AES Encryption - Windows Mobile Development and Hacking General

Hi
I need to find a way to perform AES encrpytion from within eVB. Does anyone know of any libraries/activeX controls which will perform AES encryption of a string using a given key?
I've been trawling google for hours and haven't been able to find anything! :roll:
Cheers
Richard <><

not sure if it is implemented on wince.
but maybe the cryptoapi of microsoft supports AES?
check the includefile 'wincrypt.h'

here is aes source in c.
You can compile it as a dll, then using it in your application.

Related

Putty for Wizard HERE with port selection

i everyone, this is my first post here, and since i found lot's of info about this device, i think it's my turn to make a "donation", since i've been searching for a free SSH client with port selection for WM2005 and was not able to find it, i just downloaded tthe Pocket Putty Development SVN and compiled it from source, it's tested and working, and here it it
Please leave comments and keep up the excellent work everyone
Thanks, could you descibe what it does. What is a SSH client?
devilboy1488 said:
i everyone, this is my first post here, and since i found lot's of info about this device, i think it's my turn to make a "donation", since i've been searching for a free SSH client with port selection for WM2005 and was not able to find it, i just downloaded tthe Pocket Putty Development SVN and compiled it from source, it's tested and working, and here it it
Please leave comments and keep up the excellent work everyone
Click to expand...
Click to collapse
Thankyou very much - the lack of port selection was a major PITA for me with putty
meschle said:
Thanks, could you descibe what it does. What is a SSH client?
Click to expand...
Click to collapse
a secure shell client is like a terminal client, for example : you need to do some admin work on your linux server, until now there wasn't any GOOD ssh client for the Wizard, some lacked port selection some lacked protocol compat, this one has them all.
thanks devilboy for explaining that
awsome, thanks!!
So how do you do an ESC on these WM5 soft keyboards or wizard keyboard? Doing a "vim" session is very hard without ESC.
So how do you do an ESC on these WM5 soft keyboards or wizard keyboard? Doing a "vim" session is very hard without ESC.
http://pocketputty.net/
devGOD said:
http://pocketputty.net/
Click to expand...
Click to collapse
yep i downloaded the svn from there but...
WM5 compatiblity (not yet tested) -> is now tested coz i compiled it and i'm using it
and btw, their binaries don't have port selection, this one does, since it's a build from the latest development source
about the esc thingy, never tried it but i'll see what i can do
When you say port selection, do you mean the ability to choose something other than port 22; or do you mean the ability to do port forwarding through the SSH connection?
I'd love to find a free SSH client that can do port forwarding so I can reach my OWA page (my company places OWA behind the firewall and will only do push e-mail to treos w/goodlink).
Thanks for posting this!
PHAT ****!!
I use (Pocket) Putty a LOT. I didn't actually miss the exclusion of port selecting in the "normal" version, but now that I have the availability, I sure will use it
Thanx!
100Tbps said:
When you say port selection, do you mean the ability to choose something other than port 22; or do you mean the ability to do port forwarding through the SSH connection?
I'd love to find a free SSH client that can do port forwarding so I can reach my OWA page (my company places OWA behind the firewall and will only do push e-mail to treos w/goodlink).
Thanks for posting this!
Click to expand...
Click to collapse
yep, that's it, you can select something other than port 22
bartour said:
So how do you do an ESC on these WM5 soft keyboards or wizard keyboard? Doing a "vim" session is very hard without ESC.
Click to expand...
Click to collapse
i tried with CTRL-C and it also worked
Anyone figure out how to get the up and down keys working correctly in VI?? Works fine in the shell, but VI goes into insert mode and starts inserting junk characters.
It must be the TERM setting, but I'm not figuring it out. Any ideas?
bartour said:
So how do you do an ESC on these WM5 soft keyboards or wizard keyboard? Doing a "vim" session is very hard without ESC.
Click to expand...
Click to collapse
You can map it using PQZII which may be found somewhere in the forums or at http://www.nicque.com/PQz/.
Just reflashed my wizard and gonna test it l8r, and i'll post feedback l8r too

