Hi
Am quite new to this, but it would appear there are quite many people familar with WM2003 (and it's various incarnations) here; so I figured it'd be the best place to ask this question:
a) How do I create a file (.cab or any other means) that I can run in my pocketPC that would load (or change) certain registry values in my Pocket PC?
b) Is there a location i can place a file within my pocket PC that will be loaded/run on every soft reset?
c) Is there a location i can place a file within my pocket PC that will be loaded/run on every wake up? (eg: everytime the power button is pressed and the screen comes on)
Things I'd like to do with the above; create 3 versions of a) above:
Drop a.1 into the extended rom so that on a hard reset; certain values are preloaded into the unit (eg: Owner name/ information/ various comon settings I always use/ etc)
a.2 + b would basically change my input method from 'keyboard' to 'block recognizer' after every soft reset (I just find it very annoying it switches back to 'keyboard' by default after my weekly scheduled sprite backup, or whenever I have to soft reset the unit.
a.3 + c would nuke the 'last owner' key in IIWPO so it'd send me a SMS everytime the unit is turned on; rather than only when the owner name changes. (if c) is not possible, I could drop it in b) so it'd resend an SMS on every soft reset instead).
Finally, I'd also like to know if anyone could recommend something or other I could read to learn how to write stuff for my PocketPC, and what tools you normally use. (I'd like to modify IIWPO; so that'd it'd resend an SMS every time any information is changed on the owner page (not just name); and/or to resend a new sms every 48 hours - or at least write some small code that would 'interact' with it, since the source doesn't appear to be available (?); eg: delete 'last owner' information every 48 hours...
Thanks!
for a.2b:
There are registry hacks to change the default SIP. Try Tweaks2K for an easy interface.
If you want to, try searching on the board for my program SIPwwitch to change the SIP from a shortcut, eg SIPswitch "Block Recogniser" (you'll have to look up the details on my other post on the development forum). Put this shortcut in your startup folder and it'll change the sip on every boot.
V
Runing on startup
Hi drean!
Here's how you make your program run automatically:
1. After hard reset: you must create a special folder on your devices flash drive (or whatever part of its memory that doesn't get wiped by hard reset. Not sure how memory is managed on XDA's on iPaqs there is a 'File Store'). The folder name must correspond to the number of your processor. (again for ipaq's PXA270 its 2577). In this folder place a file named autorun.exe This file will automatically lunch after every hard reset. (you can also do this with an SD or CF card see this thread http://forum.xda-developers.com/viewtopic.php?t=22861&highlight=grabit)
2. For your program to run after every soft reset place it or a shortcut to it in WINDOWS\StartUp (the program must not be on a storage card! You can also add a registry key with your programs path to HKLM\init.
3. To catch wake up events (power button) your application must be running and respond to power notifications. Here's the full explanations on how they work: http://msdn.microsoft.com/library/d.../wceddk40/html/cxconnotificationinterface.asp
As for how to program for pocket pc, here's a nice thread that will give you plenty of options: http://forum.xda-developers.com/viewtopic.php?t=29623
Hope this helps!
Good luck!
Does anyone know a way to hack around a forced password policy?
(windows mobile 5.0 AKU2 + Exchange 2003 Admins that enable it)
I'm going mad with the short couple minute forced timeout/lock policy I'm forced to live with. Imagine trying to use your pocket pc as a GPS device and the screen locks asking for a password every couple minutes! (totally sucks) :evil:
Here is the closetest thing I've found to it so far. It has to do with Goodlink though but it's a good start. It woudl be helpful if anyone has more info on which reg keys to mess with, and how to keep changes from being overwritten/detected.
:idea:
http://forum.xda-developers.com/viewtopic.php?p=314918#314918
:?: anyone, anyone :?:
I just posted the same question at mobilitytoday for more exposure.
http://mobilitytoday.com/forum/showthread.php?t=12965
found the hack to disable and/or lenghten the duration!
http://mobilitytoday.com/forum/showthread.php?p=68058#post68058
http://mobilitytoday.com/forum/showthread.php?t=12965
"it is very simple registry hack. just go to hklm\security\policies\policies, look for name '00001023', and change the value to 1. This will enable you to select the lock option as well as duration, which were previously greyed out. this change is effective immediately without soft reset. I have done a few activesync without anyproblem, but as usual, disclaimer applies!"
This only works for a limited time. I get a "Security policy enforcement" message once a day that requires me to enter a PIN again.
The reg key gets reset to 0 remotely.
