Dears,
i've successfully managed to modify with Android Studio library "libtool-checker.so" that is currently used by my Bank App to detect root on devices.
If root is detected , app will not start.
This library is an open source project well known as RootBeer and i'm a little worried about my Bank is using an opensource project (without any mod) to ensure my safety and security :angel:
The question is:
My device is on Lollipop 5.0.1 Arm7 processor. Bank App data are stored into:
1 - /data/app/com.bank/base.apk
2- /data/app/com.bank/lib/libtool-checker.so
i'm manually overwriting file 2 with my version and everything works fine.
However after each device reboot, lib file is restored with the original version (extracted from base.apk). I cannot modify lib inside base.apk file because if i change APK signature the app will be installed but will not run (server side check i suppose).
How i can permanently fix this issue?
Thank you very much for your answer.
FransisFor.
Hack signature
You can hack signature first,after you can lib check exchange if you can send hacked files me,please
Related
Hi,
To gain access to WIFI at university I have to login with my user/pass credentials.
The certificate of their website (the local home page that asks for the credentials) is not recognized as a trusted certificate, so we install it separately on our computers.
I want to know how to install such certificates on Android, I have HTC magic and I came through this question which seems the same problem but the solution is specific to exchange server and not the browser http://forum.xda-developers.com/showthread.php?t=551512
This is the details of installing the certificate from the university's page [LINK]
if you are rooted, download wifi helper (its free) from market and it should help you configure your wifi with custom cert files.
Hey,
I stumbled onto this topic as I had the problem (but on the Droid, Android v2.0). I then figured out how to do it and made a tool to make it easier. I call it RealmB's Android Certificate Installer. It basically gives your Android's web browser the correct HTTP headers to make it launch the CA certificate installation wizard.
Hope this helps,
Brian
I used Android's built-in certificate manager.
1. Just drop your certificate file onto the sdcard/download folder.
Note: Keep in mind the manager looks for .p12 and/or .crt files. I had a .cer file, but it was PEM formatted so I simply changed the extension.
2. Go to settings-> Security & Privacy -> Install from SD Card
Note: I use the MIUI rom, so millage may vary a bit on other roms
Done! Enter your credentials password, or create a new one if you didn't have one already, and you're all set!
Thanks MrNago
renaming .cer to .crt really makes me being able to install it. Life can be so easy ... (MIUI 2.3)
I was looking for a way to do this exact thing, and found a (potentially) easier way to install the certificate. If you have access to a web site, you can just put the .crt file on it, go to the site, click the file and voila... It installs on the device.
Worked like a charm since I do not have an SD card with me, but I needed to install the certificate.
Thanks for the comments above. I had a .cer file, and renaming it worked like a champ as well.
Bryan
gces said:
I was looking for a way to do this exact thing, and found a (potentially) easier way to install the certificate. If you have access to a web site, you can just put the .crt file on it, go to the site, click the file and voila... It installs on the device. ...
Click to expand...
Click to collapse
Thanks, this works.
To install a browser certificate into a pre-ICS ROM, use Portecle to add it to /system/etc/security/cacerts.bks.
Notes:
- obviously, ROOT is required to do this
- the keystore p/w is changeit
- In ICS a certificate can be simply added via Settings
The problem is only old stock browser sees installed certificate. This browser doesn't exist on Jelly Bean for Nexus 7. Google Chrome is default browser here.
Anyone knows a solution to this?
Thanks
Denis
!crazy said:
The problem is only old stock browser sees installed certificate. This browser doesn't exist on Jelly Bean for Nexus 7. Google Chrome is default browser here.
Anyone knows a solution to this?
Thanks
Denis
Click to expand...
Click to collapse
The solution could be to wait until the bug in Chrome is fixed.
web security
Web certificate and web site security have much need for everyone. IF any one have want web project and security you should hire developers.
