Related
Hey Guys,
I know there is an app in the market already Keystore Unlocker, but it doesnt seem to work with the latest su binary. Does anyone know if there is a way to disable the password requirement for stored certificates. It would be a useful feature to bake into some roms or even a new app that works with latest su.
I decomplied the apk for Keystore Unlocker but it was no help. I emailed the developer and asked if he would either update the app and make it paid (99 cents wouldnt be too much) or release the source for us to use for future projects.
Let me know if you guys have any ideas.
Same issue on HTC Incredible, Stock + Root ROM 2.3.4. Really annoying, anyone know a fix? My initial thinking is it's at kernel layer, as Hot Reboot doesn't cause issue but a "full" reboot does. Anybody have a suggestion on fix or workaround?
+1
Would love to bypass the credential storage. It literally decimates the battery trying to log into a credentialed WiFi (try/fail/try/fail) if you don't happen to notice that you haven't done the credential yet.
+1
I have mailed to the app's author, perhaps he has a solution.
Does anybody knows what exactly the app does? Is there a way by command line to activate the credential storage? (so it could be done in autostart)?
There are two possibilities to unlock the keystore. Both need to be run under UID=1000!
1) You have an AOSP based ROM, like Cyanogen:
There is a tool called "keystore_cli", which provides basic access to the keystore by commandline.
Simply run
Code:
su -c 'keystore_cli u <password>' 1000
to unlock it.
Other options are can be found in keystore.c:
Code:
static struct action {
int8_t (*run)();
int8_t code;
int8_t state;
uint32_t perm;
int lengths[MAX_PARAM];
} actions[] = {
{test, 't', 0, TEST, {0}},
{get, 'g', NO_ERROR, GET, {KEY_SIZE}},
{insert, 'i', NO_ERROR, INSERT, {KEY_SIZE, VALUE_SIZE}},
{delete, 'd', 0, DELETE, {KEY_SIZE}},
{exist, 'e', 0, EXIST, {KEY_SIZE}},
{saw, 's', 0, SAW, {KEY_SIZE}},
{reset, 'r', 0, RESET, {0}},
{password, 'p', 0, PASSWORD, {PASSWORD_SIZE, PASSWORD_SIZE}},
{lock, 'l', NO_ERROR, LOCK, {0}},
{unlock, 'u', LOCKED, UNLOCK, {PASSWORD_SIZE}},
{NULL, 0 , 0, 0, {0}},
};
I guess you can figure them out, if you want to.
2) You don't have the keystore_cli tool:
a) You might be able to use a keystore_cli binary from another rom
b) Use unix domain sockets to communicate with the keystore.
The socket is under /dev/socket/keystore.
To access this, you'd have to write a small c programm and use the socket(), write() syscalls.
Luckily. this is exactly what that "keystore unlocker" from the market does.
It comes with a small native executable located at
Code:
/data/data/ru.chunky.AutoKeystore/lib/libkeystorecmd-executable.so
which reads input to send to the socket from stdin.
The format is:
Code:
<code><length1><message1>...
Where <code> would be 'u' to unlock
<length> would be the length of the password as 16bit unsigned int
<message> would be the string representation of the password
In this example the password is "password", which is 8 characters long.
So the length would have to be \0000\0008 and the message to send to the socket
Code:
u\0000\0008password
Running
Code:
su -c "echo -e 'u\0000\0008password' | /data/data/ru.chunky.AutoKeystore/lib/libkeystorecmd-executable.so" 1000
should show a result of
Code:
1
in the commandline, if successful and the keystore should be unlocked.
it sounds brilliant!
Do you have any idea what is the problem with the app and actual su versions?
Awesome find man, shame is ICS fixed this bug. It just requires a pattern lock or pin lock. I wish we could find a workaround for this....
Sent from my HTC Rezound
stm999999999 said:
it sounds brilliant!
Do you have any idea what is the problem with the app and actual su versions?
Click to expand...
Click to collapse
Nope, no idea.
