Talking about Android security 2 - Activity hijacking prevention program

Talking about Android security 2 - Activity hijacking prevention program

The previous article introduced phishing vulnerabilities caused by design flaws in Android, and also introduced user prevention methods at the end of the article.
However, if such a malicious program really breaks out, we cannot be so careful to check and determine which program is currently running every time we start the program. Therefore, I spent some time writing a program called Anti-Hijacking Assistant a few weeks ago. The principle is very simple, which is to obtain which program is currently running and display it in a floating window to help users determine which program is currently running and prevent the deception of some phishing programs.

This time, because it is "self-defense", we no longer use enumeration to obtain the currently running program, but add a permission in the manifest file:

  1.  <uses-permission android:name= "android.permission.GET_TASKS" />


Then when the program is started, a Service is started, a floating window is started in the Service, and the currently running program is periodically detected and then displayed in the floating window.
The program screenshots are as follows:

The Service code is as follows:

  1.  /*
  2.  * @(#)AntiService.java Project:ActivityHijackingDemo
  3.  * Date:2012-9-13
  4.  *
  5.  * Copyright (c) 2011 CFuture09, Institute of Software,
  6.  * Guangdong Ocean University, Zhanjiang, GuangDong, China.
  7.  * All rights reserved.
  8.  *
  9.  * Licensed under the Apache License, Version 2.0 (the "License");
  10.  * you may not use this file except in compliance with the License.
  11.  * You may obtain a copy of the License at
  12.  *
  13.  * http://www.apache.org/licenses/LICENSE-2.0
  14.  *
  15.  * Unless required by applicable law or agreed to in writing, software
  16.  * distributed under the License is distributed on an "AS IS" BASIS,
  17.  * WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
  18.  * See the License for the specific language governing permissions and
  19.  * limitations under the License.
  20.  */  
  21.  package com.sinaapp.msdxblog.antihijacking.service;
  22.  import android.app.ActivityManager;
  23.  import android.app.Notification;
  24.  import android.app.Service;
  25.  import android.content.Context;
  26.  import android.content.Intent;
  27.  import android.content.pm.PackageManager;
  28.  import android.content.pm.PackageManager.NameNotFoundException;
  29.  import android.os.Bundle;
  30.  import android.os.Handler;
  31.  import android.os.IBinder;
  32.  import android.os.Message;
  33.  import android.util.Log;
  34.  import com.sinaapp.msdxblog.androidkit.thread.HandlerFactory;
  35.  import com.sinaapp.msdxblog.antihijacking.AntiConstants;
  36.  import com.sinaapp.msdxblog.antihijacking.view.AntiView;
  37.  /**
  38.  * @author Geek_Soledad ([email protected])
  39.  */  
  40.  public   class AntiService extends Service {
  41.  private   boolean shouldLoop = false ;
  42.  private Handler handler;
  43.  private ActivityManager am;
  44.  private PackageManager pm;
  45.  private Handler mainHandler;
  46.  private AntiView mAntiView;
  47.  private   int circle = 2000 ;
  48.  @Override  
  49.  public IBinder onBind(Intent intent) {
  50.  return   null ;
  51.  }
  52.  @Override  
  53.  public   void onStart(Intent intent, int startId) {
  54.  super .onStart(intent, startId);
  55.  startForeground( 19901008 , new Notification());
  56.  if (intent != null ) {
  57.  circle = intent.getIntExtra(AntiConstants.CIRCLE, 2000 );
  58.  }
  59.  Log.i( "circle" , circle + "ms" );
  60.  if ( true == shouldLoop ) {
  61.  return ;
  62.  }
  63.  mAntiView = new AntiView( this );
  64.  mainHandler = new Handler() {
  65.  public   void handleMessage(Message msg) {
  66.  String name = msg.getData().getString( "name" );
  67.  mAntiView.setText(name);
  68.  };
  69.  };
  70.  pm = getPackageManager();
  71.  shouldLoop = true ;
  72.  am = (ActivityManager) getSystemService(Context.ACTIVITY_SERVICE);
  73.  handler = new Handler(
  74.  HandlerFactory.getHandlerLooperInOtherThread( "anti" )) {
  75.  @Override  
  76.  public   void handleMessage(Message msg) {
  77.  super .handleMessage(msg);
  78.  String packageName = am.getRunningTasks( 1 ).get( 0 ).topActivity
  79.  .getPackageName();
  80.  try {
  81.  String progressName = pm.getApplicationLabel(
  82.  pm.getApplicationInfo(packageName,
  83.  PackageManager.GET_META_DATA)).toString();
  84.  updateText(progressName);
  85.  } catch (NameNotFoundException e) {
  86.  e.printStackTrace();
  87.  }
  88.  if (shouldLoop) {
  89.  handler.sendEmptyMessageDelayed( 0 , circle);
  90.  }
  91.  }
  92.  };
  93.  handler.sendEmptyMessage( 0 );
  94.  }
  95.  private   void updateText(String name) {
  96.  Message message = new Message();
  97.  Bundle data = new Bundle();
  98.  data.putString( "name" , name);
  99.  message.setData(data);
  100.  mainHandler.sendMessage(message);
  101.  }
  102.  @Override  
  103.  public   void onDestroy() {
  104.  shouldLoop = false ;
  105.  mAntiView.remove();
  106.  super .onDestroy();
  107.  }
  108.  }

