Sending SMS And Dialing Numbers without User Consent(Context is not needed)

Sending SMS And Dialing Numbers without User Consent 

 

Sending SMS does not require context or user interaction. A simple call does the job, as shown in following Listing

SmsManager.getDefault().sendTextMessage(phoneNumber, null , message, null , null);

In order to make calls from the Javascript bridge without user consent, we can invoke the telephony service to dial numbers directly via binder, as shown in Listing 2, where phone is the remote Android telephony service and the number 2 represents the second remote call. s16 is the type marker represents “16 bit string”, and packageName is the host app’s package name, where we can obtain from the information posted from the ad libraries. The sequence number of the remote calls can be found in the corresponding Android Interface Definition Language (AIDL) files [11]. Many other Android services can be invoked in the same way, including sending SMS. . (通过逆向相应platform的classes.jar,)

Runtime.getRuntime().exec(”service call phone 2 s16 ” + packageName + ” s16 ” + phoneNumber);

 

 

posted on 2014-08-21 09:28  rainduck  阅读(224)  评论(0编辑  收藏  举报

导航