Is CC apps java based? Can apps been extracted from rooted CCs? - Google Chromecast

Well, I know CC doesn't execute APKs, but does CC apps still based on Java? or some nasty binaries?
Mine bought in UK with serial 4103, sadly it's not rootable, but I'm curious if the apps based on java, in other words, can we crack the source code of CC apps?

The "apps" (called cast receiver) are created in HTML5/JavaScript and hosted on the internet. The API ia well (?) documented on Google pages. If you register yourself as developer (5$) you can create your own apps or use the remote debugger (http://ip-of-your-cast:9222) on existing apps.

morph1us said:
The "apps" (called cast receiver) are created in HTML5/JavaScript and hosted on the internet. The API ia well (?) documented on Google pages. If you register yourself as developer (5$) you can create your own apps or use the remote debugger (url removed as new use) on existing apps.
Click to expand...
Click to collapse
Thanks. So is there any way to find the source code of an app running on CC? Well, not necessarily all or original source code, i.e., APKs and JARs are fine as they can be decompiled into readable source code, although may obfuscated but still readable...

Related

MyEpisodes Viewer Available

Hi Guys
Don’t miss your favourite TV programs, let MyEpisodes viewer show you when it’s on.
MyEpisodes Viewer is an easy to use viewer that extends www.myepisodes.com website to your mobile phone.
All the viewer requires is your MyEpisodes username and password to fetch the listings you have already configured on the MyEpisodes site,
The viewer also allows you to update listed episodes to watched status with one click.
Caveats
1.) Due to MyEpisodes not having a standard API, the Viewer uses a API Helper site (api.madmouse.co.uk) to handle the data.
2.) MyEpisodes has the right to change permissions and there site without notice, which could cause the application to stop working.
3.) To allow api.madmouse.co.uk to enable advanced caching some information that identifies the device will be transmitted to the site
a. These details are hashed and erased 20 minutes after last call to the site.
b. No data is record to disk.
c. No data will be passed onto 3rd Party vendors.
Have Fun
I will put this into the Market place, when teh development team sort out a few issues that prevent me from uploading the application.
Such as?? If I may inquire.
Hi flcl
I have to admit when I am wrong, please ignore or learn from the unjustified comment, as it turned out to be a flaw in the build process.
If developers have the following problem in the future , here's how to solve it.
After building/signing an application, when you publish it get this message
"The new apk's versionCode (x) in AndroidManifest.xml must be higher
than the old apk's versionCode (x)."
If you have set the android:versionCode to a higher number than x, it means your application manifest file has not been updated correctly.
These are the steps I took to correct the problem.
Make sure you have increased the android:versionCode.
close all applications that don't need to be built in the Eclipse editor.
Delete the APK if it already exists (Optional)
Run Project -> clean , select your application hit ok
Rebuild - Export unsigned Package/sign then publish
I have now published the applicaton in the marketplace.

GPG on Android...

Does anyone know of a copy of GPG for android at all, or the best way to go about recompiling/cross-compiling it?
I'm thinking/hoping this would be the easiest solution to enabling K9 or similar email apps to support encryption without coding up a bunch of java code to do it.
Although I could be wrong and doing GPG type code directly in K9 might be the better solution.
Hi. Sadly, I cannot help, but this would definitively be a great feature for the android phones if someone could develop such a thing!
I've been fiddling about with RSA/AES code today on Android. At first glance all the hard work is done as both are already implemented, it's just missing the glue to combine RFC2440 with the encryption functions and then you'd have a working copy of PGP/GPG for Android and/or hook into K-9 as well.
Does anyone understand the formatting of encrypted and/or signed blocks? If so that would save me a lot of reading and blundering through RFC2440
Actually I am was looking for GPG encryption in Google Andriod as well. it would be very good to have this feature in Email, Calendar, Contact, ... so it gives more privacy and security. Also some people nowadays use GPG for their gmail communications. there is very nice Firefox extention called "FireGPG" which integrate with Gmail for GPG encryption: http://getfiregpg.org/
Even there is PGP encryption Firefox extention for Google Calendar: http://www.ibm.com/developerworks/web/library/wa-googlecal/
I found this Java GPG class: http://www.macnews.co.il/mageworks/java/gnupg/ probably useful for programmers looking for a way to integrate GPG on Andriod.
delta_foxtrot2 said:
Does anyone know of a copy of GPG for android at all, or the best way to go about recompiling/cross-compiling it?
I'm thinking/hoping this would be the easiest solution to enabling K9 or similar email apps to support encryption without coding up a bunch of java code to do it.
Although I could be wrong and doing GPG type code directly in K9 might be the better solution.
Click to expand...
Click to collapse
It would be fairly trivial to just cross-compile gpg using the arm-eabi toolchain included in the sdk. However, that would not get you very far into enabling gpg functionality in k9. You would have to modify parts of k9 to interact with the gpg binary.
There is issue regarding integration of gpg with k9:
http://code.google.com/p/k9mail/iss... Type Status Priority Milestone Owner Summary
jashsu said:
It would be fairly trivial to just cross-compile gpg using the arm-eabi toolchain included in the sdk. However, that would not get you very far into enabling gpg functionality in k9. You would have to modify parts of k9 to interact with the gpg binary.
Click to expand...
Click to collapse
What about using the NDK to build some lib version of gpg?
I've tried using the BC stuff and it's just too much for eclipse to handle...
use bouncycastle
As I understand it, Bouncycastle is a pure-Java implementation of a bunch of crypto stuff. And it includes support for encrypting/decrypting/signing with OpenPGP (which the RFC-standard format that GnuPG implements anyway).
Since I'm a new user, I can't post a link yet, but the documentation can be found by going to bouncycastle dot org, clicking on java, clicking on documentation, and then searching within the page for "OpenPGP package".
Going with a pure-Java implementation seems like the easiest and cleanest way to get something working on Android.
GPG/PGP for android please! Use it for work a lot so it'd be very useful.
PGP Manager for Android
try "PGP Manager for Android" app, it supports PGP/GnuPG and works with PBE (symmetric encryption) too.
apg
APG is an gpg integration für android. you can encrypt and sign messages too
apg.thialfihar.org

