Related
I've build a version of crypto phone for PocketPC 2003. ( unsing the sources from www.cryptophone.de ),
with some workarrounds for license test.
I don't have two phone to test it yet. If anyone can test it please send feedback.
As i see it use data call as link layer so your provider must suport it.
PS: Who's testing it , please send feedback.
I've tested in my Qtek 2020, (XDA II, MDA II…).
Is it working? I was able to compile it too, but it died on exchanging keys.
mamaich said:
Is it working? I was able to compile it too, but it died on exchanging keys.
Click to expand...
Click to collapse
Don't work. :-(
I have programmed 2 xda 1 with wm2003 and the crypto, it works perfectly. The only bug is the "file" bar vanishes after a call is placed or received, other than that its great. 8)
Can you post what you changed in the source file in order we could reply your compiled code?
The idea is simple, if we can have access to the original source code and can do the changes you documented, generating the same code as you, with the same hash value for the encrypted code, we can assure that your code have the same security of cryptophone.
dumb ?
what is cryptophone?
Hi,
i am very interested in this (or a similar) software for
the Wallaby or Himalaya platform.
Anyone here who has a working & easy too install binary?
(Or are there any real free & opensource applications like cryptophone?).
kind regards,
Ben
Has anyone managed to get cryptophone working on the XDA ??
... or find a similar program ??
Regards
There are several similar commercial projects. Just wait some time for their announcements.
mamaich said:
There are several similar commercial projects. Just wait some time for their announcements.
Click to expand...
Click to collapse
Hi mamaich,
thnx for that prompt reply
I know about cryptophone.de, raseac.com.br & caspertech.com
Are there any others I have missed ??
Regards
John
2-3 russian companies are also working on similar projects. I don't know their sites.
cryptophone Somebody to compiled? for motorola smartphone mpx220 :?
one more company.
http://www.securegsm.com
and question - where is source download page on http://www.cryptophone.de ?
in general "cryptophone" application isn't difficult
- good vocoder
- some crypto
- good realtime data transfer - CSD for GSM network
- some audio components like AEC
could some one point me to good ARM implementation of vocoder with 2.4-4.8kbitps bitrate? ARM9(v5) PXAxxx ~100MIPS.
Free is preferable, but reasonable commertial offers are welcome too.
just a question,
isn`t it possible with the sourcecode of this software and the sdk for windows mobile 2003 smartphones to make a installer?
is very interesting, or?
is there any other software for ppc or smartphone avalable?
a free wm5 client for this should be awesome! coders go compile now!
is the encryption limited to "only" this version of application ?
- or is there some sort of standard ?
ryhor said:
one more company.
http://www.securegsm.com
and question - where is source download page on http://www.cryptophone.de ?
in general "cryptophone" application isn't difficult
- good vocoder
- some crypto
- good realtime data transfer - CSD for GSM network
- some audio components like AEC
could some one point me to good ARM implementation of vocoder with 2.4-4.8kbitps bitrate? ARM9(v5) PXAxxx ~100MIPS.
Free is preferable, but reasonable commertial offers are welcome too.
Click to expand...
Click to collapse
here
http://www.cryptophone.de/support/downloads/downloads.html
Lord Ashmedai said:
I've tested in my Qtek 2020, (XDA II, MDA II…).
Click to expand...
Click to collapse
Hi, did you manage to get it to work?
I tried on my O2 xda... it hung on the key exchange part...
It concerns me that this program starts two processs, spcore.exe and ui2003.exe. I have not looked over the code, but can you tell me why it must use two. Furthermore once they are going there is no way to stop the spcore.exe. My guess is that if that process contains the thread that is waiting for tapi events, its stopping mechanism has not been implemented properly. If you want to make a thread that is waiting for the event for line state then when the user wants to stop the thread/process, the event interest needs to be reset. eg SetCommMask(hSerialHandle,0); ,but it must be done from the ui thread not the waiting thread because obviously the waiting thread cant do anything. Once it is set to 0 (as apposed to EV_RXCHAR for example) the waiting thread will finish waiting imeadiately.
I tried sending a message to destroy the window with no effect, I then tried using terminatethread to stop it but that did not work so it must be in an api call (such as waiting).
On my mini it starts up ok, and dose not interfear with the phone. I could not test the functionality because the only other phone I had with me was my xda and it dose not install corectly on that. No error messages on intalation but the icon in the program files is not shown properly and it fails when I try to start it.
