Categories

JavaScriptPHPHTMLCssPythonWordPressWeb developmentLinuxMySQLAndroidWindowsJavaC++ / C#LayoutReactUbuntuYiiDjangoProgramming1C-BitrixLaravelSystem administrationTelegramJSONDebianPostgreSQLIOSGoogleHtaccessWindows ServerGitMacOSGoogle ChromeCMSWooСommerceBootstrapNginxSQLUnityAPI
Make a leaderReport
N
N
Nordman992021-10-13 09:39:25
Android
Nordman99, 2021-10-13 09:39:25

How to remove certain program permissions?

Good day everyone!
Help a novice reverse engineer, there was a need for a certain program to correct permissions.
The fact is that the developers updated their program on the playmarket, before the update everything was fine and after the update this is what happened: the narrow-minded developers decided that some programs that have been on the playmarket for a long time and are approved and there is nothing wrong with them are dangerous software and if they are on the phone, this program does not want to start after that and lists the software that needs to be removed from the phone. I'm not going to delete anything from what I have, everything is needed, and this program itself is also needed.
I think well, I haven’t done reverse engineering yet, but I’ve already heard about it, it’s time to do it, download APK, transfer it to a computer, decompile it, open AndroidManifest.xml
Here's what I see at the beginning:

https://pastebin.com/Xz4PLz9t

I think it's unnecessary to bring it all here, anyway, no one will carefully study it all here)))
So here are the lines:

<package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>


This is just how it turned out the list of software with which this program does not want to work, so I deleted these lines:

<queries>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <package android:name="com.xxx.xxx"/>
        <intent>
            <action android:name="android.intent.action.PICK"/>
            <data android:mimeType="vnd.android.cursor.dir/phone_v2"/>
        </intent>
        <intent>
            <action android:name="android.intent.action.MAIN"/>
        </intent>
        <package android:name="com.google.android.apps.maps"/>
    </queries>


also removed the lines with permissions:
<uses-permission android:name="android.permission.READ_PHONE_STATE"/>
    <uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE"/>
    <uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE"/>
    <uses-permission android:name="com.google.android.c2dm.permission.RECEIVE"/>
    <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"/>
    <uses-permission android:name="oppo.permission.OPPO_COMPONENT_SAFE"/>
    <uses-permission android:name="com.huawei.permission.external_app_settings.USE_COMPONENT"/> 
    <uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES"/>


Also, a simple search in the folder with the decompiled APK for all files for the presence of the names of unapproved programs in them revealed one of the smali files in which these names are contained, something like this:

https://pastebin.com/jSt6hmJb

This smali does not end there but again, no one will probably study it all here.
As a result, I replaced the lines with package names with empty quotes like:

const-string v2, "prog1"
const-string v3, "com.prog1"

replaced with

const-string v2, ""

const-string v3, ""
Then I also tried to change the names to fake ones, but the result remained the same.

In general, in the end:

I compiled the modified project, signed it, uploaded the APK to the phone , previously deleted the official version of the program by clearing its entire cache, installed the modified APK, and this is what happened: sees
If then, before starting what after, turn on the Internet - it suddenly detects "dangerous" software and exits, and this program itself will not work without the Internet either. there is a personal account, without the Internet it makes no sense.
I tried to cut even more permissions from AndroidManifest.xml - the result is either the same or even worse - the program simply cannot start,
Those. it seems that the program communicates with the playmarket chtoli, because there is also a list of installed software on my google account, or it contacts the developer server and compares its available permissions to permissions in the official version and somehow restores its correct work, tell me if it's possible somehow to finish the program so that it works with the Internet correctly, how should I work?

Reply
Answer the question

Answer the question

In order to leave comments, you need to log in

2 answer(s)
Report
Z
Zettabyte, 2021-10-13
@Zettabyte

It's not clear which program is causing the pain, but I would just demolish it and install an older version from .apk, bypassing the market.
Without the package name, it's not clear, but in general search on apkmirror.com, w3bsit3-dns.com, and xda-developers. The last two can be found incl. and freshly corrected.

Report
0
074909, 2021-10-13
@074909

Take the previous, not so strict version from apkpure.com and don't update this app

Similar questions
G
Good Samaritan2018-11-16 19:56:49
How can I make it so that when you hover the mouse over the child elements of the menu, it does not disappear? 1Reply
Z
zehil2018-04-02 12:14:32
Where are these artifacts in the photo from? 1Reply
M
mitaichik2015-11-25 01:37:41
How to programmatically encrypt data on Android? 3Reply
P
pitimirov_a2015-11-25 02:59:24
How can I just connect to a php script on a website and return a response? 1Reply
M
Mairon2012-06-01 19:22:28
How to unbind a device from Google Play? 1Reply

Didn't find what you were looking for?

Ask your question

Ask a Question

731 491 924 answers to any question