Here's a script I use to track all DNS queries any Android app is doing.
It will show which hostnames some app is about to contact for resources, including, but not limited to adverts, updates, rogue hosts, thumbnail images, news sources etc.
Prerequisites:
- rooted device with busybox installed
- a DNS resolver with readable logs. This usually means a local "bind9" installation within the LAN.
- optional: "Script Manager" installed. Makes it easy to experiment and run on network change events.
Code:
#!/system/bin/sh
# trying to direct dns queries to
# private dns resolver in LAN
dns="net.dns"
dns_dflt="${1:-192.168.2.1}"
dns2="${2:-${dns}2}"
boss="${3:-192.168.2.55}"
dns_1=$(getprop "${dns}1")
ex=$?
dns_chg=$(getprop 'net.dnschange')
ex=$(($ex + $?))
echo "$0: id=$(id);dns_1='${dns_1}'"
ping -c1 -w3 "${boss}" &&
case "-${dns_1}" in
-${dns_dflt})
echo "$0: setprop"
setprop "${dns}1" "${boss}"
ex=$(($ex + $?))
setprop "${dns2}" "${dns_1}"
ex=$(($ex + $?))
setprop "net.dnschange" "$((${dns_chg} + 1))"
ex=$(($ex + $?))
;;
esac
getprop | grep 'dns' || :
[ $ex -ne 0 ] && echo "$? setprop '$1' '$2'"
exit $ex
run as root admin user and tick "on network". The output is a list of all current DNS related settings after the script has run.
I use it with the following arguments, which are valid for the "netgear" wlan router and my PCs IP:
192.168.2.1 net.dns2 192.168.2.55
the first is the IP of the DNS server set up in the DHCP lease sent from the router (never changes, used for plausibility test);
the second is the getprop property where the original DNS server will be stored in;
the third is the IP of my own DNS resolver whose logs I can check.
The script makes sure that the resolver is reachable (ping) and that Androids DNS settings are only mutilated when they match expected values (1st argument).
I need Bluetooth DUN tethering support to connect to my generic DUN capable feature phone.
If you don't have that, I'd be happy if someone could just tell me how to install "pppd, rfcomm, and sdptool" so I can access them in Terminal.
Try from terminal if u have root:
su
pand --connect <remote BT device hex address>
ifconfig bnep0 down
dhcpcd bnep0
setprop net.dns1 8.8.8.8
I have my phone paired... This tutorial looks like it might be for PAN, and I think I only have DUN.
This is what i get...
$ su
# pand --connect a0:78:ba:24:cd:aa
# ifconfig bnep0 down
error: SIOCGIFFLAGS (No such device)
i need a developer help.
just tell
is any code or property works if we apply it with setprop
means
setprop video.accelerate.hw 1
reply must.
Looking to see if there's a terminal/adb command to find where exactly a "getprop" parameter's location resides?
Basically I need to find where the parameter
Code:
dolby.ds.virt.bluetooth off
resides so I can change the output to
Code:
dolby.ds.virt.bluetooth on
.
I looked in the build.prop, su.d, and other folders without any luck. I used the setprop command to enable it, rebooted and it didn't stick. I then added it to my /system/su.d setprop folder, and all other commands stuck BUT that particular one....? So it's getting turned back off somehow, from some other location I can't find?
Any help is appreciated!:good:
Bump? Tried a bunch of shell commands, best so far is "pm path #command# /sdcard/titties" ? No error, but outputs nothing....
I have some idea about unlocking the bootloader OEM unlock menu but i don't know if we are able to.
The new system shell exploit allows us to set properties, if we can set read only system properties by using an ARM binary compiled with the ndk we might be able to unlock the oem unlock menu.
Does anyone know if we can execute a self built executable as a system user? can't find any way to execute the binary via adb it might be able via an app.... haven't been in android development for a while so don't know if this is possible.
If we are able to execute this tool we can do a lot on samsung maybe, the tool is available on https://github.com/liwugang/android_properties (as we can set system properties via the system user we might be able to set ro properties)
DaanNL said:
Does anyone know if we can execute a self built executable as a system user?
Click to expand...
Click to collapse
Hello and good morning, @DaanNL
Prior to your next posting please read the guidances that are stuck on top of every forum like
[Read Before Posting]QUESTIONS DO NOT BELONG IN GENERAL
Hello Everybody, In order to attempt to keep this forum neat and tidy the moderation team is asking you to post your questions into the Questions and Answers (Q&A) forum and not into the General section. You can find the Q&A forum by clicking...
forum.xda-developers.com
and the others. I've moved your thread to Android Q&A.
Thanks for your cooperation!
Regards
Oswald Boelcke
Senior Moderator
DaanNL said:
I have some idea about unlocking the bootloader OEM unlock menu but i don't know if we are able to.
The new system shell exploit allows us to set properties, if we can set read only system properties by using an ARM binary compiled with the ndk we might be able to unlock the oem unlock menu.
Does anyone know if we can execute a self built executable as a system user? can't find any way to execute the binary via adb it might be able via an app.... haven't been in android development for a while so don't know if this is possible.