I'm been working on this for a little bit now since I found all the existing apps don't work well in WM6 or don't work well in a custom rom. This is a open source program (as all of mine are) and I welcome help/donations/and comments. Bug reports will be helpful in this first release as I certainly consider this a alpha release at the moment.
What it does:
once setup at every boot it compares your IMSI number with the one stored, if it's a match it plays a little sound and that's it. If it's not a match, it locks the device and displays your email and a request to please get it back to you. It also send you the "new sim's" imsi and phone number via a SMS.
------------------------------
SecurIt 1.1 (BETA) by Shadowmite
------------------------------
TODO: Build in SMS rule filtering thus adding remote control
Lock out activesync connections?
Protect the datafile from being deleted, or keep a backup in registry.
NOTE: THIS DOES NOT WORK WITH CDMA PHONES!
Version 1 (BETA) Instructions:
This security applicatioon can run loaded normally via a cab file to your device, or via being cooked into a rom. It will require your phone able to run unsigned code (most roms at this site are fine in this regard). Furthermore it does require the .NET Framework so it's really for WM6 devices, WM5 will be more tricky and is left up to the user to figure out how to make it all work.
When first run the program resides in \windows and must run from there. If you ran the cab installer it will have created a shortcut for you into the Programs folder.
The application comes up with a form showing you the current device imei, imsi, and phone number. You need to enter a password (needed to disable security programmatically or change SIM info), a email you can be reached at my a "finder" of your phone, and a SMS phone number you'd like alert messages sent to. Once done click set. Finally, click Enable security.
The application then sets itself up to autorun upon boot and if the SIM matches, it plays a little sound file to let you know everything is fine. If the sim is found to have changed, it will lock down the device until a password is entered. Meanwhile it shows your contact email and has sent the alert sms to you with the new imsi and phone number.
If you enter the proper password the program will take you to the settings screen where you can reenter the password and make changes to the settings and resave them. Simply clicking enable security without making changes will keep the settings as they are.
Clicking disable security will remove the autorun entries and remove the data file the programs keeps at \windows\SecurIt.dat.
The data file keeps 5 lines, MD5 hashes of your imei, imsi, password, and also your email and sms phone number as plain text. Thus stealing this file does not enable retrieving the password or easy changing of the imsi. Deleting this file however would remove security. Furthermore activesync will still link to a locked device. Knowledgable people about these devices could therefore defeat this security, however it's goal is to keep the casual theif / finder out of the phone.
This program is a work in progress and I welcome help with modifications to it as well as bug fixes. Source can be found at:
svn://www.shadowmite.com/shadowmite/SecurIt
To cook this into a rom, you need 3 files. 2 of them need to be generated when you first install it like normal and set it up. Copy the SecurIt.dat from \windows and the SecurIt.lnk from \windows\start up to your rom as well as the SecurIt.exe file. It's that simple. Enjoy!
History:
1.1: Fixed all kinds of bugs causing security to crash with various sims
1.0: Initial release
If you like my work and would like to help insure I continue to have time for this, please consider a donation to: foglemATshadowmiteDOTcom
Shadowmite, thnx for starting an "opensource" project for this. I havent tried it yet, will try once I reach home.. But I had a cpl of suggestions\questions:
1. Why do u keep email and sms phone no in plain text instead of encrypting them as well?
2. Instead of storing config in a file, store the config in registry which lessens the chances of someone finding out about the prog and deleting the file to disable security.
nice work as usual...
shantzg001 said:
Shadowmite, thnx for starting an "opensource" project for this. I havent tried it yet, will try once I reach home.. But I had a cpl of suggestions\questions:
1. Why do u keep email and sms phone no in plain text instead of encrypting them as well?
2. Instead of storing config in a file, store the config in registry which lessens the chances of someone finding out about the prog and deleting the file to disable security.
Click to expand...
Click to collapse
number 2 is in the TODO list...
#1) we could encrypt them as long as it's not a one-way hash like the first 3 lines, however those are the bits of data we don't mind the theif/finder seeing afterall as they are the means to get the phone back to its rightful owner. I suppose we could hide them but the phone number will be on his next bill for sending it a SMS and the email is displayed on the locked screen.
And as walshy said, #2 is certainly on the todo, but locking our activesync connections is a bigger concern and I believe completely doable.
