Related
Hi there, here's a little tweak that I've just figured out and that hopefully some of you might enjoy...
But first off, a disclaimer:
Ads or (upgrade) nag banners 'sometimes' have a justifiable reason of being. Devs might use them to get some extra (very small un fact; most finally give this up in the end) revenue from them. That, in turn, that might allow or encourage them to continue pulishing more free apps for you to enjoy. So use your best judgement here and use these tweaks with discernment...
Message to moderators: if this goes against xda policy in any way, please let me know and I'll remove all this from here.
OK, now that this is set clear, here's what that is all about:
I'm sure that most of you guys have seen ads (or upgrade) banners in free apps and being an xda member, you probably know a few tricks to get rid of some of them. I mean ads like the ones apps or games that do not really need internet connections can easilly be blocked by using ip-tables rules/firewall/anti-ads apks to completly block their internet (like with Droidwall for example). But what about ads on the apps that DO need internet connection and than cannot be completely blocked? What about the empty screen space left for banners on some others with blocked internet access?
Well, through my readings, I've found that some suggest to hack the apks and to simply decompile them, go in \decompiled_apk\smali\com\google\ folder and delete the "ads" folder altogether. Well, from my experience, this doesn't work very well. In many cases, the modded app will not install and in some other cases, the trick might work for a while and then the ads would eventually come back. That last case just happened to me: a while ago, I've tweaked the DI Radio app like so and things seemed just fine. And today, bam!!: ads banners again. God knows how/why they came back with that "ads" folder deleted, but they did!!
So with a little thinkering and code browsing, I've figured out a very simple way to get this done - here's how:
What you need:
- An apk decompiling/compiling/signing tool(s) of your choice;
- the excellent text editor notepad++ - get it from here
Notes:
- PLEASE, do not fill this thread with questions like: how do I decompile/sign apks? - it's not the place here - thanks!
- And please do not full-quote this long post either
- If you rewrite/repost this somewhere else, please play it fair and give credits/link to this thread.
HOWTO:
1. Pull and decompile your apk;
2. Go in \res\layout folder and select all the xmls files, right-click of the highlighted file and press "open" and they should all open with Notepad++ [just click OK if you get the "confirm 'Open' Action"];
3. Select Search/Find... and enter: "@id/ad" [no quotes ""] and press "Find ALL in All opened Documents" on the search popup dialog box;
4. Now look at the search results and there might be 2 possible (maybe more.. I've tried this on only 2 apks so far...) result types:
--> As a first illustration of this: for the DI radio apk I've mentioned above [I use an older version and not the latest that requires login every time...], you get an xml called "playing.xml" with this at line 6:
Code:
<FrameLayout android:layout_gravity="center" android:id="[COLOR="Red"]@id/ad[/COLOR]_frame" android:layout_width="[COLOR="Red"]320.0dip[/COLOR]" android:layout_height="[COLOR="red"]50.0dip[/COLOR]">
On that line, we can see some size attributes for that banner; just resize them to 0!!;
So all there is to do is to edit it like so:
Code:
<FrameLayout android:layout_gravity="center" android:id="@id/ad_frame" android:layout_width="[COLOR="red"]0.0dip[/COLOR]" android:layout_height="[COLOR="red"]0.0dip[/COLOR]">
-->> Second case: for some other apks (like for an older version of a very famous file explorer..), you might get multiple results (many xmls - 6 or 7 of them) all looking like this:
Code:
<com.google.ads.GoogleAdView android:layout_gravity="center" android:id="[COLOR="red"]@id/ad[/COLOR]view" android:layout_width="wrap_content" android:layout_height="wrap_content" />
So no banner sizes in this case but all there is to do is to delete all those lines completely and then save all the respective xmls. Then,
5. Recompile and sign the apk;
6. Backup [for restoring its data later..] and then uninstall your original apk from your phone (if still there)
7. Install your modded one and enjoy your app without any ads, blank spot or nag screen.
Final notes:
- Now, this doesn't stop the app to get the ads from the internet, but it does give you a simple way to hide them and this also make accidental clicks on them a story of the past...
- This is pure dirty hacking and not a general procedure; there might be different ways to implement ads in apps and ways to hide them; so please try at your own risk and feel free to share your results/tricks with us.
- Thanks to oSandmaNo for reminding me this one important drawback: when you tweak apps like so, you will get an error message when trying to update them on the Playstore. You will have to uninstall them before being able to update. so this mean that make a backup with Titanium Backup (or others) first in order to later restore the app's DATA ONLY. Obviously, the remove ads tweak will then be gone after the update, but since you've done it once, it should be fairly easy to do it once more..
- Read post #3 for a few additional tips.
.
.
Always the best
Move this to android software hacking?
I don't want a Tapatalk sig!
Thanks buddy,
Well after a little more experimenting on this yesterday
[ ...nice way to spend time our last day on Earth... Oh wait! we're still alive; the doomsday that never came...], I realize(like I suspected) that there are many different ads implementation/removal methods and will have to had a few extra tips and tricks here.
I even still have an app that I can't figure out where the ad banner is.
But, if I may just add, the whole point here was to:
1- tell people that notepad++ is excellent tool for multi-open and multiple-files search tool - perfect for xmls...
and 2- make people realize that if ads are displayed on the screen, it is more than likely that there is/are entries about it somewhere in /res/layout/ that can be hacked...
Ok, from phone it's not convenient but here's one or two extra tips:
- search for "<com." and look for results related to google AdView or doubleclick - those can all be voided;
- if you find a line that you know/suspect is a banner, do not completely delete it and just use "<!--" (start - w/o ") and "-->" (end) to void that line;
- if a banner line entry is within a RelativeLayout, it might be preferable to add/change its size to zero with android:layout_width="0.0dip" (same with height) rather than void it;
- if you do the above (0 height/width), and the line has a: android:scaleType=fitXY" entry, delete it from the line. Other wise it might just bypass your change to 0 by 0 size...
