Download The Power of Root on Android emulators (Notes).

Survey
yes no Was this document useful for you?
   Thank you for your participation!

* Your assessment is very important for improving the workof artificial intelligence, which forms the content of this project

Document related concepts
no text concepts found
Transcript
The power of root on Android
emulators
Command line tooling for Android Development
Gabe Martin
LinuxFest Northwest 2013
10:00 AM to 10:50 AM, CC 239
Welcome
Describe alternative title
Questions can be asked between immediately following demos
About Me
Android Developer (2010-Present)
Android Mobile developer
Windows Developer 2000 - 2011
Enterprise desktop software development. Primarily Windows, Primarily C++ / .
NET
WWU Computer Science 2001
Presentation topics
● Interacting with Android components
○ Activities, Services, Broadcast Receivers, Content
Providers
● Utilizing Android SDK / Emulator tools for
development and testing
○ adb, ant, am, content, run-as
● Identifying differences between developing
on different types of devices
○ Emulators, rooted devices, stock devices
Android SDK Overview
●
●
●
●
●
●
●
Free / Open Source
Multi-platform (Mac, Linux, Windows)
Java based
Build Tools
Debug tools
Platforms (Android 1.5 - API3 to Android 4.2.2 API 17)
○ Emulator
○ Platform Library
API Add-ons
Overview of Android Tooling
Not all platforms are supported equally
Mac
Best supported. Emulators are usable and connecting to Android
devices "just works."
Linux
Some configuration required for adb access.
Windows
Requires cygwin for some features. Difficult to detect some devices via
ADB.
Build Tools: android, ant, proguard
Development tools: adb, sqlite3, profilers, monkey runner
Eclipse IDE (ADT) is the recommended IDE for Android development. Many other are
available including NetBeans, IntelliJ?, Visual Studio
SDK Download: http://developer.android.com/sdk/index.html
Android SDK Demo
Demo: Building an Android app using the SDK and
command line
Run:
copy ../bootstrapPresentations.sh .
cat bootstrapPresentations.sh
- if no network access is available or github error use local files
android avd & # start emulator
ant debug install
# debug and install
Apps - Desktop vs Android
App Lifetime
Desktop Apps - process bound
Have an entry point method and app exits once completed
Android Apps - state bound
Processes can be killed at any point and restored with existing state
Key difference
What happens when the app or process is "killed" by user or system
Android SDK links:
http://developer.android.com/training/basics/activity-lifecycle/index.html
Activity
From the Android SDK
An Activity is an application component that provides a
screen with which users can interact in order to do
something, such as dial the phone, take a photo, send an
email, or view a map. Each activity is given a window in
which to draw its user interface.
Activities are "stacked" and popped off when back is pressed.
The Activity backstack is preserved by the system and not tied to a process.
Learn more about Activities at David Schwegler's Developing for Android's
Uniqueness
Android SDK links:
http://developer.android.com/training/basics/activity-lifecycle/index.html
http://developer.android.com/guide/components/activities.html
Activities and apps
Content
Provider
Activity
Activity
Activity
Activity
Service
Dalvik VM
Process
Android System
Linux
Activities are "stacked" and popped off when back is pressed.
The Activity backstack is preserved by the system and not tied to a process.
Learn more about Activities at David Schwegler's Developing for Android's
Uniqueness
Android SDK links:
http://developer.android.com/training/basics/activity-lifecycle/index.html
Activity Demo
Demo: Starting Activities and killing processes from the
command line
Demo
Start 4 activities in a row. Show how you can kill the process which effectively pops
the last activity off the stack.
test/showAllProcesses.sh
test/startActivities.sh
test/showAllProcesses.sh
test/showAppProcess.sh
test/killProcess.sh
test/killProcess.sh
test/killProcess.sh
test/startActivities.sh
test/forceStop.sh
Native app crashes behave in a similar manner.
Services
From the Android SDK
A Service is an application component that can perform
long-running operations in the background and does not
provide a user interface.
Examples
○ Downloading content
○ Playing music
More on Services - http://developer.android.com/guide/components/services.html
Services Demo
Demo: Starting a service with an intent from
command line
Demo
test/forceStop.sh
test/showAppProcess.sh
# Verifies app processes are not running
test/startUpdateSessionsForced.sh # Creates a new process and starts service
test/showAppProcess.sh
# Shows that a process was started to run the
service and is still running
Broadcast Receivers
From the Android SDK
A broadcast receiver is a component that responds to
system-wide broadcast announcements. Many broadcasts
originate from the system—for example, a broadcast
announcing that the screen has turned off, the battery is
low, or a picture was captured. Applications can also initiate
broadcasts—for example, to let other applications know
that some data has been downloaded to the device and is
available for them to use.
http://developer.android.com/guide/components/fundamentals.html
Broadcast Receivers Demo
Demo: Sending broadcast intents from
command line
Demo
test/startSessionsActivity.sh
test/broadcastUpdateStarted.sh
test/broadcastUpdateCompleted.sh
test/broadcastUpdateRefreshContent.sh
Content Providers
From the Android SDK:
A content provider manages a shared set of application
data. You can store the data in the file system, an
SQLite database, on the web, or any other persistent
storage location your application can access. Through
the content provider, other applications can query or
even modify the data (if the content provider allows it).
http://developer.android.com/guide/components/fundamentals.html
sqlite3 is available on emulators but has limitations. Namely no command history
support
Demo
Use content command to change the SECURE_ID used by the emulator.
Content Provider Demo
Demo: Interacting with Content Providers from
the command line
showAppProcess.sh
simpleQueryProvider.sh
provider
showAppProcess.sh
simpleInsertHelloWorld.sh
simpleQueryProvider.sh
simpleInsertGoodbyeWorld.sh
simpleQueryProvider.sh
killProcess.sh
showAppProcess.sh
queryWebContentProvider.sh
provider
# verify not currently running
# starts process - queries empty simple content
# container process started
# inserts data
# queries data
# inserts more data
# queries data
# verify not currently running
# starts process - queries empty simple content
queryWebContentProvider.sh
# Demonstrate a ContentProvider that can make
web queries - dangerous. possibly allows apps to query other apps content providers
for possibly sensitive or not allowed behavior
Android Database Fundamentals
Sqlite based
Default db storage location
/data/data/<app>/databases/<dbname>.db
Interacting with databases on emulators, easy!
sqlite3 binary included in device images
emulators have root access so db files are accessible
Accessing databases on non-rooted devices, tricky but
doable
Debuggable Android apps support run-as
run-as broken on Android 2.2 when more than 50 apps are installed
Run-as command demo
Demo: Accessing private databases
The run-as command is what makes it possible to debug apps on stock devices.
Useful command to also access otherwise restricted data.
runAsShowDatabases.sh
runAsMakeSessionsDatabaseWritable.sh
runAsPullSessionsDatabase.sh
runAsMakeSessionsDatabaseReadOnly.sh
sqlite3 Sessions.db
Also very useful for accessing/changing private app preferences and files
Monkey - because it's fun
Demo: monkey test tool for fuzz testing UI
Demo
monkey.sh
# starts the monkey.sh UI fuzz testing tool
The End
Questions?
Git Repos
https://github.com/gabema/lfnw/tree/commandline
https://github.com/gabema/LFNWSampleApp
Google Presentation
https://docs.google.
com/presentation/d/1RyCTjGct6oWazSU6KuEnZbYWdH4lyZA5Bw4zN10yWks
/edit?usp=sharing
Special Thanks
David Schwegler for making an awesome LFNW 2013 app
(Make sure to attend Developing for Android's Uniqueness at 1:30 same room)