DO NOT USE THIS!!
http://www.freewarepocketpc.net/ppc-download-pocket-pc-installation-creator-v2-3.html
I tried to use this app to create a cab file. It has an internal virus that changes the username of your phone to a Chinese variant when the created cab is run. (not sure why?)
Knew nothing about this until my Worldmate and Resco shut down on my TyTynII (they check their codes with username everytime you sync online).
Guess AV for WM is something to look at now!!
A virus? I doubt it...
Don't overreact and waste money on virus program for WM6. The experts may correct if I am wrong but I still can remember only 1 test case of a "sample" virus in windows mobile a few years back.
And changing your phone's user name to the chinese equivalent, considering it is possibly written by someone who is, uh, chinese, doesn't constitute a virus.
packetstorm said:
Don't overreact and waste money on virus program for WM6. The experts may correct if I am wrong but I still can remember only 1 test case of a "sample" virus in windows mobile a few years back.
And changing your phone's user name to the chinese equivalent, considering it is possibly written by someone who is, uh, chinese, doesn't constitute a virus.
Click to expand...
Click to collapse
I did not suggest to anyone to go out and buy AV software but, I can send you the .cab file if you would like to check for youself??
A virus or Trojan would not have to specifically work with onboard comms apps on the WM unit but so many people (especially in the US) are tethering there devices now giving a 'back door' so to speak..
It would not take much for a small packe on your WM device to drop items into your Outbox and when you sync, hey presto, it goes.
Basic PC AV would not see this.
EDIT: OK, for want of a better term, cal it Malware...Take a look at this, it's a bit long winded but gives you some idea. http://www.symantec.com/avcenter/reference/malicious.threats.to.pdas.html
Related
I may be shooting myself in the foot for asking this, but is there a way to transfer programs/Apps from one PPC (iPAQ 4355) to another (HTC Kaiser) without having the .exe files?
There are a few on my old PPC that I still like to use, but don't want to have to re-buy again.
For most, there's no need to buy again. Download the installer, pump in your serial number, and it'll run just fine. The only exception to this I can think of on my phone is Voice Command, which does require the licensed installer app.
PerfAlbion said:
For most, there's no need to buy again. Download the installer, pump in your serial number, and it'll run just fine. The only exception to this I can think of on my phone is Voice Command, which does require the licensed installer app.
Click to expand...
Click to collapse
Care to elaborate? How do I go about getting the downloader? Some of these apps I have had for a while, so it would be hard (if not impossible) to get the serial #'s
Thanks
If the version hasn't changed, it's pretty much hit the manufacturer's web page, download, and run.
The serial numbers would be your issue, though. If you don't have those and your app doesn't display it in "Help-About," the registration page, or some place similar, you'd need to have it archived somewhere. I'm an e-mail packrat so I've got mine going back years. Some manufacturers will e-mail you your serial numbers if you ask support, though. Recovery from hard resets or replacement phones.
If you can't find them somehow, you have to figure out what directories and registry hives to backup, back them up, move them over, and hope that it works.
I read somewhere of a program to move all softwares from one device to another without installing, but i didn't downloaded it then. Now I dont even remember the name for it. Sorry. But you try searching it, if u get it pls let us know. I'll do the same. Thanx.
Is there possible software out there in the form of our cab install files that are spyware? Is it possible for people to see what we are doing in our phones and pocketpcpdas? like a logging tracking type of software imbeded in our device which tells people what we are doing? what we are downloading..etc..etc..just like how the government can listen to our phone calls. Are possibley our favorite applications such as microsoft live/live search ot tomTom7 tracking software which is telling companies or the government what we are doing on our devices? like how Skyfire can log what you are doing with their web browser through their servers...
....just wanted to know if its possible and has anybody heard of such things
There have been trojans in the wild for pocket pc - the Brador.A trojan did open a backdoor exploit to allow remote access to a device. And there have been other nasty things for Palm.
But, they've been really rare, and mostly proof of concept kind of things. I'd say the far greater risk is that, if you use *.exe installers from your desktop or laptop to put software on your mobile, that the desktop or laptop could become infected by something seeded in the *.exe file.
