Do you have any details on how to access termux using Activity Starter ?
Actually I was wrong, I don't think it will work with ActivityStarter, but it should be fairly simple to make an extension to run things in termux. See this comment for info on how to do it.
Yes, that is where I have been looking. Most things make sense for Activity Starter, but not sure about this one:
- Third-party program must declare com.termux.permission.RUN_COMMAND permission and it should be granted by user.
Screen1.requestPermission maybe?
How can I install curl 7.58.0 on my phone? Thanks.
You will probably need a rooted device.
Alternatively, if you have the patience, you could use Termux.....
Hello everyone!!! 
-
I wanted to know (roughly) what is possible and what is not possible through this extension and commands.
-
I saw that many have problems with the issue of asynchronicity of functions and calls, but that can be fixed using the extension Async Procedures and Background Tasks also with View Pager and Dynamic Components
-
Added to the Web Component to make calls to APIs such as FireBase and Supabase; you will have tons of options that can only be limited by your knowledge and imagination.
- Descarga de archivos JS, XML, HTML,
<Scripts>, even an entirecodeorprocedures.
- Descarga de archivos JS, XML, HTML,
-
For this reason, I need to know what the scope of this extension is and if it depends on whether the phone is rooted or connected by USB, Bluetooth, Wi-Fi, etc.
-
Because if it's "up to your imagination"... this is going to get crazy!!!.
I'm working on an App where security is crucial, to the point that the USB issue is driving me crazy.
With some friends we were doing some security analysis (penetration, injection, sniffing, memory scan, etc.)
And for reading the forum in search of ideas, techniques, etc. I came across this post, which automatically caught my attention.
Well, as Tony Stark said:
- And:
So I would like to know (based on your experience and knowledge), how much can be done with this extension.
Functionality will depend on several factors:
- Android version - the higher the version the less likely you can run commands
- What executables are installed on what products/devices
You should also consider what can be done with: - adb - via USB on a real device
- adb - on an emulator (which avoids USB)
- Termux - an app which runs linux in a sandbox
Finally:
everything is hackable, with the right tools
1 Like
Start reading this thread from the beginning to the end
Yes
Taifun
1 Like
- Yeah!!! of course! even the hacker
So far the only "setback" with the extension is that it doesn't have the "Got Output" event that the component in Kodular does (which would save a lot of time).
But it can be supplemented through other techniques and strategies.
My friends and I are already evaluating some of them, which in themselves work for the purposes (even more) but there lies the problem of the ethical use of knowledge.
- It is difficult to work under the premise of "Zero Trust" (speaking of security), because it is difficult to know when it is a kid who rooted the phone and send commands through ADB for an online game, or an evildoer who seeks to do harm at all costs.
- Even revealing information about the technique or strategy used to secure the App through shell commands, etc. It can end up in the wrong hands and suddenly find ourselves plagued by junk applications that make use of these techniques.
- Done!
We even looked for information about it elsewhere.
One of my friends is " BackTrack Lover " [Kali, NetHunter] and he knows more about security issues and all that stuffs.
-
And as for
securityabout "reverse engineering", we also have an approach where; They only find the name of some variables (unreadable), calls to the api functions on the server (with unrecognizable parameters), the creation of components dynamically (from unknown returns from the api), There are no credentials, passwords, users or any information stored. -
This is also why shell commands are an improvement in the code, since (even in their most limited use), they allow you to do things that cannot be done through appinventor.
-
That's without mentioning whether the user is "root" (which, simply knowing it), gives you another picture, without even making use of the super user.
-
Regarding the sniffing of the packages that are sent and received with the calls and callbacks to and from the API. We also take measures so that they literally do not find anything useful, even if they have the public ApiKey.
This has already been tested and gave more than satisfactory results.
-
My friend is caring more about the "capturing information from memory" problem right now.
-
The idea of this App that I am creating is to maximize the options of these platforms that are often underestimated for their "lack of control" in terms of the code and their limited options.
As well as other things in terms of information, data, user monitoring, hyper sensitive information.
And obviously the importance of free and open development platforms, and the need for them to receive the support they deserve, so that access to technology, knowledge and tools is universal and is only limited by the knowledge one has.
- When I finish the project I will make a guide of what was done.
Is some permission needed ?
I don't succed to kïll. app...
maybe someone can help...
there will most likely be an option to force and keep the downloaded aix, in most browsers.
Are you using Chrome?
oh sorry
Is that command available in your list of commands ?
How can i get a list? "ls /system/bin/" returns nothing.
Try some of the other commands like df or free. Do they work? Seems Google have buried the linux system to stop us messing with it since @ Android 11.
Yes, "df" and "free" works.