I suppose you want to discover how the pre-defined mobile application interacts with the filesystem and precisely understand what happens on the filesystem when this application is active. This guide describes this process for both major platforms – iOS and Android, as of February 13, 2021.
iOS
TL;DR
wget https ://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
ldid -e $ ( which bash ) > entitlement. xml
ldid -Sentitlement. xml fsmon161
./fsmon161 -c -p $ ( ps aux | grep NAME | tr -s " " | cut -d " " -f2 | head -1 )
wget https://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
chmod 755 fsmon161
ldid -e $(which bash) >entitlement.xml
ldid -Sentitlement.xml fsmon161
ps aux | grep "NAME"
./fsmon161 -c -p $(ps aux | grep NAME | tr -s " " | cut -d" " -f2 | head -1)
wget https://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
chmod 755 fsmon161
ldid -e $(which bash) >entitlement.xml
ldid -Sentitlement.xml fsmon161
ps aux | grep "NAME"
./fsmon161 -c -p $(ps aux | grep NAME | tr -s " " | cut -d" " -f2 | head -1)
1 – Jailbreak the device – it’s still legal. For example, use checkra1n .
2 – Download fsmon v1.6.1 application on the device. We emphasize that the latest version might not work.
wget https ://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
wget https://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
chmod 755 fsmon161
wget https://github.com/nowsecure/fsmon/releases/download/1.6.1/fsmon-ios -O fsmon161
chmod 755 fsmon161
3 – On the device, make some adjustments:
ldid -e $ ( which bash ) > entitlement. xml
ldid -Sentitlement. xml fsmon161
ldid -e $(which bash) >entitlement.xml
ldid -Sentitlement.xml fsmon161
ldid -e $(which bash) >entitlement.xml
ldid -Sentitlement.xml fsmon161
4 – Use the fsmon application.
ps aux | grep "NAME" #validate the name
./fsmon161 -c -p $ ( ps aux | grep NAME | tr -s " " | cut -d " " -f2 | head -1 )
ps aux | grep "NAME" #validate the name
./fsmon161 -c -p $(ps aux | grep NAME | tr -s " " | cut -d" " -f2 | head -1)
ps aux | grep "NAME" #validate the name
./fsmon161 -c -p $(ps aux | grep NAME | tr -s " " | cut -d" " -f2 | head -1)
Android
For android, we suggest to substitute fsmon tool with inotifywait tool, because fsmon might now work correctly.
TL;DR
git clone --depth= 1 https ://github.com/dstmath/inotifywait-for-Android.git
cd inotifywait- for -Android
adb push /libs/armeabi-v7a/inotifywatch /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywait /data/local/tmp/
mount -o rw,remount /system
/data/local/tmp/inotifywait -r /data -m | grep -v base. apk
git clone --depth=1 https://github.com/dstmath/inotifywait-for-Android.git
cd inotifywait-for-Android
ndk-build
adb push /libs/armeabi-v7a/inotifywatch /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywait /data/local/tmp/
adb shell
su
mount -o rw,remount /system
/data/local/tmp/inotifywait -r /data -m | grep -v base.apk
git clone --depth=1 https://github.com/dstmath/inotifywait-for-Android.git
cd inotifywait-for-Android
ndk-build
adb push /libs/armeabi-v7a/inotifywatch /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywait /data/local/tmp/
adb shell
su
mount -o rw,remount /system
/data/local/tmp/inotifywait -r /data -m | grep -v base.apk
1 – Root the device,
2 – Download ndk-build ,
3 – Clone inotifywait git repository and compile the application,
git clone --depth= 1 https ://github.com/dstmath/inotifywait-for-Android.git
git clone --depth=1 https://github.com/dstmath/inotifywait-for-Android.git
git clone --depth=1 https://github.com/dstmath/inotifywait-for-Android.git
4 – You probably need to modify ./jni/Application.mk, change “armeabi” to “armeabi-v7a”,
5 – Build the application,
cd inotifywait- for -Android
cd inotifywait-for-Android
ndk-build
cd inotifywait-for-Android
ndk-build
6 – Push both binaries to an android device,
adb push /libs/armeabi-v7a/inotifywatch /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywait /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywatch /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywait /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywatch /data/local/tmp/
adb push /libs/armeabi-v7a/inotifywait /data/local/tmp/
7 – If needed, ask the /system partition to be writeable,
mount -o rw,remount /system
adb shell
su
mount -o rw,remount /system
adb shell
su
mount -o rw,remount /system
8 – Use the inotifywait application.
