: com.android.browser
Version: 2.3.6
Data directory: /data/data/com.android.browser
APK path: /system/app/Browser.apk
UID: 10014
GID: 3003; 1015;
Shared libraries: /system/framework/com.motorola.android.frameworks.jar; /system/framework/com.motorola.android.storage.jar;
Permissions: android.permission.ACCESS_COARSE_LOCATION; android.permission.ACCESS_DOWNLOAD_MANAGER; android.permission.ACCESS_FINE_LOCATION; android.permission.ACCESS_NETWORK_STATE; android.permission.ACCESS_WIFI_STATE; android.permission.VIBRATE; com.android.launcher.permission.INSTALL_SHORTCUT; android.permission.INTERNET; android.permission.SET_WALLPAPER; android.permission.WAKE_LOCK; android.permission.WRITE_EXTERNAL_STORAGE; android.permission.WRITE_SETTINGS; com.android.browser.permission.READ_HISTORY_BOOKMARKS; com.android.browser.permission.WRITE_HISTORY_BOOKMARKS; android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS; android.permission.SET_PREFERRED_APPLICATIONS; android.permission.WRITE_SECURE_SETTINGS;
--------------------------------
Example - finding which packages have the "INSTALL_PACKAGES" permission
--------------------------------
*mercury#packages> info -p INSTALL_PACKAGES
Package name: com.android.packageinstaller
Process name: com.android.packageinstaller
Version: 2.3.6
Data directory: /data/data/com.android.packageinstaller
APK path: /system/app/PackageInstaller.apk
UID: 10047
GID:
Permissions: android.permission.INSTALL_PACKAGES; android.permission.DELETE_PACKAGES; android.permission.CLEAR_APP_CACHE; android.permission.READ_PHONE_STATE; android.permission.CLEAR_APP_USER_DATA;
Package name: com.android.vending
Process name: com.android.vending
Version: 3.3.12
Data directory: /data/data/com.android.vending
APK path: /system/app/Phonesky.apk
UID: 10070
GID: 3003; 1015;
Permissions: com.android.vending.billing.IN_APP_NOTIFY.permission.C2D_MESSAGE; com.google.android.c2dm.permission.RECEIVE; com.android.vending.BILLING; android.permission.GET_TASKS; android.permission.INTERNET; android.permission.GET_ACCOUNTS; android.permission.MANAGE_ACCOUNTS; android.permission.AUTHENTICATE_ACCOUNTS; android.permission.USE_CREDENTIALS; android.permission.WRITE_EXTERNAL_STORAGE; android.permission.READ_EXTERNAL_STORAGE; android.permission.CLEAR_APP_CACHE; android.permission.CHANGE_COMPONENT_ENABLED_STATE; android.permission.ACCESS_NETWORK_STATE; android.permission.READ_PHONE_STATE; android.permission.CHANGE_NETWORK_STATE; com.google.android.providers.gsf.permission.READ_GSERVICES; com.google.android.providers.gsf.permission.WRITE_GSERVICES; android.permission.ACCESS_DOWNLOAD_MANAGER; android.permission.ACCESS_DOWNLOAD_MANAGER_ADVANCED; android.permission.SEND_DOWNLOAD_COMPLETED_INTENTS; android.permission.INSTALL_PACKAGES; android.permission.DELETE_PACKAGES; android.permission.NFC; com.android.vending.INTENT_VENDING_ONLY; android.permission.RECEIVE_BOOT_COMPLETED; android.permission.RECEIVE_SMS; com.android.launcher.permission.INSTALL_SHORTCUT; android.permission.STATUS_BAR;
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.add_argument('--permissions', '-p', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("packages", "info", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_finduri(self, args):
"""
Find content uri strings that are referenced in a package
usage: finduri [--output <file>] packageName
----------------------------------------------------------------
Example - finding all content URI's referenced in the browser package
----------------------------------------------------------------
*mercury#provider> finduri com.android.browser
/system/app/Browser.apk:
Contains no classes.dex
/system/app/Browser.odex:
content://com.google.android.partnersetup.rlzappprovider/
content://com.google.settings/partner
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'finduri', add_help = False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
path = self.session.executeCommand("packages", "path", {'packageName':splitargs.packageName}).data
print ""
# Delete classes.dex that might be there from previously
self.session.executeCommand("core", "delete", {'path':'/data/data/com.mwr.mercury/classes.dex'})
# Iterate through paths returned
for line in path.split():
if (".apk" in line):
print line + ":"
if self.session.executeCommand("core", "unzip", {'filename':'classes.dex', 'path':line, 'destination':'/data/data/com.mwr.mercury/'}).isError():
print "Contains no classes.dex\n"
else:
strings = self.session.executeCommand("provider", "finduri", {'path':'/data/data/com.mwr.mercury/classes.dex'}).data
for string in strings.split():
if (("CONTENT://" in string.upper()) and ("CONTENT://" != string.upper())):
print string[string.upper().find("CONTENT"):]
# Delete classes.dex
self.session.executeCommand("core", "delete", {'path':'/data/data/com.mwr.mercury/classes.dex'})
print ""
if (".odex" in line):
print line + ":"
strings = self.session.executeCommand("core", "strings", {'path':line}).data
for string in strings.split():
if (("CONTENT://" in string.upper()) and ("CONTENT://" != string.upper())):
print string[string.upper().find("CONTENT"):]
print ""
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_update(self, args):
"""
Update the specified content uri
usage: update Uri [--string column=data [column=data ...]]