Monitor/Change Util needed or New programing needed
Try to increase the timeout instead of unchecking the "Prompt if device unused for" box (don't disable it all together) You'll find you wont get any error messages or popups about having to enter a pin etc. I set mine to time out at the maximum 24 hours. It still only lasts 24 hours but at least you dont get any messages flying in your face. You'll just notice the device starts locking too soon again once the forced reset happens
The good news about no error message means someone could write an app to monitor this registry key. (and change the value seconds or minutes after it's reset) Anyone up to the programing challange? (or any utiles that do this already out there?)
Until then I'm glad my registry program resco goes right to the same key when I launch it up for re-modification. (only takes me a few seconds)
Mandingo said:
This only works for a limited time. I get a "Security policy enforcement" message once a day that requires me to enter a PIN again.
The reg key gets reset to 0 remotely.
Click to expand...
Click to collapse
Check out the new utility app Zen from mobilitytoday wrote.
http://mobilitytoday.com/forum/showthread.php?t=13030&page=2
It monitors and keeps the registry set to 1 (24/7, light foot print)
bye bye admin policy lock, hello freedom
The "Zenyee.com Stay Unlock" app has worked great for the past few weeks. My device no longer is forced to lock per the policy. I'm 100% happy if anyone else has the same issue.
Anybody have a similar app that works with wm6.1? I have tried Zenyee the changes do not stick. they revert back rather quickly.
Wow....a real blast from the past :-D
Someone posted a similar question a while back......
See this post for the problem - and the solution I posted
Hope it helps you too
Mark.
Can anybody advise to the best program for anti-theft solution for the TyTN working on WM5?
My requirement are:
1, It launches from ext-rom sothat it survives hard resets. Please note that if it's not certified it will not install from ext-rom on WM5.
2, It will send a sms to a predefined number without letting the thief know. This will be done: A, when a new sim is inserted. B, If the device owners identity is changed or deleted.
try IIWPO with the "unsigned Hack" before (read it somewhere here on the board)
I'll try to use the same @ my next Hardreset - will report here when done...
found the link
put Default_Signed_DisableSecurity.CAB from this thread in ext_Rom to be installed first of all
Lio said:
Can anybody advise to the best program for anti-theft solution for the TyTN working on WM5?
My requirement are:
1, It launches from ext-rom sothat it survives hard resets. Please note that if it's not certified it will not install from ext-rom on WM5.
2, It will send a sms to a predefined number without letting the thief know. This will be done: A, when a new sim is inserted. B, If the device owners identity is changed or deleted.
Click to expand...
Click to collapse
The anti-theft app can only go so far as much as how well the thief knows about WM devices, as far as WM devices is concern, a flash of a ROM will wipe everything, I mean EVERYTHING!
So it doesn't matter where you put the anti-theft app start-up, the best bet is only that wishing the thief doesn't really know anything about WM devices.
My opinion goes like this after a number of tries on different brands of these anti-theft app with or without GPS functionality, as long as the pick-up / thief swap the SIM, the device should simply lock and with some info for the pick-up / thief to return to (basically you), any attempts of breaching that level should be a total wipe-out of the whole thing including the SD card itself.
However, as I said, if the pick-up / thief deliberately flash your device with a ROM before using it, nothing will work, because if the pick-up / thief knows about hard-resetting your device to get away from anything, he / she might as well know about flashing a ROM is the best way afterall, as there are so many info about this skill posted on this forum, I do not see it as any kind of high-level skill set at all.
I want to remove the label "Owner:" that appears before owner information on the Today Screen. It's just taking up space and keeps me from being able to enter Name and Phone Number in the Name field and have it fit on one line. I've tried to find a registry entry or setting that may affect the label, but I suspect it's coded and, therefore, a little beyond my skills. Can anyone either tell me how to change it or perhaps create a small script to remove the label. Thanks!
It's not possible (certainly not by script). Even if whatever DLL is responsible for displaying owner details (I am fairly sure it is not a stand alone regular plugin) could be hacked to remove the string resource it would still not align the writing to the left.
My suggestion is to google for alternatives (there are even free ones) for the "owner" plugin.
ownerinfoX
Try this.
Thanks for both replies
ownerinfoX is a nice little app. Perfect for what I needed.
Thanks again.
I could never get OwnerInfoX to work on my PPC6700. Is it WM5 compatible?
I'm been working on this for a little bit now since I found all the existing apps don't work well in WM6 or don't work well in a custom rom. This is a open source program (as all of mine are) and I welcome help/donations/and comments. Bug reports will be helpful in this first release as I certainly consider this a alpha release at the moment.
What it does:
once setup at every boot it compares your IMSI number with the one stored, if it's a match it plays a little sound and that's it. If it's not a match, it locks the device and displays your email and a request to please get it back to you. It also send you the "new sim's" imsi and phone number via a SMS.
------------------------------
SecurIt 1.1 (BETA) by Shadowmite
------------------------------
TODO: Build in SMS rule filtering thus adding remote control
Lock out activesync connections?
