New root method?

AFTVnews.com

AFTVnews.com

Senior Member
Jul 22, 2014
478
361
0
www.AFTVnews.com
Jan 27, 2015 at 10:59 PM
Sizzlechest said:
Some folks are trying to find an exploit for another Android device. I tried to apply it to the Fire TV stick, but the exploitServiceApp.apk won't install.

http://forum.xda-developers.com/not...t-progress-t2961974/post58464146#post58464146
Click to expand...
exploitServiceApp.apk was built with a minimum sdk version of 18. The Fire TV and Fire TV Stick run sdk version 17. That's why it wont install. It also seems to require mock locations to be enabled, which may prove to be a chore on the AFTV/S. Of Course this all assumes the AFTV/S is vulnerable to begin with.

Root sources seem to be:
http://forum.xda-developers.com/mate-7/general/wip-mate-7-root-bl-unlock-t2995086/
and
http://forum.xda-developers.com/crossdevice-dev/sony/giefroot-rooting-tool-cve-2014-4322-t3011598
 
A

androidyeah

Senior Member
Sep 8, 2010
51
12
0
Bochum
Jan 28, 2015 at 12:55 PM
What would happen, if you would try to rebuild it with APK Tool and change the min sdk to 17?

I just did it with the Advanced APK Tool and attatched it to this posting. I'm not at home right now so I can't test it on my own.

APK-Info.exe says its a valid apk and the minimum sdk version is 17.

Important note: I'm not responsible for damaging your device if this somehow does.
 

Attachments

T

tech3475

Senior Member
Nov 4, 2013
89
10
0
Jan 28, 2015 at 1:53 PM
It depends on the exploit, I read on another topic that it's based on a specific location in memory (or something like that).

That's presuming that it's even possible.

In regards to mock locations, is it possible to set it using the aosp settings apk?
 
AFTVnews.com

AFTVnews.com

Senior Member
Jul 22, 2014
478
361
0
www.AFTVnews.com
Jan 28, 2015 at 2:45 PM
tech3475 said:
In regards to mock locations, is it possible to set it using the aosp settings apk?
Click to expand...
Trying to access developer options (which is where the mock location setting is) causes settings.apk to crash.

bigwillie1 said:
It does install, but it goes straight to home after loading. Maybe it does work if it's possible to enable mock locations.
Click to expand...
Odd, on a Fire TV Stick (running latest OS version) @androidyeah's app launches fine. However, it just displays the message "Note: Your device seems not vulnerable!" in the upper right corner.
 
A

androidyeah

Senior Member
Sep 8, 2010
51
12
0
Bochum
Jan 28, 2015 at 4:01 PM
AFTVnews.com said:
Trying to access developer options (which is where the mock location setting is) causes settings.apk to crash.
Click to expand...
Anyone tried any debugging yet on that part?

AFTVnews.com said:
Odd, on a Fire TV Stick (running latest OS version) @androidyeah's app launches fine. However, it just displays the message "Note: Your device seems not vulnerable!" in the upper right corner.
Click to expand...
I guess if FTV Stick + FTV using similar base firmwares, it is already patched or something :/
 