- so search for "fitXY" is alao another thing to search for in the goose chase... so is "advert", "banner", "pub", ....
Ok, that's it for now...lack of coffee in the morning makes for messy posts...
So the difference between the results of this procedure and an adblock such as AdAway is? I'm just curious.
KicknGuitar said:
So the difference between the results of this procedure and an adblock such as AdAway is? I'm just curious.
Click to expand...
Click to collapse
they will only block the ads but they keep a blank frame in the display and this will get rid of the whole frame
I don't want a Tapatalk sig!
nogoodusername said:
they will only block the ads but they keep a blank frame in the display and this will get rid of the whole frame
Click to expand...
Click to collapse
Yep, that's the idea!
Why can't I ever come up with those 1-liner answers...?!? :silly:
Baahh! since I've already written an answer in a notepad, I'll paste it here in anyway:
Similarly to anti-virus solution and their virus defintion lists, AdAway is an app that blocks ads through the use of hosts files. It basically downloads and keep updated a list of known ads (and rogue) sites and just blocks any internet connection to them using a local redirection. I've already posted something on all this here.
Btw, I personally do not see the point of using such a specific app just for this as there tons of such lists freely available on the net and I don't think it is that important to update it so frequently... I just update the list once every 3-4 months or so and everything has been fine for me so far...
On the other hand, the object of this thread is to deal with apks' layouts and that means to aim at removing any wasted space that the ads might use OR leave empty if you do block them out. Just look at the 4th screenshot on the OP; it might not be clearly visible because I put some text over it, but you see that black rectangle at the bottom? Well that is what I called an app banner. It's black because I used Droidwall to block internet access to that file explorer, but I believe that it would be the exact same if I would only use either AdAway or just my hosts file. It's the layout design of the apk that still uses that space even though it didn't get any ads from the internet...With my tricks, I (at least the goal is to) regain that important screen real estate no matter what; even without any ad blocking solution... And btw, none of those are perfect either; there will always be one new ad site not listed/included yet...
Like I wrote more than once above, not all apps are coded the same and some other apks do not display anything when they do not get any ads from the net. So these tweaks would not be needed for those.
I feel that what I wrote is a bit confusing, but I hope you get my idea anyway.
Added two more SS as example...
[that freakin app had ads entry in a good dozen different xmls but easy doubleclick ones :victory: ]
Adding
android:visibility="gone"
To any layout block (within < and /> ) having the word "ad" in it should work as well
And right on about notepad++ being great for xmls and I use it along with VTS10 which also previews referenced drawables, strings and public.xml entries in the xml apart from having a complete fuss free environment for reverse engineering apps
Thanx for sharing!
bhupatib said:
Adding
android:visibility="gone"
To any layout block (within < and /> )
Click to expand...
Click to collapse
Thanks I wondered about that; I will try it out on the next app I tweak for this..
having the word "ad" in it should work as well
Click to expand...
Click to collapse
You mean searching for the word "ad" or adding that within the layout? Because searding for "ad" when an app 100+ xmls you will get A LOT of results with "android: paddingLeft=...(/right)"...
And right on about notepad++ being great for xmls and I use it along with VTS10 which also previews referenced drawables, strings and public.xml entries in the xml apart from having a complete fuss free environment for reverse engineering apps
Click to expand...
Click to collapse
Thanks, I'll surely have a look at that VTS10 but when I tried to search for it I got just about every results possible (dry vaccum pumps, metal wires, remote house domotic system, etc...) except something related to Android
Thanx for sharing!
Click to expand...
Click to collapse
NP my pleasure.
Can you update the app after modifying? No package signed incorrectly error?
Sent from my MB526 using xda app-developers app
[] AL [] said:
You mean searching for the word "ad" or adding that within the layout?
Click to expand...
Click to collapse
I didn't mean it literally, just something to identify layouts containing adverts (lame, I know ). There'd be better ways of searching for it (like the id search you mentioned)
[] AL [] said:
Thanks, I'll surely have a look at that VTS10
Click to expand...
Click to collapse
Sorry, I used the abbreviation (and wrong one at that; it's just VTS or Virtuous Ten Studio, formerly M10 Studio) without giving you a link. I should be banned
Here:
http://forum.xda-developers.com/showthread.php?t=1619473
It's really great for themers and smali-ers like you
oSandmaNo said:
Can you update the app after modifying? No package signed incorrectly error?
Click to expand...
Click to collapse
Oh! good that you mention this - I thought about it earlier today then I forgot about it...
You are right: you'll get that error and have to uninstall before beeing able to update.
This makes sense and even if you could, the update would replace the old version and remove your changes anyway.
So yes, this is an important drawback and I'll update the OP tomorrow.
I often tend to keep old versions unless new ones bring important fixes or options...why update what is not broken? hehe!
But at least, once you've found how the tweak is done for a specific app, it should be quite easy to do it again...
And really, I don't know about you, but I do not use that many such apps that show ads or blank space... Most don't if they do not absolutely require internet connection and if you use Droidwall and/or a hosts file.
But again, good point and thanks.
Sweet. Thanks. Works!
Sent from my MB525 using xda app-developers app
Luckypatcher is free and easier to remove ads.
Gesendet von meinem MB526
joke19 said:
Luckypatcher is free and easier to remove ads.
Click to expand...
Click to collapse
Maybe, but that has nothing to do with xda philosophy where the forum is there to make people learn and try mods on there own.
Beside, in my mind, this is pretty much warez talk and that is against xda rules...
So I won't thank you for the suggestion
thanks
cool!
thanking you twice today, mate!
piunti said:
thanking you twice today, mate!
Click to expand...
Click to collapse
Way to go!!!
and you're welcomed.
... Keep going, I have more threads... Hehehe!!
Any comments on why or what you thanked? Anyhow, I thank you here and once more on your post above..: fair enough?
Cheers mæite!
Edit: OK well thanked you there (theme thread) also.
Plz do not full-quote my long posts next time....
Madvertise Ads !!!
Awsome tut dude! I've been on it already but now I've encounter some kind of new ad engine called Madvertise!
