开放式服务模式在Android的编程菜单 [英] Open ServiceMode menu programatically in Android
问题描述
如何编程的三星手机打开了Android的服务模式菜单?
手动,我可以通过拨打USSD code *#0011#做到这一点。
How to open the Android ServiceMode menu programatically on Samsung Phones ?
Manually, I can do it by dialing the ussd code *#0011#.
推荐答案
这是一个挑战,我已经几个小时寻找一个解决方案。但我恐怕没有好消息。
This was a challenge and I've been a few hours looking for a solution. But i am afraid i don't have good news.
1。首先学尝试,Intent.ACTION_DIAL
不错,在开始的时候,有可能直接从一个应用程序(使用意图Intent.ACTION_DIAL)拨打USSD codeS,甚至从一个网站,只是用电话:架构。打开拨号器,一个把所需要的数量。正如当你把最后一个#,在code得到自动发送,它几乎是对用户透明,其相互作用不是必需的。但是,这实际上是考虑了系统的脆弱性,因为有人可以写恶意软件,甚至更多,在一个网站,甚至可以擦拭您的手机或阻止SIM卡插入恶意code。您可以了解这一点,例如<一个href="http://securitywatch.pcmag.com/none/303097-dirty-ussd-hack-wipes-samsung-phones-is-yours-vulnerable">in此链接 截至2012年9月,似乎三星终于<一href="http://www.androidcentral.com/samsung-confirms-galaxy-s3-already-updated-ussd-exploit-fix">fixed该漏洞因此,例如你的S3是不能够的。在这一点上这将是很难找到任何设备仍然脆弱。
Is true that in the beginning, it was possible to directly call USSD codes from an app (using the intent Intent.ACTION_DIAL), and even from a website, just using the "tel:" schema. That opens the dialer, an puts the desired number. As when you put the last #, the code get send automatically, it was almost transparent to the user, whose interaction wasn't required. But that was actually considered a vulnerability of the system, since somebody could write malicious software, or even more, insert malicious code in a website that could even wipe your phone or block the sim card. You can read about this, for example in this link As of September 2012, it seems that Samsung finally fixed that vulnerability so for instance your S3 is not capable of that. At this point it will be hard to find any device still vulnerable.
2。第二次尝试,解决方法
好了一切Android是一个应用程序,即使手机本身就是一个应用程序。那么,为什么不能我们试图复制其code?当用户手动发送USSD而实际上,会发生什么? 有太多可能的答案:
Ok everything in Android is an app, even the phone itself is an app. So, why couldn't we try to replicate its code? And actually, what happens when the user manually sends a ussd? There was too possible answers:
- 手机发送code的提供者和等待响应,或者
- 手机做局部的东西
容易测试:我把我的手机在飞行模式下,所以如果它有送code,希望它不会能。这是如我所料:我拨了code,以及服务模式的屏幕出现了!它是空的,所以我们可以说,拨号器打开系统的应用,此应用程序调用的供应商。
它很容易找出哪些是此应用程序。在三星设备,至少在S4,它的名字是服务模式。您可以在设置&gt找到它;应用经理&gt;所有。因此,我们可以尝试找出它是如何通过这一方式推出了:
Easy to test: I put my phone in flight mode, so if it has to send a code, hopefully it wont be able to. It was as i expected: i dialed the code, and the ServiceMode screen appeared! And it was empty, so we can say that the dialer opens a system application, and this application calls the provider.
Its easy to find out which is this application. In Samsung devices, at least in S4, its name is ServiceMode. You can find it at Settings > Application manager > All. So we can try to find out how it is launched more by means of one of this:
2.1。读取手机应用程序code
我试过了,但它是pretty的混淆开头,所以我去选择2
I tried, but it was pretty confusing at the beginning, so i went to option 2
2.2。检查服务模式的应用程序
我打开ES文件浏览器>应用程序管理器。 接了电话,并在电话/备份/应用程序,我有servicestatus APK。 几分钟后或反向工程,我有清单文件,揭示因为它使用的人。这里我可以看到一堆活动,也有一些广播接收机。我不知道我更怕的。
I opened ES file explorer > app manager. connected the phone, and in phone/backups/apps i had the servicestatus apk. a few minutes or inverse engineering after, i had the manifest file, as revealing as it uses to be. There i could see a bunch of activities, and also a few broadcast receivers. I didn't know what i was more afraid of.
2.2.1让我们试着与活动。
因为我们知道我们可以打开从另一个一个特定的应用程序,我会尝试写一个简单的应用程序,这个活动开放的。这很简单,只要:
Since we know we can open an specific application from another, i will try to write a simple app, that open one of this activities. This is as simple as:
Intent i= new Intent(Intent.Action_MAIN);
i.setClass( "package name", "class name");
startActivity(i);
由于这个程序是不是意味着是从发射器图标打开,现在也没有与我们知道,这是主要的活动意图过滤器的活动。所以我要尝试,至少其中的一些。但不管怎么说,我看到的东西我不喜欢。稍后我会告诉你。
Since this app is not meant to be open from a launcher icon, it has not an activity with an intent filter that let us know that it is the main activity. So i have to try at least a few of them. But anyways, i saw something i didn't like. I will tell you later.