So, always scan any installers, ideally as you download (ie. with and AV app integrated with your browser, like Norton) before you execute them. When docked to your PC, you can also scan your mobile - I use Vista on one of my machines at home, and dock my Tilt to it without setting it up, so it's just like any other mass storage device. Norton will scan it like any other drive or storage device.
moegdaog said:
Is there possible software out there in the form of our cab install files that are spyware? Is it possible for people to see what we are doing in our phones and pocketpcpdas? like a logging tracking type of software imbeded in our device which tells people what we are doing? what we are downloading..etc..etc..just like how the government can listen to our phone calls. Are possibley our favorite applications such as microsoft live/live search ot tomTom7 tracking software which is telling companies or the government what we are doing on our devices? like how Skyfire can log what you are doing with their web browser through their servers...
....just wanted to know if its possible and has anybody heard of such things
Click to expand...
Click to collapse
While this is not "spyware" it certainly does what spyware would do - right? report without your knowing it what the phone user was doing?
http://www.pocketpc-live.com/pocketpc-softwares/ultimate-theft-alert-v3-for-pocket-pcs.html
Bill
Yep... but usually it's yourself installing that thing so I wouldn't qualify it as spyware...
Unless someone grabs your phone from you and installs the software against you without you knowing it
Anything is possible when you put your mind to it. I bet if you talked to enough coders you'd find one that would help you write Spyware.
Possible? Yes. Probable? No.
o ok..just wanted to get some general knowledgeon this subject cuz i would hate to have to worry about trojans on my pda maaan.
moegdaog said:
o ok..just wanted to get some general knowledgeon this subject cuz i would hate to have to worry about trojans on my pda maaan.
Click to expand...
Click to collapse
Now - Let's say that you were oh say Chinese - and that you knew that LOTS of foreigners were coming over for say - oh - a lot of games - would you PAY someone to put spyware on their phones?
hmmmm. . . MAYBE...
Just a thought...
Bill
Is there a software (preferably freeware, if none, then to buy) to make passwords or some sort of protection for folders on the HTC Touch Diamond to encrypt and protect others from accessing my files? Please do tell me if you know any.
I'm also looking for something to put passwords on my folders.
im lso lookng forvsomeway to password my messages in particular, bit assume that this isnt possible due to TF3D??
I dunno actually. I hope someone knows about a software. I would buy it if there was no freeware software =/
Nobody knows of any software for this?
Sentry 2020 adds a virtual sd-card to your diamond and can have strong encryption. works great on my
diamond
Frank
flying-trickster said:
Nobody knows of any software for this?
Click to expand...
Click to collapse
I found this one for free:
MOD EDIT: We do not support Warez! Let this be your first and last warning!
An other (very good one) is Secubox. It not free.
Herbie
http://www.cypherix.com/cryptainerppcle/index.htm is also a free option
Another alternative
FreeOTFE4PDA (http://www.FreeOTFE.org/) does the same sort of thing as sentry2020 and secubox (creates a virtual storage card), but is opensource (free), and pretty good.
Buy hidemystuff.
It works like a charm on the diamond.
You have to buy it , its not for free
But it WORKS!!!!!!
http://handheld.softpedia.com/get/Security/Utilities/Hide-My-Stuff-21458.shtml
Does anyone know a way to scan a PPC/WM6 cab file for viruses using a PC? I do not really want to install any AV on the cell (slowing it down more).
Thanks!
Well the best way to avoid viruses is to only get content from trusted sources
But the only way to be sure I guess is to find a program like 7zip or another program that supports extracting CABs and then scan the files.
I have Sophos installed on my PC - if I right hand click on the cab I can scan it.....