Can't seem to get rid of it! Do you or anybody aorund know how?
I seemed to have figured out some of its files...
\res\layout\ad_madvertise.xml
\res\values\attrs.xml
\assets\adview.html
\assets\adview.js
Messing around modifying/removing these files makes the APK file unusable!
Ty very much. I had problems with one app for coding. The ad covred the main sting while I was writing and I really could't see anything. But with ur help I can carry on with my work
P.S.: Does the ad eat traffic even when I can't see it? And I'm enclosing that app. Probably, some1 needs it.
thanks OP for great method
Thanks OP for this great method, i was having problems first when compiling but when i downloaded the latest apktool and aapt especially the decompiling was done with any problem. I removed ads from two apps as a piece of cake.
Cyanlabs ROM Kitchen and Cyanlabs ROM Kitchen Helper Application
Disclamer
Code:
Your warranty is now void...
I am not responsible for bricked devices, dead SD cards,
thermonuclear war, your missed calls, failed alarms, or house fires.
Click to expand...
Click to collapse
Introduction
Cyanlabs ROM Kitchen and Helper Application is my latest creation, It is designed to allow modification of ROM's before even downloading them, The helper application makes for a easy and automated way of flashing kernel's and ROM's to your Xperia Play in just one click*
Cyanlabs ROM Kitchen Features
Online based
Build your own custom CWM zips based on your selections
Remove unwanted apps (before even downloading)
Remove files from /system/media (Before downloading)
Edit /system/build.prop (Currently plain text, soon it will have preset options and seperate sections)
Fast download (Around 20 seconds on most fast connections)
More features to come (Including uploading your own files)
NEW: jQuery based UI.
NEW: APK tooltips with description and removable status.
NEW: Consistent design
NEW: Files are not created until download button is pressed (saves bandwidth and storage)
NEW: Works on all resolutions and resized dynamically tested on 1024x768 to 1920x1080
NEW: Added "Download N Flash" button to download dialog used with the helper application
NEW: Changed boring list of ROM's to a filterable grid view of ROM screenshots
Cyanlabs ROM Kitchen Helper Application
One click
Automatically download ROM
Automatically download Kernel
Automatically flash ROM via CWM/TWRP
Automatically flash Kernel via Fastboot
Nice UI
Easy to use
*More devices coming soon.
Click to expand...
Click to collapse
Suggestions
I need some ideas on what to add to it, also what apps/mods do you recommend? (check the todo list first)
Click to expand...
Click to collapse
Images
Cyanlabs ROM Kitchen Screenshots
Cyanlabs ROM Kitchen Helper Application Screenshots
Click to expand...
Click to collapse
Videos
Click to expand...
Click to collapse
Cyanlabs ROM Kitchen Helper Application Requirements
Xperia Play
.NET Framework 3.5
ADB drivers installed
Fastboot drivers installed
ADB Debugging Enabled or Device at a ADB enabled recovery.
Note: Neither the SDK nor adb.exe is required however the drivers are.
Click to expand...
Click to collapse
Cyanlabs ROM Kitchen Helper Application Instructions
Run the application manually once. (Adds the registry intent and then closes)
Simply click the "Flash N Download" button instead of "Download Manually" on the kitchen.
Allow the protocol/intent action, Tested on Chrome, Firefox and IE
Follow on screen instructions
Click to expand...
Click to collapse
Website Link
Cyanlabs ROM Kitchen Website
Click to expand...
Click to collapse
Download
Latest Version
Older Versions
Cyanlabs ROM Kitchen Helper Source on GitHub
Click to expand...
Click to collapse
Takedown Requests
If for some reason you want me not to mirror your ROM/Kernel/Mod please let me know.
Click to expand...
Click to collapse
Changelog
Cyanlabs ROM Kitchen Helper Application Changelog
Click to expand...
Click to collapse
FAQ
Coming Soon
Click to expand...
Click to collapse
Thanks To/Credits/Notes
Code:
Created by Fma965 @ Cyanlabs but a massive thanks to XDA user [user=2326081]@regaw_leinad[/user] for his [URL="http://forum.xda-developers.com/showthread.php?t=1512685"]AndroidLib .NET[/URL]
All ROM's, MOD's etc. Are property of there owners i am merely offering a server. So all credit for files to.
* ROM creators
* Kernel Makers
* Mod Creators
* XDA
* And more :)
Click to expand...
Click to collapse
XDA:DevDB Information
Cyanlabs ROM Kitchen & Windows Helper Application, a Tool/Utility for the Sony Ericsson Xperia Play
Contributors
fma965
Version Information
Status: Beta
Current Beta Version: 1.1
Created 2013-10-20
Last Updated 2013-11-12
Reserved
Reserved
my suggestion:
porting rom from other xperia 2011 devices(or atleast from xperia arc)
i have host but it will be finished tomorrow
pedyvirus said:
my suggestion:
porting rom from other xperia 2011 devices(or atleast from xperia arc)
i have host but it will be finished tomorrow
Click to expand...
Click to collapse
Thanks for your suggestion, Added to my list http://cyanlabs.co.uk/kitchen/todo.html
I really want to start this project but i need to find some file hosting it doesn't need to be massive just like 10gb or something (files will be auto deleted after a hour or so)
fma965 said:
Thanks for your suggestion, Added to my list http://cyanlabs.co.uk/kitchen/todo.html
I really want to start this project but i need to find some file hosting it doesn't need to be massive just like 10gb or something (files will be auto deleted after a hour or so)
Click to expand...
Click to collapse
Another thing you could add is an editor for build.prop and something to modify the content of a folder (for example adding apks to system, or adrenobooster in /system/etc)
I'm afraid that I can't help you finding servers or developing in php, but ask me if you need themed images, maybe I can do something, I'm not a themer though
Sent from my R800i using xda app-developers app
CriGiu said:
Another thing you could add is an editor for build.prop and something to modify the content of a folder (for example adding apks to system, or adrenobooster in /system/etc)
I'm afraid that I can't help you finding servers or developing in php, but ask me if you need themed images, maybe I can do something, I'm not a themer though
Sent from my R800i using xda app-developers app
Click to expand...