aHcVolle

aHcVolle

Senior Member
Nov 3, 2010
426
247
0
Stuttgart
Jan 28, 2015 at 5:05 PM
androidyeah said:
Anyone tried any debugging yet on that part?
Click to expand...
Code: 
V/AudioFlinger(  329): Audio hardware entering standby, mixer 0x40100008, suspend count 0
D/AudioStreamOutALSA(  329): AudioStreamOut: standby()
V/AudioFlinger(  329): releaseWakeLock_l() AudioOut_2
V/AudioFlinger(  329): thread 0x40100008 type 0 TID 712 going to sleep
V/AudioFlinger(  329): createTrack() sessionId: 0
V/AudioFlinger(  329): createTrack() lSessionId: 99
V/AudioFlinger(  329): AUDIO_OUTPUT_FLAG_FAST denied: isTimed=0 sharedBuffer=0x0 frameCount=3763 mFrameCount=256 format=1 isLinear=1 channelMask=0x1 sampleRate=44100 mSampleRate=48000 hasFastMixer=1 tid=7528 fastTrackAvailMask=0xfe
V/AudioFlinger(  329): Track constructor name 4100, calling pid 691
V/AudioFlinger(  329): acquiring 99 from 691
V/AudioFlinger(  329):  added new entry for 99
V/AudioFlinger(  329): start(4100), calling pid 691 session 99
V/AudioFlinger(  329): ? => ACTIVE (4100) on thread 0x40f9a808
V/AudioFlinger(  329): mWaitWorkCV.broadcast
V/AudioFlinger(  329): thread 0x40100008 type 0 TID 712 waking up
V/AudioFlinger(  329): acquireWakeLock_l() AudioOut_2 status 0
V/AudioFlinger(  329): releasing 98 from 691
V/AudioFlinger(  329):  decremented refcount to 0
V/AudioFlinger(  329): purging stale effects
V/AudioFlinger(  329): remove track (4098) and delete from mixer
V/AudioFlinger(  329): PlaybackThread::Track destructor
I/ActivityManager(  691): START u0 {act=android.intent.action.MAIN cmp=com.android.settings/.SubSettings (has extras)} from pid 7424
D/dalvikvm(  691): GC_FOR_ALLOC freed 957K, 30% free 8019K/11344K, paused 37ms, total 39ms
I/ViewRootImpl( 7424): Slow KeyEvent in com.android.settings/com.android.settings.Settings device=8 action=Up latency=3ms processing=54ms
I/Activity( 7424): No ActvityExender defined. Proceed with default activity behavior.
D/AndroidRuntime( 7424): Shutting down VM
W/dalvikvm( 7424): threadid=1: thread exiting with uncaught exception (group=0x40dc2af8)
V/AudioFlinger(  329): getNextBuffer() no more data for track 4100 on thread 0x40100008
V/AudioFlinger(  329): stop(4100), calling pid 691
V/AudioFlinger(  329): not stopping/stopped => stopping/stopped (4100) on thread 0x40100008
E/AndroidRuntime( 7424): FATAL EXCEPTION: main
E/AndroidRuntime( 7424): java.lang.RuntimeException: Unable to start activity ComponentInfo{com.android.settings/com.android.settings.SubSettings}: java.lang.SecurityException: Only package verification agents can read the verifier device identity: Neither user 10001 nor current process has android.permission.PACKAGE_VERIFICATION_AGENT.
E/AndroidRuntime( 7424): 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2206)
E/AndroidRuntime( 7424): 	at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2258)
E/AndroidRuntime( 7424): 	at android.app.ActivityThread.access$600(ActivityThread.java:146)
E/AndroidRuntime( 7424): 	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1243)
E/AndroidRuntime( 7424): 	at android.os.Handler.dispatchMessage(Handler.java:99)
E/AndroidRuntime( 7424): 	at android.os.Looper.loop(Looper.java:137)
E/AndroidRuntime( 7424): 	at android.app.ActivityThread.main(ActivityThread.java:5129)
E/AndroidRuntime( 7424): 	at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime( 7424): 	at java.lang.reflect.Method.invoke(Method.java:511)
E/AndroidRuntime( 7424): 	at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:793)
E/AndroidRuntime( 7424): 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:560)
E/AndroidRuntime( 7424): 	at dalvik.system.NativeStart.main(Native Method)
E/AndroidRuntime( 7424): Caused by: java.lang.SecurityException: Only package verification agents can read the verifier device identity: Neither user 10001 nor current process has android.permission.PACKAGE_VERIFICATION_AGENT.
E/AndroidRuntime( 7424): 	at android.os.Parcel.readException(Parcel.java:1426)
E/AndroidRuntime( 7424): 	at android.os.Parcel.readException(Parcel.java:1380)
E/AndroidRuntime( 7424): 	at android.content.pm.IPackageManager$Stub$Proxy.getVerifierDeviceIdentity(IPackageManager.java:3381)
E/AndroidRuntime( 7424): 	at android.app.ApplicationPackageManager.getVerifierDeviceIdentity(ApplicationPackageManager.java:1295)
E/AndroidRuntime( 7424): 	at com.android.settings.DevelopmentSettings.onCreate(DevelopmentSettings.java:143)
E/AndroidRuntime( 7424): 	at android.app.Fragment.performCreate(Fragment.java:1673)
E/AndroidRuntime( 7424): 	at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:854)
E/AndroidRuntime( 7424): 	at android.app.FragmentManagerImpl.moveToState(FragmentManager.java:1057)
E/AndroidRuntime( 7424): 	at android.app.BackStackRecord.run(BackStackRecord.java:682)
E/AndroidRuntime( 7424): 	at android.app.FragmentManagerImpl.execPendingActions(FragmentManager.java:1435)
E/AndroidRuntime( 7424): 	at android.app.Activity.performStart(Activity.java:5220)
E/AndroidRuntime( 7424): 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2179)
E/AndroidRuntime( 7424): 	... 11 more
V/AudioFlinger(  329): presentationComplete() reset: mPresentationCompleteFrames 8192 audioHalFrames 3072
W/ActivityManager(  691):   Force finishing activity com.android.settings/.SubSettings
I/Process ( 7424): Sending signal. PID: 7424 SIG: 9
W/ActivityManager(  691):   Force finishing activity com.android.settings/.Settings
I/ActivityManager(  691): Process com.android.settings (pid 7424) has died.
I/WindowState(  691): WIN DEATH: Window{414bef98 u0 com.android.settings/com.android.settings.Settings}
D/FIRED-TV( 2488): Settings Loaded from /data/data/com.altusapps.firedtvlauncher/files/settings2.json
V/AudioFlinger(  329): presentationComplete() session 99 complete: framesWritten 8192
V/AudioFlinger(  329): TrackBase::reset
W/ContextImpl(  691): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1353 com.android.server.am.ActivityManagerService.activityResumed:4547 android.app.ActivityManagerNative.onTransact:420 com.android.server.am.ActivityManagerService.onTransact:1716 android.os.Binder.execTransact:351 
W/InputMethodManagerService(  691): Got RemoteException sending setActive(false) notification to pid 7424 uid 10001
W/ContextImpl(  691): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1353 com.amazon.internal.policy.impl.AmazonPhoneWindowManager$SendTopWindowChanged.run:3297 android.os.Handler.handleCallback:725 android.os.Handler.dispatchMessage:92 android.os.Looper.loop:137 
D/Bluetooth HS/HF( 1355): HandleMessage9
D/Bluetooth HS/HF( 1355): Battery State Changed, send update100Scale: 100
D/FIRED-TV( 2488): Settings Saved to /data/data/com.altusapps.firedtvlauncher/files/settings2.json
V/AudioFlinger(  329): Audio hardware entering standby, mixer 0x40100008, suspend count 0
D/AudioStreamOutALSA(  329): AudioStreamOut: standby()
V/AudioFlinger(  329): releaseWakeLock_l() AudioOut_2
V/AudioFlinger(  329): thread 0x40100008 type 0 TID 712 going to sleep
I/ThermalDaemon(  336): Sensor[tmp105_2_pwrs] Temperature : 35.0
I/TemperatureSensorObserver(  691): read new temperature 35500
I/abtfilt ( 1775): all HID in sniff mode!
I/abtfilt ( 1775): BT Action
I/abtfilt ( 1775): WMI Cmd: 145 Len: 16
maybe someone finds this useful...
 
