[Q] New native browser authentication schemes - Android Software/Hacking General [Developers Only]

Hey all,
i hope some one can give a hint for following problem:
I am working on a project that aims to extend the browser authentication in android.
Following use case can hopefully explain the task:
- User starts android browser and want to use "http://myservice.com"
- Myservice sends 401 Unathorized (with realm="myservice")
- (Normaly) A browser dialog asks user for his/her credentials
My vision is to change step 3. I want the native browser to call an app (f.e. myauthentication app) that gets (generate) the credentails for the user and sends them to the browser.
I found the method in the android browser sources that does display the authentication dialog. (BrowserActivity.java->showHttpAuthntication()).
I don't know how to call "myauthentication app" and get the result back to browser (dialog). My try via intent failed, because intent are asynchronously and as result i lose the browser focus. I am not sure if i am on the right way. Maybe it is better to implement the authentication in WebKit Framework. Or maybe use the android AccountManager.
I really hope some one can help me with some new ideas.
Best regards and thanks you very much for reading
Moppi

Related

[Q] very basic JavaScript browser detection? read further..

Hello,
Is there a way with JavaScript to easily detect which mobile browser is being used? I would not normally ask this, but because we do not have the time or budget to implement any back end detection scripting it is our only option right now!
I don't think we will need to detect which version of the browser, or which revision of the phone is used - just need to target each family to deliver the proper video type.

[Q] Mobile page - where to keep private data on device?

Hi,
I'm developing mobile website and I have one problem with security some of data.
First time the user browse my site, the page requests a server to get some private user's data (i.e. RSA private key) which is used in future operations. This private key must be stored somewhere in local device memory (as a file on device, browser cache...).
Next time when the same user launches the page (some functionality on page), the page has to load the file from local data when needed and use it (i.e. encrypt some string with private key).
The problem is where to store this key and how to read it?
First, I thought about cookies. But the cookie will be sent with all requests, so doing it with private key IMHO is not a good idea.
The connection of course will be via SSL, but even that I don't want to send private key to server (it has to be as secure as possible!).
So, how to solve to problem...?
I can add, it's not necessary to get the private key from server. It can be load as a file to device via its file manager or something like that. Simply - the browser has to read the private key when it will be needed and use it. I don't think that browser allows to save/read file from JavaScript, am I right?
Solution of the problem must work on most of available devices and browser nowadays (especially iPhone, Android, Symbian + Opera Mobile(/Mini?).
Maybe HTML5 and its 'localStorage' could solve it but I have to assume, I CAN'T use HMTL5 with all its features.
I consider using jQueryMobile framework.
Please, help! Thanks in advance!!
Buffalo