Click to collapse
Thanks for the suggestion, It's probably worth mentioning im learning php as i go and have only made a few php projects in the past.
I am pretty sure editing the build.prop file would be easy to do.
Adding APK's will be implemented from both a list of APK's and a browse your computer
Thanks for offering to design some themed images, I will let you know if and when i need some
Still need a server to run this on, Until then this will stay a WIP hoping some one on XDA will help out soon
EDIT: i know the design is lame, No html was used other than the necesary form html code but that will change
also please note, although i may be leaving xplay soon and getting a nexus 4 i will still try to maintain this kitchen and if for some reason i can't then i will let some one else take over , I will most likely make the kitchen for both xperia play and nexus 4 using a tabbed like interface
Maybe a touchpad fix injector?
Sent from my Xperia Play
+1 for a Build.prop editor with already presets, eg, 3G Turbocharger tweaks, and generic network tweaks, or video acceleration and stuff,
Sound tweaks and installed music player who support flacs like TTPOD. - freeware
Still looking for host
Why not just make a mediafire account it has free giga bytes and if you already have one just make a new one @fma965
Sent from my LG-P970g
abdel12345 said:
Why not just make a mediafire account it has free giga bytes and if you already have one just make a new one @fma965
Sent from my LG-P970g
Click to expand...
Click to collapse
yeah clearly you don't understand how a php kitchen works, I need to be able to make copies of the zip files with modified contents e.g extra apps, less apps, different apps, tweaks etc
fma965 said:
yeah clearly you don't understand how a php kitchen works, I need to be able to make copies of the zip files with modified contents e.g extra apps, less apps, different apps, tweaks etc
Click to expand...
Click to collapse
Ohhh sorry i thought you just needed a place to upload stuff. My bad I guess i was stupid because if it were that easy you wouldnt be asking sorry
Sent from my LG-P970g
fma965 said:
yeah clearly you don't understand how a php kitchen works, I need to be able to make copies of the zip files with modified contents e.g extra apps, less apps, different apps, tweaks etc
Click to expand...
Click to collapse
If you have a good enough internet connection you could always host it yourself...
I personally host 4 Killing Floor servers, 2 CS:GO servers, 1 Left4Dead2 Server, 1 Minecraft Server, 1 Terraria Server and loads more - all from one Server/IP Address. Not to mention a private VLAN.
Or, from a quick Google search... This place seems 100% free, with unlimited disk space and bandwidth.
I'd give you access to my server but I'm also a little low on disk space myself. And with all the servers running, I only have around 512MB free RAM left to play with.
I also look months ago for a free web server (to test some php script, my laptop really sucks) and the best option that i found is Red Hat's openShift, you can use the 3 gears for only one application (eg php), and if in the future you need more power you can also buy some more gear
Sent from my Xperia Play using Tapatalk 4 Beta
Spizzy01 said:
If you have a good enough internet connection you could always host it yourself...
I personally host 4 Killing Floor servers, 2 CS:GO servers, 1 Left4Dead2 Server, 1 Minecraft Server, 1 Terraria Server and loads more - all from one Server/IP Address. Not to mention a private VLAN.
Or, from a quick Google search... This place seems 100% free, with unlimited disk space and bandwidth.
I'd give you access to my server but I'm also a little low on disk space myself. And with all the servers running, I only have around 512MB free RAM left to play with.
Click to expand...
Click to collapse
[email protected] said:
I also look months ago for a free web server (to test some php script, my laptop really sucks) and the best option that i found is Red Hat's openShift, you can use the 3 gears for only one application (eg php), and if in the future you need more power you can also buy some more gear
Sent from my Xperia Play using Tapatalk 4 Beta
Click to expand...
Click to collapse
Hi yeah my internet is not good enough to be a server, I used to run a MTA Server from a vps but i gave up.
openShift doesn't seem to work with php from what i can tell.
Yes, you can use openShift as a php server (it is a cartridge not an application), i personally used it (also it must have php if you think a moment, application like cakephp or WordPress or joomla need php)
Also if you don't have problems with the Italian (you are from the uk, correct?) you can give a look to altervista, it is a little limited into his free offers and the support is mainly in Italian, but maybe it can be a good option
Sent from my Xperia Play using Tapatalk 4 Beta
Probably build in ADB commander?
Sry for my bad English
Thanks to all developers for their hard work.
[email protected] said:
Yes, you can use openShift as a php server (it is a cartridge not an application), i personally used it (also it must have php if you think a moment, application like cakephp or WordPress or joomla need php)
Also if you don't have problems with the Italian (you are from the uk, correct?) you can give a look to altervista, it is a little limited into his free offers and the support is mainly in Italian, but maybe it can be a good option
Sent from my Xperia Play using Tapatalk 4 Beta
Click to expand...
Click to collapse
Yeah my bad didn't look very much just quickly checked when i had a second free.
hansi66627 said:
Probably build in ADB commander?
Sry for my bad English
Thanks to all developers for their hard work.
Click to expand...
Click to collapse
ADB support is never going to happen.... Atleast not in PHP, PHP is a server side language and ADB would need to be run on a client. Perhaps via JS or similar but i do not know nor intend to learn that, I do know very basic jQuery though
Xposed app firewall.
This app is an firewall for the installed apps. Only apps with permission "android.permission.INTERNET" are
shown. IPv4 and IPv6 are supported together with TCP and UDP. You could configure outgoing and incomming
connections independent from each other.
The rules could be applied for each network: W-Lan, local network, mobile, roaming, unknown.
Logging is configurable for incomming/outgoing and allowed/denied connections.
Colors:
Blue: Template is used.
Yellow: Custom settings.
Green: The app is trusted.
Red: The app is blocked.
Features:
No iptables required, the kernel doesn't need to support it.
The firewall is active when Android starts, no startup data leak.
