Add IMEI and MAC to wlan0 to Genymotion/AndroVM

Manan Sharma picture Manan Sharma · Oct 16, 2013 · Viewed 12.5k times · Source

Is there any way to add IMEI to AndroVM (now Genymotion) or any other Android Emulator. And also I want MAC address for wlan0 port. We already have emulators which contain MAC at lan0 port but not for wlan. How can we do so? if someone in your acquaintances has done so please ask them to contribute.

Details:

I am trying to build a cloud based Android App testing center as my pre final year college project for partial fulfillment towards my Bachelor of Technology (Computer Science) degree. I am wondering how we can get more configurations for Genymotion. Or if you can provide me with more device configurations and if it is possible to build configurations for genymotion for different devices very quickly. Secondly, How to add MAC addresses and IMEI number to the builds?

We are trying to emulate a mobile device (non Google nexus) to make a cloud based testing centre. For this we are trying to use androVM (Genymotion) and we are facing a few problems

What have we done so far

  1. Building the androVm source code in "VBOX86tp-userdebug" mode from the scratch after following the steps given on official Android website.
  2. After building the source code on a virtual ec2 server, typing the emulator command runs but its blank.
  3. And if possible can AndroVm be run in "Fastboot" mode so that we can install it on the device.

We have been working on "building the androVm" from source code and trying to accomplish few tasks like

  1. Running it with the img's available after the building process is complete.
  2. Making it portable ie creating an iso/ova out of all the stuff found in the out directory.

What we have tried till now

Downloading of the AndroVm source code initializing the repo using repo init Downloading the source code using repo sync choosing the lunch menu using lunch choosing vbox86tp-userdebug

Other menus full-eng didn't work so discontinued

Few errors that came our way

Make errors: they were pretty straightforward so resolved system.img was not being generated: resolved by making it again bin/bash jar command error: happened to be the path error resolved by the exporting the path to jar command.

Few Questions

  1. What an OVA file consits of and how can it be created? From what I have seen it contains few VMDK's and few configurations files attached to it,
  2. How to convert the platform specific image files(system.img ramdisk.img userdata.img) into an OVA or ISO file. If at all we are missing few files to give to the emulator, can you just name them.
  3. Also how to add IMEI number
  4. We already have MAC for eth0/1 port but we want it on wlan port

Image Showing eth0 and eth1 port

Other Details



Now to make things interesting

This is the reply I got from Genymotion Team:

I want my project to cover various configurations but for starters if i can get something like Samsung Galaxy phones and tab or as a

start if I can get Samsung galaxy tab 2.

You can change the screen size and DPI for each virtual device. You can toggle navigation bar and virtual keyboard. However, we cannot provide virtual devices that contains proprietary applications like Samsung.

Now here what we get is the MAC address of eth0/1 port. What if I need wlan MAC.

Unless one of the two network interface have been disabled, there should be 2 interfaces, 2 IP, and 2 MAC addresses: adb shell ip a. 2: eth0: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:d4:fe:e0 brd ff:ff:ff:ff:ff:ff inet 192.168.56.101/24 brd 192.168.56.255 scope global eth0 inet6 fe80::a00:27ff:fed4:fee0/64 scope link valid_lft forever preferred_lft forever 3: eth1: mtu 1500 qdisc pfifo_fast state UP qlen 1000 link/ether 08:00:27:c8:37:e7 brd ff:ff:ff:ff:ff:ff inet 10.0.3.15/24 brd 10.0.3.255 scope global eth1 inet6 fe80::a00:27ff:fec8:37e7/64 scope link .

Sorry, but we do not provide support for specific ROM. However, I strongly recommend you to visit the community at: https://groups.google.com/forum/#!forum/genymotion-users

1. What an OVA file consits of and how can it be created  ?From what i have seen it contains few VMDK's and few configurations files

attached to it,

"The entire directory can be distributed as an OVA package, which is a tar archive file with the OVF directory inside." (http://en.wikipedia.org/wiki/Open_Virtualization_Format)

2. How to convert the platform specific image files(system.img ramdisk.img userdata.img) into an OVA or ISO file.

If at all we are missing few files to give to the emulator, can you just name them.

