I obviously am sensative as to who while looking my XDA over could accidentally find my porn stash.
What software package is best for encrypting movie files and pics?
resco explorer come with a built in encrypt file software.
Or Airscanner Encrypter to encrypt whole folders easily.
perhaps make the folder "hidden" then take the view hidden files function away so that the general browser doesnt find it.
i also apply a name that will not attract attention such as work or parents .... or system or temp cache or similar, anything but say porn xxx look here
then again, dont be ashamed of your actions, or dont do the actions....
nothing wrong with a bit or even a lot of porn
if it offends people, they shouldnt be looking, and even if they found it, they should choose not to look
This image always comes to mind:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
I find that merely zipping the folder and putting it somewhere obfuscated prevents accidental clicks. But airscanner looks cool. Will have to try it out.
V
Nice one V! :lol:
So now we know what you do so long in the nights on your pc... :roll:
...looking for funny pics .
Am I the only one that would have really appreciated it if you wouldn't have told us what you're using the encryption for ?
TheBlasphemer: if he'd said:
"I need an encryption app to encrypt information I'd rather other people didn't see", he's most probably either a hacker, a spy, or a male Glad he >eugh< "came" straight out with it... :shock:
Rottie: you back from holiday? Your request, what seems to be the Holy Grail of hacks, the closed clam keyboard hack - I've had some ideas and some contributions that have given me some ideas. I'll try to progress them shortly.
And what I do on the long nights - I wish! I'm programming every spare minute now, even during lunch times, running home to code a few lines
This made me snort tea all over my desk:
I love Penny Arcade.
Anyone tried AirScanner yet? (blatant attempt to bring back on topic!)
V
vijay555 said:
TheBlasphemer: if he'd said:
"I need an encryption app to encrypt information I'd rather other people didn't see", he's most probably either a hacker, a spy, or a male Glad he >eugh< "came" straight out with it... :shock:
Click to expand...
Click to collapse
If he hadn't told us, I could still just refuse to believe the pr0n thing and believe he was a govt spy or anything
If you were to put the porn on your ipod, you could call it porn-on-the-pod.
porn-on-the-pod
Click to expand...
Click to collapse
Do you want butter with that? A little "Last Tango in Paris" perhaps?!
V
Last Tango reminds of the ads ... Can you tell the difference between butter and margerine ?
chetccox said:
If you were to put the porn on your ipod, you could call it porn-on-the-pod.
Click to expand...
Click to collapse
ROTFL
I actually use Airscanner for er..... encrypting stuff that.....er I'd rather wasn't....... er easy to find. <coughs>
I can vouch it works well under WM5, and it appears to work by using multi-pass bitwiping to ensure there is no trace of the original files prior to encyption.
Odd thing is though, I'm sure it used to be free, but now they seem to charge for it. My advice is look at free download sites for a copy.
Not sure where the software came from, but my press and hold menus provide encryption, I think its resco explorer.
I can use normal file explorer to "hide" files from general view, but I noticed in Resco explorer, the hidden files are still clearly visible, so not sure if there is a bug in the resco app for hidden files, but they are definitely hidden from the normal ppc file explorer. add that to resco encryption, I think should be sufficient.
Good (and bad) news - looks like we won't be needing this software anyway:
http://www.theregister.co.uk/2006/02/23/masturbation_worse_than_sex/
V
On a side note: On my communicator I had a password safe with categories like credit card, shopping accounts etc... Is there something similar for WM5 available?
TauTau said:
On a side note: On my communicator I had a password safe with categories like credit card, shopping accounts etc... Is there something similar for WM5 available?
Click to expand...
Click to collapse
There is a program called KeePass which works on most devices, relevant here is the Desktop and PocketPC. The datafiles are transferable between both devices. I have used it on my Universal without problems. I have actually been using this program for a long time, I keep the DB on a USB key and a copy of the program. This means that when I plug in my key the password safe opens and asks for the password, or I can run it from the key if on another machine.
As for encrypting the pr0n, what about a good old .RAR archive? The version that I use (Pocket RAR 3.50) will encrypt and decrypt folders and files, quite fast too.
If you're talking about a large stash this won't work, but if you're only carrying round < 10MB you could always use the ExtendedROM partition and leave it hidden.
This means that you could have all your files in readable format, but without knowing the name that you used for the partition they couldn't access it without searching the registry for the name.