#1) we could encrypt them as long as it's not a one-way hash like the first 3 lines, however those are the bits of data we don't mind the theif/finder seeing afterall as they are the means to get the phone back to its rightful owner. I suppose we could hide them but the phone number will be on his next bill for sending it a SMS and the email is displayed on the locked screen.
And as walshy said, #2 is certainly on the todo, but locking our activesync connections is a bigger concern and I believe completely doable.
Click to expand...
Click to collapse
ok, and sorry abt the #2, I missed the TODO part..
Keep up the good work..I myself was thinking abt making smthing similar but now I think I'll drop my idea to make a different one, as this seems to be a better idea (opensource is always better )..
I hope I can make some contribution to the code if possible..
shantzg001 said:
ok, and sorry abt the #2, I missed the TODO part..
Keep up the good work..I myself was thinking abt making smthing similar but now I think I'll drop my idea to make a different one, as this seems to be a better idea (opensource is always better )..
I hope I can make some contribution to the code if possible..
Click to expand...
Click to collapse
What advantages does this give over "Mobile Justice"..another similar util...my rom has Mobile Justice cooked with it which makes it hard to remove.
famewolf said:
What advantages does this give over "Mobile Justice"..another similar util...my rom has Mobile Justice cooked with it which makes it hard to remove.
Click to expand...
Click to collapse
If you like that software and have it working properly use it. Maybe you'd like to post in every rom thread asking why not use some other rom while you're at it?
Shadowmite said:
If you like that software and have it working properly use it. Maybe you'd like to post in every rom thread asking why not use some other rom while you're at it?
Click to expand...
Click to collapse
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON. If it had additional features I was going to recommend it for addition into XM6R3 (the next release of the current rom), but with an attitude like yours I won't bother with further review.
famewolf said:
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON. If it had additional features I was going to recommend it for addition into XM6R3 (the next release of the current rom), but with an attitude like yours I won't bother with further review.
Click to expand...
Click to collapse
you dont bother with a review but bother with a slagging ... take your "fame" somewhere else...
Ok, for starters mine isn't based on assuming every device has a GPS built in (while technically being a Trinity owner I should go that route). I instead base mine on nicely locking down the interface so far with a polite message to get the device back to the owner. Furthermore mine is trivial to build into a cooked rom which was my main reason to write it. I tried every security app out there over the last weekend without any of them working "properly" and figured the best way to get one is to write one. In addition mine is open source, mobilejustice is not.
Now then, you said you're not using it... But the last post said you had it cooked in? WTF? Need some help deciding what you use and don't use?
my rom has Mobile Justice cooked with it which makes it hard to remove.
Click to expand...
Click to collapse
I'm not using Mobile Justice which is WHY I asked what advantages YOURS had over theres for COMPARISON.
Click to expand...
Click to collapse
Shadowmite said:
Now then, you said you're not using it... But the last post said you had it cooked in? WTF? Need some help deciding what you use and don't use?
Click to expand...
Click to collapse
1) The rom I currently have installed comes with Mobile Justice preinstalled.
2) I have not configured and am not currently using Mobile Justice
3) The author is currently taking suggestions for software to include in the next revision of their rom.
What part of any of those statements are you having difficulty comprehending?
Perhaps you and the gentleman from Melbourne should both grow up and quit reading an insult where one was not intended.
Well than back on track... Give it a try and see what you think. I really want feedback from folks outside the USA as I believe it will not properly catch your phone number of the "thief's sim" however if the sms works it should still get the phone number to you obviously.
The GPS coord. request feature is a nice one and will have to go on the todo list.
well, well, fights apart, what drew me to this app over the other apps was the opensource nature as mentioned by Shadowmite because I, like shadowmite, was not happy with the other apps doing things properly or just because I wanted somethings to be done differently..
@shadowmite:
1. I have a few ideas of getting "coordinates" and sending to the original owner even on non-GPS devices ..Maybe we can discuss some things later on once the basic structure of the app is ok.
2. Couldn't find the source code of the app on ur site..(May be am just one dim-witted dim-sighted git ) Please point me to it..
You'll need svn to get it, windows users: http://superb-west.dl.sourceforge.n...vn/TortoiseSVN-1.4.4.9706-win32-svn-1.4.4.msi
svn://www.shadowmite.com/shadowmite is my master repository for all projects.
cool, I do have TortoiseSVN installed at home..Will check it when I go back..