[APP][2.2+] Server Auditor SSH client with easy navigation

Hello,
ServerAuditor application is available on Google Play now (https://play.google.com/store/apps/details?id=com.server.auditor.ssh.client). We released it a couple of days ago. We are linux developers mostly and sometimes would like to have remote access through remote devices. This is initial release and more features are coming. Client is implemented from scratch and it isn't a clone of some opensource SSH client implementations.
We appreciate any feedback which would have to make our application easier to use as we believe it is possible to have convenient mobile SSH client.
Version 1.4
It's been a while since my latest update. Now we completely reworked the UI and added several features like port forwarding. Please also note that an app has a new URL in the market.
Version 1.2
- Aliases are finally available.
- A lot of new cool color schemes.
- Incredible copy-paste implementation. Allows instant search of copied buffer in Google or Serverfault.
- A lot of bug fixes and improvements.
- Colours support and connection grouping
- SSH scripting and ability to execute one command on several servers for easy cluster managment
- Port forwarding
- Smart command and filesystem navigation (we aren't 100% sure how we will exactly implement this, so some tests needed, any ideas are appreciated).
Version 1.1
- Full xterm support
- Incredible improvement of the rendering speed!
- Close all connections functionality
- Various UI improvements
- New option 'Background connection's timeout'
- Hackers keyboard is supported
- Redesigned help page
- Bug fixes for certain Android devices
Version 1.0.2
- Crash on Nexus fixed
- Import keys functionality implemented
Version 1.0.1
- We tried to make access to control keys more convenient than in existing SSH clients
- Meta-actions (like shake for CTRL-C and Volume buttons are used).
- Easy connection and keys management.
- Gestures like swipe up/down/left/right are used for replacing corresponding terminal buttons.
We would like to know which features by your opinion are most important and shortcomings of current version
Thank you for your time!
Dmitriy.
Please check for new update.
BEST ssh client out there! Much better, much more up to date than Connectbot.
Thanks, Jewremy!
We have just published Server Auditor in Amazon app market (http://www.amazon.com/Crystalnix-Se...qid=1344677892&sr=8-1&keywords=server+auditor).
Are there any plans to support Tasker and/or Intents, so the SSH client can be launched, connected before Tasker (or any other automation program) launches a task? Being able to disconnect and close the client would be crucial as well (this last part is something ConnectBot can't handle afaik).
Hi, ppc_dan.
We are going to release next version with support of terminal colors soon. At the moment we have several feature requests (like scripting support, grouping, etc). Thank you for your suggestion, I think we will try to implement Tasker support within our scripting support task.
ServerAuditor has gained a huge update. Please find the most significant changes below:
Version 1.1
- Full xterm support
- Incredible improvement of the rendering speed!
- Close all connections functionality
- Various UI improvements
- New option 'Background connection's timeout'
- Hackers keyboard is supported
- Redesigned help page
- Bug fixes for certain Android devices
Enjoy!
This is a great app. My only suggestions are to add the ability to use aliases. It would be nice since a lot of my connections are also remote connections with a FQDN so they all look the same but the port.
Also I'm trying to add keys but i cant seem to figure it out. I have tried to attach both a public key and a private key. (created by puTTy) with no success.
Thanks again for the app.
pman860507 said:
Also I'm trying to add keys but i cant seem to figure it out. I have tried to attach both a public key and a private key. (created by puTTy) with no success.
Click to expand...
Click to collapse
I have the same problem. I've imported a private key that is in OpenSSH format and attached it to a connection. Authentication fails and falls back to asking for password. The same key works great when using Bitvise on my laptop.
/Relnah
Might have to do with version of Android. My original HTC Desire with 2.2 won't work. But my Transformer with 4.x works with the exact same key.
/Relnah
pman860507 said:
This is a great app. My only suggestions are to add the ability to use aliases. It would be nice since a lot of my connections are also remote connections with a FQDN so they all look the same but the port.
Also I'm trying to add keys but i cant seem to figure it out. I have tried to attach both a public key and a private key. (created by puTTy) with no success.
Thanks again for the app.
Click to expand...
Click to collapse
Thanks! New release will be available soon and aliases are already available. We had a lot of responses about keys and will try to fix all issues.
relnah said:
I have the same problem. I've imported a private key that is in OpenSSH format and attached it to a connection. Authentication fails and falls back to asking for password. The same key works great when using Bitvise on my laptop.
/Relnah
Click to expand...
Click to collapse
Could you please let us know which application have you selected while importing this key (which file manager I mean)?
New version 1.2 with a huge update!
- Aliases are finally available
- A lot of new cool color schemes.
- Incredible copy-paste implementation. Allows instant search of copied buffer in Google or Serverfault.
- A lot of bug fixes and improvements.
Great work. I still cant get keys to import, but i love the aliases. It always says invalid filetype. Keep it up. This is test best ssh app available.
dlyfar said:
Could you please let us know which application have you selected while importing this key (which file manager I mean)?
Click to expand...
Click to collapse
I'm using either the file manager or ghost commander.
I'm trying to import a private key.
Sent from my SAMSUNG-SGH-T989 using Tapatalk 2
Port Forwarding
in the OP it says that Port Forwarding is possible.
Can someone explain how I do this? I can't find the setting anywhere...
thanks!

BROWSER app keyboard incomplete...

Goodmorning everyone
..by being the owner of this device, and for which I am satisfied
I noticed (a bug?) upon opening the application
"Browser"
if you want to enter your own web account by typing
user and password, the keyboard provided by the app,
does not display the entire group of keys by concealing precisely
the most extreme ones (see key 1 or key zero)
and there is no way to
remedy this lack.
note well:
this condition is created only and exclusively during the input of user and password
in fact in other conditions, the keyboard is complete
I ask you:
"Is there a valid solution to remedy this gap?"
... maybe a different app or a more suitable setting ???
THANKS to all, however

How do I determine if Kiwi Browser has been installed on my phone

Greetings. I developing workflow steps in an app called Pipedream. I installed Kiwi Browser on my Samsung Active s9 phone, and it works great when I entered my webpage. I would like to implement this into my workflow to display the html page on my phone.
Since these workflows can occur on both my laptop and my phone, the first step is to determine if Kiwi Browser has, in fact, been installed on my phone. If I get false, then I know that should display the html page on regular Chrome.
Question 1. How do I determine if Kiwi Browser is installed? I'm using Javascript or Node.js to for writing a callback function to return the status.
Question 2. If Kiwi Browser is installed, how to I send the url with the html page I want to display?
Thanks, Scott.

Categories

Resources