Perhaps not the same for other PC anti virus software?
i thought malware that attacks WinMo is so rare and infrequent that it is almost pointless to have antivirus software for your ppc...i could be wrong but that is the impression i have acquired so far after more than 1 year of heavy use of windows mobile
because cab files are meant for your ppc, i think it is highly unlikely that they will be infected by malware (that can attack your ppc) in the first place
finally, i'm not certain most DESKTOP antivirus software would even detect malware meant for the MOBILE
(all of the above is pure conjecture based on some observations and practical experience)
ASCIIker said:
i thought malware that attacks WinMo is so rare and infrequent that it is almost pointless to have antivirus software for your ppc...i could be wrong but that is the impression i have acquired so far after more than 1 year of heavy use of windows mobile
because cab files are meant for your ppc, i think it is highly unlikely that they will be infected by malware (that can attack your ppc) in the first place
finally, i'm not certain most DESKTOP antivirus software would even detect malware meant for the MOBILE
(all of the above is pure conjecture based on some observations and practical experience)
Click to expand...
Click to collapse
That is all correct. I actually bought a 1 year license for Norton Smartphone Security, and one of its cooler features was to see all of the mobile viruses there were definitions for in its database. 12. There were 12 mobile viruses, maybe a few more by now. And most of them were for Symbian, so there were maybe one or two viruses natively for WM (and one asked you if you wanted your device infected or not!). There were also a couple java ones, but all of the mobile viruses came from obscure, malicious sites you shouldn't go to anyway!
It's just not even worth worrying about mobile viruses, you're most likely never going to encounter one (at least if things stay like they are now).
Dave
Agreed. Smartphone security is really not a risk at all right now, it's too obvious when something is installing and too hard to accomplish it without being detected.
Just worry about your PC and your smartphone will be fine
I've been searching for .XAP decompiler/disAssembler (to do reverse engineer) for phone 8 xap files. I've seen that the new .xap files are not longer simple .zip/.rar files. They have something more.
In short I'm asking something similar to http://forum.xda-developers.com/showthread.php?t=1443692 for phone 8 . Does anyone know any (free) tool which can help me out ?
Could you please attache XAP? I'll investigate it.
Sure
Please see the attachment.
It appears MS have encrypted XAPs now - this has a PlayReady DRM header:
Code:
<WRMHEADER xmlns="http://schemas.microsoft.com/DRM/2007/03/PlayReadyHeader" version="4.0.0.0"><DATA><PROTECTINFO><KEYLEN>16</KEYLEN><ALGID>AESCTR</ALGID></PROTECTINFO><KID>w3i0edJP7EOqQ6aQzdAoSQ==</KID><LA_URL>http://microsoft.com/</LA_URL><CUSTOMATTRIBUTES xmlns=""><S>9FcV5qmfIsMc+X2MVmX3Hw==</S><KGV>0</KGV></CUSTOMATTRIBUTES><CHECKSUM>Hu3+fizBvKU=</CHECKSUM></DATA></WRMHEADER>
So, does it mean I'll never be able to decompile any .xap ?
XAPs downloaded from the Marketplace are encrypted starting sometime in summer last year. That was also the time when devices that had not installed the WP7.5 update lost access to the Marketplace.
So unless you know the decryption key no: you won't be able to decompile XAP files downloaded from the Marketplace. As for XAPs you get from a Dev directly or created yourself - those should still be in the same ZIP-Format as before.
if we get admin access on the phone we can make the phone to decompile it for us and then make an unencrypted version of the .xap
StevieBallz said:
XAPs downloaded from the Marketplace are encrypted starting sometime in summer last year. That was also the time when devices that had not installed the WP7.5 update lost access to the Marketplace.
So unless you know the decryption key no: you won't be able to decompile XAP files downloaded from the Marketplace. As for XAPs you get from a Dev directly or created yourself - those should still be in the same ZIP-Format as before.
Click to expand...
Click to collapse
Does anybody developed some hack to see content of .xap files which are from market place ? if yes, where can I get it ?
ellokomen said:
if we get admin access on the phone we can make the phone to decompile it for us and then make an unencrypted version of the .xap
Click to expand...
Click to collapse
And how can I get admin permission on my phone win 8 phone ? In other words, is it possible to get admin permission on win 8 mobile ?
@shek007
WP8 is much more secure than WP7. So it will take much time or never to hack the OS.