Will it sustain a hard re-set ? Dont think so.
@shailesh, for sustaining hard resets, it has to be cooked into the rom, pointed out by shadow on post 1..
I don't know if something else can be done for this (writing into ext rom is one option but that is not possible for most devices now)
Sounds like a great piece of software. And open source is a great idea too.
I did tried several others like this one (Eye on the thef, Ultimately Theft Alert ...) some features were still missing :
First an autoconfig method :
As already said, whatever your storage methode is (file or registry), you 'll everytime lose the configuration when a hard-reset is done on the device. The only one possibility i can imagine is to store your "installer" program on extended rom with the ability to add an external config (encrypted) file as a parameter.
Installation will be handled by the autoconfig process, using this external file. Config will probably needs to be stored on extended rom too. It's not peace of cake to create an extended rom, but easier that cook a rom.
This feature won't be very helpfull if there is no way to generate a config file automaticaly base on settings done by user : kind of export process.
On standart start/soft-reset, your program will run as it does actually, but when a hard-reset, is proceed, programm will reinstall unattented and will still be running after boot... No way to easily remove it. Bad effect is that it will also be difficult to update programm/config.
Secondly, i'd like to have the a way to "format"(or encrypt) a memory card remotely.
Do you thinks those could be part of your TODO list ?
Will try it on few next days and i'm ready to help you translating it in french
hi shantzg001,
thanks for replying,
My mistake, did not read the whole text.
I searched and got nothing in the forum about homebrew, so i figured i'd ask about it. Is it possible for us with this phone to do any of the homebrew stuff out there? I have been without my laptop so cannot really try anything yet, but I see articles about little apps and aesthetic changes people are doing to their Samsung and HTC wp7 phones and i want in on it too.
I loved that homebrew community when i had my Palm Pre back in the day and had it hacked to my liking. I really hope we can do this with our phones too. I have looked into it a little but, but i don't think the guys who have done the unlocking and developing for wp7 have used, tried or have access to our phone. I really hope I'm wrong and just haven't had any luck searching for answers, but so far i haven't really found anything specifically stating whether anything works on the DVP yet.
If they have, could someone point me in the right direction and i'll continue learning on my own? If not, then i hope we can some day.
Thanks for any help y'all can provide.
I'm looking to attack this problem from the other end. I'm the developer of one of those "little apps" you mentioned; specifically the one that lets you change the Search function in IE (when you hit the Search button or mis-type a URL).
I'm working with a homebrew library that more-or-less handles HTC, Samsung, and LG, but completely doesn't support Dell. I'd like to get it working with Dell so that
A) You all can use my app
B) More homebrew apps can be written for the DVP
Some questions that I have (answers to any are appreciated):
How can I programmatically identify a Dell phone? (On an HTC, you can check for HKLM\Software\HTC in the registry.)
Does anybody have ProvisionXML working on the Venue Pro yet? (This is a really handy way to make changes to the OS.)
Does anybody have a way to get access to the file system, even read-only, on the Venue Pro?
Thanks a bunch. In the meantime (and possibly helpful to this cause) there's a homebrew project called "Functional Webserver" in the WP7 Hacking forum. It should work on Dell phones (I think) and means you should have at least Socket (networking) APIs. It also gives (read-only) access to the \Windows directory, which may be very useful for getting other stuff...
GoodDayToDie said:
I'm looking to attack this problem from the other end. I'm the developer of one of those "little apps" you mentioned; specifically the one that lets you change the Search function in IE (when you hit the Search button or mis-type a URL).
I'm working with a homebrew library that more-or-less handles HTC, Samsung, and LG, but completely doesn't support Dell. I'd like to get it working with Dell so that
A) You all can use my app
B) More homebrew apps can be written for the DVP
Some questions that I have (answers to any are appreciated):
How can I programmatically identify a Dell phone? (On an HTC, you can check for HKLM\Software\HTC in the registry.)
Does anybody have ProvisionXML working on the Venue Pro yet? (This is a really handy way to make changes to the OS.)
Does anybody have a way to get access to the file system, even read-only, on the Venue Pro?
Thanks a bunch. In the meantime (and possibly helpful to this cause) there's a homebrew project called "Functional Webserver" in the WP7 Hacking forum. It should work on Dell phones (I think) and means you should have at least Socket (networking) APIs. It also gives (read-only) access to the \Windows directory, which may be very useful for getting other stuff...