[--boolean column=data [column=data ...]]
[--integer column=data [column=data ...]]
[--double column=data [column=data ...]]
[--float column=data [column=data ...]]
[--long column=data [column=data ...]]
[--short column=data [column=data ...]] [--where <where>]
[--selectionArgs <arg> [<arg> ...]]
----------------------------------------------------------------
Example - updating an item in a content provider
----------------------------------------------------------------
*mercury#provider> update content://com.vulnerable.im/messages --string date=1331930604655 contact=lolzcopter41 account=3 body="Hi" --where _id=3
1 rows have been updated.
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'update', add_help = False)
parser.add_argument('--string', '-s', nargs = '+', metavar = 'column=data')
parser.add_argument('--boolean', '-b', nargs = '+', metavar = 'column=data')
parser.add_argument('--integer', '-i', nargs = '+', metavar = 'column=data')
parser.add_argument('--double', '-d', nargs = '+', metavar = 'column=data')
parser.add_argument('--float', '-f', nargs = '+', metavar = 'column=data')
parser.add_argument('--long', '-l', nargs = '+', metavar = 'column=data')
parser.add_argument('--short', '-sh', nargs = '+', metavar = 'column=data')
parser.add_argument('--where', '-w', metavar = '<where>')
parser.add_argument('--selectionArgs', '-sa', nargs = '+', metavar = '<arg>')
parser.add_argument('Uri')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "update", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_update(self, args):
"""
Update the specified content uri
usage: update Uri [--string column=data [column=data ...]]
[--boolean column=data [column=data ...]]
[--integer column=data [column=data ...]]
[--double column=data [column=data ...]]
[--float column=data [column=data ...]]
[--long column=data [column=data ...]]
[--short column=data [column=data ...]] [--where <where>]
[--selectionArgs <arg> [<arg> ...]]
----------------------------------------------------------------
Example - updating an item in a content provider
----------------------------------------------------------------
*mercury#provider> update content://com.vulnerable.im/messages --string date=1331930604655 contact=lolzcopter41 account=3 body="Hi" --where _id=3
1 rows have been updated.
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='update', add_help=False)
parser.add_argument('--string', '-s', nargs='+', metavar='column=data')
parser.add_argument('--boolean',
'-b',
nargs='+',
metavar='column=data')
parser.add_argument('--integer',
'-i',
nargs='+',
metavar='column=data')
parser.add_argument('--double', '-d', nargs='+', metavar='column=data')
parser.add_argument('--float', '-f', nargs='+', metavar='column=data')
parser.add_argument('--long', '-l', nargs='+', metavar='column=data')
parser.add_argument('--short', '-sh', nargs='+', metavar='column=data')
parser.add_argument('--where', '-w', metavar='<where>')
parser.add_argument('--selectionArgs',
'-sa',
nargs='+',
metavar='<arg>')
parser.add_argument('Uri')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "update",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_insert(self, args):
"""
Insert into the specified content uri
usage: insert Uri [--string column=data [column=data ...]]
