最近在研究drozer的使用,发现网上的资料也挺少的,就自己过了一遍所有模块,可以当使用手册来看。
app.package.list
usage: run app.package.list [-h] [-d DEFINES_PERMISSION] [-f FILTER] [-g GID][-p PERMISSION] [-u UID] [-n]
列出所有手机安装的包
Examples: 查找带有browser的包:
dz> run app.package.list -f browser com.android.browser最后修改日期: 2012-11-06 作者: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-d DEFINES_PERMISSION, –defines-permission通过自定义permission 查询 ,-f FILTER, –filter FILTER通过关键词查询-g GID, –gid GID通过GID查询-p PERMISSION, –permission PERMISSIONuses-permission过滤查询, -u UID, –uid UID通过UID查询-n, –no_app_name不输出应用名app.activity.start
usage: run app.activity.start [-h] [–action ACTION] [–category CATEGORY [CATEGORY …]] [–component PACKAGE COMPONENT] [–data-uri DATA_URI][–extra TYPE KEY VALUE] [–flags FLAGS [FLAGS …]] [–mimetype MIMETYPE]
通过特制的Intent启动activity。
Examples: 显式 intent开启浏览器:
dz> run app.activity.start --component com.android.browser com.android.browser.BrowserActivity --flags ACTIVITY_NEW_TASK如果不设置flags,默认值为ACTIVITY_NEW_TASK . 取消默认值的方法如下:
dz> run app.activity.start --component com.android.browser com.android.browser.BrowserActivity --flags 0x0隐式 intent开启浏览器 :
dz> run app.activity.start --action android.intent.action.VIEW --data-uri http://www.google.com --flags ACTIVITY_NEW_TASK更多关于intents的帮助使用命令’help intents’.
Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用–action ACTION指定action–category CATEGORY [CATEGORY …]指定category–data-uri DATA_URI指定uri–extra TYPE KEY VALUE指定附加的数据–flags FLAGS [FLAGS …]指定一个或者多个flags–mimetype MIMETYPE指定文件类型–component PACKAGE COMPONENT指定componnent对于显式Intent,Android不需要去做解析,因为目标组件已经很明确,Android需要解析的是那些隐式Intent,通过解析,将Intent映射给可以处理此Intent的Activity、IntentReceiver或Service。
Intent解析机制主要是通过查找已注册在AndroidManifest.xml中的所有IntentFilter及其中定义的Intent,最终找到匹配的Intent。在这个解析过程中,Android是通过Intent的action、type、category这三个属性来进行判断的,判断方法如下:
如果Intent指明定了action,则目标组件的IntentFilter的action列表中就必须包含有这个action,否则不能匹配;如果Intent没有提供type,系统将从data中得到数据类型。和action一样,目标组件的数据类型列表中必须包含Intent的数据类型,否则不能匹配。如果Intent中的数据不是content: 类型的URI,而且Intent也没有明确指定它的type,将根据Intent中数据的scheme (比如 http: 或者mailto:) 进行匹配。同上,Intent 的scheme必须出现在目标组件的scheme列表中。如果Intent指定了一个或多个category,这些类别必须全部出现在组建的类别列表中。比如Intent中包含了两个类别:LAUNCHER_CATEGORY 和 ALTERNATIVE_CATEGORY,解析得到的目标组件必须至少包含这两个类别。如果 component这个属性有指定的话,将直接使用它指定的组件,而不再执行上述查找过程。app.activity.info
usage: run app.activity.info [-h] [-a PACKAGE] [-f FILTER] [-i] [-u] [-v]
Gets information about exported activities.
Examples: List activities exported by the Browser:
dz> run app.activity.info --package com.android.browser Package: com.android.browser com.android.browser.BrowserActivity com.android.browser.ShortcutActivity com.android.browser.BrowserPreferencesPage com.android.browser.BookmarkSearch com.android.browser.AddBookmarkPage com.android.browser.widget.BookmarkWidgetConfigureLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-a PACKAGE, –package PACKAGE指定包名-f FILTER, –filter FILTER指定activity的名称-i, –show-intent-filters显示activity的intent-filters-u, –unexported包括exported:false的activity-v, –verbose显示详细信息app.package.info
usage: run app.package.info [-h] [-a PACKAGE] [-d DEFINES_PERMISSION] [-f FILTER] [-g GID] [-p PERMISSION] [-u UID] [-i]
List all installed packages on the device with optional filters. Specify optional keywords to search for in the package information, or granted permissions.