Click to expand...
Click to collapse
I would like to submit my services to help you get that information... However, I'm not really sure how to get that to you. If you'd be happy to lay out directions so I can get you that information, I'll happily do it on my Dell Venue Pro.
Thanks for the help!
@nabiscuit Thanks for the offer. The first step is making sure your phone is developer-unlocked, so you can side-load (install directly, not from Marketplace) XAP application packages. All homebrew apps are distributed in this way. The official way to do this is to have a Microsoft developer account (http://create.msdn.com/) although for the next few weeks ChevronWP7 should also work.
For the first question, try installing a Registry Viewer or Registry Editor app - there are a number of them available, both on this site and on TouchXperience (I like the TouchXperience one a lot). Go poke around for anything that looks like a distinctive registry key or value. The most likely place is under HKLM. You could also just do a registry search (the better apps have at least some capability for such searches) for "Dell" as *anything* with that string is probably distinctive.
For the second, it will take access to native code. Using the "Functional Webserver" app you can download some file from the phone's /Windows directory. Checking them for useful COM exports would be helpful, although I'm not the person to ask about doing that - I can do NT drivers and I can do managed code, but COM is not my thing. Try asking for help with this in the general Windows Phone 7 Development and Hacking forum (http://forum.xda-developers.com/forumdisplay.php?f=606).
For the third question, I could actually whip up a small app that *might* work already. You could also try Advanced Explorer (XDA) or TouchXplorer (TouchXperience) although I don't think either is guaranteed to work outside of HTC phones. If you're willing to try running an app that will check for read and write in a number of harmless parts of the file system, I can code one up for you to run and report results back.
Thanks again!
I'd love to get some homebrew development going, is there anything I can do to help?
Try getting in touch with notebookgrail (http://forum.xda-developers.com/member.php?u=3174632) as he seems to be pulling apart the DVP native libraries and finding lots of cool stuff to do with their COM interfaces. I don't know if he has registry write yet - one of the core functions that a lot of homebrew apps want - but if so I can work on getting it integrated into a nice cross-device library for writing apps which (should... grrr Samsung) work on any phone.
GoodDayToDie said:
Try getting in touch with jessej (http://forum.xda-developers.com/member.php?u=3220709) as he seems to be pulling apart the DVP native libraries and finding lots of cool stuff to do with their COM interfaces. I don't know if he has registry write yet - one of the core functions that a lot of homebrew apps want - but if so I can work on getting it integrated into a nice cross-device library for writing apps which (should... grrr Samsung) work on any phone.
Click to expand...
Click to collapse
Did u mean to point it to me as i was the one who did pull apart the native libs.?
If not, sorry for the intrusion.
Yes, send your request to notebookgrail. I am not on his level for development purposes. But I do appreciate the comment.
Whoops, sorry about that notebookgrail! I must have looked at a response instead of the OP by accident. I've fixed my post above. Thanks a bunch for the work you've done. Any word on registry writing?
any progress?
hi sry for this dumb question but Is There Any Registry Editor for Samsung Galaxy S2 Android thanks
Only Windows has a registry. What are you wanting to do?
pjfriend said:
Only Windows has a registry. What are you wanting to do?
Click to expand...
Click to collapse
same things i used to do on my old HTC HD2 tweeking wifi and make it little more faster
You might be able to achieve what you want if you have a specific question...
SII has 'N' class radio anyway so it should be a great deal quicker than your HD2.
Ahh , you mean editing the build.prop which resides in system. Must be rooted(stand to be corrected?) and opened through root explorer/ astro/estrongs file explorer
Sent from my GT-P1000 using XDA Premium App
I saw this thread and thought 'Thats the first question I asked when I moved from wm6.5 to android!'. Welcome to Android mate
No, is basically the answer
thanks pjfriend
turborider said:
is that so hard for u to understand what Registry Editor mean? lol
Click to expand...
Click to collapse
Is it so hard for you to understand that system register is Windows-specific? There is no such thing on a Linux, MacOS X, DOS, BSD, Android, iOS, Bada OS, Symbian and so on.
Cheers Brut.all
turborider said:
wow i never thought polish plp have mobile phones in there,dont be smart azz on me dude,i never used android before,bloody hell i wish plp be more helpful than answering crap,i just wanted to know if Yes or No on Registry Editor
Click to expand...
