Database Develop

Extended ROM - Some CABs don't Execute

I'm trying to customize a few Extended ROMs here and I'm running into some stubborn CABs. When installed manually, everything works fine. No warnings, no errors. Just click the CAB, let it do its thing, then click OK.
Put these same ROMs into an Extended ROM and hilarity ensues. Some will work, others will not and I don't know why. Any suggestions on what I might be missing will be greatly appreciated.

Quick question?
Are the CAB's signed, if not are you installing the 'signed' unsign CAB 1st .

Edit: Thinking more about this (and realising that the 1st thing you do is disable signing in your ROM's ) can you provide a little more info about the CAB's (maybe an offending CAB if the content is not private?).
I managed to replicate this issue with a CAB that had a warm reset as part of it's install process (seems to bork the autoexec batch process) and I have had a similar issue with a CAB that just contained some simple OMA in the _setup.xml.
John

yes, that's the point. But how to make any Unsigned CABs become Signed?

huangyz said:
yes, that's the point. But how to make any Unsigned CABs become Signed?
Click to expand...
Click to collapse
Without wanting to sounds facetious you sign them ;-)
You would use a private key to generate an Authenticode signature for the CAB (and maybe the apps inside if you need to) however you would still need to install the ROOT certificate into the code stores on your device. Or get your app signed by a 3rd party with a certificate that has it's ROOT already on the device (MS's MobileToMarket and things like that take care of this for ISV's that need it).
Once you have the ROOT cert on the device in the correct store signing is trivial, you either use SignTool.exe from many of the MS SDK’s or just use the GUI options if Visual Studio is your poison. All you need is an export of the PKF (Private key) and the password to the certificate.
In enterprises one of the 1st things people often do before giving Windows Mobile devices out to users is to install a ROOT certificate for the enterprise onto the device in both the code and transmission stores. This means from then on you can sign in-house apps and CAB’s and they behave as signed commercial apps and you can use features like internal signed SSL for ActiveSync etc. etc.
Don’t forget you can also do away with a lot of this by installing the HTC signed “Disable Certificates” CAB 1st and then the signatures are not checked on subsequent CAB’s, EXE’s or anything code related for that matter.

djwillis said:
huangyz said:
yes, that's the point. But how to make any Unsigned CABs become Signed?
Click to expand...
Click to collapse
Without wanting to sounds facetious you sign them ;-)
You would use a private key to generate an Authenticode signature for the CAB (and maybe the apps inside if you need to) however you would still need to install the ROOT certificate into the code stores on your device. Or get your app signed by a 3rd party with a certificate that has it's ROOT already on the device (MS's MobileToMarket and things like that take care of this for ISV's that need it).
Once you have the ROOT cert on the device in the correct store signing is trivial, you either use SignTool.exe from many of the MS SDK’s or just use the GUI options if Visual Studio is your poison. All you need is an export of the PKF (Private key) and the password to the certificate.
In enterprises one of the 1st things people often do before giving Windows Mobile devices out to users is to install a ROOT certificate for the enterprise onto the device in both the code and transmission stores. This means from then on you can sign in-house apps and CAB’s and they behave as signed commercial apps and you can use features like internal signed SSL for ActiveSync etc. etc.
Don’t forget you can also do away with a lot of this by installing the HTC signed “Disable Certificates” CAB 1st and then the signatures are not checked on subsequent CAB’s, EXE’s or anything code related for that matter.
Click to expand...
Click to collapse
I am NOT a software developer so, most of your opinions sound enigmatic to me except that the last one: put the HTC signed "Disable Cert" in the 1st place of the ext-rom config.txt.
Thanks very much! I'll try later on.

gamescan said:
I'm trying to customize a few Extended ROMs here and I'm running into some stubborn CABs. When installed manually, everything works fine. No warnings, no errors. Just click the CAB, let it do its thing, then click OK.
Put these same ROMs into an Extended ROM and hilarity ensues. Some will work, others will not and I don't know why. Any suggestions on what I might be missing will be greatly appreciated.
Click to expand...
Click to collapse
most problably you forgot to set some cab file to read-only before saving the extende-rom.check the cabs atrebutes and the config.text file while inside de program that you are using to edit the extended-rom.its not because they are not signed as long you got the cert .cab set to be the first to be installed.also cab files that require user input will not work.this is from experience, as posted above.