Examples: Finding all packages with the keyword “browser” in their name:
dz> run app.package.info -f browser Package: com.android.browser Process name: com.android.browser Version: 4.1.1 Data Directory: /data/data/com.android.browser APK path: /system/app/Browser.apk UID: 10014 GID: [3003, 1015, 1028] Shared libraries: null Permissions: - android.permission.ACCESS_COARSE_LOCATION - android.permission.ACCESS_DOWNLOAD_MANAGER - android.permission.ACCESS_FINE_LOCATION ...Finding all packages with the “INSTALL_PACKAGES” permission:
dz> run app.package.info -p INSTALL_PACKAGES Package: com.android.packageinstaller Process Name: com.android.packageinstaller Version: 4.1.1-403059 Data Directory: /data/data/com.android.packageinstaller APK Path: /system/app/PackageInstaller.apk UID: 10003 GID: [1028] Shared Libraries: null Shared User ID: null Permissions: - android.permission.INSTALL_PACKAGES - android.permission.DELETE_PACKAGES - android.permission.CLEAR_APP_CACHE - android.permission.READ_PHONE_STATE - android.permission.CLEAR_APP_USER_DATA - android.permission.READ_EXTERNAL_STORAGELast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-a PACKAGE, –package PACKAGE指定包名-d DEFINES_PERMISSION, –defines-permission DEFINES_PERMISSION通过自定义的权限过滤-f FILTER, –filter FILTER通过关键词查询-g GID, –gid GID指定GID-p PERMISSION, –permission PERMISSION通过权限过滤-u UID, –uid UID指定UID-i, –show-intent-filters显示intent-filtersapp.broadcast.info
usage: run app.broadcast.info [-h] [-a PACKAGE] [-f FILTER] [-p PERMISSION] [-i] [-u] [-v]
获取broadcast receivers信息
Examples: Get receivers exported by the platform:
dz> run app.broadcast.info -a android Package: android com.android.server.BootReceiver Permission: null com.android.server.updates.CertPinInstallReceiver Permission: null com.android.server.updates.IntentFirewallInstallReceiver Permission: null com.android.server.updates.SmsShortCodesInstallReceiver Permission: null com.android.server.updates.CarrierProvisioningUrlsInstallReceiver Permission: null com.android.server.updates.TZInfoInstallReceiver Permission: null com.android.server.updates.SELinuxPolicyInstallReceiver Permission: null com.android.server.MasterClearReceiver Permission: android.permission.MASTER_CLEARLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs), Luander (luander.r@samsung.com) License: BSD (3 clause)
optional arguments:
参数名作用-a PACKAGE, –package PACKAGE指定包名-f FILTER, –filter FILTER通过关键词查询-p PERMISSION, –permission PERMISSION通过权限过滤-i, –show-intent-filters显示intent-filters-u, –unexported包括exported:false的receivers-v, –verbose显示详细信息app.service.info
usage: run app.service.info [-h] [-a PACKAGE] [-f ] [-i] [-p ] [-u] [-v]
获取services信息.