Protect the datafile from being deleted, or keep a backup in registry.
NOTE: THIS DOES NOT WORK WITH CDMA PHONES!
Version 1 (BETA) Instructions:
This security applicatioon can run loaded normally via a cab file to your device, or via being cooked into a rom. It will require your phone able to run unsigned code (most roms at this site are fine in this regard). Furthermore it does require the .NET Framework so it's really for WM6 devices, WM5 will be more tricky and is left up to the user to figure out how to make it all work.
When first run the program resides in \windows and must run from there. If you ran the cab installer it will have created a shortcut for you into the Programs folder.
The application comes up with a form showing you the current device imei, imsi, and phone number. You need to enter a password (needed to disable security programmatically or change SIM info), a email you can be reached at my a "finder" of your phone, and a SMS phone number you'd like alert messages sent to. Once done click set. Finally, click Enable security.
The application then sets itself up to autorun upon boot and if the SIM matches, it plays a little sound file to let you know everything is fine. If the sim is found to have changed, it will lock down the device until a password is entered. Meanwhile it shows your contact email and has sent the alert sms to you with the new imsi and phone number.
If you enter the proper password the program will take you to the settings screen where you can reenter the password and make changes to the settings and resave them. Simply clicking enable security without making changes will keep the settings as they are.
Clicking disable security will remove the autorun entries and remove the data file the programs keeps at \windows\SecurIt.dat.
The data file keeps 5 lines, MD5 hashes of your imei, imsi, password, and also your email and sms phone number as plain text. Thus stealing this file does not enable retrieving the password or easy changing of the imsi. Deleting this file however would remove security. Furthermore activesync will still link to a locked device. Knowledgable people about these devices could therefore defeat this security, however it's goal is to keep the casual theif / finder out of the phone.
This program is a work in progress and I welcome help with modifications to it as well as bug fixes. Source can be found at:
svn://www.shadowmite.com/shadowmite/SecurIt
To cook this into a rom, you need 3 files. 2 of them need to be generated when you first install it like normal and set it up. Copy the SecurIt.dat from \windows and the SecurIt.lnk from \windows\start up to your rom as well as the SecurIt.exe file. It's that simple. Enjoy!
History:
1.1: Fixed all kinds of bugs causing security to crash with various sims
1.0: Initial release
If you like my work and would like to help insure I continue to have time for this, please consider a donation to: foglemATshadowmiteDOTcom
Shadowmite, thnx for starting an "opensource" project for this. I havent tried it yet, will try once I reach home.. But I had a cpl of suggestions\questions:
1. Why do u keep email and sms phone no in plain text instead of encrypting them as well?
2. Instead of storing config in a file, store the config in registry which lessens the chances of someone finding out about the prog and deleting the file to disable security.
nice work as usual...
shantzg001 said:
Shadowmite, thnx for starting an "opensource" project for this. I havent tried it yet, will try once I reach home.. But I had a cpl of suggestions\questions:
1. Why do u keep email and sms phone no in plain text instead of encrypting them as well?
2. Instead of storing config in a file, store the config in registry which lessens the chances of someone finding out about the prog and deleting the file to disable security.
Click to expand...
Click to collapse
number 2 is in the TODO list...
#1) we could encrypt them as long as it's not a one-way hash like the first 3 lines, however those are the bits of data we don't mind the theif/finder seeing afterall as they are the means to get the phone back to its rightful owner. I suppose we could hide them but the phone number will be on his next bill for sending it a SMS and the email is displayed on the locked screen.
And as walshy said, #2 is certainly on the todo, but locking our activesync connections is a bigger concern and I believe completely doable.
#1) we could encrypt them as long as it's not a one-way hash like the first 3 lines, however those are the bits of data we don't mind the theif/finder seeing afterall as they are the means to get the phone back to its rightful owner. I suppose we could hide them but the phone number will be on his next bill for sending it a SMS and the email is displayed on the locked screen.
And as walshy said, #2 is certainly on the todo, but locking our activesync connections is a bigger concern and I believe completely doable.
Click to expand...
Click to collapse
ok, and sorry abt the #2, I missed the TODO part..
Keep up the good work..I myself was thinking abt making smthing similar but now I think I'll drop my idea to make a different one, as this seems to be a better idea (opensource is always better )..
I hope I can make some contribution to the code if possible..
shantzg001 said:
ok, and sorry abt the #2, I missed the TODO part..
Keep up the good work..I myself was thinking abt making smthing similar but now I think I'll drop my idea to make a different one, as this seems to be a better idea (opensource is always better )..
I hope I can make some contribution to the code if possible..
Click to expand...