huangyz said:
I am NOT a software developer so, most of your opinions sound enigmatic to me except that the last one: put the HTC signed "Disable Cert" in the 1st place of the ext-rom config.txt.
Thanks very much! I'll try later on.
Click to expand...
Click to collapse
So, where did you found the signed Disable_Cert.cab?

faria said:
most problably you forgot to set some cab file to read-only before saving the extende-rom.check the cabs atrebutes and the config.text file while inside de program that you are using to edit the extended-rom.its not because they are not signed as long you got the cert .cab set to be the first to be installed.also cab files that require user input will not work.this is from experience, as posted above.
Click to expand...
Click to collapse
Sorry to ping an old thread - flogging to proceed immedietly after...
Being that this is a windows device, isn't there a flag that can be passed when executing the cab - like you can on a windows installer application? Similar to setup.exe -q or whatever you're trying to do. Some flags set the answers to yes, admin mode... you get the picture. Does the cab installer engine allow similar flags to get passed with the cab execution command?

In PPC, it calls wceload.exe to install and uninstall a cab.
As shown in http://msdn2.microsoft.com/en-us/library/ms926281.aspx , the only possible argument is to ask or not ask for destination, but no quiet mode.
How can you call wceload.exe manually at ExtROM installation may be a question.

$10 BOUNTY!!! Fix my OpenVPN

I'm offering up a bounty of $10, payable immediately by Paypal, to anyone who can help me figure out how to make OpenVPN (using Hidemyass Pro) correctly run on my HTC Incredible with Virtuous 3.2 Rom installed.
I used the following directions from this site to set up OpenVPN:
Easy way - OpenVPN on rooted/S_OFF Incredible with BusyBox installed:
This is by far the easiest way to set up OpenVPN. Make sure you copy your config file and any relevant keys to a folder on your sdcard.
If you do not have tun.ko on your system, then you can download it for 2.2 (tun.zip) or 2.1 (inside openvpn.zip) attached to this post.
Next, download the following two apps from the Android Market:
OpenVPN Installer
OpenVPN Settings
Next, run OpenVPN installer, click install, give it an install path (I prefer /system/xbin), and give it the path to BusyBox.
Finally, run OpenVPN Settings. Go to Menu -> Advanced, make sure "Load tun kernel module" is checked.
Click on "TUN module settings"
Change "Load module using" to insmod
Change "Path to tun module" to... the path to your tun.ko file. Click back.
Update "Path to configurations" and "Path to openvpn binary".
That should be it!
Okay, so let me be clear in explaining exactly what I've done:
1) I used OpenVPN installer, clicked install, and pointed the install path to /system/xbin and then to Busy box - Binaries installed perfectly without a problem
2) I put all the Hide My Ass Config files into a folder on my SD card called Openvpn (/sdcard/openvpn)
3) I opened the advanced menu and checked "Load tun kernal module"
4) Changed the "Load Module Using" to insmod
5) Changed the Path to tun to (/sdcard/openvpn/tun.ko) - this is the folder where I put all my config files, including tun.ko
6) Changed "Path to configurations" to (/sdcard/openvpn) - which, just like the tun.ko file, is where the config files are located, along with the keys
7) Kept "Path to Binaries" as default setting (/system/xbin/openvpn)
So, after all this has been accomplished, it lists my VPN's servers and I click on one of them. It asks me for my login credentials, and when I put them in, I get the following error:
Fatal;"Cannot load certificate file./keys/hmauser.crt: error:02001002:systemlibrary:fopen:No such file or directory: error: 20074002:BIO.routines:File_CTRL.system lib: error:140AD002:SSL routines: SSL_CTX_use_certicate_file:system lib
Don't know what this means and don't know where to begin to fix the problem. But as I said, first person who gets me online using openvpn will get $10 by Paypal immediately. Who's in?!
If this helps, here's where I got the Hide My Ass Config files:
http://hidemyass.com/vpn-config/