/data/local/tmp/inotifywait -r /data -m | grep -v base. apk
/data/local/tmp/inotifywait -r /data -m | grep -v base.apk
/data/local/tmp/inotifywait -r /data -m | grep -v base.apk
Use case
An open-source android game Pixel Dungeon has the achievment system, and I suppose that it stores the achievments locally, so we may try to modify them and get more achievments in an easy way. It could be done relatively quickly:
To repeat:
0 – Install the application,
1 – Start the filesystem monitoring,
/data/local/tmp/inotifywait -r /data/data/com. watabou . pixeldungeon / -m | grep -v base. apk
/data/local/tmp/inotifywait -r /data/data/com.watabou.pixeldungeon/ -m | grep -v base.apk
/data/local/tmp/inotifywait -r /data/data/com.watabou.pixeldungeon/ -m | grep -v base.apk
2 – At the moment of getting any achievment, press CTRL+C on adb shell to stop the inotifywait process,
/data/local/tmp/inotifywait -r /data/data/com. watabou . pixeldungeon / -m | grep -v base. apk
Setting up watches. Beware: since -r was given, this may take a while !
/data/data/com. watabou . pixeldungeon / CREATE,ISDIR shared_prefs
/data/data/com. watabou . pixeldungeon / ATTRIB,ISDIR shared_prefs
/data/data/com. watabou . pixeldungeon / OPEN,ISDIR shared_prefs
/data/data/com. watabou . pixeldungeon / CLOSE_NOWRITE,CLOSE,ISDIR shared_prefs
/data/data/com. watabou . pixeldungeon / CREATE,ISDIR files
/data/data/com. watabou . pixeldungeon / OPEN,ISDIR files
/data/data/com. watabou . pixeldungeon / CLOSE_NOWRITE,CLOSE,ISDIR files
/data/data/com. watabou . pixeldungeon / ATTRIB,ISDIR files
/data/data/com. watabou . pixeldungeon /files/ ATTRIB,ISDIR
/data/data/com. watabou . pixeldungeon /shared_prefs/ CREATE PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ OPEN PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ MODIFY PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ CLOSE_WRITE,CLOSE PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ ATTRIB PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ MOVED_FROM PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ MOVED_TO PixelDungeon. xml . bak
/data/data/com. watabou . pixeldungeon /shared_prefs/ CREATE PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ OPEN PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ MODIFY PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ CLOSE_WRITE,CLOSE PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ ATTRIB PixelDungeon. xml
/data/data/com. watabou . pixeldungeon /shared_prefs/ DELETE PixelDungeon. xml . bak
/data/data/com. watabou . pixeldungeon /files/ CREATE warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ OPEN warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ ATTRIB warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ CLOSE_WRITE,CLOSE warrior1. dat
/data/data/com. watabou . pixeldungeon /files/ CREATE warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ OPEN warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ ATTRIB warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ CLOSE_WRITE,CLOSE warrior2. dat
/data/data/com. watabou . pixeldungeon /files/ CREATE warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ OPEN warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ ATTRIB warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ CLOSE_WRITE,CLOSE warrior3. dat
/data/data/com. watabou . pixeldungeon /files/ CREATE warrior. dat
/data/data/com. watabou . pixeldungeon /files/ OPEN warrior. dat
/data/data/com. watabou . pixeldungeon /files/ ATTRIB warrior. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior. dat
/data/data/com. watabou . pixeldungeon /files/ CLOSE_WRITE,CLOSE warrior. dat
/data/data/com. watabou . pixeldungeon /files/ CREATE warrior4. dat
/data/data/com. watabou . pixeldungeon /files/ OPEN warrior4. dat
/data/data/com. watabou . pixeldungeon /files/ ATTRIB warrior4. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior4. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY warrior4. dat
/data/data/com. watabou . pixeldungeon /files/ CLOSE_WRITE,CLOSE warrior4. dat
/data/data/com. watabou . pixeldungeon /files/ CREATE badges. dat
/data/data/com. watabou . pixeldungeon /files/ OPEN badges. dat
/data/data/com. watabou . pixeldungeon /files/ ATTRIB badges. dat
/data/data/com. watabou . pixeldungeon /files/ MODIFY badges. dat
/data/data/com. watabou . pixeldungeon /files/ CLOSE_WRITE,CLOSE badges. dat
/data/local/tmp/inotifywait -r /data/data/com.watabou.pixeldungeon/ -m | grep -v base.apk
Setting up watches. Beware: since -r was given, this may take a while!
