美文网首页
流氓软件应用宝

流氓软件应用宝

作者: 学海摆渡人 | 来源:发表于2024-07-22 16:16 被阅读0次

1. am force-stop com.tencent.android.qqdownloader 失败

原因

console:/data/local/tmp # strings /proc/26748/comm; strings /proc/26889/comm; strings /proc/26748/cmdline; strings /proc/26889/cmdline                                                                                                                 
daemon2_64_v2.2
daemon2_64_v2.2
app_d
/data/user/0/com.tencent.android.qqdownloader/app_indicators/indicator_p1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/indicator_d1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/observer_p1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/observer_d1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/indicator_p1_pid
/data/user/0/com.tencent.android.qqdownloader/app_proc/process_live_indicator_v2.2.4_
app_d
/data/user/0/com.tencent.android.qqdownloader/app_indicators/indicator_d1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/indicator_p1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/observer_d1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/observer_p1
/data/user/0/com.tencent.android.qqdownloader/app_indicators/indicator_d1_pid
/data/user/0/com.tencent.android.qqdownloader/app_proc/process_live_indicator_v2.2.4_

原因这两个进程通过 flock方式请求对同一个文件请求锁

"daemon2_64_v2.2" sysTid=26748
    #00 pc 00000000000ccf24  /apex/com.android.runtime/lib64/bionic/libc.so (flock+4) (BuildId: f3345e0229a42c25af43d5598ec9aee6)
    #01 pc 0000000000001930  /data/data/com.tencent.android.qqdownloader/app_bin/daemon2_64_v2.2.4 (BuildId: d7b0131ea6ae8310f8f789f81ebed09f01721da3)
    #02 pc 0000000000001f04  /data/data/com.tencent.android.qqdownloader/app_bin/daemon2_64_v2.2.4 (BuildId: d7b0131ea6ae8310f8f789f81ebed09f01721da3)
    #03 pc 000000000007d780  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: f3345e0229a42c25af43d5598ec9aee6)

----- end 26748 -----
console:/data/local/tmp # debuggerd -b 26889                                                                                                                                                                                                           


----- pid 26889 at 2024-07-23 11:37:08 -----
Cmd line: app_d
ABI: 'arm64'

"daemon2_64_v2.2" sysTid=26889
    #00 pc 00000000000ccf24  /apex/com.android.runtime/lib64/bionic/libc.so (flock+4) (BuildId: f3345e0229a42c25af43d5598ec9aee6)
    #01 pc 0000000000001930  /data/data/com.tencent.android.qqdownloader/app_bin/daemon2_64_v2.2.4 (BuildId: d7b0131ea6ae8310f8f789f81ebed09f01721da3)
    #02 pc 0000000000001f04  /data/data/com.tencent.android.qqdownloader/app_bin/daemon2_64_v2.2.4 (BuildId: d7b0131ea6ae8310f8f789f81ebed09f01721da3)
    #03 pc 000000000007d780  /apex/com.android.runtime/lib64/bionic/libc.so (__libc_init+108) (BuildId: f3345e0229a42c25af43d5598ec9aee6)

----- end 26889 -----
6282cee69df5697fd3c72e2426ba2244.png

当持锁的进程退出,立马通知另外请求锁的进程,立刻进行保活处理!

处理方案

pkill -u $pid

2. API保活手段

2.1 账户保活机制

清单文件中

        <service android:name="com.live.sync.ServiceC2610YYBLiveSyncService" android:exported="true" android:process=":live">
            <intent-filter>
                <action android:name="android.content.SyncAdapter"/>
            </intent-filter>
            <meta-data android:name="android.content.SyncAdapter" android:resource="@xml/d"/>
        </service>
        <service android:name="com.live.sync.ServiceC2611YYBLiveSyncService1" android:exported="true" android:process=":live">
            <intent-filter>
                <action android:name="android.content.SyncAdapter"/>
            </intent-filter>
            <meta-data android:name="android.content.SyncAdapter" android:resource="@xml/g"/>
        </service>
        <service android:name="com.live.sync.ServiceC2609YYBLiveAuthService" android:exported="true" android:process=":live">
            <intent-filter>
                <action android:name="android.accounts.AccountAuthenticator"/>
            </intent-filter>
            <meta-data android:name="android.accounts.AccountAuthenticator" android:resource="@xml/b"/>
        </service>