S

superkoal

Senior Member
Sep 24, 2011
1,025
717
0
Vienna
Jan 28, 2015 at 5:55 PM
AFTVnews.com said:
Trying to access developer options (which is where the mock location setting is) causes settings.apk to crash.


Odd, on a Fire TV Stick (running latest OS version) @androidyeah's app launches fine. However, it just displays the message "Note: Your device seems not vulnerable!" in the upper right corner.
Click to expand...
If you want to enable mock locations or change any other settings this is the way to go (does not require root):
http://forum.xda-developers.com/fire-tv/general/guide-change-settings-firetv-via-adb-t3015522

thought i would share this as people keep using on how manipulate the settings.db
I have done some root app development and stumbled across this binary a while ago.
Have fun!
 
  • Like
Reactions: Max4000
AFTVnews.com

AFTVnews.com

Senior Member
Jul 22, 2014
478
361
0
www.AFTVnews.com
Jan 28, 2015 at 6:14 PM
superkoal said:
If you want to enable mock locations or change any other settings this is the way to go (does not require root):
http://forum.xda-developers.com/fire-tv/general/guide-change-settings-firetv-via-adb-t3015522

thought i would share this as people keep using on how manipulate the settings.db
I have done some root app development and stumbled across this binary a while ago.
Have fun!
Click to expand...
That's a great tip, thanks.

