G1 Security - G1 Android Development

Hi all,
I notice on t-mobile (uk) you are accessible to all other t-mobile users on their internal 10.x.x.x network.
I have two sims and can shell from my home machine into my G1 wherever it is and vice versa (which is great, but...)
However this also means other people can too, and I notice the JF image I'm currently running (1.41 - rc8) is permanently listening on port 5037 (i.e. adb)
ADB is a debugging tool, my hunch is this wouldn't be too hard to crash, and leading on from there to run an exploit on it.
adb is of course running as root, so if exploited it's game over....
all in all, I'm rather concerned some 1337 HaXor is gonna take over my phone.
sure I can kill adb, but it would be nice to not have it running at all unless asked for.
Can I remove it from a startup script somewhere?
TOP TIP, make sure when rooting your phone you don't leave telnetd running else you are asking for trouble!!!!!!

I'm surprised no one has commented on this matter yet (I noticed it this morning.)
This is truly something that T-Mobile would have to fix on their end. I haven't had a chance to try it out today, but when my brother gets here I'll be sure to give it a shot (he has a G1 as well.)

I haven't tested this, so I can't vouch that this is an accurate description of how the system behaves.
However, adb should ONLY listen on the usb port. Listening for an adb connection on an internet-facing interface is just crazy.
I don't see adb running as non-root being a big help either. You can still compromise most of the personal data on the phone and run almost arbitrary commands on the phone as non-root. You just can't change the system image.

Related

[Q] A little help please, MB300 (backflip)

ok, so I've combed the internet, after work, for days, trying to find an answer to my problem. My problem? I recieved a backflip from att. I like the phone. i previously had an HTC excalibur, which i loved, and had internet sharing, contact synching, and cool software on. Clearly the MB300 can do all this and more, and i'm google fan, and big open source fan, so i am excited about using android.
I was TOTALLY offended to discover my phone had yahoo and att bull**** everywhere that is difficult to remove. Anyway, i updated to 2.1 (eclair) and rooted my phone using rageagainstthecage. here is where my problem evolves.
My phone is rooted after rage against the cage (using # in connectbot). but, after a restart, its back to $. damn. if i redo the ragecage business, i can get the # again, but only until my next boot. fix?
the more pressing matter, is that it is an utter pain to code on the phone itself. when i connect via adb, i can't seem to run adb shell as root. Is it possible to run adb shell as super?
even when i have a # in connect bot, I get an error when i type su? cannot link executable etc...
super use runs, but obviously not well since it doesn't confirm when i su in connectbot.....tried to update in recovery mode, but the zip isn't listed.....why must this be difficult....i blame att.
am i not really root?
i would have tried visionary, but it seems to have dissapeared off the internet.
i am trying to install jrods rom, but i can't get su, even though i successfuly did the ragecage business....
help?
i really want to get this att crap off my phone. (the phone defaults to google, which i appreciate, but i really need to destroy the att stuff)
thanks,
S.

[Q] cyanogenmod 6.1 RC1 dropbear problem

I'm an android newbie, so I might be missing the obvious but I looked around and couldn't find anything.
I just installed Cyanogen 6.1 RC1, installed fine, and now I want to install dropbear on it.
I found a thread that said how to do it, and I had it all setup, made my keys and everything, but when I went to run it I got
TRACE (79): bind(22) failed
so I did ifconfig (as root) and got nothing.
Okay, I can see why I can't bind to port 22 when there are no interfaces to bind to.
This ifconfig came from busybox which seems to come with cyanogen so I assume it works...
I'm connected via wifi, that all works, but no interface.
Any suggestions where to start looking?
Just in case anybody's taking tallys the camera also yields a blank screen that hangs forever, but that doesn't bother me so much yet, I'm really interested in being able to ssh to the phone.
Thanks for any help anybody can provide.
Like, what's ifconfig supposed to display?
so I'm slowly learning
I rebooted my phone, tried to run dropbear again and got the same error unable to bind, but this time it said "address already in use"
Hunh.
So I tried to ssh to it, and voila game on.
So that worked itself, out.
Now that I have a real keyboard to type on I start poking around, and realize that busybox can't do everything it might on a rather fuller linux machine, so ifconfig is just not going to work. Fair enough.
While I realize everything has to be flashed into rom, it's a shame /etc is in rom where one could tidy things up to their liking a bit more.
But a great system it is.

Shell Shock Help!