I worked around it like this (cyanogenmod):
In /data/local/userinit.sh I put
Code:
#!/system/bin/sh
nohup /data/local/keystoreunlock_delayed.sh > /dev/null 2> /dev/null &
and the file /data/local/keystoreunlock_delayed.sh contains:
Code:
#!/system/bin/sh
sleep 60
su -c 'keystore_cli u <password>' 1000
The 60 second delay makes sure the phone has already initialized the keystore.
It's a bit of a diry way to do it, but this way it works without any android app.
To test this on my device, I made a file /data/keystoreunlock_delayed.sh
#!/system/bin/sh
su -c 'keystore_cli u <password>' 1000
and execute it within root explorer. But nothing happens!?
I tried su -c 'keystore_cli u <password>' 1000 in terminal Emulator, I got permission denied. I have to do a "su" before, without any parameters, then superuser asks for permission, and then the long command worked.
stm999999999 said:
To test this on my device, I made a file /data/keystoreunlock_delayed.sh
#!/system/bin/sh
su -c 'keystore_cli u <password>' 1000
and execute it within root explorer. But nothing happens!?
Click to expand...
Click to collapse
I forgot the permission 0755. It was 0555.
Can I download keystore_cli somewhere so I can use this script?
I have /system/bin/keystore but not keystore_cli on the rooted 2.3.4 OTA. Using HTC Incredible and would like to use this workaround script.
EDIT: I now realize this is in the Rezound forum. I found this thread by Google search but couldn't find much else on keystore_cli other than zip extract logs.
hm, I do not use a Rezound, too. I have a Desire.
Are you sure, this file is not an integral part of android?
I found one version on dropbox: https://www2.dropbox.com/s/cuu6hm8dvi3jxh5/BI/system/bin/keystore_cli
but I cannot say anything about this file. If it is genuine and ok.
What about asking in an Incredible subforum?
AutoKeystore fixed
I've just resolved "newer su" issue with ru.chunky.AutoKeystore and added password-less VPN Wizard there.
Q&A for [GUIDE][LINUX][MIUI] MIUI PatchROM -- BUILD YOUR OWN MIUI ROM
Some developers prefer that questions remain separate from their main development thread to help keep things organized. Placing your question within this thread will increase its chances of being answered by a member of the community or by the developer.
Before posting, please use the forum search and read through the discussion thread for [GUIDE][LINUX][MIUI] MIUI PatchROM -- BUILD YOUR OWN MIUI ROM. If you can't find an answer, post it here, being sure to give as much information as possible (firmware version, steps to reproduce, logcat if available) so that you can get help.
Thanks for understanding and for helping to keep XDA neat and tidy!
[MIUI PATCHROM for WALTON PrimoF2[How to solve this??Please somebody help me...
Code:
[email protected]:~$ cd patchrom
[email protected]:~/patchrom$ . build/envsetup.sh
PATCHROM_BRANCH = jellybean42-mtk
ANDROID_PLATFORM = v17
PORT_ROOT = /home/atiq/patchrom
ANDROID_TOP =
ANDROID_OUT =
PORT_PRODUCT = Unknown
USE_ANDROID_OUT =
ANDROID_BRANCH =
[email protected]:~/patchrom$ cd primof2
bash: cd: primof2: No such file or directory
[email protected]:~/patchrom$ mkdir primof2
[email protected]:~/patchrom$ cd primof2
[email protected]:~/patchrom/primof2$ /home/atiq/patchrom/tools/releasetools/ota_target_from_phone -n
Wait for the device to be online...
Copy target file template into current working directory
Warning: the ota package will not contain bootimage!!!
Maybe you forget to pass the ota-package parameter.
Are you sure this is really what you want(yes/no):yes
Build recovery.fstab from device
Extract the whole /system from device
pull: building file list...
1423 files pulled. 0 files skipped.
