Crashes on Android 8.1

[pahapoika]

DEVICE: OnePlus 3T

OS version: 8.1

cSploit version:
Latest nightly

busybox (installed or not):
Installed

Rooted with supersu?
Rooted with magisk

logcat (filter it!):
How-to guide
https://pastebin.com/617YaHG2

Daemon specific questions

Go version:

OS:

Using Docker (incase of unofficial build.)

Actions performed:

Logs:

Issue:
Remember to search for issues alike before creating new one!
It starts fine, but immediately after granting root is displays pop-up that says "initialization error. Neither user 10159 nor current process has android.permission.WAKE_LOCK"

Then it installs every dependency fine (MSF and Ruby), but after closing the app (cSploit) once and then trying to reopen it, it doesn't open and just shows the cSploit has crashed notification

[pahapoika]

!Confirmed to work on the stable release!

[fat-tire]

From the error: Neither user 10159 nor current process has android.permission.WAKE_LOCK.

... it looks like maybe the WAKELOCK permission should be explicitly requested (?), which is weird because (A) it's not in the list of "dangerous" permissions, (B) we do have the WAKE_LOCK permission in the manifest, and (C) it's working fine for me in api 25 on different devices I've tested it on and (D) I don't even see a UI request for it available in 25.

I also don't see that that anything involving the wakelock permission has changed in Oreo or 8.1, although there may be an issue with background services that will need to be addressed.

Question-- if you go to Settings->Apps-> is there a permission you can turn on that isn't already on? I have a few changes here I can propose that you can try, specifically:

--- a/cSploit/src/main/java/org/csploit/android/MainActivity.java
+++ b/cSploit/src/main/java/org/csploit/android/MainActivity.java
@@ -70,9 +70,13 @@ public class MainActivity extends AppCompatActivity {
                 Manifest.permission.WRITE_EXTERNAL_STORAGE)
                 != PackageManager.PERMISSION_GRANTED || ContextCompat.checkSelfPermission(this,
                 Manifest.permission.READ_PHONE_STATE)
-                != PackageManager.PERMISSION_GRANTED) {
+                != PackageManager.PERMISSION_GRANTED || ContextCompat.checkSelfPermission(this,
+              Manifest.permission.WAKE_LOCK)
+              != PackageManager.PERMISSION_GRANTED)
+      {
           ActivityCompat.requestPermissions(this,
-                  new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE, Manifest.permission.READ_PHONE_STATE},
+                  new String[] {Manifest.permission.WRITE_EXTERNAL_STORAGE, Manifest.permission.READ_PHONE_STATE,
+                  Manifest.permission.WAKE_LOCK},
                   MY_PERMISSIONS_WANTED);
         }
     }

and I guess

diff --git a/cSploit/src/main/res/values/strings.xml b/cSploit/src/main/res/values/strings.xml
index 261c0122..076cb5bd 100644
--- a/cSploit/src/main/res/values/strings.xml
+++ b/cSploit/src/main/res/values/strings.xml
@@ -543,6 +543,6 @@
     <string name="cSploitChannelDescription" >cSploit-related messages</string>
 
     <!-- permissions -->
-    <string name="permissions_fail">Sorry, you need to approve both permission requests.</string>
+    <string name="permissions_fail">Sorry, you need to approve all permission requests.</string>
     <string name="permissions_succeed">Thanks!</string>
 </resources>

I can try adding those if you want to try them (or feel free to try yourself). Maybe the WAKE_LOCK just isn't being granted automatically sort of described in that "behavior changes" even though the READ_PHONE_STATE is.

[pahapoika]

as you can see the nightly lacks the "prevent phone from sleeping" permission

[fat-tire]

Hmm. I never touched that permission (it's still here), and the only thing I can think of behaviorally is that it wasn't explicitly requested until the patch above and maybe it needs to be in 8.0x if that's what the docs are saying changed. I don't have the hardware to try it though, and like I said api26+arm is not supported by the emulator yet.

Could you try building w/those changes, and if youdid so, did it fix the issue by any chance?

Thx

[pahapoika]

@fat-tire yeah I'll build with those fixes and report back.

[pahapoika]

Actually @fat-tire could you build since im in a rush and will actually be home on Monday (so it would need to wait till then)

[fat-tire]

Hey just following up. Did you get a chance to try the fixes?

[vczilla]

So this one had been bugging me for a while ( pun fully intended I'm afraid ).
I had been looking for something complicated and esoteric but I couldn't find anything wrong with code asking for the wake_lock permission.

I decided to give it another go today so I decompiled the installed and crashing app.
The answer is actually so simple and glaringly obvious in hindsight that I'm pretty sure that's part of the reason why it still hasn't been fixed.

Without any further ado, here's an snippet of the installed app's manifest:
<uses-permission android:maxSdkVersion="25" android:name="android.permission.WAKE_LOCK>

Well duh Oreo 8.0 is API level 26 l, Oreo 8.1 is 27.
Android Pancakes following the same logic is 28.

So the fix is to change the maximum API level predicating the wake_lock permission in the manifest.

And yes I might have just done all that to 'subtlety' hint at Android P's dessert name and claim some geek cred if I'm right!

That's all for now, folks.

[gregd]

The problem is created by the new ACRA lib version. They added to their android manifest WAKE_LOCK permission with maxSdkVersion="25", which is merged with main app manifest file.
ACRA/acra#651