Related
hi, i want to ask, is there any program for my ppc, that can work as an webserver? where i can add my own sites, and it will accept internet connection, when i route ports to it? i know it will not be fast, but i want it for webs where can be max 5 people online, ... so are there any apps like webservers? thx..
There are (just use google) but due to most phone networks being behind NAT, your portable web server wont be reachable from the public internet.
Surur
Even when I have public ip??when I have public ip and will forward ports to my device,it should work, shouldn't it? but im little worring about trojan and wiruses... it is still computer on web without firewall... so what do you thing?
Besides the web server you wish to use, WM devices do not have any native services/ open ports, so it should be quite safe on the wild internet, not to mention there are no viruses in the wild for Windows Mobile in any case.
Surur
When connected to WiFi network, it should work in the LAN enviroment.
But IS there a WM webserver?
bio88 said:
When connected to WiFi network, it should work in the LAN enviroment.
But IS there a WM webserver?
Click to expand...
Click to collapse
Google is your friends
http://www.chilisoftware.net/CompactWebServer/
http://www001.upp.so-net.ne.jp/ishi/cehttp/index.html
http://software.palminfocenter.com/product.asp?id=13024
Surur
I think HPH should be in the list to.
it also supports some PHP-Commands.
http://mobileleap.net/hph/
I've got some strange IP requirements on my work network. I have to use Static IPs at work to be able to access the internet. At home I use DHCP.
I am needing an application which allows me to pick from a set of IP Profiles that I set depending on whether I'm running DHCP or running Static IP's at work. It would be nice if that application could autoselect the right profile depending on the SSID of the wireless network I'm connected to.
Thanks, Chris
hi, you can try this app http://blog.renestein.net/Wifi+Profily+Verze+004.aspx
description is in czech, but program is available in english. maybe you will find some info in english
Hi,
Wifi Profiles has dedicated thread on XDA-Developers.
http://forum.xda-developers.com/showthread.php?t=355936
RStein said:
Hi,
Wifi Profiles has dedicated thread on XDA-Developers.
http://forum.xda-developers.com/showthread.php?t=355936
Click to expand...
Click to collapse
Perfect...thanks.
Hi,
yesterday i tried nearly the whole day to change my mac address on my x1. first i made a hardspl for x1. the new bootloader is working.
After that, i connected via mtty. I tried some commands like emapiTest, emapiWlanMac and some other what i found at xda-dev. I only go "command error" in mtty.
Then i flashed the latest rom (R2A) and tried it again with mtty. Same bad results.
There is a posting at xda-dev: NOTE: To use rbmc you need to
authenticate with proper password .... otherwise bootloader returns "Command error !!!" or "Command is Locked!". (if you're using Hard-SPL, this is unlocked, and any address can be read with 2.30.Olipro)
Do i make the same authenticate with the X1 HardSpl that i am able to work with any commands?
Best regards
strohrum
You can't change the MAC address of a network device. It's the unique hardware serial number of the network device.
My guess is that you're trying to get your Xperia to connect to a hotspot that only allows specific MAC addresses. In that case it makes more sense to find the wifi MAC address of your phone, go into the configuration page for your wifi router and enter the MAC address on the filter list.
You can get the phone's wifi MAC fairly easily. Turn on wifi, then:
Start > Settings > Connections > Wireless LAN > Advanced
... and the MAC is there for you.
ZenithUK said:
You can't change the MAC address of a network device. It's the unique hardware serial number of the network device.
My guess is that you're trying to get your Xperia to connect to a hotspot that only allows specific MAC addresses. In that case it makes more sense to find the wifi MAC address of your phone, go into the configuration page for your wifi router and enter the MAC address on the filter list.
You can get the phone's wifi MAC fairly easily. Turn on wifi, then:
Start > Settings > Connections > Wireless LAN > Advanced
... and the MAC is there for you.
Click to expand...
Click to collapse
Actually it is possible to "spoof" a network device.
I'm just not sure how to do this on a WM device.
i tried the registry method... didnt find any data for mac address
and i tried what jockyw wrote:
"You can run or flash the USPL (see sticky) and set a MAC address of your own choice.
Connect with MTTY and at the command prompt type:
emapiWlanMac 01 02 03 04 05 06 (the six two-digit numbers are the hexadecimal MAC byte values and should be replaced by anything you like)"
but i only get "command error" at any command.
strohrum said:
How to change the X1 mac address?
Click to expand...
Click to collapse
Is that legal ??
who cares ?
exxi said:
who cares ?