Regarding the xap decompile, it seems you are insisting on 'hacking'. That is a bad behaviour, trying to steal other's logic/data If it's your's or friend's .xap, then you'll get access to the code. Otherwise you have no right to decompile the code if it's not yours or the others didn't provide you access.
Anyway, you got the answer back then: no, it won't work.
shek007 said:
And how can I get admin permission on my phone win 8 phone ? In other words, is it possible to get admin permission on win 8 mobile ?
Click to expand...
Click to collapse
1. No one knows what "win 8 phone" and "win 8 mobile" are. Never heard of those.
2. Go somewhere else to discuss theft.
narrowing the subject to "theft" is not appropriate as when one wants to make out the most of some applications.
Examples are: Decompile the Field Test app from nokia to see the internal API calls to the radio module in order to obtain RF related data, such as cell ID, MCC+MNC, Ec/Lo etc..
using this API calls we can make Apps for RF field engineers to test the network performance and signal levels using the Lumia phone.
This functionality is well known on others smartphones but lacking in Windows Phone platform so far.
Another example will be using multiple whatsapp accounts in the same phone ( another functionality from other mobile platform missing in WP)
As far as I understood the security architecture not just any App would be able to access those APIs even if it knew about them. It requires special permissions and I would guess that at the moment those are not available with a regular Developer Unlock.
As for decrypting the file or gaining access to the phone and extracting the data from there: WP8 security has not yet been broken. There might be people working on it but for now we know of no way to do it.
StevieBallz said:
As far as I understood the security architecture not just any App would be able to access those APIs even if it knew about them. It requires special permissions and I would guess that at the moment those are not available with a regular Developer Unlock.
As for decrypting the file or gaining access to the phone and extracting the data from there: WP8 security has not yet been broken. There might be people working on it but for now we know of no way to do it.
Click to expand...
Click to collapse
Idk if you guys know about this website... [http]://xapapp[dot]blogspot.com/
this guys does exactly what the OP asked. If m wrong then please correct me
I guess I'll have to wait until I can learn about this
Btw, I never had intention to hack/theft others app..
tai4de2 said:
1. No one knows what "win 8 phone" and "win 8 mobile" are. Never heard of those.
2. Go somewhere else to discuss theft.
Click to expand...
Click to collapse
1. Yes. No one knows what win 8 phone is.
That is why YOU are on this forum thread., because is called just like that. "Windows Phone 8" looks similar to windows 8 phone. Or not.
2. " Windows Phone 8 Development and Hacking>> Windows Phone 8 Q&A, Help & Troubleshooting" is the name of this thread. So, where else could discuss hacking windows 8 apps.
You just needed to post something.
I just needed to reply (two years later), so I joined to forum. :laugh:
BTW are there any new tools for decompile xap files?
Please don't necropost!
Posting here rather in a PM in the hopes that others will see and remember...
You just posted in a 22-month-inactive thread. This violates a near-universal guideline (sometimes rule) of online forums: do not post in dead threads (common called "necroposting"). Your post added nothing of value and effectively constitutes spam, as it brings a thoroughly outdated thread to the top of the forum list. It's much better to create a new thread (linking the old one, if you feel that will help) as then people who read earlier posts in the thread but don't notice the datestamps won't be seeing stuff that is years out of date.
While I agree that the person you responded to was being needlessly pedantic, it does seriously annoy some members of the community to have people screw up the name of the OS. Win8 and WP8 have about as much in common as Mac OS X and iOS; that doesn't mean it's reasonable to say an iPhone runs "Phone OS X". The fact that there existed a legacy (and *very* different) OS called Windows Mobile (or WinMo), and that people routinely seem to think that WP is just the continuation of WinMo (it's really, really not), is a large part of why some folks stomp on people who use the wrong name for the OS.
Decompiling apps is easy. Breaking PlayReady DRM is really, really hard. There's no decompiler anywhere I know of that can take a DRMed XAP and decompile it. You'll have to get the app without DRM encryption if you want to decompile it.
PLEASE DO NOT POST ANY MORE IN THIS THREAD!