Examples: List services exported by the Browser:
dz> run app.service.info --package com.android.browser Package: com.android.browser No exported services.List exported services with no permissions required to interact with it:
dz> run app.service.info -p null Package: com.android.email com.android.email.service.EmailBroadcastProcessorService Permission: null com.android.email.Controller$ControllerService Permission: null com.android.email.service.PopImapAuthenticatorService Permission: null com.android.email.service.PopImapSyncAdapterService Permission: null com.android.email.service.EasAuthenticatorService Permission: nullLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-a PACKAGE, –package PACKAGE指定包名-f FILTER, –filter FILTER通过关键词查询-p PERMISSION, –permission PERMISSION通过权限过滤-i, –show-intent-filters显示intent-filters-u, –unexported包括exported:false的service-v, –verbose显示详细信息app.provider.info
usage: run app.provider.info [-h] [-a PACKAGE] [-f FILTER] [-p PERMISSION] [-u] [-v]
获取 content providers信息
Examples: Find content provider with the keyword “settings” in them:
dz> run app.provider.info -f settings Package name: com.google.android.gsf Authority: com.google.settings Required Permission - Read: null Required Permission - Write: com.google.android.providers.settings.permission.WRITE_GSETTINGS Grant Uri Permissions: false Multiprocess allowed: false Package name: com.android.providers.settings Authority: settings Required Permission - Read: null Required Permission - Write: android.permission.WRITE_SETTINGS Grant Uri Permissions: false Multiprocess allowed: falseFinding content providers that do not require permissions to read/write:
dz> run app.provider.info -p null Package name: com.google.android.gsf Authority: com.google.settings Required Permission - Read: null Required Permission - Write: com.google.android.providers.settings.permission.WRITE_GSETTINGS Grant Uri Permissions: false Multiprocess allowed: false ...Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-a PACKAGE, –package PACKAGE指定包名-f FILTER, –filter FILTER通过关键词查询-p PERMISSION, –permission PERMISSION通过权限过滤-u, –unexported包括exported:false的provider-v, –verbose显示详细信息app.activity.forintent
usage: run app.activity.forintent [-h] [–action ACTION] [–category CATEGORY [CATEGORY …]] [–component PACKAGE COMPONENT] [–data-uri DATA_URI] [–extra TYPE KEY VALUE] [–flags FLAGS [FLAGS …]] [–mimetype MIMETYPE]
通过intent查找它的activity
Examples: Find activities that can handle web addresses:
dz> run app.activity.forintent --action android.intent.action.VIEW --data http://www.google.com Package name: com.android.browser Target activity: com.android.browser.BrowserActivityLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用–action ACTION指定action–category CATEGORY [CATEGORY …]指定category–data-uri DATA_URI指定uri–extra TYPE KEY VALUE指定附加的数据–flags FLAGS [FLAGS …]指定一个或者多个flags–mimetype MIMETYPE指定文件类型–component PACKAGE COMPONENT指定componnentapp.broadcast.send
usage: run app.broadcast.send [-h] [–action ACTION] [–category CATEGORY [CATEGORY …]] [–component PACKAGE COMPONENT] [–data-uri DATA_URI] [–extra TYPE KEY VALUE] [–flags FLAGS [FLAGS …]] [–mimetype MIMETYPE]
Examples: Attempt to send the BOOT_COMPLETED broadcast message:
dz> run app.broadcast.send --action android.intent.action.BOOT_COMPLETED java.lang.SecurityException: Permission Denial: not allowed to send broadcast android.intent.action.BOOT_COMPLETEDfrom pid=955, uid=10044
Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用–action ACTION指定action–category CATEGORY [CATEGORY …]指定category–data-uri DATA_URI指定uri–extra TYPE KEY VALUE指定附加的数据–flags FLAGS [FLAGS …]指定一个或者多个flags–mimetype MIMETYPE指定文件类型–component PACKAGE COMPONENT指定componnentapp.broadcast.sniff
usage: run app.broadcast.sniff [-h] [–action ACTION] [–category CATEGORY [CATEGORY …]] [–data-authority HOST PORT] [–data-path PATH TYPE] [–data-scheme DATA_SCHEME [DATA_SCHEME …]] [–data-type DATA_TYPE [DATA_TYPE …]]
Register a broadcast receiver that can sniff particular intents
获取电量信息 Examples: dz> run app.broadcast.sniff –action android.intent.action.BATTERY_CHANGED [*] Broadcast receiver registered to sniff matching intents [*] Output is updated once a second. Press Control+C to exit.