2.2 注册为文档内容提供者

清单文件中

        <provider android:name="com.tencent.assistant.syscomponent.C6034DocumentsProvider" android:readPermission="android.permission.MANAGE_DOCUMENTS" android:writePermission="android.permission.MANAGE_DOCUMENTS" android:enabled="true" android:exported="true" android:process=":live" android:authorities="com.tencent.assistant.syscomponent.DOCUMENTS" android:grantUriPermissions="true">
            <intent-filter>
                <action android:name="android.content.action.DOCUMENTS_PROVIDER"/>
            </intent-filter>
        </provider>

2.3 注册为媒体浏览器服务

        <service android:name="com.tencent.assistant.syscomponent.ServiceC6035MediaBrowserService" android:enabled="true" android:exported="true" android:process=":live">
            <intent-filter>
                <action android:name="android.media.browse.MediaBrowserService"/>
            </intent-filter>
        </service>

2.4 注册为媒体路由提供程序服务

       <service android:name="com.tencent.assistant.syscomponent.ServiceC6037MediaRouteProviderService2" android:enabled="true" android:exported="true" android:process=":live">
            <intent-filter>
                <action android:name="android.media.MediaRoute2ProviderService"/>
            </intent-filter>
        </service>

2.5 注册壁纸服务

        <service android:label="@string/v" android:name="com.tencent.nucleus.manager.videowallpaper.video.ProGuard" android:permission="android.permission.BIND_WALLPAPER" android:exported="true" android:process="@string/ahu">
            <intent-filter>
                <action android:name="android.service.wallpaper.WallpaperService"/>
            </intent-filter>
            <meta-data android:name="android.service.wallpaper" android:resource="@xml/e"/>
        </service>

还有很多不一一罗列出来,可以自行通过 查看应用宝清单文件注册信息,以下检测方式只针对原生 rom,其他手机厂商自行处理

3. 检测方式

                String[] accountActions = new String[] {
                    "android.accounts.AccountAuthenticator",
                    "android.content.SyncAdapter",
                };

                for (String action : accountActions) {
                    List<ComponentName> accountNames = Utils.getAccountServiceNames(ctx, packageName, action);
                    if (accountNames != null) {
                        componentNames.addAll(accountNames);
                    }
                }

                String[] providerActions = new String[] {
                          "android.content.action.DOCUMENTS_PROVIDER"
                };
                for (String action : providerActions) {
                    ComponentName providerName = Utils.getProviderNameAction(ctx, packageName, action);
                    if (providerName != null) {
                        componentNames.add(providerName);
                    }
                }

                String[] serviceActions = new String[] {
                        "android.service.wallpaper.WallpaperService",
                        "android.media.MediaRouteProviderService",
                        "android.media.MediaRoute2ProviderService",
                        "android.media.browse.MediaBrowserService",
                        "android.service.controls.ControlsProviderService"
                };

                for (String action : serviceActions) {
                    List<ComponentName> serviceNames = Utils.getServiceNameAction(ctx, packageName, action);
                    if (serviceNames.size() != 0) {
                        componentNames.addAll(serviceNames);
                    }
                }

                String[] metaActions = new String[] {
                    "android.content.ContactDirectory"
                };
                for (String action : metaActions) {
                    List<ComponentName> metaNames = Utils.getMetaDataNames(ctx, packageName, action);
                    if (metaNames.size() != 0) {
                        componentNames.addAll(metaNames);
                    }
                }

                ProviderInfo[] providerInfos = Utils.getContentProvider(ctx, packageName);
                if (providerInfos != null) {
                    for (ProviderInfo pi : providerInfos) {
                        if (pi.exported) {
                            componentNames.add(new ComponentName(packageName, pi.name));
                        }
                    }
                }

相关文章

网友评论

      本文标题:流氓软件应用宝

      本文链接:https://www.haomeiwen.com/subject/yabehjtx.html

      延伸阅读

      深度阅读

      • 您也可以注册成为美文阅读网的作者,发表您的原创作品、分享您的心情!

      栏目导航

      热点阅读

      关于我们|服务条款|联系我们|流氓软件应用宝|投稿指南|网站地图|RSS订阅|排版工具|手机版

      提供经典美文摘抄,优美散文欣赏,现代诗歌精选,短篇小说,心情随笔,表白情书范文,故事会在线阅读欣赏

      Copyright © 2014-2023 Haomeiwen.com All Rights Reserved. 好美文阅读网 版权所有

      备案信息:桂公网安备 45052102000051号 · 桂ICP备13007215号-3

      本站所收录作品、热点评论等信息部分来源互联网,目的只是为了系统归纳学习和传递资讯

      所有作品版权归原创作者所有,与本站立场无关,如不慎侵犯了你的权益,请联系我们告知,我们将做删除处理!