Click to collapse
What's wrong with you? There were like 4 people who told you that there just isn't a registry editor for Android because Android does not have a registry! And you just seem to ignore those people, and insulte Brut.all because of his origin. We don't need people like you in our Android community.
This is getting to be like a monty python comedy sketch LISTEN turborider, there is NO registry, there is NO registry like service or system on android. You can make some modifications using a text editor to build.prop to change some system behaviour.
ice_coffee said:
This is getting to be like a monty python comedy sketch LISTEN turborider, there is NO registry, there is NO registry like service or system on android. You can make some modifications using a text editor to build.prop to change some system behaviour.
Click to expand...
Click to collapse
tyvm matey for your help
Instead of insulting people who try to help, maybe rather actually read the replies properly
Sent from my GT-P1000 using XDA Premium App
please Moderators close this thread sry for my post and ty again ice_coffee
@turborider
Ok, I think I'll explain this further to you.
Windows stores much of its configuration in a system register. Most of other systems, including Android, store config in many configuration files. They're usually textual and human readable, so you could open and edit them using any text editor, even notepad. Usually every installed service/daemon has its own configuration file(s).
This approach has pros and cons over system register. Config files are less standardized: some of them are xml files, others are ini-like or even custom format. So it's quite messy comparing to system register. On the other hand developer could choose format which is most suitable for his needs and you don't need any special software to edit system configuration. Config files are also very simple from technical point of view and this is good.
Unix systems usually store their config files in /etc/ directory. On Android it's /system/etc/ - there you will find a lot of files and you could open any of them, look into, edit, etc. Of course it's not a good idea to do some random changes I don't think you'll find complete guide to Android config files, because every device/ROM is different. Fortunately most of these files aren't specific to Android, but Linux/Unix or some service, so you should be able to find some help in Google.
Happy hacking
P.S.
Yes, we have mobile phones in Poland ;-)
EDIT:
Advanced options for wifi are in /system/etc/wifi/tiwlan.ini, but I'm not sure whether every device uses tiwlan driver. Of course these options aren't the same as in Windows configuration.
Brut.all said:
@turborider
Ok, I think I'll explain this further to you.
Windows stores much of its configuration in a system register. Most of other systems, including Android, store config in many configuration files. They're usually textual and human readable, so you could open and edit them using any text editor, even notepad. Usually every installed service/daemon has its own configuration file(s).
This approach has pros and cons over system register. Config files are less standardized: some of them are xml files, others are ini-like or even custom format. So it's quite messy comparing to system register. On the other hand developer could choose format which is most suitable for his needs and you don't need any special software to edit system configuration. Config files are also very simple from technical point of view and this is good.
Unix systems usually store their config files in /etc/ directory. On Android it's /system/etc/ - there you will find a lot of files and you could open any of them, look into, edit, etc. Of course it's not a good idea to do some random changes I don't think you'll find complete guide to Android config files, because every device/ROM is different. Fortunately most of these files aren't specific to Android, but Linux/Unix or some service, so you should be able to find some help in Google.
Happy hacking
P.S.
Yes, we have mobile phones in Poland ;-)
EDIT:
Advanced options for wifi are in /system/etc/wifi/tiwlan.ini, but I'm not sure whether every device uses tiwlan driver. Of course these options aren't the same as in Windows configuration.
Click to expand...
Click to collapse
ty mate sry for the last post
android options are stored usually (and always for the system's settings) in sqlite3 format and the dbs are around in /data (look for settings.db)
you can edit them on the device via adb shell and sqlite commands, but i suppose there might be some gui for it as well
this is akin to registry on windows, just op just doesn't know the technical differences. no need to be aggressive pricks about it -
Only Windows Operating System has registries. Unix-based one's store configuration files in /etc directory, eliminating the need for a registry.
bilboa1 said:
...this is akin to registry on windows, just op just doesn't know the technical differences. no need to be aggressive ****** about it -
Click to expand...
Click to collapse
+1 to that. A clearly teachable moment wasted by some nasty responses.