Action: android.intent.action.BATTERY_CHANGED Raw: Intent { act=android.intent.action.BATTERY_CHANGED flg=0x60000010 (has extras) } Extra: technology=Li-ion (java.lang.String) Extra: icon-small=17303411 (java.lang.Integer) Extra: health=2 (java.lang.Integer) Extra: online=4 (java.lang.Integer) Extra: status=2 (java.lang.Integer) Extra: plugged=2 (java.lang.Integer) Extra: present=true (java.lang.Boolean) Extra: level=80 (java.lang.Integer) Extra: scale=100 (java.lang.Integer) Extra: temperature=280 (java.lang.Integer) Extra: current_avg=460 (java.lang.Integer) Extra: voltage=4151 (java.lang.Integer) Extra: charge_type=1 (java.lang.Integer) Extra: invalid_charger=0 (java.lang.Integer)
Last Modified: 2014-06-27 Credit: Tyrone (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用–action ACTION指定action–category CATEGORY [CATEGORY …]指定category–data-authority HOST PORT指定data中的host:port–data-path PATH TYPE指定data中的path–data-scheme DATA_SCHEME [DATA_SCHEME …]指定data中的scheme–data-type DATA_TYPE [DATA_TYPE …]指定data中的数据类型scheme, host, port, path, pathPrefix, pathPattern 是用来匹配 Intent 中的 Data Uri 的。具体规则如下:
scheme://host:port/path or pathPrefix or pathPattern
详细可以参考下面链接: http://blog.csdn.net/androidzhaoxiaogang/article/details/6856201
app.package.attacksurface
usage: run app.package.attacksurface [-h] package
确定安装包的可攻击面
Examples: Finding the attack surface of the built-in browser
dz> run app.package.attacksurface com.android.browser 6 activities exported 4 broadcast receivers exported 1 content providers exported 0 services exportedLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: package the identifier of the package to inspect
optional arguments: -h, –help
app.package.backup
usage: run app.package.backup [-h] [-f FILTER] [-k]
列出可备份的包
Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-f FILTER, –filter FILTER指定包名-k, –api-keys只展示有api keys的包app.package.debuggable
usage: run app.package.debuggable [-h] [-f FILTER] [-v]
列出可debug的包
Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-f FILTER, –filter FILTER指定包名-v, –verbose附加不可debug的包信息app.package.launchintent
usage: run app.package.launchintent [-h] [-r] package
获取程序启动的activity信息
Examples: Finding the launch intent of the Android browser package:
dz> run app.package.launchintent com.android.browser Intent: Action: android.intent.action.MAIN Component: {com.android.browser/com.android.browser.BrowserActivity} Data: null Categories: android.intent.category.LAUNCHER Flags: [ACTIVITY_NEW_TASK] Mime Type: null Extras: nullLast Modified: 2013-03-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: package the identifier of the package to inspect
optional arguments:
参数名作用-r, –raw相当于intent.toString()app.package.manifest
usage: run app.package.manifest [-h] package
获取程序manifest文件信息,和apktool反编译出来的对比,drozer的还能查看versionCode、versionName、minSdkVersion、targerSdkversion。
Examples: Getting the manifest for drozer
dz> run app.package.manifest com.mwr.dz <manifest versionCode="2" versionName="1.1" package="com.mwr.dz"> <uses-sdk minSdkVersion="8" targetSdkVersion="4"> </uses-sdk> <uses-permission name="android.permission.INTERNET"> </uses-permission> ... </manifest>Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: package the identifier of the package
optional arguments: -h, –help
app.package.native
usage: run app.package.native [-h] package
列出Native libraries 信息
Last Modified: 2013-03-23 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: package the identifier of the package