Hello all I'm very Nervous that I'm a Victim on Shell Shock on My Rooted Android HTC one M8. I need some help. I understand the problem is with Bash.
Here is history
Im Rooted with Stock Image of Verizon. I understand Shell Shock can affect if you if rooted.
However what happened is one day I notice my Wifi trying to connect to a weird server.
Also I notice my Gmail was hacked as a code was redeemed that google gave me so I changed password.
I did some Reading about Shell Shock and found this is problem
I used Cheetah Mobile Security app to enable Shell Shock Protection.
That helped and it directed back to correct Wifi
However something is increasing my ram higher than usual I think something is still running from this problem as my device is lagging.
I will be honest I have No Idea how to access Bash or Patch it. This is where I neeed some help if anyone can please help me!!
I'm hoping someone is this community could point me in right direction.
Awful people like this exist.
Read this
http://www.xda-developers.com/android/bash-patched-shellshock-vulnerability/
Xploited? More analysis needed
Hi Whiskey,
I see 2 seperate questions here:
1) is your device vulnerable?
If you have any unpatched version of bash installed, it will be vulnerable.
2) Was shellshock exploited to break into your device?
What are the symptoms you see?
You mention something about WIFI connections, and a laggy feel of the UI.
At this point I can not determine whether your device has been compromised.
If it was, the usual procedure for any device that has been compromised
is to clear all data and programs and re-install them from a trusted source.
So we need to analyze this further:
- Do you have a bash shell installed ( look in /system/bin for a file sh )
-Please describe the symptoms you see.
- Which programs or services consume a lot of ram?
- What exactly does not work?
- What exactly was the unusual wifi connection you noticed?
-Your phone might just have connected to an open WIFI in your vicinity if you configured WIFI to do so.
Best regards,
Euphoric
You test this?
https://play.google.com/store/apps/details?id=com.cleanmaster.security

can i root and install vnc server completely without display/touchscreen

Hi all.
Basically, my display and touchscreen aren't working. For why, you can see here: http://forum.xda-developers.com/goo...eakerphone-t3043151/post67360800#post67360800
So I managed to get access to files (pictures mainly) on my phone by, without access to the screen/touch, installing TWRP and entering into recovery mode and using ADB (pull). Installing TWRP was all from computer, and I didn't have much interactivity with the phone itself during this process. Luckily my phone already had unlocked bootloader (which I believe during that process you have to confirm something on the phone itself?).
So now, I want to go a bit further and get more access to my phone. Best way to do that, for me, seems to use VNC server on the phone. Unfortunately I don't already have one installed. And it looks like most of them need root access?
So (as the subject implies), I'm wondering if its possible to root my phone from my PC without needing to do anything on my phone -- well, if I need to push volume up/down and power button to select stuff, that could work, just can't press anything on screen of course.
Assuming that is possible, I'd have to find a nice VNC server apk and install it via ADB install, correct (sorry I'm not very experienced in all this).
Assuming that works, I'd need to ensure that the VNC server starts on boot.
Assuming that works, if I remember correctly from when I was rooted before, when the VNC server (or any root-needing app) starts, SuperSU pops up and asks if I want to grant that app access. So somehow I'd have to have SuperSU (or whatever alternative) automatically grant it...
So, anyone think this is possible? If so, any hints?
I'm also open to any other way to gain more access to my phone (ie, not using VNC etc), if anyone has any feasible suggestions.
Thanks
snoopac19 said:
I'm also open to any other way to gain more access to my phone (ie, not using VNC etc), if anyone has any feasible suggestions.
Thanks
Click to expand...
Click to collapse
What exactly do you want to access on your phone?
Hah. Good question. I don't really know. Wanna poke around and see if I'm missing anything.
I know I missed a bunch of WhatsApp messages that came in while phone was on and I couldn't see anything. Of course that's not super important.
Basically would like to poke around to see if I missed grabbing anything.
Now that I say it out loud (or type it on the forum), I begin to think it's not worth the hassle.
Maybe the real reason is the challenge, and seeing if it can be done?
Like I said. Good question!

Nexus 6P blocked ADB

Hello, not sure if this is the right thread to be posting this on but here goes...I am trying to root my phone mainly because I want to open up more resources, get rid of certain programs, try out new rooms and I'm interested in development. But another more pressing reason now is because I believe my phone has been hacked. It, along with the last few phones I've had (I've been changing phones to run from whatever is happening.) changes security settings on it's own, goes through batteries way to quickly and uses data when it shouldn't be. Certain options in settings have been grayed out and others keep getting switched back from where I put them. I absolutely cannot run adb because I cannot get my computer to recognize them. I can't run adb over WiFi either. I've tried different computers, operating systems and everything I know to do. I've spent weeks (literally weeks) trying different suggestions from different websites and tutorials and nothing works. I've used Windows, Linux and OSX. I even payed one click root to do it and they couldn't either. I've been looking at what logs and other info I can get from apps but it's limited info because I don't have root. I have read some manifest docs and even though I'm a noob they just don't sound right and certain apps permissions are way out there. I've checked call logs through two carriers, T-Mobile and now Verizon and both indicate that my phone is sending back to back texts and making phone calls that I didn't make. And I mean a lot of them. I've even made it a point to leave my phone at home all day and not use it and my call logs have still indicated usage. I really need some help...I don't know what to do at this point, I feel defeated, angry and frustrated. I believe that it has something to do with firebase and possibly my ex-wife. About a year ago I found an .apk file in her Google drive called ( truthspy.apk ). I did some research and it wasn't good. This was like 5 phones ago and she hasn't had physical access to my last few phones. I'm not sure what's going on but I know for a fact something is going on and Im respectfully requesting someone's help. Is there something that I can do like invoke a log or bug report or go somewhere and take a screen shot to someone something that they would be able to look at and tell if it wasn't right or that something was going on?
Thanks.
Sent from my Nexus 6P using Tapatalk

Categories

Resources