SkillAgentSearch skills...

Conbeerlib

Android library for detecting Android virtual containers.

GenerateConvertImprove

Install / Use

/learn @su-vikas/Conbeerlib
About this skill

Quality Score

0/100

Supported Platforms

Universal

README

conbeerlib

conbeerlib is an Android library for detecting if an app is running inside a virtual container.

This is based on the work done by me and Gautam, presented at Android Security Symposium 2020 - slides.

This repo contains conbeerlib and a wrapper application, conware, which we used for our research.

Checks

Currently following checks are implemented:

  1. Permissions in Manifest - There can be a mismatch between the permissions granted and originally requested by an application.
  2. Process Memory - Check /proc/self/maps for presence of artifacts not belonging to the app's expected filepath.
  3. Storage Dir - The assigned storage path for an app inside virtual container is different, as compared to when installed directly on Android device.
  4. Environment Variables - Virtual containers set various environment variables.
  5. Running App Services - There can be other services running than what started by an application.
  6. App Components - Enable app components dynamically may not always work in virtual containers.

Usage

ConBeer cb = new ConBeer(context, appServiceNames);
if (cb.isContainer()) {
    // container is present
}else{
    // container not present
}

Add following code in onResume() method of your application. This code is responsible for dynamically enabling a dummy app component, which is used for testing presence of virtual containers. The component is defined in conbeerlib's manifest file.

ComponentName componentName = new ComponentName(this.getApplicationContext(), FakeBroadcastReceiver.class);
this.getPackageManager().setComponentEnabledSetting(componentName,
        PackageManager.COMPONENT_ENABLED_STATE_ENABLED,
        PackageManager.DONT_KILL_APP);

Limitations

This library is tested only with a limited number of virtual containers and may not be able to detect all them currently. Also, given the madness of Android device diversity, there is a good chance of false positives.

Please feel free to open an issue when you encounter such problems.

References

  1. ANTI-PLUGIN: DON’T LET YOUR APP PLAY AS AN ANDROID PLUGIN
  2. Android Plugin Becomes a Catastrophe to Android Ecosystem
  3. Parallel Space Traveling: A Security Analysis of App-LevelVirtualization in Android

License

This project is released under the MIT License.

Related Skills

node-connect

347.0k

Diagnose OpenClaw node connection and pairing failures for Android, iOS, and macOS companion apps

frontend-design

107.8k

Create distinctive, production-grade frontend interfaces with high design quality. Use this skill when the user asks to build web components, pages, or applications. Generates creative, polished code that avoids generic AI aesthetics.

openai-whisper-api

347.0k

Transcribe audio via OpenAI Audio Transcriptions API (Whisper).

qqbot-media

347.0k

QQBot 富媒体收发能力。使用 <qqmedia> 标签,系统根据文件扩展名自动识别类型(图片/语音/视频/文件)。

su-vikas

View profile

View on GitHub
GitHub Stars71
CategoryDevelopment
Updated3mo ago
Forks16
su-vikas/conbeerlib

Languages

Java

Security Score

92/100

Audited on Dec 27, 2025

No findings