[--boolean column=data [column=data ...]]
[--integer column=data [column=data ...]]
[--double column=data [column=data ...]]
[--float column=data [column=data ...]]
[--long column=data [column=data ...]]
[--short column=data [column=data ...]]
----------------------------------------------------------------
Example - insert a new item into a content provider
----------------------------------------------------------------
*mercury#provider> insert content://com.vulnerable.im/messages --string date=1331763850325 type=0 --integer _id=7
content://com.vulnerable.im/messages/3
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='insert', add_help=False)
parser.add_argument('--string', '-s', nargs='+', metavar='column=data')
parser.add_argument('--boolean',
'-b',
nargs='+',
metavar='column=data')
parser.add_argument('--integer',
'-i',
nargs='+',
metavar='column=data')
parser.add_argument('--double', '-d', nargs='+', metavar='column=data')
parser.add_argument('--float', '-f', nargs='+', metavar='column=data')
parser.add_argument('--long', '-l', nargs='+', metavar='column=data')
parser.add_argument('--short', '-sh', nargs='+', metavar='column=data')
parser.add_argument('Uri')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "insert",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_insert(self, args):
"""
Insert into the specified content uri
usage: insert Uri [--string column=data [column=data ...]]
[--boolean column=data [column=data ...]]
[--integer column=data [column=data ...]]
[--double column=data [column=data ...]]
[--float column=data [column=data ...]]
[--long column=data [column=data ...]]
[--short column=data [column=data ...]]
----------------------------------------------------------------
Example - insert a new item into a content provider
----------------------------------------------------------------
*mercury#provider> insert content://com.vulnerable.im/messages --string date=1331763850325 type=0 --integer _id=7
content://com.vulnerable.im/messages/3
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'insert', add_help = False)
parser.add_argument('--string', '-s', nargs = '+', metavar = 'column=data')
parser.add_argument('--boolean', '-b', nargs = '+', metavar = 'column=data')
parser.add_argument('--integer', '-i', nargs = '+', metavar = 'column=data')
parser.add_argument('--double', '-d', nargs = '+', metavar = 'column=data')
parser.add_argument('--float', '-f', nargs = '+', metavar = 'column=data')
parser.add_argument('--long', '-l', nargs = '+', metavar = 'column=data')
parser.add_argument('--short', '-sh', nargs = '+', metavar = 'column=data')
parser.add_argument('Uri')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "insert", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about exported content providers with optional filters. . It is possible to search for keywords in content provider information and permissions using the filters.
usage: info [--filter <filter>] [--permissions <filter>] [--output <file>]
--------------------------------
Example - finding all content provider with the keyword "settings" in them
--------------------------------
*mercury#provider> info -f settings
Package name: com.google.android.gsf
Authority: com.google.settings
Required Permission - Read: null
Required Permission - Write: com.google.android.providers.settings.permission.WRITE_GSETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
Package name: com.android.providers.settings
Authority: settings
Required Permission - Read: null
Required Permission - Write: android.permission.WRITE_SETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
--------------------------------
Example - finding all content providers that do not require any permissions to read from them or write to them
--------------------------------
*mercury#provider> info -p null
Package name: com.google.android.gsf
Authority: com.google.settings
Required Permission - Read: null
Required Permission - Write: com.google.android.providers.settings.permission.WRITE_GSETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
Package name: com.android.providers.settings
Authority: settings
Required Permission - Read: null
Required Permission - Write: android.permission.WRITE_SETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
Package name: com.google.android.apps.uploader
Authority: com.google.android.apps.uploader
Required Permission - Read: null
Required Permission - Write: null
Grant Uri Permissions: false
Multiprocess allowed: false
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='info', add_help=False)
parser.add_argument('--filter', '-f', metavar='<filter>')
parser.add_argument('--permissions', '-p', metavar='<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "info",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_finduri(self, args):
"""
Find content uri strings that are referenced in a package
usage: finduri [--output <file>] packageName
----------------------------------------------------------------
Example - finding all content URI's referenced in the browser package
----------------------------------------------------------------
*mercury#provider> finduri com.android.browser
/system/app/Browser.apk:
Contains no classes.dex
/system/app/Browser.odex:
content://com.google.android.partnersetup.rlzappprovider/
content://com.google.settings/partner