Getting into a wireless network without the WEP key

My friend was boasting about how secure his network is and how nobody could ever hack into it. I am able to pick it up on my Universal, but it asks me for the WEP code. It would be very funny if I could use his connection after all his boasting :twisted: ! So, is there any app that can do this - perhaps by guessing all possible combinations until it gains access, or any other way?
Thanks
WEP is an older security method that has been proven to be hackable and especially true if the 64-bit version is being used.
There are tools around to hack WEP security, but I doubt it is for PPC. Even for PC, it requires some drivers for the wireless card, and a lot of the wireless card are not supported, including Centrino.
Lets assume that you have the appropriate equipment. Depending on the key size your friend used, e.g. 64 / 128 bits, you are required to be there to capture enough data (approx 500Mb for 128bits, I think) to get enough 'clue' to decode the key being used.
Finally, lets assume you had the key. You boasting friend may have a second layer of protection with wireless MAC address filtering, which filter out un authorized units based on MAC address. Of cource, MAC address can be spoof, but doubt there are any easy method of PPC unit yet.
You need another laptop as well as the PPC.
Download and install: Auditor: http://www.remote-exploit.org/index.php/Main_Page it is basically a boot from CD Linux with just the tools you need to 'probe' networks. use the PPC to find the Mac address, SSID and channel. Then fire up the laptop and start using all the tools to crack the WEP. The more data going over the network, the faster the apps will be able crack the WEP code. If enough data is flowing through the router, it is possbile to crack a 128 bit WEP in 10-20 minutes. If you have two laptops, you can get the other one to talk to the router (with spoofed MAC) to increase the data.
As already mentioned, all this depends if your card is supported by the apps, and can be put in silent mode (if you don't want to draw attention to yourself)
Of course, it is much easier just to walk 50 yards down the street and find an unsecured network for your free Skype calls.
cough.
/Mad
Thanks for the help. How would I find the chennel and MAC address with my universal?! I just want to get into my friends as a joke, and so finding another network wouldnt be much help!!
Thanks
6680abhi said:
Thanks for the help. How would I find the chennel and MAC address with my universal?!
Thanks
Click to expand...
Click to collapse
Mine is german, so my translations may be wrong
From the start menue
-> Settings
-> connections
-> Wireless-LAN
There you'll find the information you are looking for.
Do you have some experience with Linux? It's a bit more complicated than Windows Mobile
AFAIK for Wep cracking there are also a couple of programs for PocketPC existing which can do this within minutes.
but this depends strongly on the WLAN hardware.
Search in google for this.
BlackICE said:
AFAIK for Wep cracking there are also a couple of programs for PocketPC existing which can do this within minutes.
but this depends strongly on the WLAN hardware.
Search in google for this.
Click to expand...
Click to collapse
Thanks for the help. I have serached on google, but am unable to find a wep cracking application for ppc. Could you perhaps give me a link to one?
Thanks
look here:
http://www.google.com/search?num=30...esnum=0&ct=result&cd=1&q=wlan+sniffer&spell=1
Thanks again, but could you please be more specific with an application, and post a link to the application, as I was unable to find anything by clicking on the google search you posted.
Thanks
6680,
it is easyer to use a notebook, preferrably with two Prism2 based network cards, and boot WHAX from a CD.
Let that run for some time and it'll find the WEP key for you.
It took more than 30 hours to get the key for my neighbours WLAN :?
I did not post you more specific links, as I have to look myself through all these links. Actually, some of the Wlan sniffer programms do have also a PocketPC version.
Actually, it is far more easier to use a notebook than a pda. Also I doubt that there is any program around, which is fully supporting the Wlan hardware of the Universal. At least this was the case half year ago.

Android IPsec Implementation

Hi all, first post. I have been through the Android 2.0.1 filesystem from top to bottom and cannot find any standard linux IPsec binaries, conf flies or libraries. Can anyone give me a few sentences on how IPsec is implemented in Android?
If you do, iwill find a way to turn on 3DES and report back.
Thanks.

Webtop VPN

So I use VPN a lot at work, and I would like to have an option to be able to check on my work PC remotely with the webtop. From what I can tell we have had some luck loading dpkg and apt on the webtop, So is there a real VPN linux client that works well with the ARM framework? if so I would like to help work to make it work on the Atrix's Webtop mode. If anyone has any suggestions as to which open source VPN project to start with and which dependencies we will need to port to ARM or at least begin to shoehorn onto the Atrix please post.
Moved as not android development
well I had planned on 'developing' a working solution. I just need some input as to where to start. I was going to use this for a journal -> howto of the process. I still can i guess.
So, does anyone have suggestions on where to start, or a good VPN linux client that runs on ARM well, and doesn't require a bunch of dependencies?
openvpn would be ideal, but it requires TUN/TAP support, which won't be available until kernel sources are available.
vpnc also requires TUN
Most web-based SSL VPNs require a java runtime plugin, of which the embedded one from Oracle does not work.
There's built-in support for Citrix, so that works for some people. I use NeoRouter, which is an SSL VPN of sorts. Fire it up in the Mobile View, and then I can redirect connections within the webtop to utilize that VPN connection.
you can use l2tp/ipsec or pptp via the settings/wireless&networks menu...its built into the OS. when you are in webtop it comes up as an option to connect to your vpn. why reinvent the wheel?
Not all companies/indivduals use pptp/l2tp/ipsec VPNs. It's best to have as many options as possible IMO.

POODLE SSL vulnerability - secure your Windows Phone!