Running "settings get secure allow_mock_location" returns "null". I went ahead and ran "settings put secure allow_mock_location 1" and "settings put secure ALLOW_MOCK_LOCATION 1" but it doesn't seem to have done anything. The exploitServiceApp APK still gives the same message. I sideloaded some location spoofing app from the Play Store and it complained that mock locations were not enabled.
 
aHcVolle

aHcVolle

Senior Member
Nov 3, 2010
426
247
0
Stuttgart
Jan 28, 2015 at 6:15 PM
superkoal said:
If you want to enable mock locations or change any other settings this is the way to go (does not require root):
http://forum.xda-developers.com/fire-tv/general/guide-change-settings-firetv-via-adb-t3015522

thought i would share this as people keep using on how manipulate the settings.db
I have done some root app development and stumbled across this binary a while ago.
Have fun!
Click to expand...
thanks, i tried it using

Code: 
settings put secure mock_location 1
but the app still goes directly to the home screen...

Code: 
V/AudioFlinger(  329): Audio hardware entering standby, mixer 0x40100008, suspend count 0
D/AudioStreamOutALSA(  329): AudioStreamOut: standby()
V/AudioFlinger(  329): releaseWakeLock_l() AudioOut_2
V/AudioFlinger(  329): thread 0x40100008 type 0 TID 712 going to sleep
I/ActivityManager(  691): START u0 {act=android.intent.action.MAIN cat=[android.intent.category.LAUNCHER] flg=0x10000000 pkg=org.keenteam cmp=org.keenteam/.ServiceExploitActivity} from pid 18589
D/dalvikvm(  691): GC_FOR_ALLOC freed 521K, 23% free 10295K/13204K, paused 40ms, total 40ms
I/ViewRootImpl(18589): Slow KeyEvent in com.amazon.tv.settings/com.amazon.tv.settings.tv.BuellerApplicationDetailSettingsActivity device=10 action=Up latency=1ms processing=61ms
I/ActivityManager(  691): Start proc org.keenteam for activity org.keenteam/.ServiceExploitActivity: pid=19348 uid=10007 gids={50007, 1028}
W/ContextImpl(18589): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1339 android.app.Instrumentation.sendLifecycleEventBroadcast:1786 android.app.Instrumentation.callActivityOnStop:1303 android.app.Activity.performStop:5412 android.app.ActivityThread.performStopActivityInner:3197 
W/ContextImpl(  691): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1353 com.amazon.internal.policy.impl.AmazonPhoneWindowManager$SendTopWindowChanged.run:3297 android.os.Handler.handleCallback:725 android.os.Handler.dispatchMessage:92 android.os.Looper.loop:137 
E/Trace   (19348): error opening trace file: No such file or directory (2)
D/ProfileManager(19348): Create ProfileManager instance
W/ContextImpl(18589): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1339 android.app.Instrumentation.sendLifecycleEventBroadcast:1786 android.app.Instrumentation.callActivityOnStop:1303 android.app.Activity.performStop:5412 android.app.ActivityThread.performStopActivityInner:3197 
I/Activity(19348): No ActvityExender defined. Proceed with default activity behavior.
D/dalvikvm(19348): Trying to load lib /data/app-lib/org.keenteam-1/libexploitHelper.so 0x4109cdf0
D/dalvikvm(19348): Added shared lib /data/app-lib/org.keenteam-1/libexploitHelper.so 0x4109cdf0
D/dalvikvm(19348): No JNI_OnLoad found in /data/app-lib/org.keenteam-1/libexploitHelper.so 0x4109cdf0, skipping init
I/System.out(19348): 1 inner classes found
D/AndroidRuntime(19348): Shutting down VM
W/dalvikvm(19348): threadid=1: thread exiting with uncaught exception (group=0x40dc2af8)
E/AndroidRuntime(19348): FATAL EXCEPTION: main
E/AndroidRuntime(19348): java.lang.RuntimeException: Unable to start activity ComponentInfo{org.keenteam/org.keenteam.ServiceExploitActivity}: java.lang.RuntimeException: java.lang.NoSuchFieldException: TRANSACTION_setApplicationRestrictions
E/AndroidRuntime(19348): 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2206)
