Embedded Files
Android Unpin #2
Android Unpin #2
Escape Pinned Play Apps to Unrestricted Search, Apps, and More
Escape Pinned Play Apps to Unrestricted Search, Apps, and More
Google Bug # Android-20855586
Patches to Android 5.1 fixed Google Bug Unpin Trick #1 - "Help" features are now heavily restricted in Pin mode. Or probably are. Good work Googs!
Having validated the fix, I couldn't help wondering if there was still undiscovered "play" (pun intended) in Pins: I hadn't poked it long to uncover the first Unpin: What might a few more minutes yield with the latest OS?
The answer is: Two new ways to circumvent Pinned apps in the Google Play family. Here is the first.
This little navigation trick does not break out of the "Pin" session - but you'll find the distinction meaningless: You can search and browse the web, access (the user's!) web apps, and do almost whatever you want.
Test device: Nexus 4, Android 5.1
Software: Stock roms, not rooted. Google Now launcher, no alternate lockers. Stock everything.
Step
Image
Discussion
Start from an ordinary unpinned session.
I have only tested Play Books, demonstrated here. But I suspect that as with Unpin #1, any of the "Play" suite are susceptible.
Open and pin Books.
Answer the Pin confirmation screen.
Which looks quite nice now, btw.
"Screen Pinned" shown here for validation.
Pay no attention to the overdose of geek in this screen shot.
Access "Help & Feedback" via the side panel. I suspect any other means will also suffice.
Interesting note: Unpin #1 was also accessed via Help.
You are now in the Help browser.
Select any article. Just, any article.
Stop looking at me funny, I know what I'm doing.
Now we get devious.
Select any word, with the traditional press-and-hold, anywhere in the content.
Yes, this is how hackers work: We find loose threads and pull them 10 ways from Sunday, until they do something useful.
Our reward is this handy selection menu!
"Share" is locked-down tight (good job Googs), though one wonders why it's shown at all, which for my money is too close for comfort already. I digress...
"Search", however, is another story - it's wide open! Use it now to search for whatever text you had already selected...
And...Oops! I don't think we're supposed to be here.
This happens to me a lot. I guess that's why I do what I do.
Wow, just look at all these things to choose from. Can we change the URL?
Why yes, we can. Do so now. Go wherever you want.
So what else can we do besides pulse-check the hacker retirement community?
What you can do:
0
0
1
2
3
4
5
6
7
8
9
Unrestricted search, web access, all that jazz
Access to the owner's online Google Apps *
Save files (and in so doing navigate storage)
Complete access to Chrome, its settings and tools
That last could be particularly useful - many arcane Chrome features could be of use in attempts to elevate access.
What you can not do:
Install or manage Android apps *
Actually exit the Pinned session
* May be subject to limitations that would require further testing to quantify.
10
Again, this does not break the pin session (Unpin #3 does that).
It sure does defeat it, though.
Amusingly, Android seems to believe the whole time that the user is still pinned (pic). I suppose in a sense, they are - I'm just not sure that matters at that point.
And it's more than amusing - it's probably a clue as to how Pinning is implemented. Another digression...
Coming soon...
Unpin #3 - Escape Pinned Session Completely
Unpin #3 - Escape Pinned Session Completely
Page updated
Google Sites
Report abuse