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='finduri', add_help=False)
parser.add_argument('packageName')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
path = self.session.executeCommand(
"packages", "path", {
'packageName': splitargs.packageName
}).data
print ""
# Delete classes.dex that might be there from previously
self.session.executeCommand(
"core", "delete",
{'path': '/data/data/com.mwr.mercury/classes.dex'})
# Iterate through paths returned
for line in path.split():
if (".apk" in line):
print line + ":"
if self.session.executeCommand(
"core", "unzip", {
'filename': 'classes.dex',
'path': line,
'destination': '/data/data/com.mwr.mercury/'
}).isError():
print "Contains no classes.dex\n"
else:
strings = self.session.executeCommand(
"provider", "finduri", {
'path':
'/data/data/com.mwr.mercury/classes.dex'
}).data
for string in strings.split():
if (("CONTENT://" in string.upper())
and ("CONTENT://" != string.upper())):
print string[string.upper().find("CONTENT"):]
# Delete classes.dex
self.session.executeCommand(
"core", "delete",
{'path': '/data/data/com.mwr.mercury/classes.dex'})
print ""
if (".odex" in line):
print line + ":"
strings = self.session.executeCommand(
"core", "strings", {
'path': line
}).data
for string in strings.split():
if (("CONTENT://" in string.upper())
and ("CONTENT://" != string.upper())):
print string[string.upper().find("CONTENT"):]
print ""
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_query(self, args):
"""
Query the specified content provider
usage: query [--projection <column> [<column> ...]] [--selection <rows>]
[--selectionArgs <arg> [<arg> ...]] [--sortOrder <order>]
[--showColumns <true/false>] [--output <file>]
Uri
The general structure of a content URI is:
content://authority/table
--------------------------------
Example - querying the settings content provider
--------------------------------
*mercury#provider> query content://settings/secure
_id | name | value
.....
5 | assisted_gps_enabled | 1
9 | wifi_networks_available_notification_on | 1
10 | sys_storage_full_threshold_bytes | 2097152
11 | sys_storage_threshold_percentage | 10
12 | preferred_network_mode | 3
13 | cdma_cell_broadcast_sms | 1
14 | preferred_cdma_subscription | 1
15 | mock_location | 0
17 | backup_transport | com.google.android.backup/.BackupTransportService
18 | throttle_polling_sec | 600
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog='query', add_help=False)
parser.add_argument('--projection',
'-p',
nargs='+',
metavar='<column>')
parser.add_argument('--selection', '-s', metavar='<rows>')
parser.add_argument('--selectionArgs',
'-sa',
nargs='+',
metavar='<arg>')
parser.add_argument('--sortOrder', '-so', metavar='<order>')
parser.add_argument('--showColumns', '-nc', metavar='<true/false>')
parser.add_argument('Uri')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "query",
request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_info(self, args):
"""
Get information about exported content providers with optional filters. . It is possible to search for keywords in content provider information and permissions using the filters.
usage: info [--filter <filter>] [--permissions <filter>] [--output <file>]
--------------------------------
Example - finding all content provider with the keyword "settings" in them
--------------------------------
*mercury#provider> info -f settings
Package name: com.google.android.gsf
Authority: com.google.settings
Required Permission - Read: null
Required Permission - Write: com.google.android.providers.settings.permission.WRITE_GSETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
Package name: com.android.providers.settings
Authority: settings
Required Permission - Read: null
Required Permission - Write: android.permission.WRITE_SETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
--------------------------------
Example - finding all content providers that do not require any permissions to read from them or write to them
--------------------------------
*mercury#provider> info -p null
Package name: com.google.android.gsf
Authority: com.google.settings
Required Permission - Read: null
Required Permission - Write: com.google.android.providers.settings.permission.WRITE_GSETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
Package name: com.android.providers.settings
Authority: settings
Required Permission - Read: null
Required Permission - Write: android.permission.WRITE_SETTINGS
Grant Uri Permissions: false
Multiprocess allowed: false
Package name: com.google.android.apps.uploader
Authority: com.google.android.apps.uploader
Required Permission - Read: null
Required Permission - Write: null
Grant Uri Permissions: false
Multiprocess allowed: false
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'info', add_help = False)
parser.add_argument('--filter', '-f', metavar = '<filter>')
parser.add_argument('--permissions', '-p', metavar = '<filter>')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "info", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_match(self, args):
"""
Find which activities on the device can handle the formulated intent
usage: match [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>]
[--flags <0x...>] [--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]] [--output <file>]
--------------------------------
Example - finding activities that can handle web addresses