I've seen some threads about accessing the WhatsApp messages backup database files on iPhone, Android and older Windows Phone versions (7.x). However, none of the methods seem to be compatible with the WhatsApp messages backup database file found on Windows Phone 8.1. I am looking for a way to either extract/decrypt or restore an older messages backup database. Tried so far:
- Place messages.db file on SD card and reinstall WhatsApp. WhatsApp does NOT find the backup on installation. It only restores the most recent chats (not the ones from the backup file)
- Tried available tools for iPhone/Android (Python scripts with crypto 5/7/8). Database format is incompatible
- Tried opening the database file directly in Microsoft Access, SQLite Browser. Unrecognized file format
- Tried the Zune/WP Device Manager approach. Seems to work only with Windows Phone 7.x, Windows Phone 8 is not seen by the tool
- Tried Windows Phone Power Tools to access Isolated Storage for the WhatsApp app, but access to an apps isolated storage is not possible in Windows Phone 8 anymore.
- Tried the WhatsApp Xtractor, but it contains the same iPhone/Android python scripts that don't work with the Windows Phone version
- Even tried asking WhatsApp support directly, but they have not given any response yet
Can any WhatsApp / encryption wizard please help me out. I am more than willing to reward/tip you for it if the solution works!
i have the same problem ,pls pls pls tell me about the solution thx
Given that you already enabled full FS access on your phone or have control over an app wich has the ID_CAP_OEMPUBLICDIRECTORY capability, you can extract the unencrypted sqlite database from C:\Data\SharedData\OEM\Public\WhatsApp.
The structure of the database is quite complex (I suppose it grew over the years), but not too hard to understand.
However, I have no experience in using this mechanism as a backup/restore solution.
Source: blackhat . com/docs/ldn-15/materials/london-15-DeFulgentis-Witchcraft-For-Windows-Phone-Breakers.pdf page 68f
Sorry for broken link, I'm a new member.
I realize this is a pity, I want the Microsoft support seriously and updating applications
If you do not want to unlock / flash your phone in order to enable the full FS unlock, you can try the hack as shown in the Blackhat slides posted above.
It works by replacing an apps' core files with your own, but keeping the capability restrictions of the original app. (Use http://forum.xda-developers.com/win...p-customwpsystem-patch-xaps-wpsystem-t2975419 for example)
So just target an app with ID_CAP_OEMPUBLICDIRECTORY, deploy your custom payload and use it to copy the WhatsApp files somewhere.
Given the full FS access, is there any way to access the Whatsapp key file like on Android. That's what you would need to access the backup files instead of the unencrypted current message database, which is easily opened as SQLite database?
Hello ... I'm new here ... just wondering if there is any answer to this question ... I know it's not a recent discussion, but I really need some help from you guys. I have a wp where whatsapp is installed, but it's asking for verification and I dont have no more the sim card related to that account ... I saw chats, but then I made a huge mistake (opened whatsapp while I was online) and now I cannot access to those anymore ... I have messages.db but I'm unable to retrieve the key to decrypt that ... there are tons of posts about similar issue on android or IOS, but I need the same for WP ... is it something someone can drive me through? Thanks a lot in advance
If your phone has the Full-FS-Unlock enabled you can get the unencrypted databases at C:\Data\Users\DefApps\APPDATA\Local\Packages\5319275A.WhatsApp_cv1g1gvanyjgm\LocalState (or similar package name).
Or you can get unencrypted backups from C:\Data\SharedData\OEM\Public\WhatsApp
Or you can use a interop-unlocked File Manager App
jumpz said:
If your phone has the Full-FS-Unlock enabled you can get the unencrypted databases at C:\Data\Users\DefApps\APPDATA\Local\Packages\5319275A.WhatsApp_cv1g1gvanyjgm\LocalState (or similar package name).
Or you can get unencrypted backups from C:\Data\SharedData\OEM\Public\WhatsApp
Or you can use a interop-unlocked File Manager App
Click to expand...
Click to collapse
The files in C:\Data\SharedData\OEM\Public\WhatsApp seem to be encrypted as well … Or can you just not open them with a standard SQLite viewer?
weaselmc said:
The files in C:\Data\SharedData\OEM\Public\WhatsApp seem to be encrypted as well … Or can you just not open them with a standard SQLite viewer?
Click to expand...
Click to collapse
No, these files are indeed encrypted.
