Announcing Mercury v2.2

Nobody likes Typing

Mercury has always tried to do the typing for you – hit and it will finish commands, module names and file paths. That was always cool, but what about all of the options that you had to pass to a module? You still had to type them out in full.

With Mercury v2.2 we can do a lot more of the typing for you. Type:

mercury> run app.activity.start --<TAB>

and Mercury responds with:

action component extra help  category data-uri flags mimetype

Type f and then hit again:

mercury> run app.activity.start --flags  ACTIVITY_BROUGHT_TO_FRONT ACTIVITY_NO_USER_ACTION ACTIVITY_CLEAR_TASK ACTIVITY_PREVIOUS_IS_TOP ACTIVITY_CLEAR_TOP ACTIVITY_REORDER_TO_FRONT ACTIVITY_CLEAR_WHEN_TASK_RESET ACTIVITY_RESET_TASK_IF_NEEDED ACTIVITY_EXCLUDE_FROM_RECENTS ACTIVITY_SINGLE_TOP ACTIVITY_FORWARD_RESULT ACTIVITY_TASK_ON_HOME ACTIVITY_LAUNCHED_FROM_HISTORY FLAG_DEBUG_LOG_RESOLUTION ACTIVITY_MULTIPLE_TASK FROM_BACKGROUND ACTIVITY_NEW_TASK GRANT_READ_URI_PERMISSION ACTIVITY_NO_ANIMATION GRANT_WRITE_URI_PERMISSION ACTIVITY_NO_HISTORY RECEIVER_REGISTERED_ONLY

The full list of what we provide suggestions for now is pretty long. Suffice to say that we can provide suggestions for just about everything you might otherwise have to look up.

Running Windows? No problem. Make sure to install pyreadline and you’ll get most of the auto-complete goodness.

What did I just type?

As well as providing auto-complete suggestions, Mercury has always allowed you to access the last commands you typed by pressing the up arrow key. This was super, until you entered an Android shell, by typing shell or !. Then, the history got all confused, suggesting you type Mercury commands into the Linux shell, or vice-versa.

As of Mercury v2.2, we maintain separate command history for Mercury, shells and inside the interactive-Java module (auxiliary.develop.interactive). So, enter a Linux shell and we’ll offer the last Linux commands you wrote; come back to Mercury and there won’t be a Linux command in sight.

Fixing ContentProvider Crashes

It is an odd feature of Android that if you have an open database cursor in a process that dies, your process is killed. This caused a lot of weird crashes when interacting with ContentProviders, particularly through the scanner.provider.* modules.

In Mercury v2.2 we try to work around this platform limitation, by transparently replacing the ContentResolver with an unstable ContentProviderClient.

In our testing, this has fixed the random crashes caused by other apps crashing.

Sieve

Sieve is a password manager, but we wouldn’t recommend putting any real passwords in it! Sieve is riddled with security vulnerabilities for you to find with Mercury. It’s a great place to start if you are new to Mercury, to hone your skills, or just for the lulz.

You can download Sieve here.

We’ll be publishing some video walk-throughs in a couple of weeks showing how to find the vulnerabilities.

How do I get it?

You can get it now, from the downloads page.

Please send us your feedback, questions and comments on the new version via Github. We’ll do our best to get them into the next release.

Remember, the more feedback you give us, the quicker we can compile it into cool new features, functionality and modules for Mercury.