Click to expand...
Click to collapse
hmmm...
Maybe you are right and xda-devs wouldn't care about that...
.
That is not legal I am sure.
Legal WHERE? 50% of the content here is probably not koscher! What a stupid question!
ANY medling with software is illegal worldwide! Read the license agreements!
I would suggest NOT to discuss this...waste of time and effort! Just a thought ;-)
why should be illegal to change mac address? It's not IMEI
guap said:
why should be illegal to change mac address? It's not IMEI
Click to expand...
Click to collapse
BTW, I was just asking, not stating
Fulgore69 said:
That is not legal I am sure.
Click to expand...
Click to collapse
Well, its not illegal in the "go to jail" sense... but more of a torts way. SE won't care that a relatively small group is tinkering with their own phones since it doesn't affect their income at all. Rather, if we filed a warranty claim, they can deny it on breach of terms.
The only time a modified MAC could be considered "illegal" is if you are pirating as a result of modifying it.
Why would you even want to change the mac-adress?
Fulgore69 said:
That is not legal I am sure.
Click to expand...
Click to collapse
Please don't assume that something is illegal simply because it's "sometimes" associated with "hacking". Password recovery is not illegal, port scanning is not illegal, packet sniffing is not illegal. These are all used by most large companies on a regular basis. I'm a network engineer and I can assure you that it is legal to "spoof" your mac address. Even though there may be some unethical reasons for doing this, there are also unethical reasons for owning a kitchen knife. We change our mac addresses of many of the devices at work all the time for many, very legitimate reasons.
While there's no easy way to change the actual information stored in the CIS of a device, depending on the NIC driver, many drivers support dynamic mac addresses. Even Microsoft provides support for configurable mac addresses.
I dug around in the registry a bit and it doesn't seem like there is a default setting for this on Xperia (well, that I could find), but I'm sure there's a way to change the NDIS miniport drivers to simply call a new string value containing whatever you're trying to change your mac to.
Check out these MSDN articles that might help with a solution.
http://msdn.microsoft.com/en-us/library/bb648482.aspx
http://msdn.microsoft.com/en-us/library/ms893567.aspx
hi jhoffa,
thanks for the solution links. but i already need help:
At MSDN:
Finally, if the card information structure (CIS) of the PC Card contains a network address value, Ndis.dll creates a \HKEY_LOCAL_MACHINE\Comm\Miniport Instance\Parms\NetworkAddress key to store the network address.
My registry dosent show the path ...\NetworkAddress
\HKEY_LOCAL_MACHINE\Comm\TNETW12511
DisplayName
IEEE 802.11b/g Compatible Wi-Fi Adapter
At: HKEY_LOCAL_MACHINE\Comm\TNETW12511\Parms\TcpIp it shows me: Autocgf, autointerval, automask, autoseed, autosubnet, dhcpdns, dhcpipaddress, dhcpserver, dhcpsubnetmask, enabledhcp, lease, leaseobtainedhigh, leaseobtainedlow, prevreqoptions, t1 and t2. but nothing like a mac address.
is it possible that i am looking the wrong way?
thanks for helping
strohrum
strohrum said:
hi jhoffa,
thanks for the solution links. but i already need help:
At MSDN:
Finally, if the card information structure (CIS) of the PC Card contains a network address value, Ndis.dll creates a \HKEY_LOCAL_MACHINE\Comm\Miniport Instance\Parms\NetworkAddress key to store the network address.
My registry dosent show the path ...\NetworkAddress
\HKEY_LOCAL_MACHINE\Comm\TNETW12511
DisplayName
IEEE 802.11b/g Compatible Wi-Fi Adapter
At: HKEY_LOCAL_MACHINE\Comm\TNETW12511\Parms\TcpIp it shows me: Autocgf, autointerval, automask, autoseed, autosubnet, dhcpdns, dhcpipaddress, dhcpserver, dhcpsubnetmask, enabledhcp, lease, leaseobtainedhigh, leaseobtainedlow, prevreqoptions, t1 and t2. but nothing like a mac address.
is it possible that i am looking the wrong way?
thanks for helping
strohrum
Click to expand...
Click to collapse
Have you tried adding
Network Adress as a (i'm presuming) a Dword to \HKEY_LOCAL_MACHINE\Comm\TNETW12511\Parms\ ?
i added "NetworkAddress" as String and typed a 12 letter mac in it. didnt work. Dword same.
jhoffa said:
I dug around in the registry a bit and it doesn't seem like there is a default setting for this on Xperia (well, that I could find), but I'm sure there's a way to change the NDIS miniport drivers to simply call a new string value containing whatever you're trying to change your mac to.