E/AndroidRuntime(19348): 	at android.app.ActivityThread.handleLaunchActivity(ActivityThread.java:2258)
E/AndroidRuntime(19348): 	at android.app.ActivityThread.access$600(ActivityThread.java:146)
E/AndroidRuntime(19348): 	at android.app.ActivityThread$H.handleMessage(ActivityThread.java:1243)
E/AndroidRuntime(19348): 	at android.os.Handler.dispatchMessage(Handler.java:99)
E/AndroidRuntime(19348): 	at android.os.Looper.loop(Looper.java:137)
E/AndroidRuntime(19348): 	at android.app.ActivityThread.main(ActivityThread.java:5129)
E/AndroidRuntime(19348): 	at java.lang.reflect.Method.invokeNative(Native Method)
E/AndroidRuntime(19348): 	at java.lang.reflect.Method.invoke(Method.java:511)
E/AndroidRuntime(19348): 	at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:793)
E/AndroidRuntime(19348): 	at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:560)
E/AndroidRuntime(19348): 	at dalvik.system.NativeStart.main(Native Method)
E/AndroidRuntime(19348): Caused by: java.lang.RuntimeException: java.lang.NoSuchFieldException: TRANSACTION_setApplicationRestrictions
E/AndroidRuntime(19348): 	at org.keenteam.exploit_CVE_2014_7911.do_exploit(exploit_CVE_2014_7911.java:106)
E/AndroidRuntime(19348): 	at org.keenteam.ServiceExploitActivity.onCreate(ServiceExploitActivity.java:34)
E/AndroidRuntime(19348): 	at android.app.Activity.performCreate(Activity.java:5202)
E/AndroidRuntime(19348): 	at android.app.Instrumentation.callActivityOnCreate(Instrumentation.java:1088)
E/AndroidRuntime(19348): 	at android.app.ActivityThread.performLaunchActivity(ActivityThread.java:2170)
E/AndroidRuntime(19348): 	... 11 more
E/AndroidRuntime(19348): Caused by: java.lang.NoSuchFieldException: TRANSACTION_setApplicationRestrictions
E/AndroidRuntime(19348): 	at java.lang.Class.getDeclaredField(Class.java:631)
E/AndroidRuntime(19348): 	at org.keenteam.exploit_CVE_2014_7911.do_exploit(exploit_CVE_2014_7911.java:80)
E/AndroidRuntime(19348): 	... 15 more
W/ActivityManager(  691):   Force finishing activity org.keenteam/.ServiceExploitActivity
D/dalvikvm(  691): GC_FOR_ALLOC freed 1713K, 24% free 10123K/13204K, paused 51ms, total 51ms
I/Process (19348): Sending signal. PID: 19348 SIG: 9
W/ActivityManager(  691):   Force finishing activity com.amazon.tv.settings/.tv.BuellerApplicationDetailSettingsActivity
I/ActivityManager(  691): Process org.keenteam (pid 19348) has died.
W/ContextImpl(18589): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1339 android.app.Instrumentation.sendLifecycleEventBroadcast:1786 android.app.Instrumentation.callActivityOnStart:1212 android.app.Activity.performStart:5223 android.app.Activity.performRestart:5291 
W/ContextImpl(18589): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1339 android.app.Instrumentation.sendLifecycleEventBroadcast:1786 android.app.Instrumentation.callActivityOnStart:1212 android.app.Activity.performStart:5223 android.app.Activity.performRestart:5291 
W/ContextImpl(18589): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1339 android.app.Instrumentation.sendLifecycleEventBroadcast:1786 android.app.Instrumentation.callActivityOnResume:1265 android.app.Activity.performResume:5313 android.app.ActivityThread.performResumeActivity:2761 
I/AudioManager(18589): Cleared FLAG_SHOW_UI in setStreamVolume
I/AudioManager(18589): Cleared FLAG_SHOW_UI in setStreamVolume
E/MM_OSAL (  329): ValidateAACFile failed
D/MediaExtractor(  329): returning default extractor
D/        (  329): MPQ Mime Type: audio/raw,            getMPQObjectsAlive = 0
I/        (  329): MPQ Audio Enabled - MPQ Audio Player
D/        (  329): Use tunnel player only for AUDIO_STREAM_MUSIC
D/        (  329): Set Audio Track as Audio Source
D/        (  329): MPQ Audio Player 
D/        (  329): MPQ Audio player created for  mime audio/raw duration 342083
W/        (  329): Trying to create tunnel player mIsTunnelAudio 0,                         LPAPlayer::objectsAlive 0,                         TunnelPlayer::mTunnelObjectsAlive = 0,                        (mAudioPlayer == NULL) 0
