{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Mobile Encryption on the Go! Hash fast with crypTo.
crypTo. is an encryption application with the follow features:
enCodEr:
– Encrypts strings in Base64, Binary, CRC32, MD2, MD4, MD5, RipeMD128, RipeMD160, RipeMD256, RipeMD320, SHA-1, SHA-256, SHA-384, SHA-512, Tiger and Whirlpool!
– Decrypts Base64, Binary and looks up MD5 back to its original string!
– Hashing messages or numbers can be used in order to hide or send secret messages that could be decrypted later on!
– Hashing you own passwords and then pasting into Google in order to see if they have been cracked is a good way of checking the security of your passwords.
chEcksUm:
– File Check using CRC32, MD2, MD4, MD5, RipeMD128, RipeMD160, RipeMD256, RipeMD320, SHA-1, SHA-256, SHA-384, SHA-512, Tiger and Whirlpool!
– MAKE SURE TO USE A GOOD FILE MANAGER WHEN DOING FILE CHECKSUMS FOR BIG FILES (ex. ASTRO)
– Every file has a checksum and when downloading files it is very important that these checksums are matched to the checksum given by the source providing the downloaded file because the files could contain malware or may not work properly because it was not completely downloaded.
coMpaRe:
– Copy and Compare Strings and check is they match!
– After Hashing a String or File, you may check and compare Checksums to make sure they are correct!
FAQ:
What is a string?
– A string can be letters or numbers before they are encrypted into a hash.
What is a hash?
– A hash is an encrypted string of letters or numbers by different encryption methods. Hashes are used in cryptography for creating strong passwords, data encryption and to check the integrity of files.
What is a checksum?
– A checksum is a hash of a file.
Explanation of permissions requested:
– Internet: Button that goes to http://www.jbdevshare.blogspot.com/ in the "About" section of the Menu and MD5 Reverse Lookup.
And there's more updates to come: Widgets, Saving Hashes, File Encryption and More Encryption Methods such as Adler-32 and Haval-128.
Tags: Base64 Binary CRC32 MD2 MD4 MD5 RipeMD128 RipeMD160 RipeMD256 RipeMD320 SHA-1 SHA-256 SHA-384 SHA-512 Tiger Whirlpool password security hash hack hacking encryption decryption
Related
Hi all,
Is there a program that can view the IMEI number(s) directly from the MP0B_001 file (/data/nvram/md/NVRAM/NVD_IMEI/MP0B_001)?
Not sure if it matters, but the device is an MTK phone running Android 5.0.
Never mind, I got bored and made an IMEI viewer myself:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If anyone is interested, you can download it here (imeiview.exe).
Algorithm is taken from the source code of a program called imei_mtk6515 which I downloaded from here.
No idea if it will work for all MTK processors or just some, though.
-------
[EDIT - November 17th 2015]
I added editing capabilities:
C4lculated said:
Never mind, I got bored and made an IMEI viewer myself:
If anyone is interested, you can download it here (imeiview.exe).
Algorithm is taken from the source code of a program called imei_mtk6515 which I downloaded from here.
No idea if it will work for all MTK processors or just some, though.
Click to expand...
Click to collapse
Hi C4lculated,
Is it possible to change imei from MP0B_001 file?
Sure, just generate the required IMEI(s) with the "imei_mtk6515" utility I linked to in the previous post and copy them from the MP0B_001_NEW output file to your MP0B_001 file with a HEX editor (I use HxD and like it a lot). IMEI1 is stored in bytes 0-7 of the MP0B_001 file and IMEI2 is stored in bytes 0C-13 (Hex).
Actually, scratch that, if you'll do as I suggested bytes 10 and 11 of the IMEI will be incorrect, maybe it will still work, maybe not.
I can't think of any reason you would want to change IMEI.
Nevertheless, I'll take every chance I get to practice my programming muscles, so I changed my utility so that you can edit the IMEI(s) stored in MP0B_001 with it.
Download at the 2nd post.
Thread closed. IMEI editing is illegal in most countries in the world and as such banned from the site.
Hey guys,
I want to enable https on my sm-g900f for my local developer environment, so I created my own self signed root CA certificate. With this cert I sign my local server certificates.
Everything works fine on my desktop devices but not on my android mobile phone.
If I create a rootCA.crt file and convert it to binary .DER type, I'm able to install it on my phone via Settings / Security / Credential storage / Install from storage. HTTPs works now in all browsers and I can see that the cert has been addedd successfully to the Settings > Security > Trusted Credentials > User store. But then I get the "your network may be monitored" warning.
In order to get rid of it I followed the steps described in this thread. The only difference was that my user certs location is /data/misc/user/0/cacerts-added.
After gaining root access and moving the cert via ADB to /system/etc/security/cacerts/ (including chmod and chown) the warning disappeared and I can see that my rootCA is enabled under Trusted Credentials > System*.
As soon as I remove the beforehand added rootCA under Trusted Credentials > User, the warning disappears but https is not working anymore. Chromium gives me this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Anyone know why my phone/android shows this behaviour?
*(for experts only: also wondering why system/etc/security/cacerts are being displayed as plain ascii text with full cert info although android requires binary format for CA cert?)