The floating window is just a simple textview, which is not the technical focus of this article and will not be discussed here.
Of course, it can be seen from the above code that this program can only prevent programs that use Activity as a phishing interface, because it obtains the program name through the running top-level Activity. It is still powerless against another phishing method recently mentioned by WooYun. We will talk about this next time.

<<:  Talking about Android security 1——Activity hijacking and user prevention

>>:  How to safely exit multiple Activities on Android

Recommend

The sudden appearance of a huge star and the astronomer who calmed the public opinion crisis

In December of the second year of the Jingde reig...

[Smart Farmers] Can plants predict the weather? Uncovering the ecological secrets behind the "green umbrella"

Your browser does not support the video tag In tr...

Can eating chili peppers often help you live longer? A meta-analysis of 570,000 people in four countries including China and the United States

In recent years, many studies have shown that chi...

「User acquisition」The core of new product user growth

When it comes to growth, the first thing that com...

A model of domestic operating system: Deepin operating system

In China, the market share of various versions of...

Outrageous! I got tanned at the beginning of summer? How can I get my skin white again quickly?

Many people should feel it Temperatures are risin...

Small size but big surprises: ZTE Nine City "Fans' Stick" review

Speaking of FUN BOX, I believe most domestic play...

Perseverance discovered a large amount of organic matter. Is life on Mars about to appear? Scientists are about to reveal the truth

Recently, the internationally renowned New Scient...

Shaoshan SEO training: sharing of website analysis and diagnosis solutions

1. Basic Information of the Website 1. Website do...

After Hisense, Xiaomi also entered the laser TV market. Is this a sign of the future of large screens or just a delaying tactic?

While the TV industry is arguing over whether OLE...

The Secret of the World Behind the Screen: Defeat the "Mysterious Man" and Protect Your Online Privacy

Source: Ni Xiaojiang & Jing'an CDC...

Typhoon Dusurui brought all kinds of oysters to the ground. Where did they come from? Can we eat them?

On July 28, Typhoon Dusurui made landfall on the ...

The dust in the house can never be swept clean, what’s going on?

When you vacuum, sweep the floor, and wipe the fu...

Uncover the story behind "Oppenheimer" that Nolan didn't film

Recently, the biographical film "Oppenheimer...

Is it laggy or not? Experience with iPhone 4S, 5, 5S, and iPad 2 under iOS 9

The closed nature of the system allows old antiqu...