How to compile busybox with Android NDK for both ARM and x86 architectures

I was looking for a way to run busybox on a Motorola RAZRi with an x86 Intel Atom processor but I couldn't find any Android app from the Google play market that was running on the phone (when running any busybox command nothing happened and I was immediately getting the prompt back).
So I decided to cross-compile busybox for Android myself. Now you will find other posts claiming to have done so by downloading an ARM-cross compiler from codesourcery.com but I had two problems with that approach:

1. I needed an x86 cross-compiler and,
2. I read various complaints of people not being able to run various busybox commands with this method.

Cross-compiling busybox with the Android NDK

My only option was to use the Android NDK itself, since it comes with full support of the ARM, x86, and MIPS architectures. I ended up manually configuring busybox by eliminating any module that would not cross-compile due to missing header files and/or libraries in the Android NDK.
To cut the story short, I managed to cross-compile busybox using the Android NDK compilers for both ARM and x86 architectures (I didn't try MIPS since I don't have a device with a MIPS processor to test the resulting binaries).
To build busybox yourself, download the busybox-android.patch, busybox-android.config, and build.sh script and run the latter with the following options:

$ build.sh <android NDK dir> <NDK toolchain> <Android ABI> <Toolchain compiler version> <Android Native API Level> <Install prefix>

The script will download the busybox version 1.21.0 source code, apply the busybox-android.patch and configure busybox for the right architecture.
For example if you have your Android NDK installed under /home/android/android-ndk-r8d, to build busybox for the Intel x86 architecture call the build.sh script like the following:

$ build.sh /home/android/android-ndk-r8d x86-4.7 x86 4.7 android-14 /home/android/busybox-x86

and the cross-compiled busybox binaries will be installed under  the  /home/android/busybox-x86 directory. Similarly if you want to build busybox for the ARM processor, run the following:

$ build.sh /home/android/android-ndk-r8d arm-linux-androideabi-4.7 armeabi-v7a  4.7 android-14 /home/android/busybox-arm

Download busybox binaries

The busybox binaries for x86 (compiled using the above procedure), can be found here.

Installing busybox

The above procedure was tested with release r8d of the Android NDK and for both ARM and x86 devices.

Pre-requisites

1. Your phone must be rooted (for example check out my blog How to root Motorola RAZRi XT890 running Android 4.0.4)
2. You must activate USB debugging mode on your device by going to Settings -> Developer Options -> USB Debugging and selecting the corresponding check box.

Installation Procedure

To install busybox on an x86 Android (rooted) device, I run the following commands with the phone connected to the computer via USB:

# logon to the phone and become root to mount the /system file system read/write
$ adb shell
shell@android:/ $ su -
shell@android:/ # mount -o rw,remount -t ext4 /dev/block/system /system
shell@android:/ # chmod 0777 /system/xbin
shell@android:/ # exit
shell@android:/ $ exit
$

then change directory to the location of the busybox binary file and push it to the phone:

$ adb push busybox /system/xbin/

log back on as root and change permissions appropriately:

$ adb shell
shell@android:/ $ su -
shell@android:/ # chmod 755 /system/xbin/busybox
shell@android:/ # chmod 0755 /system/xbin
shell@android:/ # exit
shell@android:/ $ exit
$

Installing busybox on an ARM Android device is very similar, only the mounting instruction line changes:

$ adb shell
shell@android:/ $ su -
shell@android:/ # mount -o rw,remount -t yaffs2 /dev/block/mtdblock3 /system
shell@android:/ # chmod 0777 /system/xbin
shell@android:/ # exit
shell@android:/ $ exit
$
$ adb push busybox /system/xbin/
$ adb shell
shell@android:/ $ su -
shell@android:/ # chmod 755 /system/xbin/busybox
shell@android:/ # chmod 0755 /system/xbin
shell@android:/ # exit
shell@android:/ $ exit
$

Read More

Security News: Adobe Reader/Acrobat 0-Day with Sandbox Bypass

Some of you have undoubtedly heard the big news in the exploit world this week. There is a new Adobe Reader/Acrobat exploit in the wild that bypasses ASLR (Address Space Layout Randomization), DEP (Data Execution Prevention), and, most importantly, the sandbox ("Protected Mode") that was introduced in Adobe Reader X. Adobe confirmed the critical-rated vulnerabilities as CVE-2013-0640, and CVE-2013-0641 on Wednesday night, February 13, 2013.  The vulnerability applies to versions 11.0.01 and earlier (XI), 10.1.5 and earlier (X), and 9.5.3 (9) and earlier. There is no fix available as of the time of this writing.

