This is the link of Vysor by Koushik Dutta - https://chrome.google.com/webstore/detail/vysor-beta/gidgenkbbabolejbgbpnhbimgjbffefm
It lets you control your Android device from a PC. However, one thing that is bugging me since a long time is that it is able to create touch events on the phone even if it is unrooted.
After some of tinkering with the app and the chrome extension, I realized that he creates a separate process using the following way -
sh -c "CLASSPATH=/data/app/com.koushikdutta.vysor-1/base.apk /system/bin/app_process32 /system/bin com.koushikdutta.vysor.Main"
The Main class contains the code which passes touch events to framework via reflection.
The above code executes the Main class as a separate process which has shell as the user executing that process.
Still, as far as I know, the only way to create touch events outside your own app is if you're root.
Does anyone have any idea about this ?
I've figured it out.
The thing is that the shell user is also allowed to create touch events all over the screen. When you do adb shell from a PC, having your phone connected to it via a USB cable, you're automatically assigned the user shell.
What he does is, he then starts his Main class as a separate process using this shell user. Now, the Java code inside that Main class has the same privileges as the shell user (because duh, it's linux).
And, in that class, he uses reflection to pass the touch events to the Android framework. The framework then automatically propagates the touch events to the windows.
Have a look at these two classes which I implemented in one of my own apps - Main.java and EventInput.java.
But remember, since this Main class has to run in a separate process, it cannot access the memory of the app in which it is bundled. For that I have to use a socket mechanism to transfer the data. Even aidl can be used for this.