Not many people are going to search the registry for a name they don't even know exists.
This might sound like a difficult thing to do, but Buzz made an unlocker and the registry change for the name is in the thread.
Once you have done your hard reset and loaded the ExtendedROM you don't need the stuff in there anymore, and can use the space for storage.
"stash"
I agree, I know "people" that use a zip file for text, and otherwise just buried folders.
How's abouts we make a small app to render files unusable? You could take the filename, pre-pend it to the file in binary to render it unusable, using a simple XOR encryption for those few bytes. Then give it a generic filename and extension, eg Sheet1.prn.
When launched, .prn files will launch our decrypter, asking for the password. I suppose you could possibly memory map the decrypted file to even ensure an unencrypted version doesn't exist on the device for any considerable period (ie until you close the decrypter).
just an idea.
V
Sounds good V,
When can we expect VJPhorEnsic to first arrive on the board ;-)
M
Related
Ie. a compiler that lets me make PPC-runnable applications from the PPC.
I do not really need the IDE, although it would be very nice of course.
The language/libraries basically just need to support text input and output, or some kind of access to the GDI/graphics interface, so I can develop and experiment while I'm out travelling.
I'd really want this, if it can be found anywhere, I'd even pay for it..
preferably C++ or as low-level as possible, I'm also quite decent in
assembler.
I have tried the perl thing, and although cool, it was a very reduced version of perl, and also naturally quite slow because of the processor.
Any tips in this direction would be very welcome
Nevermind.. I found PocketGCC, so for others that are interested in this info:
http://pocketgear.com/software_detail.asp?id=11502
It should do the trick. Only console for now, but that's OK for me.
If there's a better alternative, I'd love to see it though. Not sure how well this console interfaces (interrupts, keystrokes etc).
Check out Mamaich's website for some other stuff related to PocketGCC.
It does work, but it's hard-ish work. But with a keyboard, it'll be easier. Grab yourself the SDK demos from the yahoo groups website.
V
ahh ok thanks man, I found the Mamaich pack here:
http://sourceforge.net/project/showfiles.php?group_id=96949
I have a keyboard on the PPC of course.. Universal I can type almost as
fast on it as on a normal keyboard, which was really surprising to me.
I think it can work, and I'm really ready to start coding on this.
Let us know how it goes. It would be interesting to see how feasible is host development on windows mobile (I do hope that it's not an eye opener though lol)
PocketGCC is great! I made use of it on my honeymoon.
However, you appreciate something like VS2005 with syntax completion etc, but at a push, it's very competent.
Oh, no resource editor. I think there's another one that can be used from Pocket C or something like that.
V
vijay555 said:
PocketGCC is great! I made use of it on my honeymoon.
Click to expand...
Click to collapse
haha! Well if it's honeymoon material, maybe even my girlfriend will like this (she's a programmer too). ^^
However, you appreciate something like VS2005 with syntax completion etc, but at a push, it's very competent.
Oh, no resource editor. I think there's another one that can be used from Pocket C or something like that.
Click to expand...
Click to collapse
OK, nice! ^^ but you say resource editor, makes me think you can make GUI apps.. I thought PocketGCC only gave you access to console IO? Or is GUI libs what the Mamaich package contains?
As I said, if you hunt around in the yahoo groups, you'll find someone has prepared a full set of the PPC Sdk demo apps for PGCC. And they're almost all GUI apps. So yes, Pure Win32 C++ GUI apps are possible.
And you can compile your .rc as well, so if you're competent with notepad, you can make your .rc yourself, although you'll still need a bitmap editor (I like PocketArtist).
But as I said, I think Pocket C has a resource editor you can felch (don't look this word up!).
V
vijay555 said:
But as I said, I think Pocket C has a resource editor you can felch (don't look this word up!)
Click to expand...
Click to collapse
Hmm... all I know is "to belch" or "to filch"... I hope you don't mean either of those :lol: :wink:
Nope, felch is what I mean
Filch works well enough in the context, that can be the "censored" version
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
V
rofl.. omg...
http://en.wikipedia.org/wiki/Felching
sick, sick, sick.
I can only find this:
http://prdownload.berlios.de/cegcc/Pocket_PC_2003_SDK_Includes-2006-03-09.patch
Which is a patch for the includes.. and then I download the SDK seperately? Or is there (as I interpreted you first) a rar/zip of the SDK samples that are prepared to be compiled by the standard PocketGCC package?