optional arguments: -h, –help
app.package.shareduid
usage: run app.package.shareduid [-h] [-u UID]
查找拥有共同uid的包和他们所有的权限。
Examples: Finding packages that share the UID 10011
dz> run app.package.shareduid -u 10011 UID: 10011 (com.motorola.blur.uid.provider_authenticator:10011) Package Name: com.motorola.blur.provider.photobucket Package Name: com.motorola.blur.provider.picasa Package Name: com.motorola.blur.provider.yahoo Package Name: com.motorola.blur.provider.twitter Package Name: com.motorola.blur.provider.fixedemail Package Name: com.motorola.blur.provider.motorola.app Package Name: com.motorola.blur.provider.orkut Package Name: com.motorola.blur.provider.email Package Name: com.motorola.blur.provider.facebook Package Name: com.motorola.blur.provider.lastfm Package Name: com.motorola.blur.provider.linkedin Package Name: com.motorola.blur.provider.youtube Package Name: com.motorola.blur.provider.skyrock Package Name: com.motorola.blur.provider.activesync Package Name: com.motorola.blur.provider.flickr Accumulated permissions: com.motorola.blur.setupprovider.Permissions.ACCESS_ACCOUNTS; ...Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用-u UID, –uid UID指定uidapp.provider.columns
usage: run app.provider.columns [-h] uri
展示content provider URI的各列名
Examples: List the columns of content://settings/secure
dz> run app.provider.columns content://settings/secure | _id | name | value |Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider uri to query
optional arguments: -h, –help
app.provider.delete
usage: run app.provider.delete [-h] [–selection conditions] [–selection-args [arg [arg …]]] uri
删除content provider URI的内容
Examples: Delete from content://settings/secure, with name condition:
dz> run app.provider.delete content://settings/secure --selection "name=?" --selection-args my_settingLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider uri to query
optional arguments:
参数名作用–selection conditions指定列名–selection-args [arg [arg …]]指定值app.provider.download
usage: run app.provider.download [-h] uri destination
使用openInputStream读取指定uri的内容,并下载在电脑中
使用前提:provider实现了openFile
如果在window下,目的地址’/’为drozer安装目录所在的磁盘,比如drozer安装在D盘
目的地址为/data.db ,文件就在D:\data.db
Examples: Download, using directory traversal on a content provider:
dz> run app.provider.download content://vulnerable.provider/../../../system/etc/hosts /tmp/hostsfile Written 25 bytesLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider URI to read a file through destination path to save the downloaded file to
optional arguments: -h, –help
app.provider.insert
usage: **run app.provider.insert [-h] [–boolean column data] [–double column data] [–float column data] [–integer column data] [–long column data] [–short column data] [–string column data] uri**
插入数据到content provider.
Examples: Insert into a vulnerable content provider:
dz> run app.provider.insert content://com.vulnerable.im/messages --string date 1331763850325 --string type 0 --integer _id 7Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider uri to insert into
optional arguments:
–boolean 【column】 【data】 –double 【column】【 data】 –float 【column】【 data】 –integer 【column】【 data】 –long 【column】【 data】 –short 【column】【 data】 –string 【column】【 data】
app.provider.finduri
usage: run app.provider.finduri [-h] package
查找Content URIs
This module uses a number of strategies to identify a content URI, including inspecting the authorities, path permissions and searching for strings inside the package.