Hi!
Hopefully you have heard of a new security hole called POODLE in SSL.
If not, click here!
How can you secure your Windows Phone? Here's the answer!
You need:
A interop unlocked Windows Phone
A registry editor on your phone
Follow those steps:
Start Internet Explorer on your Phone and navigate to https://www.ssllabs.com/ssltest/viewMyClient.html
You will see what protocols are supported by your browser. close Internet explorer (hold back key and close, not just minimize)
Fire up your registry editor and navigate to HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings
Change the value SecureProtocols to 32. Create this value if it doesn't exist.
Start Internet Explorer again and navigate to the page mentioned in Step 1. Look for supported protocols, it should display only SSL 3.0 - IT WERKS! Close IE again.
Now set the value SecureProtocols to 2688. This enables TLS 1.0/1.1/1.2 and disables SSL 2.0/3.0.
Start Internet Explorer again and navigate to the page mentioned in Step 1. Look for supported protocols, it should display TLS 1.0, 1.1, 1.2 AND SSL 3.0. Because the server is configured to downgrade to SSL 3.0, if TLS isn't supported. This may change in the future (hopefully).
Possible Values for SecureProtocols:
SSL 2.0 - 8 - 0x0008 (not supported on many websites, not recommended)
SSL 3.0 - 32 - 0x0020
TLS 1.0 - 128 - 0x0080
TLS 1.1 - 512 - 0x0200
TLS 1.2 - 2048 - 0x0800http://forum.xda-developers.com/#
2688 = 128 + 512 + 2048 = TLS 1.0 + TLS 1.1 + TLS 1.2
Tested on a Samsung ATIV S GT-I8750 using IO Explorer and WPHTweaks.
Thanks to
-W_O_L_F- and WindowsMania.pl for their excellent cutom ROMs
Jaxbot and Jessenic for the WPHTweaks App
contable for the IO Explorer App
and everyone involved in the great Windows Mobile and Windows Phone development and hacking community
and every member of XDA of course
Best regards,
Mr nUUb
EDIT: visit poodletest.com, it displays different images for SSL and TLS.
EDIT 2: Opera mini (beta) is not vulnerable.
Great guide. However, if the phone will still downgrade to SSL3 - that is, if you can't turn *off* SSLv3 - then you aren't safe. That's about half of the point of POODLE; it's possible to force most browsers and servers to downgrade to the obsolete protocol by just closing any connection attempts that report support for a newer version.
EDIT: Make darn sure you do *not* leave that option set to 32 (0x20, SSLv3 only)! That will not only leave you insecure, it will make the phone not work with any server which is configured to be TLS-only (and many will, in the wake of POODLE).
By the way, on "normal" Windows, this data is stored in the per-user registry hives (HKCU). My phone doesn't have the relevant registry value in either location, but it does have the registry *key* under HKCU, so you can (and possibly should) set it there instead of in HKLM.
I haven't tried this yet, though, so test it.
GoodDayToDie said:
Great guide. However, if the phone will still downgrade to SSL3 - that is, if you can't turn *off* SSLv3 - then you aren't safe. That's about half of the point of POODLE; it's possible to force most browsers and servers to downgrade to the obsolete protocol by just closing any connection attempts that report support for a newer version.
EDIT: Make darn sure you do *not* leave that option set to 32 (0x20, SSLv3 only)! That will not only leave you insecure, it will make the phone not work with any server which is configured to be TLS-only (and many will, in the wake of POODLE).
Click to expand...
Click to collapse
The phone won't dongrade to SSL 3.0. Qualys SSL Labs only show the highest supported encryption protocol. Because TLS is supported, they say SSL 3.0 is supported as well.
I edited my first post. Visit http://www.poodletest.com/, to check wether your browser sill downgrade to SSL or not. Make sure you refresh the page after you restarted your browser.
And you are right, NEVER EVER leave this option set to 32. And never set it to 2560, as this will disable TLS 1.0 and enable TLS 1.1/1.2.
Not even MS supports those encryption protocols, they really use TLS 1.0 - even if TLS 1.0 is slightly insecure and could be exploited (which practically never happens).
Poodletest is a good site for this, yes.
So, I set it in the user hive and it works, but it's a pain to do it using SamWP8 Tools because the way that the tools write to the registry uses a driver running under a different user than the DefApps user that normal apps (including IE) run as. Therefore, its concept of "current user" is different. You can use HKEY_USERS and specify the user explicitly - on my phone, the DefApps user is S-1-5-21-2702878673-795188819-444038987-2781 so the whole path to the key is
Code:
S-1-5-21-2702878673-795188819-444038987-2781\Software\Microsoft\Windows\CurrentVersion\Internet Settings
. However, be aware that this will be different on different phones, as a part of each user's SID is machine-dependent and will be different for every phone (should even change when you do a hard reset). You can find the correct SID from the Webserver app - just poke around in HKEY_USERS - but that's a pain HKLM is probably the better approach, if it works.
Thanks again for looking this up and posting instructions!

Categories

Resources