The exploit does not defeat "Protected View" that was introduced in Adobe Reader XI. However, it does not need to because Protected View is disabled by default. It is highly recommended to all Adobe users to enable Protected View as described in the Adobe link below. The exploit uses ROP (Return Oriented Programming) as one would expect to get around the standard defenses, and employs several anti-analysis mechanisms such as TLS (Thread Local Storage) callbacks and fake Export Table entries.

This news is particularly important because there have been no confirmed Adobe sandbox bypasses ever published, until now. Some readers may note that "Group IB" (a group based out of Russia) claimed to have a sandbox escape in November, 2012 when they posted a tantalizing video of Adobe Reader XI being exploited http://www.youtube.com/watch?v=uGF8VDBkK0M.  However, that particular end-to-end exploit is seeming more like vaporware every month that passes without independent confirmation.

Adobe CVE Report:

https://www.adobe.com/support/security/advisories/apsa13-02.html

FireEye has published a partial technical description of some of the shellcode from the in-the-wild exploit.  FireEye has withheld full details for now at Adobe's request.

http://blog.fireeye.com/research/2013/02/the-number-of-the-beast.html

UPDATE: Adobe has released a patch for CVE-2013-0640 and CVE-2013-0641 as of Wednesday, February 20, 2013.  You can find the security bulletin here: http://www.adobe.com/support/security/bulletins/apsb13-07.html

Read More

Verizon Fios Home Monitoring Review

 We want to start off by saying we love Verizon Fios. We have our cable and internet through them and don't plan on switching anytime soon.

   

   A few months ago when we went into a Verizon store we noticed their new Home Monitoring System, $89.99 for the starter kit then $9.99 a month after that.  With the starter kit you get a gateway device (which is basically a router), an indoor camera, and an indoor light module.  There are also many add-ons you can get.  We got the deadbolt keypad lock for $159.99.  The thing that got us was that we didn't have to pay anything then, they could spread out the payments for the next three months of our Verizon bill.  If we had to pay right then we wouldn't have done it. We thought this would be a cheaper security system, no contracts and we do all the monitoring.

This sounds way more awesome then it is, let's not waste any time and get to  why we say such things. We are very handy and tech savvy people, Cody would even go so far as to call himself a handy man. So the physical installation was not a problem (Cody did most of it, lol) but when we got to the tech set up the website wasn't running right and we had to call the tech support team three different times. 2 out of 3 where helpful but one of them Cody wanted to smack them through the phone. No one is a fan of rude tech support people. Just because you know what you are doing doesn't mean that everyone does, especially  when your website is not working correctly.

   

   Anyway lets go for its function. It works but not the way it was explained to us. We were told that if the motion detector camera went off we would be sent a picture text message of what set it off. That is not the case. The couple times it was set off by our dog we didn't receive a picture of him jumping around being awesome and doing awesome things  just a text to a link. The link takes you to the website where you have to sign in and there is still no picture just a message saying that the motion sensor was set off at this time, on this date. They have a smart phone app, which is great for monitoring. Downside, you can only have one user monitoring  on the app at a time. So it's kind of a pain to try to sign in and not be able to. Then you text the the other person to ask if they are on, and sometimes no one was on but it wouldn't let you in. We got the Home Monitoring System to take some stress off Cody's mind but it just added more to it.

   

   All this being said we sent it back. We're not willing to pay for something that only works 50% of the time. This could be a great product but right now we feel that Verizon Home Monitoring is not worth the trouble. We have been trying to get our money back and our bill straightened out for the last 4 months. As of now we are still waiting for the refund, we haven't payed it but its still on the bill. They say its coming so we'll see what happens.

   

   This product was not for our family, but it might work for someone else's, that up for you to decide. This has been our honest opinion.