2943 KB/s (570754099 bytes in 189.331s)
Remount /system to be writable
You don't have a rooted kernel. Please run the following command mannually
(1) adb shell
(2) su
(3) mount -o remount,rw /[email protected] /system
(3) chmod 0777 /system /system/*
If you finish running the above commands on your phone(yes/no):yes
/system/xbin/getfilesysteminfo: No such file or directory
Run getfilesysteminfo to build filesystem_config.txt
125 KB/s (5572 bytes in 0.043s)
Run getfilesysteminfo and recoverylink.py to recover symlink
Recovery link files success
Build apkcerts.txt
failed to copy '/data/system/packages.xml' to '/home/atiq/patchrom/primof2/out/target_files/packages.xml': Permission denied
Error: /home/atiq/patchrom/primof2/out/target_files/packages.xml doesn't exist or isn't a vaild xml file
rm: cannot remove ‘/home/atiq/patchrom/primof2/out/target_files/packages.xml’: No such file or directory
Generate metadata used to build target files...
Compress the target_files dir into zip file
/home/atiq/patchrom/primof2
Build full ota package: /home/atiq/patchrom/primof2/stockrom.zip
unzipping target target-files...
using device-specific extensions in .
unable to load device-specific module; assuming none
[MIUI CUST] OTA: copy data files
[MIUI CUST] OTA: handle relink
[MIUI CUST] OTA: SetPermissions
Picked up JAVA_TOOL_OPTIONS: -javaagent:/usr/share/java/jayatanaag.jar
done.
[email protected]:~/patchrom/primof2$
Where should I put the bellow commands
Code:
You don't have a rooted kernel. Please run the following command mannually
(1) adb shell
(2) su
(3) mount -o remount,rw /[email protected] /system
(3) chmod 0777 /system /system/*
If you finish running the above commands on your phone(yes/no):
here?? After this line?? Here I have only two option to input "yes" or "no" in this shell. Otherwise it shows too many arguments. Please tell me where to put those commands exactly?? another question: Is everything OK there except "packages.xml". I manually copied the packages.xml file from my device and paste it to target_files then zipped it. Will it work?? Please help..
Anyone here successfully booted miui 8 on MTK 32 bit kernel 3.18.19 can help me with bootloop!?
I already built the rom based on AOSP android one but it bootloops
Mysteryagr said:
Anyone here successfully booted miui 8 on MTK 32 bit kernel 3.18.19 can help me with bootloop!?
I already built the rom based on AOSP android one but it bootloops
Click to expand...
Click to collapse
Hook it up and run a log at on your pc. That will tell you what is bootlooping. It that should have been the first hinges you did. It is rom building basics
zelendel said:
Hook it up and run a log at on your pc. That will tell you what is bootlooping. It that should have been the first hinges you did. It is rom building basics
Click to expand...
Click to collapse
Thank you for your reply.
I already did that, and yes I edited defualt.prop inside the ramdisk to enable logcat during bootloop.
I have ported many roms, and also built some from source, and I noticed that I can only take logcat in bootloop if the rom is partially booted, notification led lights in red as a sign of that.
In Miui case the led doesn't light up, also I noticed that no space occupied in data partition (except for the extracted miui apps)
So I guess something prevent the rom to start and optimize any app, maybe it is the boot.img
If someone booted miui on MTK 32 bit chipset and MM kernel 3.18.19 can help me, I will be very thankful.
My device is Infinix Hot 2 running Android one 6.0 marshmallow, chipset: MT6580
Thanks in advance.
Mysteryagr said:
Thank you for your reply.
I already did that, and yes I edited defualt.prop inside the ramdisk to enable logcat during bootloop.
I have ported many roms, and also built some from source, and I noticed that I can only take logcat in bootloop if the rom is partially booted, notification led lights in red as a sign of that.
In Miui case the led doesn't light up, also I noticed that no space occupied in data partition (except for the extracted miui apps)
So I guess something prevent the rom to start and optimize any app, maybe it is the boot.img
If someone booted miui on MTK 32 bit chipset and MM kernel 3.18.19 can help me, I will be very thankful.
My device is Infinix Hot 2 running Android one 6.0 marshmallow, chipset: MT6580
Thanks in advance.
Click to expand...
Click to collapse
To be honest I have no other ideas. Devices with that chip maker are not sold in my country.
@zelendel
What is the difference between
make firstpatch
Click to expand...
Click to collapse
and
make second patch
Click to expand...
Click to collapse
?
Mysteryagr said:
@zelendel
What is the difference between
and
?
