5,605,250 Members 38,530 Now Online
XDA Developers Android and Mobile Development Forum

Run commands on G1 without 3rd party app

Tip us?
 
jdhorvat
Old
(Last edited by jdhorvat; 6th November 2008 at 06:48 AM.) Reason: Added question about functionality on other RC's
#1  
Junior Member - OP
Thanks Meter 0
Posts: 9
Join Date: Nov 2008
Location: Lockport
Lightbulb Run commands on G1 without 3rd party app

Is anyone aware of this? I found it by accident during a text conversation.

Step 1:
Reboot your phone.

Step 2:
Enter some commands.
When the system has completely rebooted there are several ways to enter commands. It seems like any app that came with the phone seems to double as a terminal. Try the following examples for running the reboot command

1. Open dialer, type reboot and press enter.
2. Create a search widget on your AndroidOS desktop... type reboot into it and press enter
3. Open a text message to yourself or someone else...in the message box type reboot and press enter.

You can also start telnetd this way, etc. Use your imagination.


Some open questions...

Questions:

- After a certain point it is no longer possible to enter commands this way. To enter commands again you have to reboot...which is the reason for Step 1. I don't know if it is a simple time limit at the beginning of boot, or if some hidden process is taking place and after its completion, the entering of commands using these methods is no longer possible. Does anyone know for sure why a reboot is eventually required to enter commands this way again?

- Copying and pasting commands into the various text boxes will not work. You must actually type the entire command and press enter immediately after in order for the command to be executed, or so it seems. Likewise you cannot for example enter a command in a search widget, then come back later with the text still there and press enter again to execute the command again. Does anyone have any insight into how these commands are being passed through to the system? I have never looked at any android src or anything like that, so I am absolutely clueless in this regard...and many others :( It should also be noted that entering for example a "telnetd" command into a dialer will ALSO perform the function of dialing a phone number (it comes out as 8356383)..if entered into a text message it WILL pass with message to the recipient. One exception would be reboot, for obvious reasons.

- Does anyone have any additional insight into how this might be able to be used to compromise the security of the system? I used the search widget to start telnetd and ultimately get root. No pTerminal running. What other implications might this have?

- If someone has the spare time to look at the source and see why this is possible it would satisfy a great deal of my curiousity. Any takers? It would be interesting to see the code and know what the rules and limitations of entering commands this way really are.

- I am using RC29. Can anyone confirm whether or not this works on other versions?



Notes:


- Executing commands this way performs both the AndroidOS App function as well as executing the command. I.e. typing telnetd in a text message to your ex would be a pretty bad idea. This will both run telnetd AND send the text message to your ex.

- I would advise against entering long commands into the dialer as well. It will be really hard to explain to a Vietnamese Wal-Mart that you were just trying to mount your sdcard.

- Any commands that are entered WILL execute, but the results may not be obvious, as there is no output screen.
 
staulkor
Old
#2  
Senior Member
Thanks Meter 28
Posts: 259
Join Date: Jan 2007
Location: Phoenix, AZ, USA
Good find. Sounds like a bug to me though. I say that because if it were a hidden feature, I would think it wouldn't be sending a text message and executing a command.
--too many phones to list--
 
jdhorvat
Old
#3  
Junior Member - OP
Thanks Meter 0
Posts: 9
Join Date: Nov 2008
Location: Lockport
Default Possible bug

Quote:
Originally Posted by staulkor View Post
Good find. Sounds like a bug to me though. I say that because if it were a hidden feature, I would think it wouldn't be sending a text message and executing a command.
My thought as well. The only reason I'm not certain is the time limit after boot..If it even is a time limit. The other reason is that it does not seem to work if you enter commands into apps other than those packaged with Android. (i.e. entering "reboot" as a high score name in some game from the app market will not restart the phone)
 
neoobs
Old
#4  
Retired Moderator
Thanks Meter 10
Posts: 1,271
Join Date: Mar 2008
Quote:
Originally Posted by jdhorvat View Post
My thought as well. The only reason I'm not certain is the time limit after boot..If it even is a time limit. The other reason is that it does not seem to work if you enter commands into apps other than those packaged with Android. (i.e. entering "reboot" as a high score name in some game from the app market will not restart the phone)
That would mean there is a bug in the core.
 
jimparis
Old
#5  
Junior Member
Thanks Meter 0
Posts: 3
Join Date: Nov 2008
Quote:
That would mean there is a bug in the core.
I tracked it down -- they left a shell running on the console. See http://android.jim.sh/index.php/ConsoleShell
 
jdhorvat
Old
#6  
Junior Member - OP
Thanks Meter 0
Posts: 9
Join Date: Nov 2008
Location: Lockport
Thumbs up perfect!

Quote:
Originally Posted by jimparis View Post
I tracked it down -- they left a shell running on the console. See http://android.jim.sh/index.php/ConsoleShell
Thanks Jim! Excellent job tracking this down, this is precisely what I was hoping to see. I found your article very informative. It has certainly shed more light on the matter for me.
Tags
android commands, android terminal, g1 terminal, pterminal
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes


TRENDING IN THEMER...