Read More

How to build the gcc Fortran cross-compiler for Android (ARM and x86)

If you need to cross-compile for Android a program written in Fortran, you know already that the official Android NDK does not come with the gfortran compiler, and if like me you need to port to Android code that depends on Fortran (such as the lapack libraries), you are out of luck.
Fortunately I managed to compile the gcc Fortran cross-compiler with the help of  Mike Long's blog. As an added bonus, I managed to build gfortran 4.8.0 not only for the ARM but also for the x86 toolchain, as well as update the script to the latest Android NDK (currently r8d).
What you need to do is the following:

1. download the fortran4android shell script.
2. download the ndk-r8d fortran patch.
3. run the script in your directory:
   
   $ fortran4android
4. wait, wait, wait, ... and you will see in the android-ndk-r8d/toolchains directory two new toolchains called arm-linux-androideabi-4.8.0 and x86-4.8.0
5. Enjoy your new gfortran compiler.

Note that I've successfully tested the script only on Ubuntu 12.04.

Addendum of August 30, 2013

I now have available a patch for the newer android-ndk-r9. To use this instead of the patch above:

1. download the ndk-r9-fortran-patch
2. change the fortran4android script by replacing "r8d" with "r9" everywhere
3. run the fortran4android script in your directory.

 Note that r9 of the NDK already comes with a 4.8 gcc toolchain and to keep it separated, the fortran4android script will still generate in output a "4.8.0" toolchain.

Read More

How to root Motorola RAZRi XT890 running Android 4.0.4

This procedure is only valid for Motorola RAZRi model XT890 (Intel inside) running Android 4.0.4 (system version 81.5.39001.XT890.Retail.en.GB). The following instructions refer to rooting the RAZRi from a Windows 7 PC.

You need to download the Android SDK 

Go to the Android Developer web site and download the Android SDK for Windows.

Make sure you then set the PATH environment variable to the <sdk>\platform-tools directory where all the tools can be found from the command line.

Install the latest Motorola USB drivers for you phone

Install the latest Motorola USB Drivers. Get them here.

Your phone should be factory unlocked

This is a must or else rooting the device will fail with the phone stuck on the bootloader. Go to the Motorola Web site and follow the step by step instructions. Basically open a Command Prompt window and get your Device ID by running the fastboot command. The instructions from Motorola are the following:

1. Put your device in fastboot mode (press the power button and volume down button at the same time and connect your device to your computer with a USB cable).
2. On your computer, open a command prompt or Terminal session.
3. Go to the Directory where you installed the Android SDK tools, and type:$ fastboot oem get_unlock_data
4. This fastboot command will return a character string. This is the Device ID which you will be using to generate your unique unlock key.
   
   Example Device ID (PC User)$ fastboot oem get_unlock_data
   (bootloader) 0A40040192024205#4C4D3556313230
   (bootloader) 30373731363031303332323239#BD00
   (bootloader) 8A672BA4746C2CE02328A2AC0C39F95
   (bootloader) 1A3E5#1F53280002000000000000000
   (bootloader) 0000000

At this point if you submit the device ID to the web form, Motorola will send you the unlock code via e-mail (after warning you that the warranty will be void if you do so).
To unlock the device:

1. Turn off your device.
2. Start your device in fastboot mode. To do this on most Motorola devices, push and hold the power and volume down at the same time, release the power button then release volume down. The device will power up in fastboot mode
3. Connect the device to the computer with a USB cable. You'll get a confirmation message on the device will indicate that it's connected.
4. Open a command window or terminal on your computer.
5. Change field to show the path to the tools folder within the Android SDK folder.
6. Verify that the desktop and device are connected by entering the following in the command field:$ fastboot devicesYou should see that your device is connected.
7. Now you will unlock the bootloader. Simply enter the following in the command line:$ fastboot oem unlock UNIQUE_KEYThe UNIQUE_KEY is the code you received in the email. It is case-sensitive.
8. If the line was entered correctly, your device's screen will confirm that your device is unlocked. You have just unlocked your device's bootloader.

Root the device

Get the RAZRi rooting utility for Windows. Get it here.
Extract the zipped files and from a Command Prompt or terminal window, change directory to the location of the utility. Make sure your RAZRi is connected to your Windows PC via the USB cable. Finally run the Root.bat command, follow the instructions, and cross your fingers.
After rebooting at least three times the phone should be rooted.

Read More