Click to expand...
Click to collapse
i skiped this as i read your posting before. i know that i cant handle this, i am too noobish in registry files edit.
maybe someone could help me with that?
thanks
strohrum
i found that at eggheadcafe.com:
Step 1 --> changes to driver
Steps [2-5] from C# application
1) In NDIS Intermediate driver (QueryMiniport function), I made the
following changes
a) When OID is CURRENT_MAC_ADDRESS , open registry , read a
registry name ChangeMAC,
b) if value of ChangeMAC is 1 then read registry value of "NewMAC"
and then convert it appropriately to MAC format
(remove extra unicode characters etc)
c) then do a NDISMoveMemory to current adapters MACaddr field.
d) close registry
2) Set value of ChangeMAC (DWord) to 1
3) Set value of NewMAC (string) to the new mac address
4) Invoke a NDIS_REBIND_ADAPTER (this internally will call
QueryMiniport ) and inturn execute step (1)
5) Set value of ChangeMAC (DWord) to 0
anybody an idea how does it work?
michaelthemage said:
Legal WHERE? 50% of the content here is probably not koscher! What a stupid question!
ANY medling with software is illegal worldwide! Read the license agreements!
I would suggest NOT to discuss this...waste of time and effort! Just a thought ;-)
Click to expand...
Click to collapse
Using an unofficial program "stealed" from other phone or cook a personal ROM is not paragonable as change MAC Address.
MAC Address changes are the same of IMEI's ones: if you want to create-problems to a WiFi network (for example) with your modified MAC Address, you are not more identificable...so this is illegal.
To prevent the possibility of this type of "problems", all changes acts to alterate UNIQUE IDENTIFICATION of a device (IMEI or MAC Address numbers) are illegal, because it will cause a POSSIBLE multi-identity.
Hi, i've a brand new Liquid with Acer_Liquid_2.000.16_EMEA_GEN1 installed.
Tried to use my WPA2-TKIP at home, perfect.
Tried to use my WPA-EAP at work, no success.
I correctly installed certificate from web browser (now it appears under "CA Certificate").
I've theese four fields (translated from italian to english):
- Private Key Password
- Identity
- Anonymous Identity
- Wireless Password
I know i've to issue my username and password for authenticating with Domain Controller, but which of that fileds are to fill in ?
Wi-fi connection works flawless with Nokia E51 (what a shame...) with 802.1x protection, EAP-PEAP.
I've already read other forums, they suggest to root the phone to gain access to wpa_supplicant.conf. I would prefer not to do it in the first days.
Have any suggestions ?
Thank you, bye.
Hello - Does anyone have a step by step on how to intercept SSL App Store traffic using BURP and a Windows 8 phone? I know that installed the BURP cert onto the phone is required. So steps on how to do this on the Windows 8 Phone would be great appreciated.
shadowD1026 said:
Hello - Does anyone have a step by step on how to intercept SSL App Store traffic using BURP and a Windows 8 phone? I know that installed the BURP cert onto the phone is required. So steps on how to do this on the Windows 8 Phone would be great appreciated.
Click to expand...
Click to collapse
Whatever you're trying to do, it probably won't work due to certificate-pinning.
DaviUnic said:
Whatever you're trying to do, it probably won't work due to certificate-pinning.
Click to expand...
Click to collapse
The App does not use cert pinning.
The store does. This basically eliminates any possibilities of MITM attacks without having the root MS certificate.
DaviUnic said:
The store does. This basically eliminates any possibilities of MITM attacks without having the root MS certificate.
Click to expand...
Click to collapse
Correct..the store does. But I have sideloaded an app from a client that is having a pen test done. Therefore no cert pinning.
*SIGH* stop assuming things, people. Burp Suite is a *very* standard pen-testing tool. "The App does not use cert pinning" was a dead giveaway that the OP was talking about pen-testing a mobile app.
In theory, the process is really simple. Export the Burp public CA (Proxy -> Options -> Proxy Listeners -> CA certificate; make sure to rename it as a .CER file) and send it to the phone (Bluetooth, email, etc.; you should get a prompt to import the cert). Unfortunately, Burp is kind of lazy about how it generates its root certificates, so by default, the phone doesn't treat them as CA root certs. You can generate a custom cert manually and install it on the phone + have burp use it, but that's only going to work for one domain at a time and is a total pain. The other approach that I've found to work (which is silly, but hey, it *does* work) is to do the following:
1) Install Fiddler along with Burp (if you're not on Windows, you can probably use Fiddler via Mono).