The winwazzapmigrator software did a good job migrating my database to a new android phone.
Tool to access file system on Windows 8.1 mobile
jumpz said:
If your phone has the Full-FS-Unlock enabled you can get the unencrypted databases at C:\Data\Users\DefApps\APPDATA\Local\Packages\5319275A.WhatsApp_cv1g1gvanyjgm\LocalState (or similar package name).
Or you can get unencrypted backups from C:\Data\SharedData\OEM\Public\WhatsApp
Or you can use a interop-unlocked File Manager App
Click to expand...
Click to collapse
Can anyone help me with a tool to access the file system where app files are stored on a windows 8.1 mobile?
me too
PritiM said:
Can anyone help me with a tool to access the file system where app files are stored on a windows 8.1 mobile?
Click to expand...
Click to collapse
I do have the same request...
Im willing to pay through PayPal. I have a jp 5 s tablet from a prison it can receive bluetooth but installation of apps from unknown sources is blocked. In settings the check box to allow this has been disabled. It runs 4.2.2 Jellybean so my only hope is an image music file or video that could some how run a script to allow it or install a file manager. That's my ultimate goal. Thanks for any help.
Hello,
I recently installed my headunit for my ford focus (seicane: 8-core 1.5GHz T8 A7 CPU, 2Gb RAM, 1024*600, 10.2 inch)
It came with some default apps on it that cant be removed, one of wich is bootanimation, i downloaded the bootanimations app to download some others but it cant replace the bootanimation or get the newly downloaded bootanimations to show up in the bootanimation app, after alot of digging off and on the web i came to the conclusion that my problem is that i don't have acces to the root folder (view only, no write rights). Also in ES file explorer i cant set root permissions.
These are restrictions i do not want to work with, i have tried kingo root apk but that didnt work, the app just crashed and nothing happend when i pressed one click root.
Can anyone help me here on how to be able to overcome all these restrictions set by the manufacturer?
The system also tells me the app to view downloads is disabled (when downloading from google drive), yet when i download a file from chromebrowser i can view it using ES file explorer in the downloads folder.
I made several pics but i can't post external links yet due to new account..
I'll PM them if you need to see them
My headunit runs android version 8.1.0 (oreo),
MCU version: T8.3.19-3-80-043101-180525
System version: V9.3.1_20180518.095309_ACX13
Kind regards
I'm building an application that requires the use of the depth sensor on my Samsung Galaxy A80. However it seems like it's impossible to access it through Camera2 and ARCore. I asked Samsung directly and the tech support guys best guess was that Samsung has locked it from being used by third parties.
I rooted my phone and started digging through the file system and eventually found a file called 'com.samsung.sensor.imx316.so' located in /vendor/lib/camera (imx316 is the depth sensor). There are also some similar files that ends in '.bin', but .so files seems to be runnable code if I understood the google results correctly.
That file has the same name as the sensor I can't seem to access. Can this file be used somehow? Can I run it in my own app to get access to the depth data? And if not, there should be a way of getting that data right? I mean, it obviously exists somewhere in the phone since pre-installed apps are using it, and a rooted phone has access to everything?
Did you check REQUEST_AVAILABLE_CAPABILITIES_DEPTH_OUTPUT? How do you know it's impossible?
Most likely you need to reverse engineer the Camera app from your phone.
Your app can call com.samsung.sensor.imx316.so , it's really "just" a linux elf library.
The problem you face is the exported routines from the library, you won't really know
1) the parameters to the functions inside the library
2) any specific order to call functions inside the library i.e. like an init function first , release memory last...
You need to disassemble / reverse engineer the library to make some sense of it (see ghidra / radare2/ ida pro etc ).
Use strace on the current process/app which uses the library to make some sense of the order of calls into the library.
The depth data will be coming from a kernel level driver, you can likely obtain the Samsung kernel source and the driver source should be there. Then it's up to you whether you can make user space library/code to read what the driver exposes. The kernel driver source code will have an uapi header file to investigate.
idk if it helps but i used for a Huawei P30 Pro this https://github.com/Nufflee/tof-camera