Sorry for the questions! But the Yahoo group was kinda messy, and been looking there for a while now =P
Theoretically, you could code your application whichever way you like, even using Flash (Lite).
You must then worry about making it compatible with WM5.0 and then packaging it. Still, fairly simple process.
You have to register and then check files:
http://groups.yahoo.com/group/pocketgcc/files/Source Code/
V
Excellent! Thanks Vijay.. (I thought it'd be a link from the discussion).
OK.. let's hope this will be a useful thread for other people that want to
do the same. And I'll just, ehm.. felch.. =X that file then and shut up.
Thanks again!
For some other pointers on books and sdks etc, you can have a read of this tale of woe I wrote once upon a time:
http://forum.xda-developers.com/viewtopic.php?p=209136#209136
V
Well, I've been programming for 18 years, and started in the absolute opposite corner of what you did (C64 assembler), so for me C++ was more like "wtf.. you can't just grab a memory address and use it?" ^^
anyway this link is definitely good for the thread.
Some bad news though.. even though PocketGCC will work, the supplied console does not seem to run (outdated). The Rainer Keuchel one also seems to be out of date for WM5. ;( I'll update this thread if I find a solution.
PocketC seems to work nicely and includes an editor:
http://www.orbworks.com/wince/download/rt/pkpc300.PPC30_ARM.CAB
Not sure what the scope of it is though..
Apologies for the other post, with 18 years you must see in pointers:
Hopefully it'll provide some "pointers" for other people looking for somewhere to start. I'm still very much of an amateur at c++, so of course, any advice is always appreciated!
I forgot about the console problem on WM5. I haven't investigated recompiling it for WM5 yet, although the various source codes for the console options are available. If you do recompile, let me know!
V
Pocket Console on WM5
I was having trouble getting Pocket Console (http://www.symbolictools.de/public/pocketconsole/index.htm) to run on WM5 - and eventually found the following info:
HKEY_LOCAL_MACHINE\Drivers\Console registry key is required to configure the command processor, the value OutputTo should be set to 0 to ensure console is displayed (Mine was -1).
This may be what is needed for people trying to use other console apps.
This can be seen on:
http://msdn.microsoft.com/library/d.../wce50conCommandProcessorRegistrySettings.asp
This lead me to another issue: The console display is not being automatically refreshed, so you cannot see output/input until you force a refresh (e.g. by selecting all). Any thoughts on sorting this out would be appreciated.
Martin
two relitavely new languages i've found, that run directly on a PPC.
basic4ppc
http://www.basic4ppc.com/
Pocket Programming Language
http://www.arianesoft.ca/page.php?1
Hi there,
i know this posting is quite old, but i'd like to refer to the console issue anyway.
martinkendall said:
I was having trouble getting Pocket Console (http://www.symbolictools.de/public/pocketconsole/index.htm) to run on WM5 - and eventually found the following info:
HKEY_LOCAL_MACHINE\Drivers\Console registry key is required to configure the command processor, the value OutputTo should be set to 0 to ensure console is displayed (Mine was -1).
This may be what is needed for people trying to use other console apps.
This can be seen on:
http://msdn.microsoft.com/library/d.../wce50conCommandProcessorRegistrySettings.asp
This lead me to another issue: The console display is not being automatically refreshed, so you cannot see output/input until you force a refresh (e.g. by selecting all). Any thoughts on sorting this out would be appreciated.
Martin
Click to expand...
Click to collapse
I also recognized the non-refreshing console.
The attached package is working perfectly on the universal. It's taken from the WindowsMobilePowerToys package from microsoft.
Follow the readme and enjoy!
scholbert
US-CERT is aware of reports of a trojan that affects Microsoft Windows CE. This trojan disables Windows Mobile application installation security.
The trojan may take any or all of the following actions on the mobile device:
* spreads via seemingly legitimate application installation files
* installs as an autorun program on the memory card
* installs itself to the device when an infected memory card is inserted
* protects itself from deletion by copying itself back to disk
* replaces the browser's homepage
* allows unsigned applications to install without warning
US-CERT encourages users to take the following preventative measures to help mitigate the security risks:
* Install anti-virus software on the mobile device, and keep its virus signature files up-to-date.