If we are able to execute this tool we can do a lot on samsung maybe, the tool is available on https://github.com/liwugang/android_properties (as we can set system properties via the system user we might be able to set ro properties)
Click to expand...
Click to collapse
You do realize OEM toggle is absolutely useless for US Samsung devices. It's more of an eye sore and a big HA HA if you get it to spring to life, which is not easy to do. But i can say i haven't seen that repo ever. I'll ask the pro's what they think. Don't hold your breath though. The closest I've got to ever seeing it....is here. (See pic attached).
Ok, thanks for clearing that up....
This tool on github seems just to be an alternative to setprop and getprop even worse if you can't set props without root.
"Set operation need root first, and can set all the properties(include prefixed with 'ro').", can i ask you how that screenshot was been made? because for that option to appear ro properties need to be set.... and if we can set ro properties we might be able to do some fancy stuff.
I also don't understand why everybody is so focussed on unlocking bootloader, if we get root permissions we could just flash magisk onto the raw filesystem right?
DaanNL said:
Ok, thanks for clearing that up....
This tool on github seems just to be an alternative to setprop and getprop even worse if you can't set props without root.
"Set operation need root first, and can set all the properties(include prefixed with 'ro').", can i ask you how that screenshot was been made? because for that option to appear ro properties need to be set.... and if we can set ro properties we might be able to do some fancy stuff.
I also don't understand why everybody is so focussed on unlocking bootloader, if we get root permissions we could just flash magisk onto the raw filesystem right?
Click to expand...
Click to collapse
setprop persist.sys.adbroot
setprop sys.factory.runningFtClient true
setprop persist.sys.fflag.override.binary.type eng
setprop sys.factory.facm_mode 1
setprop persist.sys.recovery_update 1
setprop persist.sys.dm.verity.state disabled
setprop persist.sys.logkit.ctrl 0x7
setprop persist.sys.adb.secure 0
setprop persist.sys.root_access 3
setprop persist.sys.verity.log 1
setprop persist.sys.usb.ffs.ready 1
setprop persist.sys.enable_op_logs 1
setprop persist.sys.usb.ffs.ready 1
setprop persist.sys.debug.enable 1
setprop persist.sys.silent 1
setprop persist.nfc.debug_enabled ""
setprop persist.service.usb.hubport 1
setprop persist.sys.adoptable force_on
setprop persist.sys.virtual_disk true
setprop persist.service.adb.root 1
setprop service.adb.root 1
setprop persist.sys.usb.sport 2
setprop dev.silentlog.bootup On
setprop persist.sys.ssr.enable_ramdumps 1
setprop sys.mdlogproperty On
setprop sys.hidden.otatest 1
setprop sys.hiddenmenu.enable 1
setprop persist.sys.knox.sdp_cryptod false
setprop debug.atrace.tags.enableflags 1
setprop ril.preconfig.enable true
setprop ril.region_props TMB.XAA
setprop mdc.sys.carrierid_etcpath /prism/etc/carriers/XAA
setprop mdc.system.nw_path2 /optics/configs/carriers/XAA/conf/system
setprop mdc.vendor.nw_path2 /optics/configs/carriers/XAA/conf/system
setprop persist.sys.carrierid_etcpath /prism/etc/carriers/XAA
setprop persist.sys.omcnw_path2 /optics/configs/carriers/XAA/conf
setprop persist.sys.prev_salescode XAA
setprop persist.sys.prev_omcnwcode2 XAA
setprop persist.sys.fflag.override.settings_fuse true
setprop persist.sys.max_users 15
setprop persist.sys.show_multiuserui 1
setprop ro.build.official.developer true
setprop persist.sys.oem.otg_support true
setprop persist.ril.preconfig 1
setprop sys.dexopt.ctrl true
setprop security.perf_harden 0
setprop persist.sys.fflag.override.settings_dynamic_system true
setprop debug.atrace.tags.enableflags 1
setprop persist.sys.knox.device_owner false
setprop logd.logpersistd.enable true
setprop logd.ready true
setprop debug.slsi_platform 1
setprop persist.sys.fuse.passthrough.enable true
setprop sys.keep_app_1 com.samsung.SMT
setprop sys.keep_app_2 moe.shizuku.privileged.api
setprop service.adb.tcp.port 9995
setprop persist.sys.usb.qxdm.debug 1
setprop sys.usb.qxdm.debug 1
setprop presist.service.adb.enable 1
setprop persist.sys.usb.qxdm.debug 1
setprop sys.usb.qxdm.debug 1
setprop persist.security.perf_hardening 0
setprop persist.service.adb.enable 1
setprop service.adb.enable 1
setprop persist.rollback.is_test true
setprop persist.sys.get_unlock_ability 1
setprop sys.get_unlock_ability 1
setprop persist.sys.get_unlock_ability 1
setprop sys.oem_unlock_allowed 1
setprop persist.sys.oem_unlock_allowed 1
setprop debug.performance.tuning ""
setprop debug.qc.hardware ""
setprop debug.qctwa.preservebuf 1
setprop debug.qctwa.statusbar 1
setprop debug.egl.profiler 0
setprop ril.preconfig 1
setprop persist.sys.ui.hw 1
setprop debug.egl.force_msaa 1
setprop debug.sf.hw 1
setprop debug.egl.hw 1
setprop debug.sf.nobootanimation 1
setprop video.accelerate.hw 1
setprop debug.enable true