--------------------------------
*mercury#activity> match --action android.intent.action.VIEW --data http://www.google.com
Intent { act=android.intent.action.VIEW dat=http://www.google.com }:
Package name: com.android.browser
Target activity: com.android.browser.BrowserActivity
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'start', add_help = False)
parser.add_argument('--action', '-a', metavar = '<action>')
parser.add_argument('--category', '-c', nargs = '+', metavar = '<category>')
parser.add_argument('--component', '-co', nargs = 2, metavar = ('package', 'class'))
parser.add_argument('--data', '-d', metavar = '<data>')
parser.add_argument('--flags', '-f', metavar = '<0x...>')
parser.add_argument('--mimetype', '-dt', metavar = '<mimetype>')
parser.add_argument('--extraboolean', '-eb', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrabyte', '-eby', nargs = '+', metavar = 'key=value')
parser.add_argument('--extradouble', '-ed', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrafloat', '-ef', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrainteger', '-ei', nargs = '+', metavar = 'key=value')
parser.add_argument('--extralong', '-el', nargs = '+', metavar = 'key=value')
parser.add_argument('--extraserializable', '-ese', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrashort', '-esh', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrastring', '-es', nargs = '+', metavar = 'key=value')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("activity", "match", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_query(self, args):
"""
Query the specified content provider
usage: query [--projection <column> [<column> ...]] [--selection <rows>]
[--selectionArgs <arg> [<arg> ...]] [--sortOrder <order>]
[--showColumns <true/false>] [--output <file>]
Uri
The general structure of a content URI is:
content://authority/table
--------------------------------
Example - querying the settings content provider
--------------------------------
*mercury#provider> query content://settings/secure
_id | name | value
.....
5 | assisted_gps_enabled | 1
9 | wifi_networks_available_notification_on | 1
10 | sys_storage_full_threshold_bytes | 2097152
11 | sys_storage_threshold_percentage | 10
12 | preferred_network_mode | 3
13 | cdma_cell_broadcast_sms | 1
14 | preferred_cdma_subscription | 1
15 | mock_location | 0
17 | backup_transport | com.google.android.backup/.BackupTransportService
18 | throttle_polling_sec | 600
...
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'query', add_help = False)
parser.add_argument('--projection', '-p', nargs = '+', metavar = '<column>')
parser.add_argument('--selection', '-s', metavar = '<rows>')
parser.add_argument('--selectionArgs', '-sa', nargs = '+', metavar = '<arg>')
parser.add_argument('--sortOrder', '-so', metavar = '<order>')
parser.add_argument('--showColumns', '-nc', metavar = '<true/false>')
parser.add_argument('Uri')
parser.setOutputToFileOption()
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
print self.session.executeCommand("provider", "query", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_start(self, args):
"""
Start an activity with the formulated intent.
usage: start [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>]
[--flags <0x...>] [--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]]
--------------------------------
Example - starting the browser activity with an explicit intent
--------------------------------
*mercury#activity> start --component com.android.browser com.android.browser.BrowserActivity --flags 0x10000000
Activity started with Intent { flg=0x10000000 cmp=com.android.browser/.BrowserActivity }
--------------------------------
Example - starting a browser activity with an implicit intent
--------------------------------
*mercury#activity> start --action android.intent.action.VIEW --data http://www.google.com --flags 0x10000000
Activity started with Intent { act=android.intent.action.VIEW dat=http://www.google.com flg=0x10000000 }
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'start', add_help = False)
parser.add_argument('--action', '-a', metavar = '<action>')
parser.add_argument('--category', '-c', nargs = '+', metavar = '<category>')
parser.add_argument('--component', '-co', nargs = 2, metavar = ('package', 'class'))
parser.add_argument('--data', '-d', metavar = '<data>')
parser.add_argument('--flags', '-f', metavar = '<0x...>')
parser.add_argument('--mimetype', '-dt', metavar = '<mimetype>')
parser.add_argument('--extraboolean', '-eb', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrabyte', '-eby', nargs = '+', metavar = 'key=value')
parser.add_argument('--extradouble', '-ed', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrafloat', '-ef', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrainteger', '-ei', nargs = '+', metavar = 'key=value')
parser.add_argument('--extralong', '-el', nargs = '+', metavar = 'key=value')
parser.add_argument('--extraserializable', '-ese', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrashort', '-esh', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrastring', '-es', nargs = '+', metavar = 'key=value')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("activity", "start", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_send(self, args):
"""
Send a broadcast with the formulated intent.