How to make a website only viewable by android phones?

Does anyone know how to make a website that can only be viewed by an android phone? Like how the iPhone has websites only viewable by iPhones & iPod Touches? If you do can you post a tutorial on how it could be done? Thanks
Check the "User-Agent" from the HTTP request.
Short php code that switch the site (not tested, should work)
PHP:
<?php
if(preg_match("/android/", $_SERVER['HTTP_USER_AGENT']))
{
header('Location: androidSite.php');
}
else
{
header('Location: normalSite.php');
}
?>
Or you use getBrowser()
And then you have just to fit the design of the design or do what you want
The only way to actually stop non-android devices from accessing the website is to force the android users to install an android-only plugin to be installed in the browser (not supported by default browser) or to use a custom browser. Said plugin will authenticate with your service using only-you-know credentials, thus preventing any non-android device from accessing it. The user agent is REALLY REALLY simple to fake.
lbcoder said:
The only way to actually stop non-android devices from accessing the website is to force the android users to install an android-only plugin to be installed in the browser (not supported by default browser) or to use a custom browser. Said plugin will authenticate with your service using only-you-know credentials, thus preventing any non-android device from accessing it. The user agent is REALLY REALLY simple to fake.
Click to expand...
Click to collapse
If you want to be absolute about it, it would not be outside the realm of possibility to reverse engineer the authentication output of the hypothesized plugin and create a workaround. Furthermore, as the plugin would likely be an arm binary library, there's probably not that much preventing it from being run (reasonably) on any arm-based system.
user-agent is probably (i'm guessing) enough for what the OP has in mind.
Here you can generate your own script:
http://detectmobilebrowsers.mobi/
For example: iPhone devices redirect to ebay for buying a android device
and Android Browsers comes in.
PHP:
include('mobile_device_detect.php');
mobile_device_detect('http://shop.ebay.com/i.html?_nkw=android&_armrs=1&_from=&_ipg=','http://website.com/android.html',false,false,false,false,false,false);
Download the PHP script for non commercial sites here:
http://detectmobilebrowsers.mobi/#download
It may be possible to reverse engineer it (not necessarily in case it is actually well designed), but even if it is, it would be non-trivial, even if implemented by an idiot. Changing the UA *is* trivial, even to a complete moron.
And who says it has to be an arm binary library? Maybe go with something in javadroid instead.... and link it to the device IMEI... using a time-based crypto function that only runs on your server, i.e. device --> server crypto service --> device with magic enabler key --> web server authentication. You can make something REALLY MESSY that nobody would bother to reverse, and something that can only run in android (i.e. dalvik). Sure dalvik can be run on other 'nix systems, but by doing so, they become quasi-droid anyways...
jashsu said:
If you want to be absolute about it, it would not be outside the realm of possibility to reverse engineer the authentication output of the hypothesized plugin and create a workaround. Furthermore, as the plugin would likely be an arm binary library, there's probably not that much preventing it from being run (reasonably) on any arm-based system.
user-agent is probably (i'm guessing) enough for what the OP has in mind.
Click to expand...
Click to collapse

Where the chromecast gets its app list?

