Since I use LineageOS without any google services some important feature was still missing to find my phone once I lost it. The idea was simple. Gain persistent access, call API requests to get the needed information and send it back to my Nextcloud. I noticed that being able to access the API directly you could actually start to script your own little snippets but we will get to this later.
Lets start with the transport problem. Somehow we have to get access to our smartphone at any time punching holes through firewalls. First method would be to use your own VPN like Wireguard or OpenVPN. But a much more convenient (but battery draining method) would be to use a tor hidden service maybe even using bridges to obfuscate its real intention (Maybe “Orbot”).
Install Termux, Termux:API and Termux:Boot on your Android.
Lets setup the SSH Server and install some dependencies we need later:
Open Termux on your phone and type in:
pkg install root-repo pkg update pkg upgrade pkg install openssh termux-api jq zip # this will set the password for first login but it is highly advised to use pub-key authentication for your later ssh session passwd sshd
Now you should be able to access your phones Termux environment by ssh’ing into it from your Notebook:
ssh root@your.mobile -p 8022
Lets make the ssh session persistent over boot and change some settings (I’ll just show you the content of my setup):
cd ~ ~ $ cat /data/data/com.termux/files/usr/etc/ssh/sshd_config PrintMotd yes # set this to yes if you want to enable password authentication PasswordAuthentication no Subsystem sftp /data/data/com.termux/files/usr/libexec/sftp-server ~ $ cat ~/.termux/boot/start-sshd #!/data/data/com.termux/files/usr/bin/sh termux-wake-lock sshd
After that you should open Termux:Boot once on your phone. Maybe reboot your phone to check if everything works so far. (ssh should be available after reboot)
Well, let us start to have some fun.
Go to app permission settings of your android and give all permissions to Termux:API.
Now ssh into your phone and execute:
termux-setup-storage
tabbing “termux-” will actually show all your tools you can use to control your phone. Should look like this:
~ $ termux- termux-audio-info termux-fix-shebang termux-open termux-telephony-deviceinfo termux-battery-status termux-info termux-open-url termux-toast termux-brightness termux-infrared-frequencies termux-reload-settings termux-torch termux-call-log termux-infrared-transmit termux-reset termux-tts-engines termux-camera-info termux-job-scheduler termux-sensor termux-tts-speak termux-camera-photo termux-keystore termux-setup-storage termux-usb termux-change-repo termux-location termux-share termux-vibrate termux-chroot termux-media-player termux-sms-inbox termux-volume termux-clipboard-get termux-media-scan termux-sms-list termux-wake-lock termux-clipboard-set termux-microphone-record termux-sms-send termux-wake-unlock termux-contact-list termux-nfc termux-speech-to-text termux-wallpaper termux-dialog termux-notification termux-storage-get termux-wifi-connectioninfo termux-download termux-notification-list termux-telephony-call termux-wifi-enable termux-fingerprint termux-notification-remove termux-telephony-cellinfo termux-wifi-scaninfo
From this point it’s really up to the limitations of your imagination. Some examples could be…
Capture all telemetry and send it to your Nextcloud:
cd ~ ~ $ cat scripts/get_telemetry date="$(date +'%d-%m-%y_%H-%M-%S')" path="/data/data/com.termux/files/home/records/$date" echo "create dir..." mkdir -p $path/txt echo "get wifi..." termux-wifi-scaninfo > $path/txt/wifi.txt echo "get cellinfo..." termux-telephony-cellinfo > $path/txt/cell.txt echo "get all sensor data..." termux-sensor -a -n 1 > $path/txt/sensor.txt echo "get location..." while : do echo "trying..." termux-location > $path/txt/location.txt if [ -s $path/txt/location.txt ] then echo "got location..." break fi done echo "export to nextcloud..." zip -r $path/$date.zip $path/txt >&- 2>&- curl -u USERNAME:GENERATE_YOUR_NEXTCLOUD_APP_KEY -T $path/$date.zip https://cloud.53c70r.de/remote.php/dav/files/sector/termux/
Play presidential alert:
cd ~ ~ $ cat scripts/presidential_alert lat=$(termux-location | jq -r ".latitude") long=$(termux-location -r last | jq -r ".longitude") termux-notification -c 'SEE EMERGENCY INFORMATION' -t "LOST DEVICE" setsid -f sh -c "while true; do termux-volume music 15; sleep 1; done" termux-torch on termux-vibrate -f -d 2000 sleep 2 termux-media-player play /data/data/com.termux/files/home/scripts/data/eas.mp3 sleep 11 termux-torch off termux-tts-speak -s MUSIC "GPS coordinates. latitude: $lat, longitude: $long. WARNING. This system is for the use of authorized users only. Individuals using this computer system without authority or in excess of their authority are subject to having all their activities on this system monitored and recorded by system personnel. Anyone using this system expressly consents to such monitoring and is advised that if such monitoring reveals possible evidence of criminal activity system personal may provide the evidence of such monitoring to law enforcement officials." killall sh
Some loud alarm:
cd ~ ~ $ cat scripts/loud_alarm setsid -f sh -c "while true; do termux-volume music 15; sleep 1; done" setsid -f sh -c "while true; do termux-torch on; sleep 1; termux-torch off; sleep 1; done" termux-media-player play /data/data/com.termux/files/home/scripts/data/alarm.mp3 termux-torch off killall sh