* Use caution when downloading and installing applications.
US-CERT will continue to provide more information as it becomes available.
http://blogs.zdnet.com/security/?p=904
Apparently it's targeted at WM devices, and is in the wild.
CERT has a waning too:
http://www.us-cert.gov/current/index.html#microsoft_wince_trojan
I'll tell you who created it. One of the companies that sells the useless "anti-virus software" for our smartphones! LOL Now they can actually sell it...
NRGZ28 said:
I'll tell you who created it. One of the companies that sells the useless "anti-virus software" for our smartphones! LOL Now they can actually sell it...
Click to expand...
Click to collapse
^^^^^^^^^^^
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
well be sure to check the guy who posted a thread about creating viruses, right here in our forum!!!
This statement i agree.
Up to now WM was the only safest Windows been.
I really have seen anti-virus soft for ppc, and always wondered is there a viruses for ppc? Now I know they exist I wondered the same about Linux. But never heard of "virus for *nix".
Malicieux said:
I really have seen anti-virus soft for ppc, and always wondered is there a viruses for ppc? Now I know they exist I wondered the same about Linux. But never heard of "virus for *nix".
Click to expand...
Click to collapse
http://en.wikipedia.org/wiki/List_of_Linux_computer_viruses
NRGZ28 said:
I'll tell you who created it. One of the companies that sells the useless "anti-virus software" for our smartphones! LOL Now they can actually sell it...
Click to expand...
Click to collapse
Could not agree more
Something Dodgy about McAfee Screenshots
" Timing"
One of McAfee's screenshots shows the autorun.exe trojan as having a creation date of 25th may 2006. Thats nearly 2 years ago - have McAfee really just discovered it now, or have they just been sitting on the discovery... Que publicity of their mobile antivirus software coming to the rescue for every paranoid corporate IT Manager....
My thinking exactly...
TheChampJT said:
well be sure to check the guy who posted a thread about creating viruses, right here in our forum!!!
Click to expand...
Click to collapse
I remember that thread from a few days ago, then saw the CERT issue...
A coincidence?
Malicieux said:
I really have seen anti-virus soft for ppc, and always wondered is there a viruses for ppc? Now I know they exist I wondered the same about Linux. But never heard of "virus for *nix".
Click to expand...
Click to collapse
i am happy because i will not feel anymore as an idiot when update my antivirus(mobile).
anyway i want to be in contact with this.....
I think the first part of your statement is still true....
Are we going to start seeing ppc anti virus banners now?
Hah???????????????????
Anti virus for ppc? Why? unlike PC we could reset the ppc and get back the fresh rom in 10 mins.
Moderator, pls kill this useless thread.
HaiLe512 said:
Anti virus for ppc? Why? unlike PC we could reset the ppc and get back the fresh rom in 10 mins.
Moderator, pls kill this useless thread.
Click to expand...
Click to collapse
Even though recovery is simple and with all the ROM flashing that goes on...virus' don't stand a chance; people need to be informed.
This thread is not useless and leave it to the moderators to decide this.
Two new articles:
http://www.avertlabs.com/research/b...zed-information-and-leaves-device-vulnerable/
http://www.pocketpcthoughts.com/index.php?action=expand,58603
I personally think that AV (Anti-Virus) Developers (Norton, McAfee, etc.) want some of this PPC $.
Now why would anyone from XDA make a virus while there is anuogh spyware to kill that MS tries to enforce on Windows Mobile?
Here is a source code of the first ppc virus
Yeah in the last T-Mobile NL 2.26 Rom for ELf they allso included a download link to AV. Made it even slower.
After putting TomTom on my SD card I noticed that every time I inserted or removed the card I got an error message about AutoRun.exe not being digitally signed or an invalid application.
Looking at the screenshots I noticed the folder name was 2577 (same as the TomTom installation folder.) TomTom auto installs when you enter the TomTom miniSD card into your phone, so I assumed that the autorun.exe was part of that implementation.
I don't think this is the virus as my homepage stayed intact but you never know.
Where's the link for download?
After doing my ActionScreen, I realised I could adapt the framework very easily to create a download manager.
Currently, the only applications on it are ones that I've hardcoded, although I'm almost certainly going to extend it to 3rd party software, and probably build in some form of updates system...