So the official SDK is released! But the app list doesn't seem to come from: https://clients3.google.com/cast/chromecast/device/config anymore.
I've looked around some and there doesn't seem to be any documentation of how the new configs are being retrieved and even how the serial information from the chromecast is being transmitted either. I know it's definitely not the old config URL anymore because that doesn't list new apps like AllCast which works on my chromecast perfectly fine. Anyone know how the new app list is constructed?
nano351 said:
So the official SDK is released! But the app list doesn't seem to come from: https://clients3.google.com/cast/chromecast/device/config anymore.
I've looked around some and there doesn't seem to be any documentation of how the new configs are being retrieved and even how the serial information from the chromecast is being transmitted either. I know it's definitely not the old config URL anymore because that doesn't list new apps like AllCast which works on my chromecast perfectly fine. Anyone know how the new app list is constructed?
Click to expand...
Click to collapse
Are you rooted or stock?
If you're rooted, probably you are using the Team Eureka whitelist which is the Google whitelist + Team Eureka.
You can go into the web panel and switch to the Google whitelist if you want to test.
bhiga said:
Are you rooted or stock?
If you're rooted, probably you are using the Team Eureka whitelist which is the Google whitelist + Team Eureka.
You can go into the web panel and switch to the Google whitelist if you want to test.
Click to expand...
Click to collapse
So I'm using stock but the reason why I'm interested is that I'm the author of a chromecast receiver emulator with the goal of allowing any device that can run desktop chrome can run this app and be a chromecast receiver. However, the method by which a chromecast builds its app list isn't as simple as querying https://clients3.google.com/cast/chromecast/device/config since that doesn't contain all the apps that are available on the device and I've never found any documentation about how the serial of the device is transmitted
Rooted Chromecast takes application list from here:
http://pwl.team-eureka.com/applist.php
nano351 said:
So I'm using stock but the reason why I'm interested is that I'm the author of a chromecast receiver emulator with the goal of allowing any device that can run desktop chrome can run this app and be a chromecast receiver. However, the method by which a chromecast builds its app list isn't as simple as querying https://clients3.google.com/cast/chromecast/device/config since that doesn't contain all the apps that are available on the device and I've never found any documentation about how the serial of the device is transmitted
Click to expand...
Click to collapse
Ahh, I see. You're beyond my knowledge. Maybe @Team-Eureka can help.
nano351 said:
So I'm using stock but the reason why I'm interested is that I'm the author of a chromecast receiver emulator with the goal of allowing any device that can run desktop chrome can run this app and be a chromecast receiver. However, the method by which a chromecast builds its app list isn't as simple as querying https://clients3.google.com/cast/chromecast/device/config since that doesn't contain all the apps that are available on the device and I've never found any documentation about how the serial of the device is transmitted
Click to expand...
Click to collapse
What apps do you think are missing from the list returned in the json.txt?
It seems like they are all there to me....
Asphyx said:
What apps do you think are missing from the list returned in the json.txt?
It seems like they are all there to me....
Click to expand...
Click to collapse
Which app corresponds to AllCast by Koushik Dutta? https://play.google.com/store/apps/details?id=com.koushikdutta.cast
Also the homescreen app in that url points to: https://clients3.google.com/cast/chromecast/home?chs=1
Whereas the current official homescreen is at: https://clients3.google.com/cast/chromecast/home/v/c9541b08
nano351 said:
Which app corresponds to AllCast by Koushik Dutta? https://play.google.com/store/apps/details?id=com.koushikdutta.cast
Also the homescreen app in that url points to: https://clients3.google.com/cast/chromecast/home?chs=1
Whereas the current official homescreen is at: https://clients3.google.com/cast/chromecast/home/v/c9541b08
Click to expand...
Click to collapse
Well the Homescreen stuff is built into the ROM I'm pretty sure.
As for AllCast are we sure he is using a Player App that gets loaded to the CCast or is he merely sending a link to directly connect to the unit running Allcast?
Koush would be the best one to answer that.
nano351 said:
Which app corresponds to AllCast by Koushik Dutta? https://play.google.com/store/apps/details?id=com.koushikdutta.cast
Also the homescreen app in that url points to: https://clients3.google.com/cast/chromecast/home?chs=1
Whereas the current official homescreen is at: https://clients3.google.com/cast/chromecast/home/v/c9541b08
Click to expand...
Click to collapse
If I were you I'd go for:
android SDK sources
https://www.youtube.com/watch?v=Qsw9Ogb6t4Y#t=92
https://developers.google.com/cast/docs/sender_apps
https://developers.google.com/cast/docs/receiver_apps
https://developers.google.com/cast/android/reference/com/google/android/gms/cast/package-summary
and then is not satisfied contact Team-Eureka [email protected]
Eventually:
Reverse android apk code of allcast(this tool is widely discussed on xda):
https://code.google.com/p/android-apktool/
Look at posted sourcecode:
https://github.com/googlecast/
https://code.google.com/p/chromecast-mirrored-source/