Click to expand...
Click to collapse
I don't know. To be honest I wouldn't touch miui with a 10 foot pole personally.
Hello everybody !
I'm a noob on Android and I have a strange problem. I rooted my Wiko Pulp Fab (Lollipop 5.1) with KingRoot (after so many tries with other solutions) and now when I get root internet seems doesn't work.
I intend to use Linux Deploy and it can't download distribs (I tried use domain names and IPs, no difference)
And when I connect to my phone's shell with adb I have the same problem.
Normal user in shell, connection work:
Code:
[email protected]:/ $ ping wikipedia.fr
PING wikipedia.fr (78.109.84.114) 56(84) bytes of data.
64 bytes from wikimedia2.typhon.net (78.109.84.114): icmp_seq=1 ttl=56 time=17.9 ms
64 bytes from wikimedia2.typhon.net (78.109.84.114): icmp_seq=2 ttl=56 time=29.8 ms
64 bytes from wikimedia2.typhon.net (78.109.84.114): icmp_seq=3 ttl=56 time=30.1 ms
64 bytes from wikimedia2.typhon.net (78.109.84.114): icmp_seq=4 ttl=56 time=30.0 ms
64 bytes from wikimedia2.typhon.net (78.109.84.114): icmp_seq=5 ttl=56 time=29.1 ms
...
Root in shell, connection doesn't work:
Code:
[email protected]:/ # ping wikipedia.fr
connect: Bad file number
2|[email protected]:/ # ping 78.109.84.114
connect: Bad file number
I tried ping and other binaries, it doesn't work.
What's wrong ? I heard that is a C message error about socket usage, but how can I fix it ?
Maybe it is a problem with KingRoot ? I tried many many solutions to root my phone but nothing work. I tried to install "su" myself with adb or fastboot but it doesn't work (I don't know very much Android yet, I'd just beginning learn few days ago).
Many thanks for your help !
EDIT
I found a solution so I publish it here, maybe it can help !
If this error appear, it is probably beacause SELinux is in enforce mode. SELinux is a security module who restrict users.
To display refused operations:
Code:
# dmesg | grep -i denied
To activate SELinux permissive mode:
Code:
# setenforce 0
That's all !
The issue is that with LP root now needs a kernel change to make root work properly. King root is a joke and should never be used
zelendel said:
The issue is that with LP root now needs a kernel change to make root work properly. King root is a joke and should never be used
Click to expand...
Click to collapse
OK so what can i do ? Where can I found doc about kernel change ?
remipassmoilesel said:
OK so what can i do ? Where can I found doc about kernel change ?
Click to expand...
Click to collapse
The ingest issue is that this OEM doesn't comply with gpl laws so you may not even be able to find the source code for the kernel. Let alone having an unlocked bootloader to flash the kernel.
I'll be honest. With these small companies your best bet is just use the phone as it comes.
In fact I have downloaded the whole source code, available online. I tried to build it once but finally I'm not sure of what can I do with that.
Do you think I can build my own /system image with a su binary or that will be not enought ?
remipassmoilesel said:
In fact I have downloaded the whole source code, available online. I tried to build it once but finally I'm not sure of what can I do with that.
Do you think I can build my own /system image with a su binary or that will be not enought ?
Click to expand...
Click to collapse
You found the kernel source code? You do know that the kernel source and android source are different. Also you will need to have an unlocked bootloader to even flash it.
zelendel said:
You found the kernel source code? You do know that the kernel source and android source are different. Also you will need to have an unlocked bootloader to even flash it.
Click to expand...
Click to collapse
I think I have both, kernel and android: http://www.wikogeek.com
So what can I do ?
1) Build all and obtain the 3 img files (boot.img, ....),
2) Mount the img files and insert su binary and others custom files,
3) Push the img files to the phone with fastboot
Is that correct ?
I have one question more. With Fastboot, can I push just some files or I can just overwirte the whole partition ?
Thanks for your help.
I found a solution so I publish it here, maybe it can help !
If this error appear, it is probably beacause SELinux is in enforce mode. SELinux is a security module who restrict users.