The rules are always active, no re-apply on connection change is needed.
Limitiation:
Host names in the log file are PTR entries.
Works only for Android (Java), not the native (Linux) part
Donation:
No self-promotion in the app.
You could trust or block an app (Menu/ActionBar)
You could use a template for not configured apps
Additional (experimental) networks: Bluetooth, WiMAX, Ethernet
Tasker support, per App
You support this app and further development!
Permissions:
ACCESS_SUPERUSER: apply iptables rules
This app does not connect itself to any websites or hosts!
Important:
This app needs the Xposed Framework. The framework requires root access for installation. Don't forget to enable the module in Xposed. You can grab it here: Xposed Installer
Website: http://tinyurl.com/l5bpv23
Play Store: http://tinyurl.com/ome2pvc
Xposed Repository: http://tinyurl.com/ksc6plz
Changelog: http://tinyurl.com/n8gsqja
Why this app? No firewall for Xposed exists yet
Translation:
You could find here a interface to translate the english strings: http://tinyurl.com/okycacj
A free account of www.oneskyapp.com is required to edit. Additional, please attach your email address or send it via PM
Insane.. I was looking for something like this about 12 hours ago.. its almost like you read my mind and made it just for me!.
I like your style. Nice and simple and keeping it in line with your others.
Sent from my GT-I9300 using Tapatalk
Downloading now.
Sent from my SCH-I535 using XDA Premium 4 mobile app
shivadow said:
Insane.. I was looking for something like this about 12 hours ago.. its almost like you read my mind and made it just for me!.
I like your style. Nice and simple and keeping it in line with your others.
Sent from my GT-I9300 using Tapatalk
Click to expand...
Click to collapse
Maybe you head me thinking loud 6 weeks after starting this app: "i will release today, if there are still error, i'll fix them later"
Am I correct in assuming this is not open source?
I got a question about incoming/outgoing connections, maybe somone else want to know:
Incoming connections are used by less than 1% of all apps. This is used if the app is a "server", like BubbleUPnP. So most time incoming conections could be blocked, i think for mobile network 100%.
An outgoing connection is like a phone call: You call someone (outgoing connection), and can talk (send "data") and hear (receive "data")
Wifi Internet and Network:
If you want to control eg your local tv-receiver, xbmc device or avm router (with FreetzMobil), only connections to the local network are required. This prevents app to send data to the internet.
The "local network" are all "private" IPv4 and IPv6, they will not be forwarded by internet routers. Additionally, if you use "public" IPs they are local if it is in the same subnet as a ip of your device. Uncommon for IPv4 usage, but public IPv6 are the common usage (public IPv6 for every device)
an0n981 said:
Am I correct in assuming this is not open source?
Click to expand...
Click to collapse
As usual i send source only to people i know
I took this mod for a quick test drive, a little feedback:
-Is it not possible to restrict kernel?
-Could it be that apps that use native libraries to connect to the internet cannot be restricted? Firefox and Mega (both use native libraries) were able to connect even when completely restricted.
Also a little cosmetic issue com.android.process.gapps showed completely green at all times. However restrictions were applied properly
an0n981 said:
I took this mod for a quick test drive, a little feedback:
-Is it not possible to restrict kernel?
-Could it be that apps that use native libraries to connect to the internet cannot be restricted? Firefox and Mega (both use native libraries) were able to connect even when completely restricted.
Also a little cosmetic issue com.android.process.gapps showed completely green at all times. However restrictions were applied properly
Click to expand...
Click to collapse
Yes, see OP: "Limitiation: ... no native binaries." This is because the design of Xposed
Isn't it "com.google.process.gapps"? Onyl this one app has the wrong colors? Has it a green dot for "trusted app"? What did you configured for it?
Yes I meant com.google....
I set it from template to custom, blocked everything, however in the app overview it still showed as all green. When it was restricted GCM was blocked and the log showed blocked connections to mtalk.google.com:5228. Then I unrestricted outgoing mobile and wifi and GCM was available and the log correctly showed allowed connections but the colors in the app overview didn't change
Version 1.0.1 uploaded
- fix "incoming" thx @w0rinal
- also an error related to coloring, @an0n981 can you check if it fixes your problem? Toggling options could be required
defim said:
- also an error related to coloring, @an0n981 can you check if it fixes your problem? Toggling options could be required
Click to expand...
Click to collapse
Sorry the bug is still present
Also 1 more questions. Do you see any problem running this along side AFWall?
The bug affects any app that starts end ends with <>. <android.media> and <org.mozilla.firefox.sharedid> also always revert back to displaying completely green once the app is reloaded
an0n981 said:
Also 1 more questions. Do you see any problem running this along side AFWall?
Click to expand...
Click to collapse
No, should work without problems. The one created iptables rules other hooks the connection methods - if one fails, the other does it
an0n981 said:
The bug affects any app that starts end ends with <>. <android.media> and <org.mozilla.firefox.sharedid> also always revert back to displaying completely green once the app is reloaded
Click to expand...
Click to collapse
The "<>" entries are not real apps (.apks) with a package name, they are uids. At app start i load all installed apps with internet-permission and hide apps which are no more installed / have not any longer the permissions -> the uid items are not in the list of installed apps (obviously)
Will be fixed in next release
EDIT: Uploaded
This is awesome ?
A few questions:
- is there a way to edit template? I couldn't find it anywhere in settings- am I missing something?
- Can you add multiple selection? For example, someone has lots of apps and wants to block roaming to them etc. etc. without having to change it manually for each app.
- filtering or sorting apps? perhaps something simple like the way afwall , or a more thorough filter like XPrivacy has?
Sent from my Nexus 5 using Tapatalk
defim said:
The "<>" entries are not real apps (.apks) with a package name, they are uids. At app start i load all installed apps with internet-permission and hide apps which are no more installed / have not any longer the permissions -> the uid items are not in the list of installed apps (obviously)
Will be fixed in next release
EDIT: Uploaded
Click to expand...