https://github.com/team-eureka/
Also if you are really bored you can sniff communication between Chromecast and any app for instance AllCast with wireshark on linux distro.
So I talked to one of the Team Eureka members and he gave me some very useful information.
The current URL for looking up available apps is this:
https://clients3.google.com/cast/chromecast/device/baseconfig
The response is the same format s the old URL except this one has an extra field in it called "enabled_app_ids". This is a list of IDs that the chromecast device should show as existing. Once the app is requested to load, the metadata for the app is loaded from:
https://clients3.google.com/cast/chromecast/device/app?a={appid}
where {appid} is the id of the app.
It seems google opted for this to increase the number of apps that can be loaded into the manifest before they reach the limit
nano351 said:
So I talked to one of the Team Eureka members and he gave me some very useful information.
The current URL for looking up available apps is this:
https://clients3.google.com/cast/chromecast/device/baseconfig
The response is the same format s the old URL except this one has an extra field in it called "enabled_app_ids". This is a list of IDs that the chromecast device should show as existing. Once the app is requested to load, the metadata for the app is loaded from:
https://clients3.google.com/cast/chromecast/device/app?a={appid}
where {appid} is the id of the app.
It seems google opted for this to increase the number of apps that can be loaded into the manifest before they reach the limit
Click to expand...
Click to collapse
Nano, which computer app project are you working on? Leapcast or another one?
Is there a stock list?
joshmmo said:
Is there a stock list?
Click to expand...
Click to collapse
Not in human readable form so far as I know, so I parsed the file linked above, maybe this is sort of readable -
Code:
"app_id":"00000000-0000-0000-0000-000000000000","url":"chrome://home?remote_url\u003dhttps%3A%2F%2Fclients3.google.com%2Fcast%2Fchromecast%2Fhome%3Fchs%3D1"
"app_id":"06ee44ee-e7e3-4249-83b6-f5d0b6f07f34","url":"http://plexapp.com/chromecast/qa/index.html"
"app_id":"06ee44ee-e7e3-4249-83b6-f5d0b6f07f34_1","url":"http://plexapp.com/chromecast/production/index.html"
"app_id":"1812335e-441c-4e1e-a61a-312ca1ead90e","url":"http://api.viki.io/mobile/receiver.html"
"app_id":"18a8aeaa-8e3d-4c24-b05d-da68394a3476_1","url":"http://www.beyondpod.mobi/android/chromecast/prod.aspx"
"app_id":"2be788b9-b7e0-4743-9069-ea876d97ac20","url":"http://vevo.com/googlecastplayer"
"app_id":"CC1AD845","url":"https://www.gstatic.com/eureka/player/player.html?skin\u003dhttps://www.gstatic.com/eureka/player/0000/skins
"app_id":"ChromeCast","url":"https://www.gstatic.com/cv/receiver1.html?${POST_DATA}"
"app_id":"GoogleMusic","url":"https://play.google.com/music/cast/player"
"app_id":"GoogleSantaTracker","url":"http://www.gstatic.com/santatracker_chromecast_receiver/santacast.html"
"app_id":"HBO_App","url":"https://devicecast.hbogo.com/chromecast/player.html?${POST_DATA}"
"app_id":"Hulu_Plus","url":"https://secure.hulu.com/dash/chromecast_player?${POST_DATA}"
"app_id":"Netflix"
"app_id":"Pandora_App","url":"https://tv.pandora.com/cast?${POST_DATA}"
"app_id":"PlayMovies","url":"https://play.google.com/video/avi/eureka?${POST_DATA}"
"app_id":"Post_TV_App","url":"http://rcvr.washingtonpost.com/Receiver/index.html?${POST_DATA}"
"app_id":"Revision3_App","url":"http://revision3.com/receiver/revision3"
"app_id":"Songza_App","url":"http://songza.com/devices/google-cast/receiver/1/"
"app_id":"TicTacToe","url":"http://www.gstatic.com/eureka/sample/tictactoe/tictactoe.html"
"app_id":"YouTube","url":"https://www.youtube.com/tv?${POST_DATA}"
"app_id":"a7f3283b-8034-4506-83e8-4e79ab1ad794_2","url":"http://chromecast.real.com/cloudcast.html"
"app_id":"aa35235e-a960-4402-a87e-807ae8b2ac79","url":"http://receiver.aviatheapp.com/"
"app_id":"edaded98-5119-4c8a-afc1-de722da03562","url":"http://chromecast.redbull.tv/receiver.php"
I just kinda winged that. Maybe not complete. I'm not seeing BubbleUPnP or RemoteCast or RealPlayer Cloud or Allcast and maybe a few others. Or if they're there, I'm blind and what else is new.
You can search the Play Store for Chromecast or maybe check out https://play.google.com/store/apps/details?id=goko.gcs
Averix said:
Nano, which computer app project are you working on? Leapcast or another one?
Click to expand...
Click to collapse
I'm not working on leapcast. Mine is called CR Cast. It's designed as a chrome packaged app, but I haven't been able to figure out the casts:// protocol that is used by the new chromecast API
EarlyMon said:
Not in human readable form so far as I know, so I parsed the file linked above, maybe this is sort of readable -
snip snip snip
I just kinda winged that. Maybe not complete. I'm not seeing BubbleUPnP or RemoteCast or RealPlayer Cloud or Allcast and maybe a few others. Or if they're there, I'm blind and what else is new.
You can search the Play Store for Chromecast or maybe check out https://play.google.com/store/apps/details?id=goko.gcs
Click to expand...
Click to collapse
this one:
Code:
"app_id":"a7f3283b-8034-4506-83e8-4e79ab1ad794_2","url":"http://chromecast.real.com/cloudcast.html"
is for real player. Although for apps that have been published post public SDK launch you have to look up their details via the method described by a post earlier in this thread by me
I see.
I saw your reference but didn't employ actual reading. Adding in one of the IDs at random from your supplied link yields -
{"display_name":"TestCustom","uses_ipc":true,"app_id":"FF4499FC","url":"https://phdesign.com.br/guilherme/receiver/"}
Got it, very useful, thanks!