I will also be implementing this as an "add ons" system to a ROM I'm working on. E.g. it's a very light ROM with a long list of cabs that can be downloaded and installed from one place.
Why am I posting it here you may ask... Well, I want to get some ideas for what to do, and see what people think of it before I release it.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
What I'm hoping to do:
Application categories
Sorting by developer
Submissions (two levels, trusted - have been checked, and untrusted - haven't been checked but have warnings plastered all over them)
Details screen with a screenshot and some text
Proper updates mechanism
Kinetic list scrolling (I just can't be asked to derive displacement from velocity at the moment...)
Warning, this may destroy your device, and possibly the planet, but I cannot be held responsible!
Cab attached below, backup anything you care about, copy it across install and run...
0.04 is identical (bar the fact that it thinks its 0.04 instead of 0.03...), but is hosted somewhere else to demonstrate the current update mechanism.
Reserved for me
Looks good so far!
I would initially focus on included barebone (trusted) apps in the download manager (with auto-update notification functionality) and eventually branch it out to 3rd party apps...
This notion in general is the one (and only) thing that the iphone has over all other devices currently
great idea
PorX said:
Looks good so far!
I would initially focus on included barebone (trusted) apps in the download manager (with auto-update notification functionality) and eventually branch it out to 3rd party apps...
This notion in general is the one (and only) thing that the iphone has over all other devices currently
Click to expand...
Click to collapse
Currently, there are nine applications I've built from the Diamond 2.03 ROM (the Blackstone Manila is from mun_rus), and no form of update function has been implemented.
All the icons and images are the ones the Diamond Comm Manager uses, so changing them changes the skin in this.
Anyone have any ideas for what kind of data base I should use? So far, everything is hardcoded!
looks very nice and clean, as a past nokia user i used to use nokias download manager, maybe you could have folders on the opening/main screen and have dif things also like games, themes, wallpapers etc but keep the folders etc in with the style of manila like uv done so far, very good work, keep it up.
regards,
biggzy
Nice work mate.
Glad to see MS havn't put you off with their Sky*** stuff
How about colaborating with CRC and his Device Update stuff? He has a killer back end that use Geo Balanced FTP Servers. The client just makes HTTP requests and the server returns XML.
Me and Chainfire were working on it with him, but Chainfire got busy and we were waiting for a "grand design" from him.
Just a suggestion...
Dave
DaveShaw said:
Nice work mate.
Glad to see MS havn't put you off with their Sky*** stuff
How about colaborating with CRC and his Device Update stuff? He has a killer back end that use Geo Balanced FTP Servers. The client just makes HTTP requests and the server returns XML.
Me and Chainfire were working on it with him, but Chainfire got busy and we were waiting for a "grand design" from him.
Just a suggestion...
Dave
Click to expand...
Click to collapse
That sounds cool...
A nice back end would be good (I have an ini, some hardcoded variables, and download files directly rather than HTTP requests because my current host can't deal with them!)
Also, there is a cab attached to the first post.
Read the warning!
You never stop
Hi l3v5y,
You never stop. You are developing a new action screen, this download manager now. What will be the next? ;-)
Both tools are great. Thanks!!
Regards
elparra72 said:
Hi l3v5y,
You never stop. You are developing a new action screen, this download manager now. What will be the next? ;-)
Both tools are great. Thanks!!
Regards
Click to expand...
Click to collapse
I had two days off school because of snow, so I released some things I'd been working on!
I do have a reworking of "ScrollLauncher" that I did some time ago, and I need to make iShell work better!
But, what could I do next instead?
Just realised the version of Opera I uploaded was a QVGA one, so you'll need eyes like a hawk and pointy fingernails to use it... I'll fix that later though.
PDM
I actually use and like the pdm software that comes inside the TIR rom
eurorpeen said:
I actually use and like the pdm software that comes inside the TIR rom
Click to expand...
Click to collapse
In what ways is it better or worse than this? It would be nice to get some feedback on it in comparison to this...
Cool.
This app will build a APPSTORE for Diamond.
Hi,
what about to build a kind of appstore with a much bigger database with possibility to filter applications by device compatibility? I have the database
Feel free to contact me if you are interested.
worki2k1 said:
Hi,
what about to build a kind of appstore with a much bigger database with possibility to filter applications by device compatibility? I have the database
Feel free to contact me if you are interested.
Click to expand...