Click to collapse
Confirmed fixed
jaibar said:
This is awesome ?
A few questions:
- is there a way to edit template? I couldn't find it anywhere in settings- am I missing something?
- Can you add multiple selection? For example, someone has lots of apps and wants to block roaming to them etc. etc. without having to change it manually for each app.
- filtering or sorting apps? perhaps something simple like the way afwall , or a more thorough filter like XPrivacy has?
Sent from my Nexus 5 using Tapatalk
Click to expand...
Click to collapse
The template is used for all "blue" apps, which where are not configured by user. Modifying template is part of the donator options (see OP).
Btw, next planned feature: detection of VPN connections
defim said:
The template is used for all "blue" apps, which where are not configured by user. Modifying template is part of the donator options (see OP).
Btw, next planned feature: detection of VPN connections
Click to expand...
Click to collapse
Nice feature !
I dry tested this app (i.e. not checked in the Xposed module on my device) and already saw that the VPN was missing. Now I use AFWall+ which is good and has more profiles. I block all Google apps with it with a 'limited internet' profile and every time I download something from Play, I load another profile which allows 'Google Play services' and 'Google Play store' internet connection and after download/update I revert to 'Limited internet'.
On my Mac I have 'Little Snitch' firewall which has the ability to let it prompt for certain apps which I don't want to be connected permanently (such as the Mac App Store), but only when I do e.g. an OSX update. In that case I let it prompt and say 'only this time'.
A similar approach on LightingWall should be very welcome. E.g. a notification that the Play store wants to connect with internet and when one wants to download / update an app, say 'only this time' and not permanently.
mermaidkiller said:
Nice feature !
I dry tested this app (i.e. not checked in the Xposed module on my device) and already saw that the VPN was missing. Now I use AFWall+ which is good and has more profiles. I block all Google apps with it with a 'limited internet' profile and every time I download something from Play, I load another profile which allows 'Google Play services' and 'Google Play store' internet connection and after download/update I revert to 'Limited internet'.
On my Mac I have 'Little Snitch' firewall which has the ability to let it prompt for certain apps which I don't want to be connected permanently (such as the Mac App Store), but only when I do e.g. an OSX update. In that case I let it prompt and say 'only this time'.
A similar approach on LightingWall should be very welcome. E.g. a notification that the Play store wants to connect with internet and when one wants to download / update an app, say 'only this time' and not permanently.
Click to expand...
Click to collapse
Xprivacy implements a similar thing, allowing the user to be informed when one of the restrictions are asking for access of that permission, including internet permissions(no distiction between lan or vpn), i would also welcome an on demand prompt feature for this app, its one faeture i wished afwall had, but believe it cant because of the nature of iptables i believe,
Saying that im also kinda worried that this might conflict, two apps essentially fighting for control to "pause" the system, hope im wrong, maybe if the two devs of the two respective apps co-orporated in implementation,it might be resolved, if there is an issue, i dont know........... but im getting ahead of myself here, defim has not even stated that he'll implement this, still, no harm in discussing possibilities, slim or not
@banderos101 @mermaidkillerIf you want to be informed if an app is allowed or denied to access some hosts, you could get it with Tasker. Just with a simple message box or more enhanced things Tasker can do. It should not be a problem using this app wiht Xprivacy, AFwal etc. If you block a connection with one app, it could be that the others can't see/log it. This depends on the order of the apps, An iptables firewall should be the last the connection is passing.
A per host filter is not planned, if you want to stop connection to some (tracking, malwar, adware) hosts a hosts file filter could be used, like my UnbelovedHosts
defim said:
As usual i send source only to people i know
Click to expand...
Click to collapse
Too big a risk to take for security software like this. Post your work up on Github under a reasonable license.
I'm not seeing a big advantage over the GPL AFWall+ anyway.
i see there is already ssh server available if you copy a key back into the device
but i can see good features like VPN and Hotspot are missing
i can see that vpn could be hard if not in RW mode
and hot spot just needs ap-hotspot installing
is there a way of seeing what apps are going to be available ?
a lot of handy tools on the droid which are missing from here that could be added and probably already available
nmap
virt-manager
to name a few, but handy for system admins to work on remote servers etc ...
wayneward said:
i see there is already ssh server available if you copy a key back into the device
but i can see good features like VPN and Hotspot are missing
i can see that vpn could be hard if not in RW mode
and hot spot just needs ap-hotspot installing
Click to expand...
Click to collapse
Feel free to file a bug at https://bugs.launchpad.net/ubuntu/+source/ubuntu-system-settings.
wayneward said:
is there a way of seeing what apps are going to be available ?
a lot of handy tools on the droid which are missing from here that could be added and probably already available
nmap
virt-manager
to name a few, but handy for system admins to work on remote servers etc ...
Click to expand...
Click to collapse
What do you mean by "what apps are going to be available"? You'll never know what 3rd party devs will do.
However, these things won't be doable by 3rd party apps due to Ubuntu's apparmor security policies. These would have to be implemented in the system settings or as some system service as well.
wayneward said:
i see there is already ssh server available if you copy a key back into the device
but i can see good features like VPN and Hotspot are missing
i can see that vpn could be hard if not in RW mode
and hot spot just needs ap-hotspot installing
is there a way of seeing what apps are going to be available ?
a lot of handy tools on the droid which are missing from here that could be added and probably already available
nmap
virt-manager
to name a few, but handy for system admins to work on remote servers etc ...
Click to expand...
Click to collapse
https://wiki.ubuntu.com/Touch/ReleaseNotes :good:
The following network features are not yet included in the Developer Preview:
Advanced Settings (e.g. Hidden SSIDs, Manual IP, VPN…)
Hot Spot/Tethering
@Geeks Empire Those release notes are quite outdates. Hidden SSIDs, for example, have been there for ages now.
Sent from my awesome Ubuntu Touch device using the Forum Browser app
How can Android system be hacked just by one MMS? I heard from news sites that there was found an exploit for 95% of Android phones (Android 2.3+) that can take control of the whole device just for one MMS and without letting you know. How can it be possible and how I can prevent it?