Virtuous 3.2?

digitalicecream said:
Virtuous 3.2?
Click to expand...
Click to collapse
Yes, Virtious 3.2

lol
10ch

EDIT: Think I found your problem. Open the .ovpn file and look for
ca ./keys/ca.crt
cert ./keys/hmauser.crt
key ./keys/hmauser.key
change ./keys/ to where you are storing the files.

FredMan said:
EDIT: Think I found your problem. Open the .ovpn file and look for
ca ./keys/ca.crt
cert ./keys/hmauser.crt
key ./keys/hmauser.key
change ./keys/ to where you are storing the files.
Click to expand...
Click to collapse
It looks like the .ovpn files are all the same, more or less. I don't know where to find what you're mentioning above.
Here are all the files HMA provides. Which of these should i change?:
http://hidemyass.com/vpn-config/

Pick one that is closest to you.
Open it up and look for
Code:
ca ./keys/ca.crt
cert ./keys/hmauser.crt
key ./keys/hmauser.key
Change ./keys/ to ./sdcard/openvpn/

FredMan said:
Pick one that is closest to you.
Open it up and look for
Code:
ca ./keys/ca.crt
cert ./keys/hmauser.crt
key ./keys/hmauser.key
Change ./keys/ to ./sdcard/openvpn/
Click to expand...
Click to collapse
I changed it, but now I get the same error message but with the above thread:
Fatal;"Cannot load certificate file./sdcard/Openvpn/hmauser.crt: error:02001002:systemlibrary:fopen:No such file or directory: error: 20074002:BIO.routines:File_CTRL.system lib: error:140AD002:SSL routines: SSL_CTX_use_certicate_file:system lib
What does the "." before "/sdcard" mean? Am I manipulating the data incorrectly or is there something else I should try?

it's case sensitive Make sure the folders match. Try it with and without the "."

FredMan said:
it's case sensitive Make sure the folders match. Try it with and without the "."
Click to expand...
Click to collapse
You are so close to getting that $10!!
I changed the sequence to /sdcard/Openvpn and for the first time, it actually tried to authenticate and login. But now I got a new error.
It goes through the following:
Auth
Get Config
A quick Ip number that I can't read
then, the following error:
"FATAL: Linux ifconfig failed: could not execute external program"
Any idea how to fix this? I feel like we're very close!!

i dont want the bounty. Just helping out.
open terminal emulator and do
ls /system/xbin
Click to expand...
Click to collapse
look to see if 'ifconfig' is there

FredMan said:
i dont want the bounty. Just helping out.
open terminal emulator and do
look to see if 'ifconfig' is there
Click to expand...
Click to collapse
Thanks for helping out...
Since I have s-off, I'm guessing I'd have to boot into recovery to do anything in terminal emulator (earlier I was told I'd need to do this to use ADB Shell). Is this correct?
I have Astro file viewer on my phone, can I accomplish the same thing by just looking in the folder with that?

You can use astro, just make sure it's there.

FredMan said:
You can use astro, just make sure it's there.
Click to expand...
Click to collapse
Just checked. Yes, it's there. I noticed in the original post on how to set up OpenVPN, posts # 5-8 deal with this exact issue.
http://forum.xda-developers.com/showthread.php?t=702634
I'm not sure what, if anything, I should do with the file the OP posted in post #8, since this was months ago, and the version of OpenVPN I downloaded came out of the market this week. Also, from his original post, it looks like the OpenVPN he attached is for 2.1 not 2.2.
Any ideas?

Stockmoose16 said:
Just checked. Yes, it's there. I noticed in the original post on how to set up OpenVPN, posts # 5-8 deal with this exact issue.
http://forum.xda-developers.com/showthread.php?t=702634
I'm not sure what, if anything, I should do with the file the OP posted in post #8, since this was months ago, and the version of OpenVPN I downloaded came out of the market this week. Also, from his original post, it looks like the OpenVPN he attached is for 2.1 not 2.2.
Any ideas?
Click to expand...
Click to collapse
I GOT IT!!!!!
I had followed the original directions, which said to put ifconfig in system/xbin/bb, but I just reinstalled the binaries in system/xbin and it connected.
Don't know why the original directions were off, but I am so happy. Thank you so much.

Congrats! Have Fun.

FredMan said:
Congrats! Have Fun.
Click to expand...
Click to collapse
Since you were so helpful, can I trouble you for one more question that you may or may not know the answer to?
I have Tasker on my Android and I need it to kill the OpenVPN session when I'm using a certain wifi. This was easy to do with the VPN 1 plugin for PPTP, but I don't know how to make it kill an OpenVPN session (tried to set it up, but it seems to keep trying to reconnect and less I manually toggle off "OpenVPN" in "OpenVPNSettings."
Wanna take a crack?

I will look into it. Love Tasker.

INTERNAL xap installer

Could someone to develop INTERNAL xap installer program [ homebrew] that
will be able to install xap inside phone ?
Thanks.

the os already has its own framework for that so no point, the installation of non signed apps is discussed loads on the forum. An app is avail called chevron to achieve it, unless you have updated your phone it should still work

I have investigated this. No luck so far. But I have a couple of leads that may let me make it. But it needs more research. I will have a look at it soon. But I can't give an ETA. So far I know there are no others that have succeeded so far.
Ciao,
Heathcliff74

This will be key for cydia/installius kind apps for WP7

anarchyuk said:
the os already has its own framework for that so no point, the installation of non signed apps is discussed loads on the forum. An app is avail called chevron to achieve it, unless you have updated your phone it should still work
Click to expand...
Click to collapse
is it possible ? I like to install apps inside the phone as in WINMO.
I can have XAP on skydrive a if i click it on browser it will automatically download and install, this will be awsome.

marek1 said:
is it possible ? I like to install apps inside the phone as in WINMO.
I can have XAP on skydrive a if i click it on browser it will automatically download and install, this will be awsome.
Click to expand...
Click to collapse
Nope. Not possible. Read my previous answer. Anarchyuk did not understand your question correctly.
Sent from my OMNIA7 using XDA Windows Phone 7 App

Heathcliff74 said:
Nope. Not possible. Read my previous answer. Anarchyuk did not understand your question correctly.
Sent from my OMNIA7 using XDA Windows Phone 7 App
Click to expand...
Click to collapse
Why is not possible, reason ? Will Mango make it possible ?

marek1 said:
Why is not possible, reason ? Will Mango make it possible ?
Click to expand...
Click to collapse
No. Microsoft doesn't want you to sideload apps. They want you to use the Marketplace. If you would be able to use an internal xap installer, you would be using it for sideloading.
It is not possible to use the API's for installing XAP's because you need TCB access for that. Normal apps have only LPC access, so normally you can't create an app for that. Needs hacking.
Ciao,
Heathcliff74

Would this type of access be possible with the 'DLLImport Project'?

So today i installed a random app from marketplace to see what was going on i the process-list. Here i saw "PacmanInstaller.exe" (after "Downloading..." > "Installing..."); later i tried to remote execute that one without any important args, and it said "This application can not run in Win32 mode.", eh? Didn't that exe just ran in the process list. Seems weird not to be able to launch that one. (it did not say the exe did not exist).
Tested another thing to, what happens when i deploy an app from Visual Studio??
>PacmanInstaller.exe shows up there too.?!?!?
THEN WTF, WHERE IS THE DRM?
Found this in "PacmanInstaller.c":
if ( v19 != v2 )
*(_DWORD *)(v17 + 4 * v18 - 4) = L"ID_CAP_DEBUG";
XAP > Phone side:
- IO Explorer, all files have the exact same byte size, no magic changes added "ID_CAP_DEBUG""
- No "WMAppPRHeader.xml" added (generated/downloaded)
__
This means its just copying it to phone (XAP).
Runs pacman to register app > \Applications\Install\GUID\Install
"PacmanInstaller.exe GUID" ??
>Cant execute remote PacmanInstaller? From within?
Just having fun, thanks

SimzzDev said:
Would this type of access be possible with the 'DLLImport Project'?
Click to expand...
Click to collapse
Nope. DllImport project is about accessing native API's. Not really about elevating privileges (so far). The package manager API's are native API's, but they require elevated privileges too. For having higher privileges you need to hack the system...
fiinix said:
So today i installed a random app from marketplace to see what was going on i the process-list. Here i saw "PacmanInstaller.exe" (after "Downloading..." > "Installing..."); later i tried to remote execute that one without any important args, and it said "This application can not run in Win32 mode.", eh? Didn't that exe just ran in the process list. Seems weird not to be able to launch that one. (it did not say the exe did not exist).
Click to expand...
Click to collapse
"This application can not run in Win32 mode" is error 0xbf:
Error 0xbf: error_invalid_exe_signature
Description: Cannot run <application> in Windows NT mode
Or: Cannot run <application> in Win32 mode
This means that your executable is not properly signed / elevated to launch into the required account.
fiinix said:
This means its just copying it to phone (XAP).
Runs pacman to register app > \Applications\Install\GUID\Install
"PacmanInstaller.exe GUID" ??
>Cant execute remote PacmanInstaller? From within?
Just having fun, thanks
Click to expand...
Click to collapse
C'mon fiinix! You of all people should know!!
Code:
<!-- Rule loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(405,6) -->
<Rule PriorityCategoryId="PRIORITY_STANDARD" ResourceIri="/LOADERVERIFIER/ACCOUNT/(+)/ACCOUNT_CAN_LAUNCH/NONE/NONE/PRIMARY/WINDOWS/PACMANINSTALLER.EXE" SpeakerAccountId="S-1-5-112-0-0-1" Description="Only TCB can launch into this chamber">
<!-- Authorize loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(406,10) -->
<Authorize>
<!-- Match loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(407,14) -->
<Match AccountId="S-1-5-112-0-0-1" AuthorizationIds="LV_ACCESS_EXECUTE" />
</Authorize>
<!-- Stop loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(409,10) -->
<Stop>
<!-- Match loaded from: \IMGFS\969eb155-55ff-4884-9ecb-241c8a4b6e09.policy.xml(410,14) -->
<Match AccountId="S-1-5-112-0-0XFF" />
</Stop>
</Rule>
That's why you can't run it! So, not the right account to launch. Not even when you use the Samsung exploit. Because that uses "Elevated". Not "TCB".
The proper way to call PacmanInstaller.exe is:
Code:
pacmaninstaller.exe <int> <guid>
I'm not really sure, but the <int> is the type of operation. Possible values are between 1 and 7 if I recall correctly. The guid is the applicationid. So far I know, the PacmanInstaller looks in \Application Data\Phone Tools\10.0\Install. That is where the xap's are initially uploaded to the phone and extracted by the packagemanger.
Ciao,
Heathcliff74
PS. New version of WP7 Root Tools coming up....

"Not even when you use the Samsung exploit. Because that uses "Elevated". Not "TCB"."
> What about "\Windows\Startup\"
That one launch what ever lnk (exe pointer) listed under startup directory. Would be an opportunity to restart after installed all "cydia" apps on the phone.

Another small but interesting find:
>Checking the mail launches another "servicesd.exe".
All those exe's of multiple sessions like "udevice.exe" and "servicesd.exe" go with an arg, right? then what is put in? Maybe an dll as arg?
>Then again, the custom dll (VS2008 made) will not run due it does not have "LV_ACCESS_EXECUTE", so that locks TCB out for dll arg inject.
udevice.exe (Driver host, runs under "SYSTEM" level)
servicesd.exe (Ordinary exe for dll host)
So making custom drivers wont work... (probably),
to be middle hand for executing under SYSTEM.
edit:
haha post "404" (current post count)
>HTTP Not Found.

Heathcliff74 said:
No. Microsoft doesn't want you to sideload apps. They want you to use the Marketplace. If you would be able to use an internal xap installer, you would be using it for sideloading.
It is not possible to use the API's for installing XAP's because you need TCB access for that. Normal apps have only LPC access, so normally you can't create an app for that. Needs hacking.
Ciao,
Heathcliff74
Click to expand...
Click to collapse
OK,I know that MS don't want to allow but I want to to know if is possible to hack it and do the internal XAP installer ? That's why I am asking.
I think that everybody who have unlocked phone will appreciate it !!

As everyone already said.. CANNOT be done. There's no, "I want to know if someone can hack this". The people working to bring full file/registry access and a better experience to all phones are too busy to worry about trying to make an internal xap installer. Just hook the damn thing up to a computer and use the applications to push a xap to your phone and be happy. I'm no admin or anything, but please don't pester over something like this.

[XAP] [REQUEST] Can someone with an Ativ S upload DiagnosticTool_Sprint for me?

I am hoping that someone with an Ativ S can download the "DiagnosticTool_Sprint" from the Windows Phone store and upload it here. It is available if you set "oemId=htc" in fiddler. I think there are some hidden pages we can use to interop unlock HTC.
Link:
"DiagnosticTool_Sprint" for Windows Phone http://www.windowsphone.com/s?appid=e69a2877-59b8-43ed-898d-554fbc4b8b2b
Thanks!

To be clear, you are asking that somebody download this HTC app to their phone and install it, then use the MTP full file system access to extract the binaries for reverse engineering? Sounds like a plan, if I could persuade my phone to do the full file system access thing right now I would (away from home, on my Surface RT right now).

compu829 said:
I am hoping that someone with an Ativ S can download the "DiagnosticTool_Sprint" from the Windows Phone store and upload it here. It is available if you set "oemId=htc" in fiddler. I think there are some hidden pages we can use to interop unlock HTC.
Link:
"DiagnosticTool_Sprint" for Windows Phone http://www.windowsphone.com/s?appid=e69a2877-59b8-43ed-898d-554fbc4b8b2b
Thanks!
Click to expand...
Click to collapse
Hi
first to download this app we need someone with a sprint device to grab correct url using fiddler.
like this one:
Code:
http://marketplaceedgeservice....................os=8.0.10512.0&cc=us&lang=en-us&hw=268473858&moid=sfr-fr/
this way we can have correct hw & moid value & install on any device...

@GoodDayToDie yup. that is what I am asking for. Based on what @thals1992 saw when he was playing with this on his 8XT is that depending on what dial codes you put in, the same app loads with different pages.
@xboxmod the only thing that needs to be changed to enable downloading from the store is the oemId. It needs to be HTC. I was able to download it to my T-Mobile Branded 8x (which Sprint doesn't even sell) with no issues. (it's moID is "null" for some reason on my phone after applying GDR3 and hard resetting)

compu829 said:
@xboxmod the only thing that needs to be changed to enable downloading from the store is the oemId. It needs to be HTC. I was able to download it to my T-Mobile Branded 8x (which Sprint doesn't even sell) with no issues. (it's moID is "null" for some reason on my phone after applying GDR3 and hard resetting)
Click to expand...
Click to collapse
Thanks
"null" value was the trick.:good:

xboxmod said:
Thanks
"null" value was the trick.:good:
Click to expand...
Click to collapse
Were you able to get this off your Ativ? I'd love to start ripping into it.

compu829 said:
Were you able to get this off your Ativ? I'd love to start ripping into it.
Click to expand...
Click to collapse
I did manage to extract the DiagnosticTool_Sprint and it's now an unencrypted xap, the data.zip is all the files how I found them on my phone (with the exact path to the program and the appdata).

I will decompile The dlls and Look for hidden pages
Sent from my RM-821_eu_euro2_248 using Tapatalk

bruce142 said:
I did manage to extract the DiagnosticTool_Sprint and it's now an unencrypted xap, the data.zip is all the files how I found them on my phone (with the exact path to the program and the appdata).
Click to expand...
Click to collapse
Thanks!
@GoodDayToDie @xboxmod Apparently there is a capability called <!--Capability Name="ID_CAP_NVREADWRITE" /-->. Too bad it's commented out in their manifest :/ I wonder what it does? (besides the obvious, based on the name)
edit:
I was able to plug in my phone and Windows Updates decided to install drivers! I now have "HTC Diagnostic Interface (Com 6)", HTC NEMA Interface (Com 8)", "HTC USB Modem", and "HTC Remote NDIS-Based Device" (this one is currently Code 10.) Thanks Sprint! >

SSh tunnel for lollipop fix or alternative?

Noticed i cannot get ssh tunnel to work for global or specific app proxys on any lollipop devices wondering if there was an ideal app you guys would recommend for nexus 6 that would accomplish this same thing?
Used to work great on my previous devices from last i recall prior to moving to a lollipop device
Looking to specifically proxy some apps via ssh tunnel and rest go through normal unencrypted session via carrier ip
Looked into proxydroid and connectbot but haven't seem to get them to work together must be missing something
seems this is a known issue with iptables and ssh proxying in lollipop on some other similiar apps
https://code.google.com/p/sshtunnel/issues/detail?id=193
Would gladly pay for an add free app that does this on lollipop for any devs out there looking for an app idea or can point me to one i missed which offers this
Thanks in advance
Update:
seen this after more searching looks handy gonna give it a ry but it would be nice to have an all in one app for this
http://forum.xda-developers.com/showthread.php?t=2505710

https://code.google.com/p/sshtunnel/issues/detail?id=193#c12
I have posted a solution and modded apk for now, until the problem will be resolved. Check it out.

Try mine, uses autossh with openssh:
https://github.com/lbdroid/Android_SSH
https://github.com/lbdroid/Android-Binaries/blob/master/Android_SSH.apk
A few points;
1) requires root (at the moment, still in dev...)
2) still in dev (could be instabilities...)
3) no ads, no tracking... seriously.. no nonsense.

themightydeity said:
https://code.google.com/p/sshtunnel/issues/detail?id=193#c12
I have posted a solution and modded apk for now, until the problem will be resolved. Check it out.
Click to expand...
Click to collapse
IT WORKS!!!
thank you very much.

Modded apk not working on Nexus 6 running Android 5.1.1
Using Connect not +ProxyDroid
Hopefully next release of sshtunnel will solve current issues

it´s the first time im using this tool... im happy that i found your solution/fix for lolipop.. it works perfect on any website/host in the web.. but i got still a problem..
the routing seems to route everything through the tunnel.. except things that are adressing other services on the same host as the ssh server host..
for example: if there is a webserver or mailaserver on the same host as the ssh server.. the traffic to those mail or webserver are not going through the tunnel..
is this a common problem with ssh-tunnel app?
using ProxyDroid on-top, fixes this.. with ProxyDroid also the mailserver (etc..) traffic is going through the tunnel.. but i would prefer to use only one tool.. not two tools..
any suggestions?

it's just a binary compatibility problem you can extract iptables and redsocks binary from patched version or from anywhere else and copy them to your data folder it will solve the problem

intika said:
it's just a binary compatibility problem you can extract iptables and redsocks binary from patched version or from anywhere else and copy them to your data folder it will solve the problem
Click to expand...
Click to collapse
Yes you are right.
-1 copy/overwrite iptables, redsocks from proxydroid to:
data/data/org.sshtunnel folder.
-2 chmod these two files for the owner/root!

korsanovix said:
Yes you are right.
-1 copy/overwrite iptables, redsocks from proxydroid to:
data/data/org.sshtunnel folder.
-2 chmod these two files for the owner/root!
Click to expand...
Click to collapse
i'm using Ki4A, works perfectly fine in NON ROOTED Marshmallow.
Google Play LINK.
works without any modifications.