To display refused operations:
Code:
# dmesg | grep -i denied
To activate SELinux permissive mode:
Code:
# setenforce 0
That's all !
What does this actually do to tell the bootloader that it is ok to unlock.
Write a 1 byte file to the system partition?
Write one byte of the bootloader?
Searching google just gave "How to Enable OEM Unlock to unlock your bootloader" articles nothing on how it actually works.
Finally found out how it works.
While trying to find my screen resolution while offline I checked getprop with terminal and sys.oem_unlock_allowed [1] came up.
I then checked /dev/__properties__ and it was there so it is enable by writing sys.oem_unlock_allowed = 1 to /dev/__properties__
Guicrith said:
Finally found out how it works.
While trying to find my screen resolution while offline I checked getprop with terminal and sys.oem_unlock_allowed [1] came up.
I then checked /dev/__properties__ and it was there so it is enable by writing sys.oem_unlock_allowed = 1 to /dev/__properties__
Click to expand...
Click to collapse
Is there any way to prevent a user from accidentally disabling this option in Developer options?
I am asking because if you disable "OEM unlock" after installing a custom ROM in eg. a Samsung phone, the device refuses to boot with a FRP "Custom binary blocked by FRP lock" message.
timba123 said:
I'm on samsung a102u . The galaxy a10e. I added sys.oem_unlock_allowed 1 but now both sys.oem_unlock_allowed 0 and sys.oem_unlock_allowed 1 both are showing up. Is there a command to remove the sys.oem_unlock_allowed 0
Click to expand...
Click to collapse
Well actually the first one is indeed sys.oem_unlock_allowed but the second one is sys.oem_unlocl_allowed so those are not the same: probably you made a typo when adding it and thus it didn't just change the original prop's value but added a new, mistyped prop with the desired value? The K and L buttons on a QWERTY or similar keyboard are next to each other (and the Levenshtein distance between the names of the two props is only 1).
This is an excellent resource for information on bootloader unlock ability.
There are several components at play here:
ro.oem_unlock_supported is set at ROM build time; if 1, the OEM Unlocking toggle should be available. This property is not visible without root.
sys.oem_unlock_allowed is used by some "permissive" devices such as the Google Pixel to determine whether OEM unlocking should be allowed; in the case of the Pixel, this is done by checking an online whitelist of serial numbers
get_unlock_ability is controlled by the OEM Unlocking toggle. Off is 0, on is 1. If 0, the bootloader will reject fastboot flashing unlock. Can be checked in bootloader mode using ADB: fastboot flashing get_unlock_ability
X-Posted from the Mi6 forum and Stack Overflow. I wanted to do this the whole time I had my Mi5 (RIP) but couldn't figure out how.
Could anybody test on their Mi5 and let me know if it works?
kylemd said:
I know that looking for this answer has bugged me for the past few years, so figured I'd x-post from Stack Overflow. I have found the solution to switching either SIM off in the Mi6 automatically. Will likely work with other phones.
The whole question and answer you can find on Stack Overflow here.
To get the required index out of your device, you'll need to run the following commands from command prompt:
Download jadx from here
ADB pull the devices framework.jar (adb pull /system/framework/framework.jar)
Open the .jar file with 7-Zip and extract the *.dex files.
Open each .dex file with jadx-gui until you find the one with the following tree: com.android.internal.telephony.ITelephony
Search for the item TRANSACTION_setSimPowerStateForSlot. Note the = x after it; this is the index number.
Now you have the index number you can test the following command in adb shell (or Tasker, with the "run shell" function). You will need to "su" in shell, or set Tasker to "Use Root".
service call phone x i32 y i32 z
Where:
x = index number you fetched previously,
y = your subscription ID (generally, SIM1 = 0, SIM2 = 1)
z = whether on (1) or off (0)
Click to expand...
Click to collapse
Of course, now that you can execute it in Tasker you can now switch either SIM off at specific times.
I've verified that it does indeed switch the SIM off (calls go straight to voicemail right after this command is executed) but I'm unsure of any further effects this switch has.
Enjoy!
Click to expand...
Click to collapse
Click to expand...
Click to collapse