P.S.: I don't want to hack nobody's phone as I have no friends. Just curious.
Sent from my GT-I9301I using XDA Forums Pro.
mihai.apostu98 said:
How can Android system be hacked just by one MMS? I heard from news sites that there was found an exploit for 95% of Android phones (Android 2.3+) that can take control of the whole device just for one MMS and without letting you know. How can it be possible and how I can prevent it?
P.S.: I don't want to hack nobody's phone as I have no friends. Just curious.
Sent from my GT-I9301I using XDA Forums Pro.
Click to expand...
Click to collapse
Heres some useful info:
http://www.cnet.com/news/researcher-finds-mother-of-all-android-vulnerabilities/
That's some info, but not really anything useful. Does this mean Google has a patch, will they be pushing that our or will there be ways to patch custom ROMs sooner even? These are all unanswered, though would be nice to know...
"As soon as the malicious text is received, features built into Stagefright to reduce lag time for viewing videos process the video to prepare it for viewing. That processing apparently is enough for bad guys to get their hooks into the platform and take control." - cnet
I see it like this:
1. MMS with video arrives
2. Messaging app loads the video in Stagefright where it will processed for better playback.
3. Video is ready for playing.
As I figure out from Google's Android site about Stagefright, it is a service that take care of video/audio/other media related stuff offline and local.
How can hackers connect with Stagefright if Stagefright is an offline service? And anyway how can an media service recive code to execute as an remote command execution for whole system?
Sorry but I just don't get it at all.
mihai.apostu98 said:
How can Android system be hacked just by one MMS? I heard from news sites that there was found an exploit for 95% of Android phones (Android 2.3+) that can take control of the whole device just for one MMS and without letting you know. How can it be possible and how I can prevent it?
P.S.: I don't want to hack nobody's phone as I have no friends. Just curious.
Click to expand...
Click to collapse
Here's further info. Google has apparently already sent the patches, 7 in all, to the various phone manufacturers.
Because of fragmentation, though, some of them may never send out these fixes. Since these have assumedly been committed to the source code online, they should theoretically be available for download at some point as well. However, you'd (likely) need to be rooted to apply them.
In the meantime, go into your SMS application (usually Hangouts these days) and turn off automatic MMS retrieval. Then, do not accept any photos or videos from anyone you don't know. I am not sure, but I worry it's also possible you might get it from someone do know who is already infected, so just operate with an abundance of caution overall, I guess. And keep an eye out for news here, because it will probably be one of the first places they become available.
mihai.apostu98 said:
"As soon as the malicious text is received, features built into Stagefright to reduce lag time for viewing videos process the video to prepare it for viewing. That processing apparently is enough for bad guys to get their hooks into the platform and take control." - cnet
I see it like this:
1. MMS with video arrives
2. Messaging app loads the video in Stagefright where it will processed for better playback.
3. Video is ready for playing.
As I figure out from Google's Android site about Stagefright, it is a service that take care of video/audio/other media related stuff offline and local.
How can hackers connect with Stagefright if Stagefright is an offline service? And anyway how can an media service recive code to execute as an remote command execution for whole system?
Sorry but I just don't get it at all.
Click to expand...
Click to collapse
People connect with Stagefright by sending you the malicious code contained within the MMS. Once that code gets (usually automatically) processed by the Stagefright service already locally present, it exploits security vulnerabilities to hand control of your device over to whomever is waiting on the other end. As for a media service being able to control the whole system, think of how Flash (a media service) and Microsoft had those zero-day UaE bugs that would allow someone to take over your PC. The logistics may be different, but the concept is the same.
If I remember correctly, there are ways to turn stagefright on/off by editing your build.prop file (easily found on XDA). I don't know if there is another subservice or what that could be running, and I haven't devved since Android 4 dropped, so don't get your hopes up.
Hope that helps.
I gather that Google has a patch. Has it been pushed out to Nexus devices?
pomeroythomas said:
If I remember correctly, there are ways to turn stagefright on/off by editing your build.prop file (easily found on XDA). I don't know if there is another subservice or what that could be running, and I haven't devved since Android 4 dropped, so don't get your hopes up.
Click to expand...
Click to collapse
Excellent idea, +thanks. Et voilà, what appears to b-e in my KitKat:
media.stagefright.enable-player=false
media.stagefright.enable-meta=false
media.stagefright.enable-scan=false
media.stagefright.enable-http=false
media.stagefright.enable-rtsp=false
media.stagefright.enable-record=false
Now, this can break all kinds of things if you don't know what you're doing. Use a build.prop editor from the Play Store.
I don't know that they all need to be false to plug this hole. But those are the relevant lines.*
UPDATE [10 Aug 2015]: This doesn't affect what the Zimperium scanner says is vulnerable, which may indicate the edit won't protect you. It's unclear at this point.... read the latest posts in this thread for possible info. You can turn off auto-retrieve in MMS, but SF exists at other levels of the operating system. I suppose it couldn't hurt to do the build.prop, but don't rely on it.
voxluna said:
Excellent idea, +thanks. Et voilà:
media.stagefright.enable-player=false
media.stagefright.enable-meta=false
media.stagefright.enable-scan=false
media.stagefright.enable-http=false
media.stagefright.enable-rtsp=false
media.stagefright.enable-record=false
Now, this will probably break all kinds of things, and I don't know that they all need to be false to plug this hole. But those are the relevant lines.
Click to expand...
Click to collapse
Thanks for the thanks!
You probably won't break much of anything; 90% of today's phones are powerful enough that you don't REALLY need Stagefright handling the media unless you're playing very intensive games on your device. The most you'll likely experience is not-quite-as-good benchmarking numbers.
pomeroythomas said:
Thanks for the thanks!
You probably won't break much of anything; 90% of today's phones are powerful enough that you don't REALLY need Stagefright handling the media unless you're playing very intensive games on your device. The most you'll likely experience is not-quite-as-good benchmarking numbers.