@turborider, as already mentioned, the build.prop file can be modified to make some tweaks (and some Android systems might also let you create a file called local.prop that can do some of the same things) but these are not nearly as far ranging as the windows registry. There are many forums and threads which describe the various tweaks and which can be found by searching for ["build.prop" tweaks]. Speaking of searching, for questions like this it is usually more productive to find existing threads covering the topic because such tutorials are likley to have higher traffic than a thread that asks a single question. One simple example of a build.prop tweak that I recently used was to change a value (switching between 1 and 0) which enabled/disabled a particular audio feature (audio offloading, to be precise) while testing a bug in Lineage OS, but there are more significant things that can be done by tweaking the build.prop. There are also other ways to tweak Android OS as suggested by @bilboa1. Search, and you'll find that stuff.
Something interesting that I found out while thinking about how to interop Unlock WP8: The "PhoneReg.exe" app which is a signed app used for developer unlocking a device is written in un-obfuscated C#.net code!
If anyone has access a program such as Dis#, we should be able to reverse-engineer this and at least figure out what types of data are being passed back and forth between different account types (e.g. Student dev unlock, vs regular dev unlock). Then we can maybe guess at what needs to be passed to Interop-Unlock these devices!
Based on my understanding of how the WP7 interop unlock works, all the Developer unlock does is modify a registry value. As the value gets higher, the more "Development stuff" you can do.
I'll see if I can scare up a copy of that app. Decompiling .NET code is trivial - you don't even need a paid tool, there are many perfectly good free ones (I usually use JustDecompile) - assuming it's not obfuscated.
With that said, bear in mind that we can't currently modify the data that the app receives from the network. That was actually how the original ChevronWP7 unlocker for WP7 worked, but Intercepting (or in the case CWP7U, spoofing) the data was blocked when Microsoft added a feature commonly called "certificate pinning", where rather than checking whether the server's SSL certificate is trusted in general (which you could do by installing a cert manually), the phone now checks for a specific cert (Microsoft's).
However, it's possible (a bit unlikely, but possible) that we'll find a vulnerability in the app. For example, they may have slightly messed up the cert pinning in a way we can exploit (I checked for cert pinning, but I didn't check for ways they might have screwed it up), or they might have left in some debug code we can mess with (that's how HTC interop unlock on WP7 was achieved), or some other such weakness.
If there's some way to help out by testing and such tasks in willing to test on my Lumia 920, if any vulnerability is found Just send me a PM if so
Sent from my Lumia 920 using Board Express
Cool. Good to know. What was nice about the program I mentioned is that it supposedly decompiles everything and then builds it into a nice Microsoft C# project that can be imported into Visual Studio. (I was able to do that, but bits of code within some classes and methods are missing and just have a code comment called //trial)
Some of the interesting code bits I noticed include:
1. the wonderful "NativeMethods.cs" file. This is a wrapper that allows you to call functions within "PhoneREG.dll" such as "GetAuthToken" and "GetWinPhone8Port"
2. "connectionManager.cs" It opens up a session to the phone using port 27077 to pass data.
3. The files called "lockCommand.cs" and "unlockCommand.cs" The deal with passing and converting some kind of "authToken" to the phone.
4. The "SignInDialog.cs" code provides everything necessary to sign into widows Live. It has variables to store oAUTH tokens.
My thoughts are as follows:
1. we could maybe write a custom app that functions as normal, but edits the ByteArray before it gets sent to the phone. Basically you would need an MSDN developer account of some sort, but signing in with this app will give you Interop Privileges.
2. Maybe there will be something "hidden" if we can figure out what this app is talking to on the phone via port 27077.
That sounds interesting. I'll try to look at the data tomorrow before I head to work and see if I can find anything Hopefully I will
Sent from my Lumia 920 using Board Express
If we can actually bypass interop lock with a non-MS signature, that would be fantastic... and I'd be astonished. That wasn't possible in WP7 (Mango or later, when the interop-lock was present) and isn't possible in Windows RT either.
Can you either send the app, or post a link to where you got it from?
Hi guys,
just wanted to give you all a huge *thumbs up*! You're doing great work here!
I have a Lumia 920 for about 2 weeks now.
So, as i did some Lumia 800 and Lumia 900 custom roms, and became a little "bored" to WP7, i would be happy if i could help you by testing some stuff on my Lumia 920
If you need my help, just let me know
lordmaxey said:
Hi guys,
just wanted to give you all a huge *thumbs up*! You're doing great work here!
I have a Lumia 920 for about 2 weeks now.
So, as i did some Lumia 800 and Lumia 900 custom roms, and became a little "bored" to WP7, i would be happy if i could help you by testing some stuff on my Lumia 920
If you need my help, just let me know
Click to expand...