E/        (  329): Audio Player set source
W/MPQAudioPlayer(  329): Sw Decoder
E/MM_OSAL (  329): ValidateAACFile failed
D/MediaExtractor(  329): returning default extractor
D/        (  329): MPQ Mime Type: audio/raw,            getMPQObjectsAlive = 0
I/        (  329): MPQ Audio Enabled - MPQ Audio Player
D/        (  329): Use tunnel player only for AUDIO_STREAM_MUSIC
D/        (  329): Set Audio Track as Audio Source
D/        (  329): MPQ Audio Player 
D/        (  329): MPQ Audio player created for  mime audio/raw duration 54833
W/        (  329): Trying to create tunnel player mIsTunnelAudio 0,                         LPAPlayer::objectsAlive 0,                         TunnelPlayer::mTunnelObjectsAlive = 0,                        (mAudioPlayer == NULL) 0
E/        (  329): Audio Player set source
W/MPQAudioPlayer(  329): Sw Decoder
W/ContextImpl(  691): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1353 com.android.server.am.ActivityManagerService.activityResumed:4547 android.app.ActivityManagerNative.onTransact:420 com.android.server.am.ActivityManagerService.onTransact:1716 android.os.Binder.execTransact:351 
E/MM_OSAL (  329): ValidateAACFile failed
D/MediaExtractor(  329): returning default extractor
D/        (  329): MPQ Mime Type: audio/raw,            getMPQObjectsAlive = 0
I/        (  329): MPQ Audio Enabled - MPQ Audio Player
D/        (  329): Use tunnel player only for AUDIO_STREAM_MUSIC
D/        (  329): Set Audio Track as Audio Source
D/        (  329): MPQ Audio Player 
D/        (  329): MPQ Audio player created for  mime audio/raw duration 259854
W/        (  329): Trying to create tunnel player mIsTunnelAudio 0,                         LPAPlayer::objectsAlive 0,                         TunnelPlayer::mTunnelObjectsAlive = 0,                        (mAudioPlayer == NULL) 0
E/        (  329): Audio Player set source
W/MPQAudioPlayer(  329): Sw Decoder
W/ContextImpl(  691): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1353 com.amazon.internal.policy.impl.AmazonPhoneWindowManager$SendTopWindowChanged.run:3297 android.os.Handler.handleCallback:725 android.os.Handler.dispatchMessage:92 android.os.Looper.loop:137 
W/ContextImpl(18589): Calling a method in the system process without a qualified user: android.app.ContextImpl.sendBroadcast:1339 android.app.Instrumentation.sendLifecycleEventBroadcast:1786 android.app.Instrumentation.callActivityOnStop:1303 android.app.Activity.performStop:5412 android.app.ActivityThread.performDestroyActivity:3468 
I/abtfilt ( 1775): all HID in sniff mode!
I/abtfilt ( 1775): BT Action
I/abtfilt ( 1775): WMI Cmd: 145 Len: 16
 
S

superkoal

Senior Member
Sep 24, 2011
1,025
717
0
Vienna
Jan 28, 2015 at 6:27 PM
AFTVnews.com said:
That's a great tip, thanks.

Running "settings get secure allow_mock_location" returns "null". I went ahead and ran "settings put secure allow_mock_location 1" and "settings put secure ALLOW_MOCK_LOCATION 1" but it doesn't seem to have done anything. The exploitServiceApp APK still gives the same message. I sideloaded some location spoofing app from the Play Store and it complained that mock locations were not enabled.
Click to expand...
The constant value is just "mock_location", you can see it if you click the constant name in the android docs.

So try "settings put secure mock_location 1"

If you try to get the value first and it doesn't return null it means your parameter name is right. I recommend not to insert values in the table that are not there before.
 
Last edited:
  • Like
Reactions: ECEXCURSION
You must log in or register to reply here.

New posts

Our Apps
Get our official app!
The best way to access XDA on your phone
Nav Gestures
Add swipe gestures to any Android
One Handed Mode
Eases uses one hand with your phone