Watches established.
/data/data/com.watabou.pixeldungeon/ CREATE,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ ATTRIB,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ OPEN,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ CLOSE_NOWRITE,CLOSE,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ CREATE,ISDIR files
/data/data/com.watabou.pixeldungeon/ OPEN,ISDIR files
/data/data/com.watabou.pixeldungeon/ CLOSE_NOWRITE,CLOSE,ISDIR files
/data/data/com.watabou.pixeldungeon/ ATTRIB,ISDIR files
/data/data/com.watabou.pixeldungeon/files/ ATTRIB,ISDIR
/data/data/com.watabou.pixeldungeon/shared_prefs/ CREATE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ OPEN PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MODIFY PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ CLOSE_WRITE,CLOSE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ ATTRIB PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MOVED_FROM PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MOVED_TO PixelDungeon.xml.bak
/data/data/com.watabou.pixeldungeon/shared_prefs/ CREATE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ OPEN PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MODIFY PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ CLOSE_WRITE,CLOSE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ ATTRIB PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ DELETE PixelDungeon.xml.bak
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE badges.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN badges.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB badges.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY badges.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE badges.dat
/data/local/tmp/inotifywait -r /data/data/com.watabou.pixeldungeon/ -m | grep -v base.apk
Setting up watches. Beware: since -r was given, this may take a while!
Watches established.
/data/data/com.watabou.pixeldungeon/ CREATE,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ ATTRIB,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ OPEN,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ CLOSE_NOWRITE,CLOSE,ISDIR shared_prefs
/data/data/com.watabou.pixeldungeon/ CREATE,ISDIR files
/data/data/com.watabou.pixeldungeon/ OPEN,ISDIR files
/data/data/com.watabou.pixeldungeon/ CLOSE_NOWRITE,CLOSE,ISDIR files
/data/data/com.watabou.pixeldungeon/ ATTRIB,ISDIR files
/data/data/com.watabou.pixeldungeon/files/ ATTRIB,ISDIR
/data/data/com.watabou.pixeldungeon/shared_prefs/ CREATE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ OPEN PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MODIFY PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ CLOSE_WRITE,CLOSE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ ATTRIB PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MOVED_FROM PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MOVED_TO PixelDungeon.xml.bak
/data/data/com.watabou.pixeldungeon/shared_prefs/ CREATE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ OPEN PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ MODIFY PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ CLOSE_WRITE,CLOSE PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ ATTRIB PixelDungeon.xml
/data/data/com.watabou.pixeldungeon/shared_prefs/ DELETE PixelDungeon.xml.bak
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior1.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior2.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior3.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE warrior4.dat
/data/data/com.watabou.pixeldungeon/files/ CREATE badges.dat
/data/data/com.watabou.pixeldungeon/files/ OPEN badges.dat
/data/data/com.watabou.pixeldungeon/files/ ATTRIB badges.dat
/data/data/com.watabou.pixeldungeon/files/ MODIFY badges.dat
/data/data/com.watabou.pixeldungeon/files/ CLOSE_WRITE,CLOSE badges.dat
File badges.dat looks promising.
cat /data/data/com. watabou . pixeldungeon /files/badges. dat
{ "badges" : [ "NO_MONSTERS_SLAIN" ]}
cat /data/data/com.watabou.pixeldungeon/files/badges.dat
{"badges":["NO_MONSTERS_SLAIN"]}
cat /data/data/com.watabou.pixeldungeon/files/badges.dat
{"badges":["NO_MONSTERS_SLAIN"]}
3 – Google the words “NO_MONSTERS_SLAIN”, find all badges in the source code, and modify the file badges.dat.