Category Archives: Android

Standalone Perl on Android

In simmilar lines to standalone python this is the code that could be used for running standalone perl applications.

This script again tries to address some very basic issues.

1) non availability of direct perl calling mechanism while using terminal emulator.

2) Environmental limitations.

3) you can’t pass command-line arguments.

Script enclosed Here

#License: GPLv2 or later
#License URI: http://www.gnu.org/licenses/gpl-2.0.html
PW=`pwd`
cd $PW
export PERL5LIB="/sdcard/haxdroid/perllib"
/data/data/com.googlecode.perlforandroid/files/perl/perl "$@"

this script allows for following things

1) allow us to use this shell script to call perl directly.

2) allows for command line argument passing.

3) relative path references are now working

 

I have named this script as py and placed it in /system/bin/pl location

so basically copying this script in a text file say pl.txt

adb push pl.txt /system/bin/pl

adb shell chmod 04755 /system/bin/pl

 

As always this depends on perl4aandroid project for running properly, you can download from here

https://android-scripting.googlecode.com/files/perl_for_android_r1.apk

DroidCAT – Android Application collection for Security professionals

After a gap of 1 month finally releasing the droidcat application.

DroidCAT application is developed as part of HaXdroiD project which is right now in closed tested status.

Lets talk about DroidCat today.

What is Cat-Droid?
DroidCat is inspired by firecat and aims to be a one stop solution to finding all
ethical hacking / information security related application published in android domain.
This Application is also a part of HaXdroiD suite which aims to empower the
Android handset for Penetration Testing purposes.

So now lets not wait head over to the android market and download the application.

DroidCAT

Whitepaper : Security Issues in Android Custom ROM's

Today i am releasing the paper which i presented recently at C0C0N conference at ernakulam. this paper outlines where security misconfiguration that can lead to device compromise, data theft and so on.
Hope this helps in secure development and deployment of custom ROM’s.

http://anantshri.info/articles/android_cust_rom_security.html

The link contains download for both my slidepack as well as the complete whitepaper.

also a crude application is created and uploaded on android market which can help in identifying the issue.

https://market.android.com/details?id=anant.hax.aui

Android : Running Standalone Python

This is not yet another post on  android-scripting project or SL4A or python for android.

This post is for a specific purpose to empower the terminal again and make users again feel the power of terminal.

Current state we can run perl, python, PHP, ruby, beanshell in SL4A interface or as a standalone apk with modifications.

so here is the bad part

1) you can’t run applications on console directly.

2) you have environmental limitations.

3) you can’t pass command-line arguments.

for a normal person these could be some limitations however for some including myself THESE are the limitations.

so while searching for solution i have came across this script

Here is a modified version of the same making sure the awesomeness embedded

#License: GPLv2 or later
#License URI: http://www.gnu.org/licenses/gpl-2.0.html
PW=`pwd`
export EXTERNAL_STORAGE=/mnt/sdcard
export LANG=en
PYTHONPATH=/mnt/sdcard/com.googlecode.pythonforandroid/extras/python
PYTHONPATH=${PYTHONPATH}:/data/data/com.googlecode.pythonforandroid/files/python/lib/python2.6/lib-dynload
export PYTHONPATH
export TEMP=/mnt/storage/com.googlecode.pythonforandroid/extras/python/tmp
export PYTHON_EGG_CACHE=$TEMP
export PYTHONHOME=/data/data/com.googlecode.pythonforandroid/files/python
export LD_LIBRARY_PATH=/data/data/com.googlecode.pythonforandroid/files/python/lib
cd $PW
/data/data/com.googlecode.pythonforandroid/files/python/bin/python "$@"

Line no 1,3,11 are the changes that i made.

These changes allow for following things.

1) allow us to use this shell script to call python.

2) allows for command line argument passing.

3) relative path references are now working

however we also need to understand the importance of Sl4A style project these project provide native applications a direct option to interact / create native UI. (dialog box, button, texts etc)

I have named this script as py and placed it in /system/bin/py location

so basically copying this script in a text file say py.txt

adb push py.txt /system/bin/py

adb shell chmod 04755 /system/bin/py

gives you python shell on your android terminal.

Right now i am working towards making various tools of trade available on terminal.

I will be keeping a track my progress at XDA developer forum thread linked here.