Examples: Find content provider URIs in the Browser:
dz> run app.provider.finduri com.android.browser Scanning com.android.browser... content://com.android.browser.home/res/raw/ content://browser/search_suggest_query content://browser/ content://com.android.browser.snapshots/ content://com.android.browser/bookmarks/search_suggest_query content://com.android.browser/ content://com.google.settings/partner content://com.android.browser.snapshots content://com.google.android.partnersetup.rlzappprovider/ content://com.android.browser.home/ content://browser/bookmarks/search_suggest_queryLast Modified: 2012-13-18 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: package the package to search for content provider uris
optional arguments: -h, –help
app.provider.query
usage: run app.provider.query [-h] [–projection [columns [columns …]]] [–selection conditions] [–selection-args [arg [arg …]]] [–order by_column] [–vertical] uri
查询content provider 内容
Examples: Querying the settings content provider:
dz> run app.provider.query content://settings/secure | _id | name | value | | 5 | assisted_gps_enabled | 1 | | 9 | wifi_networks_available_notification_on | 1 | | 10 | sys_storage_full_threshold_bytes | 2097152 | | ... | ... | ... |Querying, with a WHERE clause in the SELECT statement:
dz> run app.provider.query content://settings/secure --selection "_id=?" --selection-args 10 | _id | name | value | | 10 | sys_storage_full_threshold_bytes | 2097152 |Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider uri to query
optional arguments:
参数名作用–projection [columns [columns …]]选择查询哪些列,如:–projection _id,name–selection conditions指定列名–selection-args [arg [arg …]]指定列名的值–order by_column通过哪一列排序–vertical垂直显示app.provider.read
usage: run app.provider.read [-h] uri
使用openInputStream读取指定uri的内容
使用前提:provider实现了openFile
Examples: Attempt directory traversal on a content provider:
dz> run app.provider.read content://settings/secure/../../../system/etc/hosts java.io.FileNotFoundException: No files supported by provider at content://settings/secure/../../../system/etc/hostsLast Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider URI to read a file through
optional arguments: -h, –help
app.provider.update
usage: run app.provider.update [-h] [–selection conditions] [–selection-args [arg [arg …]]] [–boolean column data] [–double column data] [–float column data] [–integer column data] [–long column data] [–short column data] [–string column data] uri
更新content provider的内容
Examples: Updating, the assisted_gps_enabled setting:
dz> run app.provider.update content://settings/secure --selection "name=?" --selection-args assisted_gps_enabled --integer value 0 Done.Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: uri the content provider uri to update in
optional arguments:
参数名作用–selection conditions指定列名–selection-args [arg [arg …]]指定列名的值–boolean column data列名+值–double column data列名+值–float column data列名+值–integer column data列名+值–long column data列名+值–short column data列名+值–string column data列名+值app.service.start
usage: run app.service.start [-h] [–action ACTION] [–category CATEGORY [CATEGORY …]] [–component PACKAGE COMPONENT] [–data-uri DATA_URI] [–extra TYPE KEY VALUE] [–flags FLAGS [FLAGS …]] [–mimetype MIMETYPE]
Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用–action ACTION指定action–category CATEGORY [CATEGORY …]指定category–data-uri DATA_URI指定uri–extra TYPE KEY VALUE指定附加的数据–flags FLAGS [FLAGS …]指定一个或者多个flags–mimetype MIMETYPE指定文件类型–component PACKAGE COMPONENT指定componnentapp.service.stop
usage: run app.service.stop [-h] [–action ACTION] [–category CATEGORY [CATEGORY …]] [–component PACKAGE COMPONENT] [–data-uri DATA_URI] [–extra TYPE KEY VALUE] [–flags FLAGS [FLAGS …]] [–mimetype MIMETYPE]
Last Modified: 2012-11-06 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
optional arguments:
参数名作用–action ACTION指定action–category CATEGORY [CATEGORY …]指定category–data-uri DATA_URI指定uri–extra TYPE KEY VALUE指定附加的数据–flags FLAGS [FLAGS …]指定一个或者多个flags–mimetype MIMETYPE指定文件类型–component PACKAGE COMPONENT指定componnentapp.service.send
usage: run app.service.send [-h] [–msg what arg1 arg2] [–extra type key value] [–no-response] [–timeout TIMEOUT] [–bundle-as-obj] package component
使用 Message攻击暴露的service,其service实现了handleMessage。
NB: by default, this module will wait 20 seconds for a reply.
Examples: Deliver a Message to a dummy application, that simply returns the message:
dz> run app.service.send com.example.srv com.example.srv.Service --msg 1 2 3 --extra float value 0.1324 --extrastring test value Got a reply from com.example.srv/com.example.srv.Service: what: 1 arg1: 2 arg2: 3 Data: value (float) : 0.1324 test (string) : value
Last Modified: 2013-05-20 Credit: MWR InfoSecurity (@mwrlabs) License: BSD (3 clause)
positional arguments: package the package containing the target service component the fully-qualified service name to bind to
optional arguments:
参数名作用–msg what arg1 arg2指定message obtain获取的值,what、arg1、arg2–extra type key value指定bundle的数据–no-response丢弃回复–timeout TIMEOUT设置等待回复的超时时间–bundle-as-obj设置obj的值