Please read the community tutorials

3. Also how to add IMEI number

There is currently no way to add IMEI number. This feature will come in the near future

4. We already have MAC for eth0 port but we want it on wlan port

There is 2 interfaces: eth0 and eth1. Eth0 is used for Genymotion application widgets. If this network connection is broken, Genymotion would not be able to start anymore. Eth1 is used for network current access (fake WiFi connection). You can change this network configuration as you want.

Answer

Vivek Bansal picture Vivek Bansal · Oct 26, 2013

It is a common practice for mobile applications to identify the user by IMSI number (associated with the SIM card) or IMEI number (unique ID of the device). Of course, it is also possible on Android:

TelehponyManager manager = (TelehponyManager)getSystemService(TELEPHONY_SERVICE);
String imei = manager.getDeviceId();
String imsi = manager.getSubscriberId();

This code works perfectly fine on a real device, however under emulator IMEI is always all-zero and it’s not configurable. It quickly becomes awkward when debugging a network-enabled application which uses IMEI as a user ID.

Trying to resolve the problem I first looked at the TelephonyManager service, just to find the following snippet:

private IPhoneSubInfo getSubscriberInfo() {
// get it each time because that process crashes a lot
return IPhoneSubInfo.Stub.asInterface(ServiceManager.getService("iphonesubinfo"));
}

Fair comment, isn’t it? It really made my day :)

Anyway, code analysis shows that IMEI/IMSI request goes down through all the telephony layers (see the diagram), eventually getting to the baseband device. In case of emulated system, rild daemon is used together with libreference-ril.so – reference Vendor RIL library which talks to the baseband modem device using plain, old AT commands.

The modem device itself is emulated outside the Android system, as part of qemu (which is the heart of the emulator). Details of the communication between the emulator and the Android system running inside the emulator are interesting on its own (all the communication goes through a virtual serial port, Android system’s qemud daemon is used to (de)multiplex the data). I’ll try to post a brief introduction to the topic soon.

Virtual modem implementation can be found in external/qemu/telephony/android_modem.c. The most important part of the file is this function:

const char*  amodem_send( AModem  modem, const char*  cmd );

This function is called for each received AT command. For each command sDefaultResponses array is searched for a given command and either predefined response is sent, or a command handler is executed. The array itself looks like:

static const struct {
const char*      cmd;     /* command coming from libreference-ril.so, if first
                             character is '!', then the rest is a prefix only */

const char*      answer;  /* default answer, NULL if needs specific handling or
                             if OK is good enough */

ResponseHandler  handler; /* specific handler, ignored if 'answer' is not NULL,
                             NULL if OK is good enough */
} sDefaultResponses[] =
{
    /* ... */
    { "+CIMI", OPERATOR_HOME_MCCMNC "000000000", NULL },   /* request internation subscriber identification number */
    { "+CGSN", "000000000000000", NULL },   /* request model version */
    /* ... */
};

Two array rows cited above are responsible for IMSI and IMEI retrieval. As you can see, both values are hardcoded and there is no chance to modify them without recompiling the emulator.

However, an old-school hack comes in handy. The emulator binary is not encrypted nor compressed, so the string literals should be visible inside the emulator binary. In fact they are, and IMEI number can be modified in a few simple steps:

** backup the emulator binary
** open the binary with your favourite hex editor
** search for +CGSN string followed by a null byte, it should be followed by 15 digits of the IMEI number
** edit the number, be careful not to change the number of digits
** save the file, that’s all!

Sure, it’s not a perfectly comfortable solution, yet better than nothing. In the next part I’ll explain how to make IMEI number a configurable option. Enjoy!