2) Run Fiddler, enable SSL interception, disable automatic platform proxy configuration, set the proxy to listen on external connections, and install its root CA cert to the phone (similar to the way you do it from Burp).
3) Set the phone's WiFi proxy options to connect to the Fiddler IP and port.
OK... so far, you're now in a position to intercept traffic. If all you need is basic proxying, this is actually sufficient all by itself, and Fiddler does have a few cool features of its own. However, if you need real pentesting tools, like Burp Suite provides, there's a way to get that anyhow:
4) Run Burp, and set it to listen on a different port than Fiddler is using.
5) In Fiddler's options, configure it to use Burp as the upstream proxy.
6) Disable interception in Fiddler (so you don't have to manually forward traffic all the time) and proceed to use Burp as normal.
Yes, this is silly. It's the easiest solution I've found thus far, though, and I've used it myself.
Heh... I probably just gave technical advice to a competitor. Ah well. Good luck breaking stuff!
GoodDayToDie said:
*SIGH* stop assuming things, people. Burp Suite is a *very* standard pen-testing tool. "The App does not use cert pinning" was a dead giveaway that the OP was talking about pen-testing a mobile app.
In theory, the process is really simple. Export the Burp public CA (Proxy -> Options -> Proxy Listeners -> CA certificate; make sure to rename it as a .CER file) and send it to the phone (Bluetooth, email, etc.; you should get a prompt to import the cert). Unfortunately, Burp is kind of lazy about how it generates its root certificates, so by default, the phone doesn't treat them as CA root certs. You can generate a custom cert manually and install it on the phone + have burp use it, but that's only going to work for one domain at a time and is a total pain. The other approach that I've found to work (which is silly, but hey, it *does* work) is to do the following:
1) Install Fiddler along with Burp (if you're not on Windows, you can probably use Fiddler via Mono).
2) Run Fiddler, enable SSL interception, disable automatic platform proxy configuration, set the proxy to listen on external connections, and install its root CA cert to the phone (similar to the way you do it from Burp).
3) Set the phone's WiFi proxy options to connect to the Fiddler IP and port.
OK... so far, you're now in a position to intercept traffic. If all you need is basic proxying, this is actually sufficient all by itself, and Fiddler does have a few cool features of its own. However, if you need real pentesting tools, like Burp Suite provides, there's a way to get that anyhow:
4) Run Burp, and set it to listen on a different port than Fiddler is using.
5) In Fiddler's options, configure it to use Burp as the upstream proxy.
6) Disable interception in Fiddler (so you don't have to manually forward traffic all the time) and proceed to use Burp as normal.
Yes, this is silly. It's the easiest solution I've found thus far, though, and I've used it myself.
Heh... I probably just gave technical advice to a competitor. Ah well. Good luck breaking stuff!
Click to expand...
Click to collapse
You are always such a a help on these boards. It's great. Would the same be true if using the emulator? Or would that differ?
The emulator is a full virtual machine, so it almost certainly has its own cert store (instead of using the host system's store) and therefore you'd have the same problems. I'm not even sure how practical it would be to install the cert to the emulator; I've never tried. If you have the source, you could temporarily disable cert checking in the app I guess... but then, that's one of the most common findings I have with mobile apps, so don't do that unless you've tested the default SSL configuration very closely.
Also, I'm not actually sure how to set the proxy in the emulator. I've never tried before. Probably just easier all around to use a real phone.
Burp isn't showing traffic
GoodDayToDie said:
The emulator is a full virtual machine, so it almost certainly has its own cert store (instead of using the host system's store) and therefore you'd have the same problems. I'm not even sure how practical it would be to install the cert to the emulator; I've never tried. If you have the source, you could temporarily disable cert checking in the app I guess... but then, that's one of the most common findings I have with mobile apps, so don't do that unless you've tested the default SSL configuration very closely.
Also, I'm not actually sure how to set the proxy in the emulator. I've never tried before. Probably just easier all around to use a real phone.
Click to expand...
Click to collapse
Ok...stupid question regarding:
5) In Fiddler's options, configure it to use Burp as the upstream proxy.