setprop debug.assert 1
setprop libc.debug.hooks.enable 1
setprop dumpstate.unroot false
device_config put exo is_exo_dogfood true
device_config put exo is_exo_eng true
device_config put privacy location_indicators_enabled true
device_config put privacy safety_center_is_enabled true
device_config put device_personalization_services Captions__enable_zero_day true
device_config put device_personalization_services Captions__enable_setting_page true
device_config put device_personalization_services Captions__enable true
device_config put privacy permissions_hub_enabled true
device_config put launcher ENABLE_SMARTSPACE_ENHANCED true
setprop persist.sys.debug.enable 1
setprop persist.sys.enable_op_logs 1
setprop persist.sys.usb.ffs.ready 1
setprop persist.sys.logkit.ctrl 0x7
setprop knox.kg.state kg_debug
setprop persist.sys.recovery_update 1
setprop persist.sys.dm.verity.state disabled
setprop persist.sys.logkit.ctrl 0x7
setprop persist.sys.adb.secure 0
setprop persist.sys.root_access 3
setprop persist.sys.verity.log 1
setprop persist.sys.usb.ffs.ready 1
setprop persist.sys.enable_op_logs 1
setprop persist.sys.usb.ffs.ready 1
setprop persist.sys.debug.enable 1
setprop persist.sys.oem_unlock_allowed 1
setprop persist.sys.fflag.override.binary.type eng
KILL OTA
settings put global ota_disable_automatic_update 1
settings put global galaxy_system_update_block -1
settings put global galaxy_system_update -1
WARNING
setprop persist.sys.boot.reason kernel_panic (KERNEL PANIC)
setprop persist.sys.max_users 15 <<can be any number other then 1 or two
setprop persist.sys.show_multiuserui 1
All these commands at one point were set with a system shell. Some props are still good and some are not. And to be very honest, i have absolutely no idea what combination of setprops i did, that allowed me to see what i saw. But the list is here. And this is the first time I have ever posted this on a public forum (only privately). But have at it and see what you can come up with.
*FAIR WARNING TO THOSE WONDERING EYES. DONT ASK ME ABOUT ANY OF THIS UNLESS YOU SOMEHOW FIND A PERFECT COMBO OF SETPROPS THAT TAKES YOU TO A HIGHER LEVEL KF PRIVILEGE*
Thanks for your reply....
Maybe it's still usefull
i think it was the setprop persist.sys.oem_unlock_allowed 1 which did the trick in old firmwares.... this showed the option but there where more requirements to be met... if i look at the code now they changed the properties.... i still think that if we would have root access we could enable all the required props to unlock the bootloader.... also found some file something like samsungmembers.dat which allowed downgrading oneui i think in beta..... the stupid thing is that i used my s7 for a long time and just bought this s10 as nothing has really changed in phone world.... i was just running all the updates but it had stock firmware but i'm sure we'll figure something out when an android kernel root exploit becomes available
DaanNL said:
Thanks for your reply....
Maybe it's still usefull
i think it was the setprop persist.sys.oem_unlock_allowed 1 which did the trick in old firmwares.... this showed the option but there where more requirements to be met... if i look at the code now they changed the properties.... i still think that if we would have root access we could enable all the required props to unlock the bootloader.... also found some file something like samsungmembers.dat which allowed downgrading oneui i think in beta..... the stupid thing is that i used my s7 for a long time and just bought this s10 as nothing has really changed in phone world.... i was just running all the updates but it had stock firmware but i'm sure we'll figure something out when an android kernel root exploit becomes available
Click to expand...
Click to collapse
Are you familiar with something called magic.bin? Also...
cp -R /data/log /sdcard
You'll thank me later....
wr3cckl3ss1 said:
Are you familiar with something called magic.bin? Also...
cp -R /data/log /sdcard
You'll thank me later....
Click to expand...
Click to collapse
You mean the script which probes for magic's at a binary file so you can extract usable content? or part of the bootloader....
Ahhh /data/log looks interesting.... i was into rom building and stuff with the galaxy s4 and made some android wear rom for the asus zenwatch.... long time ago
Think i found what you mean in the efs folder, but can't find any relation in the logs....
Check something called "recovery.log", you'll find info on /efs.
magic.bin for S22 Ultra but dead for S23 Ultra.
Yes i found that magic.bin before, but it's unknown to me what you can do with it...
wr3cckl3ss1 said:
Check something called "recovery.log", you'll find info on /efs.
magic.bin for S22 Ultra but dead for S23 Ultra.
View attachment 5882731View attachment 5882739View attachment 5882741
Click to expand...
Click to collapse
Yes i found that magic.bin before, but it's unknown to me what you can do with it...
Another step closer....