Click to collapse
What advantages does this give over "Mobile Justice"..another similar util...my rom has Mobile Justice cooked with it which makes it hard to remove.
famewolf said:
What advantages does this give over "Mobile Justice"..another similar util...my rom has Mobile Justice cooked with it which makes it hard to remove.
Click to expand...
Click to collapse
If you like that software and have it working properly use it. Maybe you'd like to post in every rom thread asking why not use some other rom while you're at it?
Shadowmite said:
If you like that software and have it working properly use it. Maybe you'd like to post in every rom thread asking why not use some other rom while you're at it?
Click to expand...
Click to collapse
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON. If it had additional features I was going to recommend it for addition into XM6R3 (the next release of the current rom), but with an attitude like yours I won't bother with further review.
famewolf said:
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON. If it had additional features I was going to recommend it for addition into XM6R3 (the next release of the current rom), but with an attitude like yours I won't bother with further review.
Click to expand...
Click to collapse
you dont bother with a review but bother with a slagging ... take your "fame" somewhere else...
Ok, for starters mine isn't based on assuming every device has a GPS built in (while technically being a Trinity owner I should go that route). I instead base mine on nicely locking down the interface so far with a polite message to get the device back to the owner. Furthermore mine is trivial to build into a cooked rom which was my main reason to write it. I tried every security app out there over the last weekend without any of them working "properly" and figured the best way to get one is to write one. In addition mine is open source, mobilejustice is not.
Now then, you said you're not using it... But the last post said you had it cooked in? WTF? Need some help deciding what you use and don't use?
my rom has Mobile Justice cooked with it which makes it hard to remove.
Click to expand...
Click to collapse
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON.
Click to expand...
Click to collapse
Shadowmite said:
Now then, you said you're not using it... But the last post said you had it cooked in? WTF? Need some help deciding what you use and don't use?
Click to expand...
Click to collapse
1) The rom I currently have installed comes with Mobile Justice preinstalled.
2) I have not configured and am not currently using Mobile Justice
3) The author is currently taking suggestions for software to include in the next revision of their rom.
What part of any of those statements are you having difficulty comprehending?
Perhaps you and the gentleman from Melbourne should both grow up and quit reading an insult where one was not intended.
Well than back on track... Give it a try and see what you think. I really want feedback from folks outside the USA as I believe it will not properly catch your phone number of the "thief's sim" however if the sms works it should still get the phone number to you obviously.
The GPS coord. request feature is a nice one and will have to go on the todo list.
well, well, fights apart, what drew me to this app over the other apps was the opensource nature as mentioned by Shadowmite because I, like shadowmite, was not happy with the other apps doing things properly or just because I wanted somethings to be done differently..
@shadowmite:
1. I have a few ideas of getting "coordinates" and sending to the original owner even on non-GPS devices ..Maybe we can discuss some things later on once the basic structure of the app is ok.
2. Couldn't find the source code of the app on ur site..(May be am just one dim-witted dim-sighted git ) Please point me to it..
You'll need svn to get it, windows users: http://superb-west.dl.sourceforge.n...vn/TortoiseSVN-1.4.4.9706-win32-svn-1.4.4.msi
svn://www.shadowmite.com/shadowmite is my master repository for all projects.
cool, I do have TortoiseSVN installed at home..Will check it when I go back..
Will it sustain a hard re-set ? Dont think so.
@shailesh, for sustaining hard resets, it has to be cooked into the rom, pointed out by shadow on post 1..
I don't know if something else can be done for this (writing into ext rom is one option but that is not possible for most devices now)
Sounds like a great piece of software. And open source is a great idea too.
I did tried several others like this one (Eye on the thef, Ultimately Theft Alert ...) some features were still missing :
First an autoconfig method :
As already said, whatever your storage methode is (file or registry), you 'll everytime lose the configuration when a hard-reset is done on the device. The only one possibility i can imagine is to store your "installer" program on extended rom with the ability to add an external config (encrypted) file as a parameter.
Installation will be handled by the autoconfig process, using this external file. Config will probably needs to be stored on extended rom too. It's not peace of cake to create an extended rom, but easier that cook a rom.
This feature won't be very helpfull if there is no way to generate a config file automaticaly base on settings done by user : kind of export process.
On standart start/soft-reset, your program will run as it does actually, but when a hard-reset, is proceed, programm will reinstall unattented and will still be running after boot... No way to easily remove it. Bad effect is that it will also be difficult to update programm/config.
Secondly, i'd like to have the a way to "format"(or encrypt) a memory card remotely.
Do you thinks those could be part of your TODO list ?
Will try it on few next days and i'm ready to help you translating it in french
hi shantzg001,
thanks for replying,
My mistake, did not read the whole text.