usage: send [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>]
[--flags <0x...>] [--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]]
--------------------------------
Example - sending a BOOT_COMPLETED broadcast that we do not have the permissions for
--------------------------------
*mercury#broadcast> send --action android.intent.action.BOOT_COMPLETED
Permission Denial: not allowed to send broadcast android.intent.action.BOOT_COMPLETED from pid=1828, uid=10116
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'send', add_help = False)
parser.add_argument('--action', '-a', metavar = '<action>')
parser.add_argument('--category', '-c', nargs = '+', metavar = '<category>')
parser.add_argument('--component', '-co', nargs = 2, metavar = ('package', 'class'))
parser.add_argument('--data', '-d', metavar = '<data>')
parser.add_argument('--flags', '-f', metavar = '<0x...>')
parser.add_argument('--mimetype', '-dt', metavar = '<mimetype>')
parser.add_argument('--extraboolean', '-eb', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrabyte', '-eby', nargs = '+', metavar = 'key=value')
parser.add_argument('--extradouble', '-ed', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrafloat', '-ef', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrainteger', '-ei', nargs = '+', metavar = 'key=value')
parser.add_argument('--extralong', '-el', nargs = '+', metavar = 'key=value')
parser.add_argument('--extraserializable', '-ese', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrashort', '-esh', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrastring', '-es', nargs = '+', metavar = 'key=value')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("broadcast", "send", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass
def do_start(self, args):
"""
Start a service with an intent
usage: start [--action <action>] [--category <category> [<category> ...]]
[--component package class] [--data <data>] [--flags <0x...>]
[--mimetype <mimetype>]
[--extraboolean key=value [key=value ...]]
[--extrabyte key=value [key=value ...]]
[--extradouble key=value [key=value ...]]
[--extrafloat key=value [key=value ...]]
[--extrainteger key=value [key=value ...]]
[--extralong key=value [key=value ...]]
[--extraserializable key=value [key=value ...]]
[--extrashort key=value [key=value ...]]
[--extrastring key=value [key=value ...]]
"""
# Define command-line arguments using argparse
parser = BaseArgumentParser(prog = 'start', add_help = False)
parser.add_argument('--action', '-a', metavar = '<action>')
parser.add_argument('--category', '-c', nargs = '+', metavar = '<category>')
parser.add_argument('--component', '-co', nargs = 2, metavar = ('package', 'class'))
parser.add_argument('--data', '-d', metavar = '<data>')
parser.add_argument('--flags', '-f', metavar = '<0x...>')
parser.add_argument('--mimetype', '-dt', metavar = '<mimetype>')
parser.add_argument('--extraboolean', '-eb', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrabyte', '-eby', nargs = '+', metavar = 'key=value')
parser.add_argument('--extradouble', '-ed', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrafloat', '-ef', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrainteger', '-ei', nargs = '+', metavar = 'key=value')
parser.add_argument('--extralong', '-el', nargs = '+', metavar = 'key=value')
parser.add_argument('--extraserializable', '-ese', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrashort', '-esh', nargs = '+', metavar = 'key=value')
parser.add_argument('--extrastring', '-es', nargs = '+', metavar = 'key=value')
try:
# Split arguments using shlex - this means that parameters with spaces can be used - escape " characters inside with \
splitargs = parser.parse_args(shlex.split(args))
# Compile stated arguments to send to executeCommand
request = vars(splitargs)
if (splitargs.component):
request['component'] = splitargs.component[0] + "=" + splitargs.component[1]
if (splitargs.flags):
request['flags'] = str(int(splitargs.flags, 0))
print self.session.executeCommand("service", "start", request).getPaddedErrorOrData()
# FIXME: Choose specific exceptions to catch
except Exception:
pass