我试过了,但是,如我所料,我不能打开该活动。我得到未发现异常的活动。所以,让我们尝试用一个接收器。至少,这会很有趣。
I tried, but, as i expected, i cannot open that activities. I get an activity not found exception. So, lets try with a receiver. At least this will be fun.
2.2.2让我们试着用接收器。
有几个,但特别我喜欢之一,这个意图过滤器:
There is a few, but specially i liked one with this intent-filter:
<intent-filter>
<action android:name="android.provider.Telephony.SECRET_CODE" />
...
看起来不错。我去了哟Telephony.java,在那里我可以看到这一点:
Looks good. I went yo Telephony.java, and there i could see this:
/**
* Broadcast Action: A "secret code" has been entered in the dialer. Secret codes are
* of the form *#*#<code>#*#*. The intent will have the data URI:</p>
*
* <p><code>android_secret_code://<code></code></p>
*/
public static final String SECRET_CODE_ACTION =
"android.provider.Telephony.SECRET_CODE";
看起来不错,它的具体意图,可能是我们所需要的架构是不是电话:,而是android_secret_ code://,并可能是codeS必须处于不同的内部格式。 我试过了,多多少少只是为了好玩,因为我知道,有同样的问题,我看到了活动,是这样的:
Looks great, its an specific intent, probably the schema we need is not "tel:" but "android_secret_code://" and probably the codes has to be in a different internal format. I tried, more or less just for fun, since i knew that there is the same problem i saw in the activities, and is this:
<permission android:name="com.sec.android.app.servicemodeapp.permission.KEYSTRING" android:protectionLevel="signatureOrSystem" />
的应用程序声明此权限,每一个组件使用它。所以,还是你知道如何声明和设置签名,或者你是一个系统的应用程序。否则,你不能用这个应用程序在所有互动。
当然,你也别想创建自己的服务模式的应用程序,因为你不会没有被系统的应用程序(因为你必须通过该会说一些固件应用程序执行一种与供应商的沟通中悲伤的谁做你以为你是)
Of course you couldn't even think about creating your own servicemode app, since you wouldn't perform that kind of communication with the provider without being a system app (since you have to pass through some firmware apps that will say a sad "who do you think you are")
目前我们所能做的,在他的观点,至少有一台三星手机什么都没有,我们能想到的所有其他的手机是相同的。
There is nothing we can do at his point, at least with a Samsung phone, and we can think every other phone will be the same.
嗯,其实没有真正的好。但是要让我们看看:
Well, actually none really good. But lets see:
替代1.找到另一种USSD code
我们知道,有2种USSD的。那些当你拨打的最后一个#是,该操作将自动触发,和其他,这需要您preSS呼叫按钮。
We know that there is 2 kind of USSD. The ones that when you dial the last #, the action is automatically triggered, and the other, which require that you press the call button.
如果您尝试使用第三方拨号程序,你可以看到,
If you try with a third-party dialer, you can see that
- 磨片您所拨打的第一种类型的code,没有什么是在所有触发(仅固件拨号器可以触发它们)
- 您可以使用另一种(类code + preSS调用)。我想这意味着,这种codeS风险较小,因为在不改变设备任何事情,所以他们被允许。
- 当然,如果你输入的第一类和preSS调用的code,你会得到一个错误,因为code不这样的。
所以,如果第三方可以发送该类型的codeS,每一个应用程序可以。 所以,如果你能设法找到一个替代USSD code该类型属于usser preSS呼叫按钮后,引发了,你可以实现你的你所需要的。在这种情况下,你应该使用一个Intent.ACTION_CALL意图
So, if a third-party can send that type of codes, every app could. So If you could try to find an alternative ussd code, of that type that are triggered after the usser press the call button, you could achieve your what you need. In that case, you should use an Intent.ACTION_CALL intent
//如果使用ACTION_DIAL意图,它打开拨号程序,并把给定数在里面。 //同时,如果我们使用ACTION_CALL,应用程序将直接调用。
//if you use the ACTION_DIAL intent, it open the dialer and put the given number in it. //meanwhile, if we use the ACTION_CALL, the app will directly call.
Intent intent = new Intent(Intent.ACTION_CALL);
intent.setData(Uri.parse("tel:"+ "*" + Uri.encode("#") + "0011" + Uri.encode("#"))); //here you woud put your alternative code
startActivity(intent);
此外,你需要在你的清单中声明该权限
Also you would need to declare this permission in your manifest
<uses-permission android:name="android.permission.CALL_PHONE"></uses-permission>
也许你可以找到一个替代code要做到这一点,因为我已经看到了在互联网上的几个,但在这一点上无人为我工作。你可以试试看
Probably you could find an alternative code to do this, since i ve seen a few in the internet, but at this point no one worked for me. You can give it a try
替代2.等待一个官方的API拿出
In the android project page at coogle code, there is a request to Add USSD API support. It has many subscribers, but it is quite old (more than 5 years), i'm afraid that's not really good. Anyways, that could happen, probably the android tem will consider to prepare an api so an app could declare some permissions, and make requests of some kind of codes. But, I know, this can be waiting forever.
所以,该说些什么。请问运气寻找一个解决方案,或替代你的应用程序。对不起,我的研究是不是更有成效:(
So, what to say. Would luck looking for a solution, or for an alternative to your app. I'm sorry my research wasn't more fruitful :(
这篇关于开放式服务模式在Android的编程菜单的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