Where to test my apps backend?

Hi, i am currently developing a back-end for my android app in PHP and i need somewhere to test it and deploy it. Is there somewhere i can test my back-end for free? I am willing to rewrite it in a other language if necessary. I have looked at app engine, AWS and azure but i do not have a credit card of my own.
Any suggestions?
Running and testing API backends locally
To test the backend, you'll use the API Explorer, which is a tool that lets you test APIs interactively without using a client app. This tool is automatically run for you when you navigate to your backend API's subdirectory /_ah/api/explorer as we'll describe in the instructions below.
for more information plz follow this link -> https://cloud.google.com/appengine/docs/java/endpoints/test_deploy
damponting44 said:
Running and testing API backends locally
To test the backend, you'll use the API Explorer, which is a tool that lets you test APIs interactively without using a client app. This tool is automatically run for you when you navigate to your backend API's subdirectory /_ah/api/explorer as we'll describe in the instructions below.
for more information plz follow this link -> https://cloud.google.com/appengine/docs/java/endpoints/test_deploy
Click to expand...
Click to collapse
Thank you! Do i need to be enrolled with app engine to use it?
Adding an App Engine Java Servlet Modulec -
This page shows you how to add an App Engine Java Servlet module to your project in Android Studio.
To add the module:
Start Android Studio and open the project for the Android app that needs the new backend.
If you have not installed Android Studio or set up your environment yet, see the Quickstart for details.
Right-click on your project and select New > Module.
Select Google Cloud Module from the list and then click Next.
Select App Engine Java Servlet Module, and then supply the remaining information in the New Google Cloud Module form:
Enter module parameters
Supply a module name for your backend; this name will be displayed and used in your Android Studio project.
Supply a package name. This package name will be used for all classes imported from this template.
Select the client module (containing your Android app) in this project. This module will be automatically set up to have the right compile and build dependencies to be able to call your newly generated backend.
Click Finish to generate the new backend.
Select Tools > Android > Sync Project with Gradle Files to sync the project.
scottyaim said:
Hi, i am currently developing a back-end for my android app in PHP and i need somewhere to test it and deploy it. Is there somewhere i can test my back-end for free? I am willing to rewrite it in a other language if necessary. I have looked at app engine, AWS and azure but i do not have a credit card of my own.
Any suggestions?
Click to expand...
Click to collapse
Hello, I have recently added a few features for Webhook Relay com project (google it, don't want to post link) such as bidirectional tunnels for exactly this reason - test your application backend without deploying. You can just spin up a java/php/python/go/whatever server on your laptop and use relay agent to expose it to the internet. I hope it helps.

Categories

Resources