Awesome Android eXtreme Hacking. Part I
Awesome Android eXtreme Hacking. Part I
David "DeMO" Martínez Oliveira

So you'd got here because of the catchy title?. Good luck!, you are in the right place. You had just landed in the first part of a series of awesome tutorials on how to extreme hack your Android devices. Yes it is extreme, so let's start straight away. The first thing you have to know is that... your Android phone is actually a Linux computer!. Yes, it is. And that is the reason we can do quite some amazing things just out of the box.... Interested?... Keep reading
So let's start installing some tools. Specifically, you will need to install the Android SDK and the Android NDK. The SDK is the Software Development Kit. You usually use it for Java development... Don't panic, no Java here. Java is for wimps. We just need some tools that come with that package. Actually, for the time being, we just need the tool called adb (Android Debugging Bridge).

The NDK (Native Development Kit) is the one that will allow us to compile our own C applications for our own Android phone. Later on (probably in the part 2 of these series) we will not even need it, but for starters is quite convenient.

So let's start. Create a working directory to start doing awesome stuff :):

$ ~/ $ mkdir aaxh
$ ~/ $ cd aaxh

Sure, aaxh stands for Awesome Android Xtreme Hacking!!!

Now download the packages we just mentioned above. In case the links below does not work (because you are reading this several months in the future), you will need to find out the right URLS. Google may help on that.

You have to chose your platform, that's why we are not giving you direct links. This tutorial assumes you are using a GNU/Linux box (after all you already are using a Linux box in your pocket, so...). In principle you should be able to use other evil operating systems if you want. But... you are on your own on the dark side.

Uncompress the packages on your aahx directory. Now, we need to update our PATH for easily accessing some tools. Supposing that the NDK is available at ~/aaxh/ndk and that the SDK is available at ~/aaxh/sdk , then you have to update your PATH as follows:

~/aaxh $ export PATH=${HOME}/aaxh/ndk/build/tools:$PATH
~/aaxh $ export PATH=${HOME}/aaxh/sdk/platform-tools/:$PATH

(Basically you need to find the tools we will be using -adb and make-standalone-toolchain- and add those folders to the path. We are saying this because the paths may change -they had already changed in the past- and we do not want you to get stuck here, just before the awesome stuff starts :)

Now we have to create a toolchain. So, what is a toolchain?. Well, that is the technical name for all the tools you need to produce an executable: compiler, linker, assembler,...

The NDK comes with a tool to create a toolchain for us, one that works on Android out of the box. We will see how to use other toolchains, and even how to create our own, but for now, let's go for the basics.

Let's run this command:

~/aaxh $ --platform=android-19 --install-dir=${HOME}/aaxh/android-19 --arch=arm

This will create a directory android-19 with all the tools we need. You can name the directory as you wish and you can target other Android platforms. If you are not sure which number you want to use in the --platform parameter check this:

Platform 19 is Android 4.4. For the kind of things we will be doing right now, it does not really matter which platform you use. But we will come to this later.

So now you have your own toolchain ready. In order to use it you just need to add the bin subfolder to your PATH. Something like:

~/aaxh $ export PATH=${HOME}/aaxh/android-19/bin:$PATH

And we are basically done for a..... tu, tu, tuuuu... Hello World application!!. In case you cannot write your own, check below how it should roughly look like:

#include <stdio.h>

main (int argc, char *argv[])
	printf ("Hello Android!\n");
	return 0;

Just type this in a file named hello.c and compile:

~/aaxh $ arm-linux-androideabi-gcc -o hello hello.c 

You had just created a binary file for your Android Phone!!!. Now we need to get it into the phone and find out how to run it. This is what we need the adb tool for.

The first thing is to get the file into the phone. You can do that with the following command (did you add the SDK to your PATH?)

~/axh $ adb push hello /data/local/tmp/.

In principle /data/local/tmp is always writeable and it also allows execution. Using a different location can be tricky and maybe even impossible unless your phone is rooted.

Now we are ready to run our application. For doing that we have to get into the phone. We focus very hard in order to shrink ourselves and become small enough to go through the micoUSB connector... Just kidding. We have to type some commands... indeed:

~/aaxh $ adb shell
$ cd /data/local/tmp
$ chmod 777 hello
$ ./hello
Hello Android!

And we had just executed our own C application on the phone. Note that you need to type the path to change directory. The tab key will not work as /data and /data/local are not accessible by normal users.

OK, OK... this is not that much awesome. Let's try a cooler Hello World. Let's call the file hellow.c and type something like this:

#include <stdio.h>
#include <string.h>

#include <sys/socket.h>
#include <netinet/in.h>

char *r = 
  "HTTP/1.0 200 OK\n"
  "Content-type: text/html\n\n"
  "<html><body><h1>Hello Android</h1></body></html>\n";

main (int argc, char *argv[])
  struct sockaddr_in   server, client;
  socklen_t            len = sizeof (struct sockaddr_in);
  int  s,s1;

  server.sin_addr.s_addr = INADDR_ANY;
  server.sin_family = AF_INET;
  server.sin_port = htons(8080);

  s = socket (PF_INET, SOCK_STREAM, 0);
  bind (s, (struct sockaddr *) &server, sizeof (server));
  listen (s, 10);

  while (1)
      s1 = accept (s, (struct sockaddr *)&client, &len);
      write (s1, r, strlen(r));
      close (s1);
  return 0;

Now connect your phone to a wifi network. Launch the application and point your browser to your phone, port 8080..... Still not awesome enough.. Ok, that's true... but, come on... this is the first part of the tutorial. We will reserve the "take-over-the-world.c" application for part 3 or 4 :).

So, this is it for the first part of the Awesome Android eXtreme Hacking tutorial... keep tuned. Next part will be even more awesome.

Happy Hacking
Awesome Welles

No smartphone or tablet were harmed during the preparation of this text. We are not sure about what will happen on Part II....

Awesome Android eXtreme Hacking. Part II (Sensors)
Awesome Android eXtreme Hacking. Part II. More sensors
Awesome Android eXtreme Hacking. Part III. What a Shell!
Awesome Android eXtreme Hacking. Part IV. GNU/Linux on your Pocket
Add a Remote Shell to your Android App
Android Development for Web Programmers

Tu publicidad aquí :)