Click to collapse
There are a few things I need to work on in my frontend (categories, sorting the list, kinetic scrolling etc), and then I need to find a fast, lightweight database system before I can consider having a decent database.
I have tried to contact CRCinAU (DeviceUpdate) and there's some discussion about the Gecko database, which may be potential backends. The thing I don't want to end up with is a completely seperate system. I think to be able to distribute apps in a decent, managed way, all the frontends need to work with a single unified backend, so developers can submit their application once, and only once.
isn't this illegal, providing those cabs?
Richardprins said:
isn't this illegal, providing those cabs?
Click to expand...
Click to collapse
What CABs?
Dave
This program is found in the depths of the internet, and would like to share with you, because it deserves attention.
I hope the author will not be offended.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
View attachment Process.Viewer.WP8.xap
spavlin said:
View attachment 2635723
Click to expand...
Click to collapse
So nice . well done .
no Interop Unlock Needed and works very smooth and very fine .
Tested on Lumia 920 RM-821 .
Whoa, very cool! Mind sharing the source, or at least the technique used? I tried this months ago and concluded that apps could only see processes running in their own chamber. Even adding ID_CAP_FOREGROUND_TASK_MANAGER only helped a little (let me see the debugger when it was running, not much else). You managed to get a *ton* of info using only completely ordinary capabilities, and I'd really like to know how!
Thanks for sharing the app, though.
Oh, and however you're managing to open handles to system processes, how much access do those handles have? In particular, can you use debug APIs? I really doubt it, but it's totally worth trying... because if it is, we've got arbitrary root.
GoodDayToDie said:
Oh, and however you're managing to open handles to system processes, how much access do those handles have? In particular, can you use debug APIs? I really doubt it, but it's totally worth trying... because if it is, we've got arbitrary root.
Click to expand...
Click to collapse
reker written this programm)
...:laugh:
Working with my Lumia 925 :good:
Long time i've not been around, and suddenly found this really interesting thread (i'm playing with a lumia 920) i've been able to rebuild the application (generate source from xap) and found some interesting things, there are 2 dll that contain the process tools, one wrapper for them and one dll that is used to "protect" the application:
Win32ProcessWrapper_RT.winmd: wrapper for: WP8ProcessUtils.dll and WP8NativeShellHelper.dll
Win32ProcessWrapper_RT.dll : checks for the publisher id and application id (without that, it disables the dll call's
But the really really interesting part is that there are some functions not added in the wrapper but available on the WP8ProcessUtils.dll, not sure if it's due to elevation required or maybe for another reason (as far as i can see it is able to gain access out of the sandbox so elevation should not be an issue, but who knows, i'm not an expert on that)
here are the functions inside the WP8ProcessUtils.dll
and as you can see, they are not present in the wrapper:
I've attached the VS solution reconstructed from the xap (code is not something to say "ohhh" but it works ), maybe someone can take a look and see if the wrapper could be rebuilt to use the missing functions.
Salu2!
Interesting! I'd looked at the exports, but I hadn't caught the same things you had. The WP8_* functions are odd; Win32 doesn't use the "FindFirst/FindNext" paradigm for processes, so far as I can tell. However this app enumerates processes, it's doing something funky. It doesn't even call EnumProcesses, not that this surprises me terribly (since that API won't return any processes outside your AppContainer). The presence of multiple Open* (as in, WP8_OpenThread, WP8_OpenThread2) functions is intriguing. One can safely presume that one of them is the standard Win32 APIs (OpenProcess, OpenProcessToken, and OpenThread are all imported from kernelbase.dll). The question is, what are the other ones? Even "guessing" process IDs doesn't let you use OpenProcess on them...
All the interesting stuff seems to be in the native code (no big shock there, really). Gotta get that source...
Apologies for failing to notice the bit about finding (rather than writing) this app. I've emailed the dev.
GoodDayToDie said:
Interesting! I'd looked at the exports, but I hadn't caught the same things you had. The WP8_* functions are odd; Win32 doesn't use the "FindFirst/FindNext" paradigm for processes, so far as I can tell. However this app enumerates processes, it's doing something funky. It doesn't even call EnumProcesses, not that this surprises me terribly (since that API won't return any processes outside your AppContainer). The presence of multiple Open* (as in, WP8_OpenThread, WP8_OpenThread2) functions is intriguing. One can safely presume that one of them is the standard Win32 APIs (OpenProcess, OpenProcessToken, and OpenThread are all imported from kernelbase.dll). The question is, what are the other ones? Even "guessing" process IDs doesn't let you use OpenProcess on them...