For those interested I'm sharing the solution:
Here's what I did to solve this:
(1) flashing my sm-g900f with odin v3.12.4-4 and latest twrp 3.3.0-0-klte
(2) backup relevant data, wipe system/cache/... with twrp afterwards
(3) flash 16.0-nightly-klte addonsu-16.0-arm open_gapps-arm-9.0-nano-20190428
(4) install certificate via security settings options. Shown as 'user cert' but no warning message and ssl works now
Thanks to JW09I4 for helping me out and guiding me through the process of updating my phone.
When I integrate the HMS Core SDK into my app or game, result code 6003 is always returned during an API call. The official document indicates that this fault is caused by an incorrect signing certificate fingerprint. A signing certificate fingerprint is used to verify the app authenticity.
To locate the fault, perform the following operations:
Ensure that the app's certificate signature is the same as that configured in AppGallery Connect.
Ensure that the appid parameter in the manifest file is correct.
Check whether the app is hardened or re-signed.
Check whether HUAWEI App Signing is enabled.
Step 1: Ensure that the app's certificate signature is the same as that configured in AppGallery Connect.
Open the APK file of the app, extract the META-INF directory from the file, obtain the CERT.RSA file in the directory, and run the keytool -printcert -file META-INF/CERT.RSA command to display the signature certificate information.
Check the SHA-256 certificate fingerprint configured in AppGallery Connect by referring to Configuring the Signing Certificate Fingerprint. If the information is the same as the preceding information displayed, the certificate fingerprint is correct.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Note: The keystore signature of the debug version for packaging. Use the official version for packaging and utilize a real device (non-simulator) for testing only.
Step 2: Ensure that the appid parameter in the manifest file is correct.
You can perform the check in either of the following ways:
View the parameter directly in the manifest file under the project.
Decompile the packaged APK file, and view the parameter. You can use any decompliation tool for that.
Step 3: Check whether the app is hardened or re-signed.
Since AppGallery Connect does not re-sign an app currently, you need to locate the fault if your app has been hardened or re-signed by yourself.
Step 4: Check whether HUAWEI App Signing is enabled.
Huawei provides the App Signing service for developers to let Huawei host their app's signature key and use it for the APK file to be distributed.
According to the official document, if the service is enabled, the generated certificate fingerprint must be added in AppGallery Connect.
Background:
I have integrated the HMS Core SDK for a game, and recently, submitted a game update for review, but it is rejected because the app signature differs from that of my released game.
I’ve written the following troubleshooting guide to help resolve this problem.
Troubleshooting
1. Check whether the current app version is the same as the previous version.
View the fingerprint certificate in the project.
a. Open the CLI and run the keytool -list –v –keystore [file path] command.
b. Enter the keystore password.
c. View the current signing certificate fingerprint.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
View the APK signature.
a. Run keytool -printcert -jarfile xxx.apk (APK file path).
b. The following information is displayed.
c. You can view the SHA-256 certificate fingerprint of the current APK. Check whether this value of the two app versions is consistent.
Then check whether the two fingerprints are consistent with that in your project.
2. If the certificate fingerprints are inconsistent, this can be caused by two different reasons. The first one is that the two APKs have been packaged using different signature files. If they are inconsistent, you should first check whether the .jks or keystore files used for app signing in the project are consistent. Or, you can check whether you have used keystore files from different environments or platforms.
Example:
The .jks or keystore files used for the debug and release environments are different. You need to ensure that each .jks or keystore file matches the environment. For example, you cannot configure the .jks or keystore file in debug to the release environment.
3. If the .jks or keystore files are consistent, you need to check whether an automatic process has been used for packaging and signing. If so, check whether DEX file encryption has been used, which can lead to inconsistent signatures.
AppGallery supports two kinds of signing certificates: one that is totally generated by AppGallery Connect and the other one that is generated by developers. Here I will share some solutions with you for the common errors reported during the signing certificate generation.
The command in the official document is as follows:
Code:
java -jar pepk.jar --keystore test.jks --alias test --output=output.zip
\ --encryptionkey=034200041E224EE22B45D19B23DB91BA9F52DE0A06513E03A5821409B34976FDEED6E0A47DBA48CC249DD93734A6C5D9A0F43461F9E140F278A5D2860846C2CF5D2C3C02
\ --include-cert
Error 1 — “No value provided for flag: include-cer”
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Cause: It is not the correct pepk.jar file. Normally, its file size is around 2 MB. Check whether it is the file that was provided by Android Studio.
Solution: Use the correct pepk.jar file that you can get from Google.
Error 2: “java.io.IOException: Keystore was tampered with, or password was incorrect”
Cause: The keystore password is most likely not correct.
Solution: Enter the correct password.
Error 3: “Unable to export or encrypt the private key”
Cause: Incorrect password. The keystore password is entered correctly, but the key file password is entered incorrectly when entered for the second time.
Solution: Enter the correct key file password.
Error 4: “Unable to parse the input:”
Cause: The length of the encryption key is incorrect. Check whether you have copied the complete encryption key.
Solution: Use the complete encryption key.
Error 5: “java.lang.IllegalArgumentException: publicKey should be 68 bytes”
Cause: The length of the encryption key is incorrect. Check whether you have copied the complete encryption key.
Solution: Use the complete encryption key.
Error 6: “java.lang.IllegalArgumentException: Hex encoded byte array must have even length but instead has length: 143.”
Cause: The encryption key is too long.
Solution: Use the correct encryption key
Error 7: “java.security.GeneralSecurityException: point is not on the curve”
Cause: The encryption key is incorrect.
Solution: Use the correct encryption key.