Click to collapse
I know your feeling I made WM6.5.x, Android and WinPho 7 roms for the HTC HD2 before I got my Lumia 920
Sent from my Lumia 920 using Board Express
I have a dev unlocked Lumia 820 and can do any testing if required
If you are running a Windows 8 PC and can install the Windows Phone 8 SDK, the PhoneReg tool can be found at C:\Program Files (x86)\Microsoft SDKs\Windows Phone\v8.0\Tools\Phone Registration
There are some other tools that I haven't poked around at that could be interesting to try and decompile and "re-work" such as the XapSignTool. (I think this might be written in C++ though)
The SDK in its entirety can be downloaded from http://developer.windowsphone.com/en-us/downloadsdk. You want "SDK 8.0".
I'll get my dev unlock in a month. Will get it as a birthday gift So by then I'll be able to help out more.
Should've checked the USB port stuff this morning, but I didn't have time for it but will do it when I get home in 2 hours
Sent from my Lumia 920 using Board Express
EDIT: Can't seem to find a usable USB sniffer that works under Windows 8, or I've been configuring those I've tried wrong. Enabled TESTSIGNING in BCDEDIT and rebooted, so Test Mode is activated, but no tool seem to work
Regards
The phone itself can communicate with a Windows 7 PC, just not if you want to use the SDK. Perhaps try the same experiment under Windows 7? You might be able to copy the "Phone tools" directory off of Windows 8 onto Windows 7. It uses .net 4.5, so make sure the runtime is installed.
I have already gone down this road and can fairly confidently say it is a dead-end. The only interesting thing I found was the ability to switch a phone to use the internal Microsoft development authentication servers. Best of luck though - maybe I missed something.
SynergeTechSolutions said:
I have already gone down this road and can fairly confidently say it is a dead-end. The only interesting thing I found was the ability to switch a phone to use the internal Microsoft development authentication servers. Best of luck though - maybe I missed something.
Click to expand...
Click to collapse
Thats sad. Do you have any data collected from the communications on port 27077? That's what we're looking for right now.
Sent from my Lumia 920 using Board Express
SynergeTechSolutions said:
I have already gone down this road and can fairly confidently say it is a dead-end. The only interesting thing I found was the ability to switch a phone to use the internal Microsoft development authentication servers. Best of luck though - maybe I missed something.
Click to expand...
Click to collapse
bummer
Any details about what you found out?
Did you see if the internal (test, I assume) server mode used cert pinning? If not, we can spoof those servers and basically re-implement the original ChevronWP7 unlocker (in a more elegant form, too).
Not quite the Goal you want to move to but maybe what you have found out so far can be used to enable Dev Unlocking and XAP deployment to Dev Unlocked WP8 devices from Windows 7. I believe there are quite a lot of developers who would be happy to have that possibility.
I do know that when you activate dev unlock on WP8 devices, it does it using the Windows Phone IP over USB service ("C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe"). The IpOverUSBSvc is more or less just a .NET wrapper (I figured this would be the case). If anyone is good at x86 assembly and can get into the IpOverUsbPc.dll, we may get somewhere.
snickler said:
I do know that when you activate dev unlock on WP8 devices, it does it using the Windows Phone IP over USB service ("C:\Program Files (x86)\Common Files\Microsoft Shared\Phone Tools\CoreCon\11.0\Bin\IpOverUsbSvc.exe"). The IpOverUSBSvc is more or less just a .NET wrapper (I figured this would be the case). If anyone is good at x86 assembly and can get into the IpOverUsbPc.dll, we may get somewhere.
Click to expand...
Click to collapse
several tools exists for decompiling DLLs to have a look at the source (which I assume will be .NET)
Reflector is one - commercial - solution, but in Adrian Banks blogs you will find alternatives that are free - and some commercial ones also.
http://www.adrianbanks.co.uk/?p=71
NielDK said:
several tools exists for decompiling DLLs to have a look at the source (which I assume will be .NET)
Reflector is one - commercial - solution, but in Adrian Banks blogs you will find alternatives that are free - and some commercial ones also.
http://www.adrianbanks.co.uk/?p=71
Click to expand...
Click to collapse
the DLL I mentioned is unfortunately a COM dll. I already ran ILSpy against the exe to find that out. We will need someone with x86 assembly experience