[GUIDE] Proxyme - Android System Access Tool

526 posts
Thanks Meter: 971
By davidcsv, Senior Member on 10th March 2014, 09:13 PM
Post Reply Subscribe to Thread Email Thread
8th December 2014, 07:54 AM |#71  
davidcsv's Avatar
OP Senior Member
Thanks Meter: 971
Originally Posted by linhbs

@davidcsv Please! Support Note4. Thank you very much

Hi, I have finally managed to borrow a friend's Note4 to test this thing on. I'll keep you posted on progress.
The Following 2 Users Say Thank You to davidcsv For This Useful Post: [ View ]
30th March 2015, 05:04 PM |#72  
Senior Member
Thanks Meter: 79
Originally Posted by davidcsv

Root Ready Custom Stock-based Images

Kitkat 4.4
N075TZTU2ANG5 Based (4.4.2) (2014-07-17)

This rom boot sucess, no NFC but No Simcard detect too! I have singal but Unknow Network and can't make phone call!
13th September 2015, 04:35 PM |#73  
Junior Member
Thanks Meter: 7
Originally Posted by davidcsv

This section details how Proxyme's system service components are integrated in a firmware image.

If you are not up to speed with how a typical Android system is constructed, then I would like to suggest you at least make yourself familiar with this topic in order to fully understand what to do with the following text.

The system service components are integrated in the /system partition (mount point) in Android. In the case of changing a live system this will require mounting the appropriate partition read/write before applying the updates. If a static firmware image is to be updated, then extract the component which represents the /system partition from the package and apply the updates before re-packing the firmware image.

The following list describes the major system service components:

  • hijacker - this is a module you need to write, which has the role of initiating the system service in a privileged environment.
  • hjprepper - this module is started by the hijacker to prepare the environment prior to starting SuMeD
  • SuMeD - this one is what it's all about. The Proxyme app relies on this daemon to be up and running in order to perform any of its privileged functions
  • SSHD - the SSH daemon is represented by an updated implementation of dropbear on Android


The hijacker is a program you would normally have to write to replace an existing program in your rom, which is started during the boot process by for example initd. This part of the integration process requires your (creative) input, since you need to analyse the rom you are working on and figure out how and where to position the hijacker module. If you do find an existing module to hijack, make sure to always call that original module from your hijacker once it has managed to execute the hjprepper program. In some roms it suffices to start hjprepper from a shell script, which is run with root access... they exist, you just have to look for them.

This is what your hijacker could look like in C

#define PROP_HIJACK     "proxyme.hijack.system"
#define HIJACKEE        "/system/bin/original-program"
#define PREPPER         "/system/xbin/hjprepper"

int main( int argc, char *argv[] )
    char                 *lArgv[5];
    char                **lArgList;
    int                   lArgCnt;
    pid_t                 pid;

    lArgList = (char **)malloc( sizeof(void *) * (argc + 1) );

    for ( lArgCnt = 0; lArgCnt < argc; lArgCnt++ )
        lArgList[ lArgCnt ] = argv[ lArgCnt ];
    lArgList[ lArgCnt ] = NULL;

    /* Fork parent process */
    pid = fork();
    if ( pid < 0 )
        property_set( PROP_HIJACK, (char *)"Hijacker Startup... spawning failed,  prep first before xfer" );
        system( "/system/xbin/hjprepper" );
        execv( HIJACKEE, lArgv );
        exit( EXIT_SUCCESS ); 
    else if ( pid > 0 )
        property_set( PROP_HIJACK, (char *)"Hijacker startup... spawned, parent ascends phase 2" );
        execv( HIJACKEE, lArgv );
        exit( EXIT_SUCCESS ); 

    if ( execl(PREPPER, PREPPER, (char *)NULL) < 0 )
        property_set( PROP_HIJACK, (char *)"Hijacker startup... failed to call prepper" );

    exit( EXIT_SUCCESS ); 


This program is responsible for setting up an operating environment for the SuMeD daemon. If you have full control over a rom's boot image, then include a call in your init process to start this module once during boot. If not, then use a hijacker program or look for existing and suitable scripts to initiate hjprepper.

hjprepper starts the SuMeD daemon once it completes the setup and configuration procedure.


This bad boy is responsible for the user requested actions through interaction with the Proxyme app.

Prebuilt Packages

To get you started, there are pre-built modules available,which you can download here. Currently, availability is limited to Android 4.3 and 4.4.2 only. The following zip archives are organized in a folder tree structure,which serves as a guide for where to place the modules within the /system path.

4.3 Prebuilts

4.4.2 Prebuilts

4.4.2 link was removed. Please update new download link. Thanks
Post Reply Subscribe to Thread

proxyme root su control
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes