Related
Is there an application that can password protect certain apps that I choose?
And please do not say Kids Corner as it does not do what I am asking.
It's probably possible (though far from easy), but I'd actually be more inclined to help if you hadn't opened a duplicate thread about this.
Only made second thread about this to attract some attention, 7 months passed since that guy opened his thread and nobody could give a good answer.
To me it's weird that nobody tried to make an app like this still, it would be very popular and help users very much.
Anyways, thank you for replying.
Really, just bumping the other thread was enough, but since we're here anyhow... my idea for how to approach it (and this would take a *lot* of hacking) goes something like this:
1. Create an app (call it X) that has the capability to launch other apps, and filesystem write access.
2. Have X take another app (call it Y) and encrypt its binaries. This prevents anybody from launching it by any means.
3. Tweak the app database to make it so that when you try to launch Y, it instead launches X and passes the id of Y as a parameter to the launcher.
4. X prompts the user for a password to Y. On getting the right one, it decrypts Y's binaries and writes them back to the correct location, then launches Y.
5. When the user (or OS) closes Y, a background process of X notes that Y is closed and re-encrypts it.
Currently we know how to do... well, some of #1, and we think the rest is possible. Given that, #2 isn't too hard. #3 is something I don't have the least notion how to do *right now* but I'm sure it's possible. #4 shouldn't be too hard given #1 and #2. #5 will be a trick - currently, apps have no way to know what other apps are running - but I'm sure it can be done.
It's a large engineering problem blocked by an even bigger research and hacking problem, though. Nothing we'll have soon. You'd never be able to publish it in the store, either, and it would only work for people with hacked phones. It's exactly the kind of *useful* thing that would be possible if Microsoft were willing to let up the restrictions on third-party developers a bit, of course, But for the time being, there are *reasons* nobody has done it yet.
Well the word that I actually was thinking after reading your post was "crap".
It seems only with time (and a whole [email protected]#$ing lot of it) will wp become a true competitor to android, but to be honest I don't think it will come to that.
Thanks for replying GoodDayToDie, I'm freakin' sad that there is no app that can suit my needs, I even tried with kids corner but the screen still needs the password entered like the normal one. Nothing really can make up for what I have in mind.
Cheers mate.
as soon as we can interop unlock all WP devices, it will be pretty easy... if you're able to provide the XAP (uncrypted of course )
i'll be able to "mod" this in for you... which app are we talking about?
@GoodDayToDie: i do'nt think he is looking for real data security here, so encrypting the whole thing shouldnt be required... i think it's more about preventing his gf to read his private messages or something like that
oh btw.: you would need a dev-unlock to deploy the modified XAP then...
tfBullet said:
as soon as we can interop unlock all WP devices, it will be pretty easy... if you're able to provide the XAP (uncrypted of course )
i'll be able to "mod" this in for you... which app are we talking about?
@GoodDayToDie: i do'nt think he is looking for real data security here, so encrypting the whole thing shouldnt be required... i think it's more about preventing his gf to read his private messages or something like that
oh btw.: you would need a dev-unlock to deploy the modified XAP then...
Click to expand...
Click to collapse
You're right tfBullet! I need it for whatsapp, photos, message and games app, mostly to prevent from friends but gf too.
I was thinking it might be possible to mod an app and add password before it can be accessed, although I have no experience in this domain. Many apps in store have this function, like wallet or prive photo apps.
My phone is dev-unlocked as I started a few days ago to study and try to create a simple app for me and my friends.
Modding an app like that would actually be quite hard, because it would break the signature and prevent the app from running. The encryption thing really isn't too hard, although you could skip it anyhow too.
If there was a way to run a program in the background that monitors when certain apps are selected and then prompts when its activated would work, but it would need an unlocked phone. And even under home brew I don't know if its possible to run apps in the background. Yet.
Sent from my Nokia 521 using XDA Windows Phone 8 App
The encryption thing really isn't too hard
Yea, but that's a little extreme. If you can create that password program that runs in the background you could probably have it watch files, apps or pretty much anything. You'd have to password protect the cofig file. And maybe if you can't remember the password after so many attempts you can have the program email the passwords to your email. Just some ideas.
Sent from my Nokia 521 using XDA Windows Phone 8 App
Running software in the background is actually shockingly easy. The trick is getting it to run with better-than-app-sandbox privileges. We're still working on that one. In the meantime, apps can't even read, much less write, to the install location of other apps.
GoodDayToDie said:
Modding an app like that would actually be quite hard, because it would break the signature and prevent the app from running.
Click to expand...
Click to collapse
@GoodDayToDie: actually these .NET apps are pretty easy to decompile, if you're willing to fix the bugs that the decompiler leaves you with...
so there is not really a need for a valid signature, if you're able to compile & sideload the app yourself
the only thing is: you need the decrypted XAP, as far as i know these get decrypted while installation and can be pulled from a interop unlocked device?!
It would be nice to get my fingers on some OEM (Nokia etc..) XAPs, to see if we can find any exploit in them
I know better than probably 95% of this forum what it takes to decompile managed code; I have reverse engineered huge numbers of apps. However, you are missing several important points.
1) Modifications like you suggest are very complicated to automate. It's certainly possible, but it's not simple.
2) Re-installing the app would be a pain. You would really want to do this as an in-place modification, and that means (for store apps) that it would still be signature-checked.
3) Not all apps are managed code; WP8 supports purely native code.
4) Even with managed code, obfuscation can make tinkering with the binary nigh-impossible.
It's just so incredibly stupid that WP is so limited. I know it's under Android big time, but I think even iOS more customizable, right?
Also, is there a message app in the store that has pass option? I searched but found nothing...
I don't believe iOS is any more customizable, no. It has some feature that WP lacks (it ought to; it's been out for years longer and Apple completely controls the hardware it runs on) but it's also missing some features that WP8 offers. In any case, this isn't the thread to have that discussion in.
GoodDayToDie said:
I don't believe iOS is any more customizable, no. It has some feature that WP lacks (it ought to; it's been out for years longer and Apple completely controls the hardware it runs on) but it's also missing some features that WP8 offers. In any case, this isn't the thread to have that discussion in.
Click to expand...
Click to collapse
But with the jailbreak and MobileSubstrate, iOS is extremely customizable, and there are tons of tweaks, that's where Apple gets its new features from
Back to topic, I think the OP would be happy with a solution that locks the "normal" user of his phone out of some apps, so it wouldn't be necessary to modify anything of it, just making the standard launcher (I don't know how it's called, but I mean when you launch the app via home screen or with a toast) ask for a password should be enough.
When developing an application for desktop windows, there's always a way to access functionality - sometimes through back doors like the registry, etc... I'm developing an application for Windows Phone 8.1, but there are certain pieces of functionality that aren't exposed in the PRT APIset that is available to me. For example, we want to ensure that the user has password protection on the lock screen when using the application. There doesn't seem to be any associated APIs to readily use. So my question is, are there back door ways to do such things? How? Is there a way to access ALL system settings - like a registry or something of the like?
proch said:
When developing an application for desktop windows, there's always a way to access functionality - sometimes through back doors like the registry, etc... I'm developing an application for Windows Phone 8.1, but there are certain pieces of functionality that aren't exposed in the PRT APIset that is available to me. For example, we want to ensure that the user has password protection on the lock screen when using the application. There doesn't seem to be any associated APIs to readily use. So my question is, are there back door ways to do such things? How? Is there a way to access ALL system settings - like a registry or something of the like?
Click to expand...
Click to collapse
Another question would be - if something like intune can enforce lock screen password policies, shouldn't I be able to do it the same way that intune does it? If so, how? If not - why not?
It's not possible to check if user enabled lock screen password or not as far as I know
but if you want to made your app secure (because it may include important data)
you can create a password for your own application !
I did it in a little notepad app my password page allow user to set a password with all English and Persian Characters , numbers and special Chars like [email protected]#$ and etc.
Sent from my RM-994_eu_poland_1183 using Tapatalk
It's pretty easy to check, using the registry, but at least in 8.0 that's not allowed at all for store apps (your app would get rejected). I don't know if the rules changed for 8.1. There are ways to sneak past the store checks, but they could pull your app from the store if they ever found out. I know of at least three ways to access the registry APIs (4 in WP8.1) and two of them are pretty hard to detect unless somebody checks for them specifically... but they're the kind of technique that malware uses, so such checks may be in place.
I don't know what InTune is doing, specifically - I'd need to pull the app apart to see - but there are special application capabilities (not normally available to third-party developers) that can query and even set policies. Apps without those capabilities will get Access Denied if they try to use the same methods though, and normally you can't add those capabilities to your app.
GoodDayToDie said:
It's pretty easy to check, using the registry, but at least in 8.0 that's not allowed at all for store apps (your app would get rejected). I don't know if the rules changed for 8.1. There are ways to sneak past the store checks, but they could pull your app from the store if they ever found out. I know of at least three ways to access the registry APIs (4 in WP8.1) and two of them are pretty hard to detect unless somebody checks for them specifically... but they're the kind of technique that malware uses, so such checks may be in place.
I don't know what InTune is doing, specifically - I'd need to pull the app apart to see - but there are special application capabilities (not normally available to third-party developers) that can query and even set policies. Apps without those capabilities will get Access Denied if they try to use the same methods though, and normally you can't add those capabilities to your app.
Click to expand...
Click to collapse
Thanks for this great and detailed information. See, that's exactly what I'd do if I were developing a desktop app - since i know that intune does it, I'd figure out how intune does it and voila. I'm finally getting over the idea that the same methodologies apply to windows phone development.
For my own educational purposes (since I want to understand this platform better), I would really like to know specifically how you go about accessing the registry APIs (for example). If there's any way for you to describe any number of these methods, I'd greatly appreciate it. Thanks again!
My NativeAccess libraries (check my signature, or search on the forum or on Codeplex) contain an example of one way to access the registry. The code is open-source; you may use the libraries as-is (don't expect to get them into the store, though I won't stop you from trying), use the source code as a reference, or modify/build them yourself; the license is very liberal (MS Permissive). The functions I use are generally documented on MSDN, in the desktop APIs section; the phone has the same functions, although the DLL names are changed and the header files hide them.
(I am new and cannot post in dev forum, that's why I posted this here. Still hope someone will be able to help.)
Is there a way to get crash-dumps out of Windows Phone 8 during development time? I am after a file that is dumped similarly to when a normal Win32 app crashes. Or similar to what is saved on iOS devices at crash to be investigated at a later point.
My question is specifically about somehow retrieving this (or similar) file/info from the phone after a crash without me having to do anything in my code e.g. manually writing the stack trace to a file from an unhandled exception.
I am aware the option of getting "live" crash reports from a beta-submitted app but that is not what I am after.
Thanks!
Can Visual Studio's debugger generate crash dumps? I'd expect so (I know windbg can, but I haven't managed to attach windbg to a phone app) and that would be the obvious approach.
Not sure why you want a dump when you can do live debugging, though...
GoodDayToDie said:
Can Visual Studio's debugger generate crash dumps? I'd expect so (I know windbg can, but I haven't managed to attach windbg to a phone app) and that would be the obvious approach.
Not sure why you want a dump when you can do live debugging, though...
Click to expand...
Click to collapse
Hmmm, I never thought of using windbg because that never came up as a tool that is used with WP8.. Will give it a try and see if I get anywhere.
I need a crash dump because the crash does not happen when a debugger is attached.
I am trying other options to catch the issue: isolating the code the crash might happen, dump the stack trace into a log file, but a crash log would be the most obvious place to look at and I am shocked that it is not possible or at least this hard.
There's a way on the ATIV S to get crash dumps (without even crazy hacks, I mean; it's a hidden option in the Diagnosis application) but I think they're only for the OS, not for individual apps.
A crash that only happens without the debugger attached is a very irritating sort of crash!
GoodDayToDie said:
There's a way on the ATIV S to get crash dumps (without even crazy hacks, I mean; it's a hidden option in the Diagnosis application) but I think they're only for the OS, not for individual apps.
A crash that only happens without the debugger attached is a very irritating sort of crash!
Click to expand...
Click to collapse
Amazing, I have access to an Ativ S device so will give a try! Thanks!
I have got a confirmation directly from Windows Phone team: what I am asking for is not possible at the moment.
I have provided them feedback on what kind of situation this can put some developers, I hope they will consider it and look into doing something about it.
In the meantime your options are to manually dump the stack trace (along with any info you want) from an unhandled exception or to upload your app for beta testing and check the crashlogs on the dashboard of your developer account.
Yeah, sorry. I should have mentioned that my approach is to always implement a custom unhandled exception function (there's a stub for it in App.xaml.cs) and either present an error message or write an error file. It's not a true crash dump, but it's often enough to help you find the spot where the problem occurred.
Hmm... I wonder how hard it would be to write a native component that would generate a crash dump on demand. I mean, it *should* be possible to do it, since you have raw pointer access and file I/O. I've just never tried.
Reposting from where I previously put this, on the suggestion that folks here might have more idea what I am talking about.
Yes, this is a question but I couldn't see that it fit in better to one of the other forums. If I am wrong please accept my apologies and redirect me, thanks.
I'm trying to work with a custom build of Android based on KitKat to incorporate a stylus, copying some of the functionality (though not code) from Samsung which sells Android-with-stylus builds for e.g. the Note 3. I'm not including details of the specific device because right now I am working on a custom dev device and my aim is to write code which is generic enough to be usable from any Android (based on KitKat). The build (written by others) already incorporates drivers and sends stylus events correctly as motion events etc. Programming at the app level I can receive onHover, onTouch, onClick etc
The specific functionality I am trying to achieve is to pick up a stylus-button-click while hovering. It's perfectly possible to do this in any app, using an onGenericMotion Listener.
However, I want to make my "stylus-action" have system-wide effect - so that anywhere (in any other app, or in the launcher or whatever) I will pick up the event (prior to any other app) and bring up my custom menu. (just like AirCommand in Samsung Note 3) I guess in my custom Android this would then make that particular action somewhat protected or unusable for other users, but I'm ok with that.
In older Android (prior to ICS) you could try something by putting up a System Overlay (i.e in regular app code, without hacking the ROM at all), but this is no longer possible.
This is not an attempt to tapjack or whatever, I understand why this functionality has been removed from the domain of the regular programmer, and I don't want to regress my ROM back to pre-ICS behaviour by allowing the System Overlay hack. Now I am programming the system (if my change is good enough I'd like to submit it back to AOSP) so I would like to know the best method to address this. Since Samsung have already done this, it must be legal (using legal in the terms of "Android will allow it"), and I want to do it right.
Is it possible to write something similar to the System Overlay when you are running from a system service? Or is there a good choke-point to capture events before they are broadcast to the current running apps?
I was looking at (sorry, not allowed to post links) AndroidXRef /frameworks/base/core/java/android/view/View.java specifically in the function dispatchHoverEvent() which looks like a promising place. My naive idea is that I would place code here checking the MotionEvent to see if the button is pressed and if it is, don't call any listeners and instead call my little menu app (or broadcast a custom message, or something anyway). However, I've never written code on the ROM level before (LOTS of experience writing app code) so I don't know if this is a really bad point or a good point to add in code. Should I be putting things at a higher level or a lower one? Will this capture all events or not? Is it all just trial and error?
If this is the wrong place to ask questions like this, please tell me where on XDA I should be asking it. If it's the right place - please answer
Thanks
Kibi
Have decided to rejoin XDA after a while off to see what sort of response I get to this.
A browse of the forum tells me that there is no known way to unlock fastboot, I was wondering what methods had been explored in an attempt to do this?
More specifically there are 2 potential methods I'd like to ask about.
1: I have seen mentioned in a comment here a tool I stumbled across a few months ago while messing around with another device,
edl/README.md at master · bkerler/edl
Inofficial Qualcomm Firehose / Sahara / Streaming / Diag Tools :) - edl/README.md at master · bkerler/edl
github.com
There is one option in particular that I think is of interest,
edl modules oemunlock enable -> Unlocks OEM if partition "config" exists, fastboot oem unlock is still needed afterwards
2: After a quick browse of the disassembled Oppo deeptesting app I can see a number of references to a class that is only accessible via reflection 'android.engineer.OplusEngineerManager'
and it contains a method 'fastbootUnlock'. Has anyone tried to access this class and its methods at all?
Maybe none of these things will be of any use, but before I spend too much time exploring them, I was interested to hear if anyone else had explored these at all? If so what progress was or wasn't made?
A little update for anyone who is interested:
So I have spent a little bit of time this morning seeing what I can do with the 'OplusEngineerManager' class. I made very simple app to see what access I could get to this class. After adding a library to allow the use of reflection to access non sdk classes I was able to get a list methods from the class, but so far have not been successfully invoke any of them, despite there being no exceptions caught.
User154 said:
A little update for anyone who is interested:
So I have spent a little bit of time this morning seeing what I can do with the 'OplusEngineerManager' class. I made very simple app to see what access I could get to this class. After adding a library to allow the use of reflection to access non sdk classes I was able to get a list methods from the class, but so far have not been successfully invoke any of them, despite there being no exceptions caught.
Click to expand...
Click to collapse
I took a look at the fastbootUnlock method itself (at /system/framework/oplus-framework.jar) and I believe that even if we could invoke it, it wouldn't work because it uses some sort of token (generated be Oppo?). I might be wrong though, I don't have much experience working with decompiled code, and the code I looked at was Realme one (I guess its same as Oppo).
daniml3 said:
I took a look at the fastbootUnlock method itself (at /system/framework/oplus-framework.jar) and I believe that even if we could invoke it, it wouldn't work because it uses some sort of token (generated be Oppo?). I might be wrong though, I don't have much experience working with decompiled code, and the code I looked at was Realme one (I guess its same as Oppo).
Click to expand...
Click to collapse
Its great that someone else is looking at this! I hadn't posted another update as I haven't made a huge amount of progress, and I wasn't sure anybody would be interested.
The fastbootUnlock method returns a boolean and takes 2 parameters, a byte array and an int. From what I can see it is the only method of the OplusEngineerManager class that the deeptesting app calls. It contains 2 calls to the fastbootUnlock method. Once where it calls it with an empty byte array and the int is 1. I was actually able to invoke the method from my test app in this way and got a false return value (rather than just getting null like the other methods I tried to invoke). The second is contained within a method of the deeptesting app that takes a string as its parameter. It then converts this string to a byte array which it passes as the paramter for the fastbootUnlock method along with the int of 1.
Edit:
The second call to fastbootUnlock uses the length of the byte array as the int and not 1. Please forgive me it was late when I wrote this and I was not looking at the source.
Thats about as far as I am with it at the moment, the next task is to find out what that string it passes is exactly, and is it something that needs to be generated by Oppo.
I would imagine the realme framework woukd be similar, if you would like to compare I can provide the full list of methods from the OplusEngineerManager class?
Hey guys, I would be interested in helping you somehow.
I have no prior experience with unlocking a device. (besides actually doing it with the tools provided by anyone else).
But I own an oppo find x3 pro, if you need me to do some testing for you, let me know
Thank you for your reaserch and trying to unlock the fastboot!
xarf903 said:
Hey guys, I would be interested in helping you somehow.
I have no prior experience with unlocking a device. (besides actually doing it with the tools provided by anyone else).
But I own an oppo find x3 pro, if you need me to do some testing for you, let me know
Thank you for your reaserch and trying to unlock the fastboot!
Click to expand...
Click to collapse
Hi, thanks for your reply. At the moment there isn't too nuch to test, but if I do manage to find a way I will need plenty of testers, so thank you
A small update:
I have found that the method in the deep testing app which takes a string and then ends up invoking the reflected fastbootUnlock method is called by a handler associated with one of the app's activities.
The handler gets the string extra from the intent which starts the activity, and then passes that as the parameter when calling the method.
The next problem is that I cannot find anywhere in the deep testing app that starts this activity. I can see as part of, what I believe to be, the normal flow of the deep testing app that an activity in the startup wizard is called, so I wonder if the startup wizard then starts the activity of interest in the deep testing app. This will be the next thing I look into
Edit:
I have looked into this more and it turns out most of this is wrong. The activity is started from within the deeptesting app and not the startup wizard
User154 said:
A small update:
I have found that the method in the deep testing app which takes a string and then ends up invoking the reflected fastbootUnlock method is called by a handler associated with one of the app's activities.
The handler gets the string extra from the intent which starts the activity, and then passes that as the parameter when calling the method.
The next problem is that I cannot find anywhere in the deep testing app that starts this activity. I can see as part of, what I believe to be, the normal flow of the deep testing app that an activity in the startup wizard is called, so I wonder if the startup wizard then starts the activity of interest in the deep testing app. This will be the next thing I look into
Click to expand...
Click to collapse
Great, from my side I tried running the fastbootUnlock method as you did, and got the same result (false). I looked at the logs and there was a selinux denial for finding the engineering service as my app is an untrusted app, so our only way to run the fastbootUnlock method is through the deep testing app I guess.
daniml3 said:
Great, from my side I tried running the fastbootUnlock method as you did, and got the same result (false). I looked at the logs and there was a selinux denial for finding the engineering service as my app is an untrusted app, so our only way to run the fastbootUnlock method is through the deep testing app I guess.
Click to expand...
Click to collapse
Do you mind if I see the logs? I have had no such denial that I can see.
How have you enabled access to hidden apis?
Have you used any of the permissions from the deeptesting app?
User154 said:
Do you mind if I see the logs? I have had no such denial that I can see.
How have you enabled access to hidden apis?
Have you used any of the permissions from the deeptesting app?
Click to expand...
Click to collapse
2022-08-30 14:30:02.115 669-669/? E/SELinux: avc: denied { find } for pid=22831 uid=10866 name=engineer scontext=u:r:untrusted_app_29:s0:c98,c259,c512,c768 tcontext=u:object_r:engineer_service:s0 tclass=service_manager permissive=0
2022-08-30 14:30:02.115 22831-22831/com.danieml.unlockme E/Unlockme: False
There are the logs. I enabled hidden apis, yes, didn't add any extra permissions though. By the way, did you use some specific keys for signing the app (platform keys for example)?
daniml3 said:
2022-08-30 14:30:02.115 669-669/? E/SELinux: avc: denied { find } for pid=22831 uid=10866 name=engineer scontext=u:r:untrusted_app_29:s0:c98,c259,c512,c768 tcontext=u:object_r:engineer_service:s0 tclass=service_manager permissive=0
2022-08-30 14:30:02.115 22831-22831/com.danieml.unlockme E/Unlockme: False
There are the logs. I enabled hidden apis, yes, didn't add any extra permissions though. By the way, did you use some specific keys for signing the app (platform keys for example)?
Click to expand...
Click to collapse
I had a closer look at the logs and I can see that sadly I am getting the same SELinux error.
I can't see much of a way around it at the moment.
I have made a thread in general should anyone wish to discuss this further. Most of this is applicable to all Oppo devices and there are people that have looked at this in different ways and found different things out when trying to unlock fastboot on other devices. I think it would be useful to have somewhere to discuss unlocking fastboot on Oppo devices in general.
[DISCUSSION] A thread to collate and share what is known about unlocking fastboot on Oppo devices
Admin: Please move/delete this thread if it is in the wrong place or against the rules. I wanted to create a thread to discuss unlocking fastboot mode on Oppo devices in general, rather than discussing it in terms of any one device in...
forum.xda-developers.com