How To Access Data/data In Android Without Root

Often companies developing ParentalControl or DLP solutions require admission to private information from software, installed on Android devices. For instance, messages from Skype/KIK/Viber, etc., or even an access to a browsing history are both good examples of such tasks. By default (and this is what is used most oft due to security) all Android apps save data in a so-called

Sandbox – a storage area which other applications cannot access. And if an app doesn't provide an API to go the information (or merely places the information in memory card where other applications can admission it), and so this data seemingly cannot be accessed. In this commodity I want to show one unproblematic and fairly elegant style to admission individual data of third party applications.

Contents:

Proposed solution

Received results

Advantages of this arroyo

Disadvantages of this approach

A word of warning

Proposed solution

The main idea behind the solution is very simple – to parse a layout tree of an agile page and excerpt the necessary information.

One caveat is that, while this solution works well starting with Android four.3 and older (including the latest Android N), to become a make clean data without junk y'all will need to take your fourth dimension to report each target application. At that place is no need for ROOT-access, since with information technology you would be able to read direct from a sandbox.

I volition explain this approach based on one particular chore: writing an Android app that tin can be used to monitor:

Firefox browser history on Android 6.0 (public API for this was closed fifty-fifty for congenital-in browser)
Skype instant letters (there was no official manner to get access to them)

Basically, both tasks are very similar, since you're trying to reach the same thing, due east.g., get access to personal data.

Android has a so chosen AccessibilityService – a built-in service and a prepare of API to develop applications for people with disabilities (mostly, people with eyesight and hearing bug).

This service is allowed to

Subscribe to screen state alter events, such equally when screen focuses on a particular element of layout, when text changes, when prototype scrolls, etc.
Read all content from the active screen

Therefore, our task is fairly unproblematic – to write our ain app like to AccessibilityService, that volition rails any changes on the screen and react to them accordingly (for example, past saving all accessed spider web link to browsing history, or writing Skype messages into a log )

Let's offset:

Create service form in Java as ever
Declare our service in the manifest as an AccessibilityService and specify the config file for it. In the terminate, record well-nigh a service should look like this:

                                    <service android:name=".MyAccessibilityService"                 android:characterization="petrov_accessibility_sniffer"                 android:permission="android.permission.BIND_ACCESSIBILITY_SERVICE">            <intent-filter>                <action android:name="android.accessibilityservice.AccessibilityService"/>            </intent-filter>            <meta-information                android:name="android.accessibilityservice"                android:resource="@xml/serviceconfig"/>        </service>

Create configuration file with parameters that our service should employ (<project_dir>/res/xml/serviceconfig.xml)

                      <accessibility-service    android:description="@cord/acessibility_description"    android:accessibilityEventTypes="typeAllMask"    android:accessibilityFeedbackType="feedbackGeneric" android:accessibilityFlags="flagDefault|flagIncludeNotImportantViews|flagReport ViewIds|flagRequestEnhancedWebAccessibility|flagRetrieveInteractiveWindows"    android:canRetrieveWindowContent="true"    xmlns:android="http://schemas.android.com/apk/res/android" />

Here let the states look into more detail, since these attributes bear witness the system what kind of data nosotros want to receive in our service.

android:accessibilityEventTypes – it states that we desire to receive all accessibility events, because it's of import to not miss anything ;)

android:accessibilityFlags – hither nosotros tell the system that nosotros want to receive all the data virtually information displayed on the screen: layout chemical element id, insignificant View, basically, anything.

android:canRetrieveWindowContent – this is the virtually important attribute! It prompts the organization to provide u.s.a. with the layout three with all the data.

Create inheritance from AccessibilityService in Java lawmaking. Implement onAccessibilityEvent and onInterrupt (you can get out this empty). onAccessibilityEvent – is exactly the method that the organization itself volition call to store View tree in the parameters.

Now, the rest is simple. We receive an AccessibilityEvent in the onAccessibilityEven parameter.

Here we can find out the name of awarding that initiated the event (getPackageName) and what exactly happened (getEventType), which is something that can testify useful when filtering events.

Secondly, we can telephone call root tree node (getSource) and go through the whole tree (getChild, getChildCount), gathering information almost each element of the tree, including its grade (getClassName), id (getViewIdResourceName), and fifty-fifty text (getText). getText method is exactly what returns messages from instant messengers or URLs from browsers.

The main difficulty in gathering the data lies in the necessity to filer various tree nodes based on the course proper noun, id, nesting, and maybe some other criteria, specific to a particular applications.

Received results

In this example, I went beyond the screen layout three to search for accost bar simply by the element id. I also went through it to see the structure of the screen tree and dicover a pattern that will let me to gather Skype letters.

For instance, if user opens Skype and sees the following screen:

skype-on-android-grabbing-messages

So our parser can take it apart and get the messages (y'all tin can identify incoming and approachable ones based on the structure of the tree)

Beneath is an example of our application log for this screen:

parsed-skype-messages-on-android

Advantages of this approach

This approach is very elementary and reliable!
We tin can use this approach to both capture user data (Skype, Viber, Twitter, WhatsApp, Facebook, etc.) and control user deportment (for example, prohibit user from changing particular device settings).
No need for any permissions in manifest.
Public API that potentially doesn't prohibit distribution via Google Play (There is at least one other app that I know off that uses this approach to get browser history – Qustodio).
AccessibilityService is still active even afterward reboot.
At that place is a potential for decision-making the screen of the device.

Disadvantages of this approach

Since this approach relies on screen parsing, there is a need for an ability to parse the screen and identify the necessary information. This will heavily vary based on the awarding you decide to target.
The need to create logic for storing data, since different pieces can be accessed at different times (for instance, random scroll of the Skype chat, or switching between different chats).
Parsing large volumes of data can affect battery life. Yous need to carefully set time intervals betwixt receiving events, and correctly filter target applications for monitoring.
User needs to explicitly (just once) activate AccessibilityService in the device settings (Settings → Accessibility → $TARGET_ACCESSIBILITY_SERVICE$ → Enable).
When target apps are updated you may need to update your parser. If the structure of the layout three changes, or fifty-fifty if developer simply decides to change controls id, yous will demand to adapt the logic of your parser to these changes.

A word of warning

Android security policy directly states that access to private data can be illegal, which puts certain limitations on gathering such information, including the possibility of being prosecuted by law. Therefore, use this method to obtain information consciously and thoughtfully and make sure that y'all abide by laws and respect privacy of others.

Get the project source code: GitHub repository.