All the interesting stuff seems to be in the native code (no big shock there, really). Gotta get that source...
Click to expand...
Click to collapse
You are right, there is some sort of "voodoo" hidden in that dll, but based on the level of "protection" the application has (for a lack of other term) i'm not pretty sure the dev would be willing to release that portion of the code (he wrote one wrapper to interface a dll that checks developer id in order to allow the app to use the exports, too much work for something that you are willing to release, and also a very good strategy to prevent MS/Nokia to patch it)
Maybe our best shoot is with someone with better ida - hex ray experience (for sure any experience is better than mine )
Cheers
---------- Post added at 03:47 AM ---------- Previous post was at 03:34 AM ----------
GoodDayToDie said:
Whoa, very cool! Mind sharing the source, or at least the technique used? I tried this months ago and concluded that apps could only see processes running in their own chamber. Even adding ID_CAP_FOREGROUND_TASK_MANAGER only helped a little (let me see the debugger when it was running, not much else). You managed to get a *ton* of info using only completely ordinary capabilities, and I'd really like to know how!
Thanks for sharing the app, though.
Click to expand...
Click to collapse
Btw, as i said, i'm not an expert on wp applications (just got the wp8 a couple of weeks ago) i've tried to add that capability on the application but says "invalid" is there other way to add it besides WMAppManifest? (additional files, etc.)
Thanks!
No. You can use it on capability-unlocked phones, but not on standard dev-unlock.
I'm not great with IDA but I can use it. It'll just take longer :/
Pretty sure most of the code isn't that exciting anyhow - I've written apps that get all that info once given a process handle - but getting those handles (to anything but your own process) is the hard part. We Shall See.
GoodDayToDie said:
No. You can use it on capability-unlocked phones, but not on standard dev-unlock.
Click to expand...
Click to collapse
I only have development unlock and the app worked on my WP8.1 Nokia.
GoodDayToDie said:
I'm not great with IDA but I can use it.
Click to expand...
Click to collapse
I'm good at IDA but don't know ARM assembly at all
GoodDayToDie said:
getting those handles (to anything but your own process) is the hard part.
Click to expand...
Click to collapse
Looks like to enum processes, this app just tries sequential process IDs, tries to open it, checks for status code.
Why snapdragon s4 has only 1.2 GHz clock??
What does that have to do with this thread, and why'd you post in a six-months-dead thread anyhow?
because i have joined, this forum 6 day ago
Today, Microsoft removed the "Message History" section from my Outlook account, so I can no longer use a well-known trick to view my sms history. I notice that in the WP8.1 emulator, I can now log in to my MS account and my sms history are synced to the emulator. I am trying to take advantage of this feature to retrieve the file that stores my sms from the emulator image.
So far, I have managed to merge the emulator snapshot with the base .vhd and mount the resulting virtual disk to view all the files. Hell, I can even decompile the stock apps to view their source code...However, I cannot find where my sms are stored. There is one suspicious folder that has modification time at the moment the sms are synced.
"K:\SharedData\Comms\Unistore\data" where K is the Data volume.
In this folder, I can find all my emails in plain text and a bunch of other files in binary/encrypted text. I hope the binary/encrypted files are not my sms. Anyone has any idea?
I got the answer to my own problem thanks to this post. http://resources.infosecinstitute.com/windows-phone-digital-forensics-2/
The name of the file is still store.vol but it is in another location compared to WP7.5. You can find it in Data\Users\WPCOMMSSERVICES\APPDATA\Local\Unistore . If you want to follow my steps and there are any questions, feel free to post below.
Edit: now I need to find a way to read this EDB database file, including the date and time the sms were sent.
illidanx said:
I got the answer to my own problem thanks to this post. http://resources.infosecinstitute.com/windows-phone-digital-forensics-2/
The name of the file is still store.vol but it is in another location compared to WP7.5. You can find it in Data\Users\WPCOMMSSERVICES\APPDATA\Local\Unistore . If you want to follow my steps and there are any questions, feel free to post below.
Edit: now I need to find a way to read this EDB database file, including the date and time the sms were sent.
Click to expand...