Click to expand...
Click to collapse
I had honestly never heard of StageFright, and I've been using Android since the very first device came out. But if it's possible to run all the usual media, just with a performance penalty, I'm going to change it right now (I did, and this happened).
Also, I just read an article claiming that fragmentation is not so much of an issue these days, because Google Play Services is mandatory. I wonder if it can proactively change something like this, on its own?
voxluna said:
I had honestly never heard of StageFright, and I've been using Android since the very first device came out. But if it's possible to run all the usual media, just with a performance penalty, I'm going to change it right now.
Click to expand...
Click to collapse
The only reason I even know about Stagefright is because my very first, 550MHz, resistive touchscreen Kyocera Zio shipped with Stagefright disabled by default. Haha.
Also, I just read an article claiming that fragmentation is not so much of an issue these days, because Google Play Services is mandatory. I wonder if it can proactively change something like this, on its own?
Click to expand...
Click to collapse
I would assume it's possible (this is just an arbitrary code execution issue, I think), but having had that vulnerability built into pretty much every ROM for the last 5 years could be a problem in that I'm not 100% sure that Google Play Services has the access to shut down the Stagefright service (no root access, etc), so I'm pretty sure Google Play Services would be less of a fix than a piece of software that actively tries to mitigate the breach.
I could be wrong, though; I'm basically guessing as I haven't looked into the malicious code.
Xposed Android will no doubt have either a module for this or existing bugfix modules will be updated to include this vulnerability in the coming days, and due to the nature of Xposed modules taking over services the ROM is trying to run without actually messing with your ROM, I'm sure it'll be a universal fix.
Personally, I just shut off the Stagefright service using my build.prop and am patiently awaiting someone more skilled than I to create a fix.
i could see this as a useful root method for lollipop, and other versions that don't have root methods yet.
Morlok8k said:
i could see this as a useful root method for lollipop, and other versions that don't have root methods yet.
Click to expand...
Click to collapse
Here's hoping!
Morlok8k said:
i could see this as a useful root method for lollipop, and other versions that don't have root methods yet.
Click to expand...
Click to collapse
pomeroythomas said:
I'm not 100% sure that Google Play Services has the access to shut down the Stagefright service (no root access, etc), so I'm pretty sure Google Play Services would be less of a fix than a piece of software that actively tries to mitigate the breach.
Click to expand...
Click to collapse
Come to think of it, if this exploit allows any kind of root, I suppose it'd be possible for Services itself to use that hole, and therefore be able to patch StageFright. A weird workaround, but entirely possible. Something tells me they won't use it, though, as technically feasable as it may be. I'm really hoping for that Xposed fix, just like GravityBox can patch FakeID. Which, indeed, Services eventually mitigated (for the most part).
commits on android.googlesource.com
Has anyone tracked any commits in android.googlesource.com related to stagefright?
Is this really a viable fix for this? I copied it from another website
If you turn off the following settings in your messaging app/apps on your device:
Auto-retrieve MMS. Check to automatically retrieve multimedia messages that you receive. If auto-retrieve is unchecked in your Messenger MMS settings, you must touch Download to view the message.
Roaming auto-retrieve. Check to automatically retrieve multimedia messages while roaming.
Then when you receive the text with this exploit it will not download to your phone unless you hit the download button. So looks like this can be turned off without a patch but patches are needed cause not everyone is smart enough to turn these off.
iverson3-1 said:
Is this really a viable fix for this? I copied it from another website
Auto-retrieve MMS. Check to automatically retrieve multimedia messages that you receive. If auto-retrieve is unchecked in your Messenger MMS settings, you must touch Download to view the message.
Roaming auto-retrieve. Check to automatically retrieve multimedia messages while roaming.
Then when you receive the text with this exploit it will not download to your phone unless you hit the download button. So looks like this can be turned off without a patch but patches are needed cause not everyone is smart enough to turn these off.
Click to expand...
Click to collapse
That should be one way to disable the hack. It's unclear from what I've read if it only affects Hangouts, or all SMS clients. What I've done is disable any auto MMS retrieve in my own messaging app, which in my case is mySMS. I suppose it couldn't hurt to do it in Hangouts as well.
This should cover it, but I think you still run the risk of someone you know sending (probably without their knowledge) an infected video -- much like trojans that take over a PC, and use the internal contact list to send mail as though they were your friend, they could exploit your trust.
Patching the build.prop theoretically protects from this, which I've personally done, but it's not for the faint of heart. If you screw it up, you could render your phone a mess. I wish I knew more about app development, because I would write something that did all this stuff automagically.
voxluna said:
Patching the build.prop theoretically protects from this, which I've personally done, but it's not for the faint of heart. If you screw it up, you could render your phone a mess.
Click to expand...
Click to collapse
Aaaaaand that's what I just did. I'm in a boot loop after changing the build.prop file. This is going to be really fun with an encrypted data partition that holds the backup I just made.
Be warned.
UPDATE: I had to reflash the ROM, and the entire experience took about 2.5 hours because I couldn't get a KDZ to work. I decided that since it was going to be a full wipe, at least I would upgrade to Lollipop, but I'll have to set up the entire phone all over again. I suspect the problem was that I didn't pay attention to the permissions of that file when I edited and transferred it from another machine. Ugh. I just went back and put warnings on all my posts about the build.prop lines.... and it would be better to just wait for patches, IMO. This thread is progressing quickly now.
i tried tracking the fix on android source repo. but the only recent commit against libstagefright is on July 7th.
Fix global-buffer-overflow in voAWB_Copy.
Copy() in frameworks/av/media/libstagefright/codecs/amrwbenc/src/util.c always
overreads the buffer by 4 bytes to the right, which, if we are very unlucky,
can even hit an unmapped memory page (in this case it is just a global
variable).
Click to expand...
Click to collapse
Hi all,
in my case, as I plainly don't use the MMS feature, I simpl deleted the MMS apn. Is this a possible workaround for this problem (at least, until it gets fixed somehow)?