I went into Fiddler and selected WinINET options to set Burp as the upstream proxy. So, in Burp, I have it listening on port 8080, All Interfaces, and Generate CA-Signed per host cert. Now in the WinINET (IE Settings), I have port 8080 but I'm not sure what to to put in for the Address field. Do I put my machine name or a specific ip? Burp is listening on all interfaces, so I obv don't want to put in localhost or 127.0.0.1. I also have the WP8 wifi settings to point to my machine name and fiddlers port 8888. I can see the traffic in Fiddler but not burp.
Please help. Thank you
First of all, I said in Fiddler's settings, not in WinINET ("Internet Options"). Tools -> Fiddler Options... -> Gateway -> Manual proxy configuration -> localhost:<PORT>.
With that said, you can just use the system proxy settings too (that's the default behavior in Fiddler); I don't recommend it though because then everything on your box will route through Burp which has unfortunate impacts on network performance and RAM usage.
Internet Properties -> Connections -> LAN settings -> "Use a proxy server for your LAN" -> Address: localhost, Port: <PORT>
In both cases, "<PORT>" means whatever port Burp is listening on (8080). I have no idea what you mean by "Burp is listening on all interfaces, so I obv don't want to put in localhost or 127.0.0.1" given that
A) that is exactly what you want to do
B) there is nothing I can think of that would even remotely lead to believe otherwise.
Granted, loopback is not an explicit network interface on Windows the way it is on Linux, but it is still treated as one in the kernel. Listening on "all interfaces" just means the socket was bound to 0.0.0.0 (or IPAddress.Any in .NET; there's an equivalent option in Java). Listening on 0.0.0.0 will get messages routed both through external interfaces and through localhost (127.0.0.1), or localhost wouldn't be nearly as much use...
GoodDayToDie said:
First of all, I said in Fiddler's settings, not in WinINET ("Internet Options"). Tools -> Fiddler Options... -> Gateway -> Manual proxy configuration -> localhost:<PORT>.
With that said, you can just use the system proxy settings too (that's the default behavior in Fiddler); I don't recommend it though because then everything on your box will route through Burp which has unfortunate impacts on network performance and RAM usage.
Internet Properties -> Connections -> LAN settings -> "Use a proxy server for your LAN" -> Address: localhost, Port: <PORT>
In both cases, "<PORT>" means whatever port Burp is listening on (8080). I have no idea what you mean by "Burp is listening on all interfaces, so I obv don't want to put in localhost or 127.0.0.1" given that
A) that is exactly what you want to do
B) there is nothing I can think of that would even remotely lead to believe otherwise.
Granted, loopback is not an explicit network interface on Windows the way it is on Linux, but it is still treated as one in the kernel. Listening on "all interfaces" just means the socket was bound to 0.0.0.0 (or IPAddress.Any in .NET; there's an equivalent option in Java). Listening on 0.0.0.0 will get messages routed both through external interfaces and through localhost (127.0.0.1), or localhost wouldn't be nearly as much use...
Click to expand...
Click to collapse
Fiddler gateway manual setting worked. Appreciate your time and help. Sorry if my last post was confusing or stated wrong.
shadowD1026 said:
Hello - Does anyone have a step by step on how to intercept SSL App Store traffic using BURP and a Windows 8 phone? I know that installed the BURP cert onto the phone is required. So steps on how to do this on the Windows 8 Phone would be great appreciated.
Click to expand...
Click to collapse
I know your question is related to "Burp" but then too felt like sharing a simple and elegant way to intercept SSL traffic for windows phone 8.
This blog contains step-by-step tutorial to set up traffic interception (both HTTP and HTTPs).
rikk(dot)it/blog/capture-windows-phone-8-network-traffic-with-fiddler/
:good:
Best way to do it...
shadowD1026 said:
Hello - Does anyone have a step by step on how to intercept SSL App Store traffic using BURP and a Windows 8 phone? I know that installed the BURP cert onto the phone is required. So steps on how to do this on the Windows 8 Phone would be great appreciated.
Click to expand...
Click to collapse
You can do it very easy. Default cert file' type of burp is "cacert.der", which is not recognized by windows phone. therefore, you can open 127.0.0.1 8080 which is the burp listener on your PC, then you will see the burp page, click on the "CA Certificate". then you will see the cacert.der is downloading. TIP: You must rename it. YES, you must rename it to "cacert.cer". then push it to your windows phone (e.g. by sending email to your inbox in you WP).
It is the time to open that file in your windows phone, then press install button. Finish.
"I decided to write things that I learned by experience. We always use the other's experiences by searching the web, but how much we pay time to write our experiences?"