Click to collapse
Hmm, don't know but EDB Files are used on Exchange 2003 Servers.
I had a Software to open such files. But this piece of Software is really expensive.
When i'm in the Office I will look for the name of the Software.
DarkD1988 said:
Hmm, don't know but EDB Files are used on Exchange 2003 Servers.
I had a Software to open such files. But this piece of Software is really expensive.
When i'm in the Office I will look for the name of the Software.
Click to expand...
Click to collapse
that file is also the exchange database used in windows mobile. I heard the format is different for different purposes and MS has never provided the documentation for this format.
illidanx said:
that file is also the exchange database used in windows mobile. I heard the format is different for different purposes and MS has never provided the documentation for this format.
Click to expand...
Click to collapse
If you trust me an there is nothing important in this edb file you can Upload them to an Hoster/dropbox
and give me the Link so i will try to open the edb file.
thats the Software I use:
http://www.krollontrack.de/produkte-und-software/kostenlose-software/registrierung/
There is a possibilty to test them.
But we (my Company) have a full version with add ons. So I think there is a bigger chance.
EDB (on WP7, at least) was Embedded DataBase. The API for them is documented here: http://msdn.microsoft.com/en-us/library/aa914733.aspx
I know WP8 has some mobile DB APIs (even though it uses NT, not CE) although I haven't tried them at all. You could also try using the Mail API (MAPI) http://msdn.microsoft.com/en-us/library/office/cc842118(v=office.15).aspx for documentation.
There was a homebrew app on WP7 (hosted here on XDA) that extracted SMS for backup, because there wasn't an SMS backup feature. I don't know if it would be useful with WP8, even as a reference, though it may be worth checking to see if the source for it is available.
DarkD1988 said:
If you trust me an there is nothing important in this edb file you can Upload them to an Hoster/dropbox
and give me the Link so i will try to open the edb file.
thats the Software I use:
http://www.krollontrack.de/produkte-und-software/kostenlose-software/registrierung/
There is a possibilty to test them.
But we (my Company) have a full version with add ons. So I think there is a bigger chance.
Click to expand...
Click to collapse
I created a throw away outlook account and send a test message from the emulator to phone number 555-555-5555 (Yes you can send it in the emulator even though that will never been sent). The content of the test message is "this is a test". With a hex editor, I have verified that the message existed in the store.vol file at address A0233. You can download the whole folder here https://www.mediafire.com/?4id993y8gnii3v9
This is the screenshot of the folder
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Thank you for helping me.
GoodDayToDie said:
EDB (on WP7, at least) was Embedded DataBase. The API for them is documented here: http://msdn.microsoft.com/en-us/library/aa914733.aspx
I know WP8 has some mobile DB APIs (even though it uses NT, not CE) although I haven't tried them at all. You could also try using the Mail API (MAPI) http://msdn.microsoft.com/en-us/library/office/cc842118(v=office.15).aspx for documentation.
There was a homebrew app on WP7 (hosted here on XDA) that extracted SMS for backup, because there wasn't an SMS backup feature. I don't know if it would be useful with WP8, even as a reference, though it may be worth checking to see if the source for it is available.
Click to expand...
Click to collapse
Hi, thanks for helping. The first link is for windows mobile 6.5 CE so I'm not sure if it applies. I will check out the second link. I have also made a post in the thread about extracting WP7 SMS to ask for the source code.
illidanx said:
Hi, thanks for helping. The first link is for windows mobile 6.5 CE so I'm not sure if it applies. I will check out the second link. I have also made a post in the thread about extracting WP7 SMS to ask for the source code.
Click to expand...
Click to collapse
kay, try this. And sry the Programm Kroll Ontrack for exchnage don't works.
DarkD1988 said:
kay, try this. And sry the Programm Kroll Ontrack for exchnage don't works.
Click to expand...
Click to collapse
Thanks for testing it though.
Edit: found this article about reverse-engineering Embedded Database. This looks like a NSA personnel's job...
http://www.sciencedirect.com/science/article/pii/S1742287612000874
Sorry, I should have been more clear: WP7 used CE internally, so the WM6.5 APIs worked on it. WP8 uses NT instead of CE, but has some of the embedded database APIs anyhow (because the code was imported straight from WP7, maybe?) so it might still work. You'd need to find the library with the relevant exports, though; that part of the documentation will be wrong for WP8.