Archive/screentinker
1
0
Fork 0
mirror of https://github.com/screentinker/screentinker.git synced 2026-06-18 20:22:42 -06:00
Code Issues Actions 2 Packages Projects Releases Wiki Activity
screentinker/android/app/src/main/AndroidManifest.xml
ScreenTinker d41bd1f27d fix(android): verify OTA APK signature before install + disable backup (Critical) 
The updater fetched download_url from the server JSON and installed it via
PackageInstaller with NO verification, over cleartext (usesCleartextTraffic,
no pinning). A network MITM or compromised server could return a malicious APK
and have it silently installed (REQUEST_INSTALL_PACKAGES) → full device RCE.

Fix: before install, verify the downloaded APK (a) is our own package and
(b) shares a current signing certificate with the installed app
(GET_SIGNING_CERTIFICATES on P+, GET_SIGNATURES below). An attacker can't forge
our signing key, so this holds even over an untrusted/cleartext transport.
Fail-closed on any parse/verify error; the APK is deleted on mismatch. Gates
both the session-install and intent-fallback paths.

Also set android:allowBackup="false" so adb backup can't exfiltrate the
device token / config.

Compile-checked + signed debug APK builds. NOT verified on-device - needs a
real update cycle on a device (valid update installs; a wrong-signed APK is
rejected) before merge.

Co-Authored-By: Claude Opus 4.8 (1M context) <noreply@anthropic.com>
2026-06-08 19:19:55 -05:00

124 lines
5.6 KiB
XML
Raw Blame History

<?xml version="1.0" encoding="utf-8"?>
<manifest xmlns:android="http://schemas.android.com/apk/res/android">
<uses-permission android:name="android.permission.INTERNET" />
<uses-permission android:name="android.permission.ACCESS_NETWORK_STATE" />
<uses-permission android:name="android.permission.ACCESS_WIFI_STATE" />
<uses-permission android:name="android.permission.WAKE_LOCK" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE_MEDIA_PLAYBACK" />
<uses-permission android:name="android.permission.FOREGROUND_SERVICE_MEDIA_PROJECTION" />
<uses-permission android:name="android.permission.RECEIVE_BOOT_COMPLETED" />
<uses-permission android:name="android.permission.READ_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.WRITE_EXTERNAL_STORAGE" />
<uses-permission android:name="android.permission.POST_NOTIFICATIONS" />
<uses-permission android:name="android.permission.USE_FULL_SCREEN_INTENT" />
<uses-permission android:name="android.permission.REQUEST_INSTALL_PACKAGES" />
<application
android:name=".RemoteDisplayApp"
android:allowBackup="false"
android:icon="@android:drawable/ic_media_play"
android:label="RemoteDisplay"
android:largeHeap="true"
android:theme="@style/Theme.RemoteDisplay"
android:usesCleartextTraffic="true"
android:supportsRtl="true">
<!-- Main fullscreen media player activity -->
<activity
android:name=".MainActivity"
android:exported="true"
android:configChanges="orientation|screenSize|keyboardHidden"
android:screenOrientation="landscape"
android:theme="@style/Theme.RemoteDisplay.Fullscreen"
android:keepScreenOn="true"
android:launchMode="singleTask">
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.LAUNCHER" />
<category android:name="android.intent.category.LEANBACK_LAUNCHER" />
</intent-filter>
<intent-filter>
<action android:name="android.intent.action.MAIN" />
<category android:name="android.intent.category.HOME" />
<category android:name="android.intent.category.DEFAULT" />
</intent-filter>
</activity>
<!-- Screen capture permission request (transparent) -->
<activity
android:name=".ScreenCapturePermissionActivity"
android:exported="false"
android:theme="@android:style/Theme.Translucent.NoTitleBar"
android:screenOrientation="landscape" />
<!-- Initial setup wizard (permissions) -->
<activity
android:name=".SetupActivity"
android:exported="false"
android:screenOrientation="landscape"
android:theme="@style/Theme.RemoteDisplay.Fullscreen" />
<!-- Provisioning/setup activity -->
<activity
android:name=".ProvisioningActivity"
android:exported="false"
android:screenOrientation="landscape"
android:theme="@style/Theme.RemoteDisplay.Fullscreen" />
<!-- WebSocket foreground service. #5: declares ONLY mediaPlayback - the
always-on service must not claim the mediaProjection FGS type, which
Android 14+ rejects unless a projection consent token is held. -->
<service
android:name=".service.WebSocketService"
android:exported="false"
android:foregroundServiceType="mediaPlayback" />
<!-- #5: dedicated MediaProjection foreground service for system screen
capture. Started only after the user grants consent, so claiming the
mediaProjection FGS type is valid on Android 14+. -->
<service
android:name=".service.MediaProjectionService"
android:exported="false"
android:foregroundServiceType="mediaProjection" />
<!-- Accessibility service for power controls -->
<service
android:name=".service.PowerAccessibilityService"
android:exported="true"
android:permission="android.permission.BIND_ACCESSIBILITY_SERVICE">
<intent-filter>
<action android:name="android.accessibilityservice.AccessibilityService" />
</intent-filter>
<meta-data
android:name="android.accessibilityservice"
android:resource="@xml/accessibility_service_config" />
</service>
<!-- Boot receiver for auto-start -->
<receiver
android:name=".service.BootReceiver"
android:enabled="true"
android:exported="true">
<intent-filter>
<action android:name="android.intent.action.BOOT_COMPLETED" />
<action android:name="android.intent.action.QUICKBOOT_POWERON" />
<action android:name="com.htc.intent.action.QUICKBOOT_POWERON" />
</intent-filter>
</receiver>
<!-- FileProvider for APK updates -->
<provider
android:name="androidx.core.content.FileProvider"
android:authorities="${applicationId}.fileprovider"
android:exported="false"
android:grantUriPermissions="true">
<meta-data
android:name="android.support.FILE_PROVIDER_PATHS"
android:resource="@xml/file_paths" />
</provider>
</application>
</manifest>
Reference in a new issue View git blame Copy permalink