The following is a 3-step process for gaining remote access to your PC Via your Android phone's data connection for FREE and without a static IP.
IT USES YOUR DATA PLAN SO MAKE SURE YOUR HAVE UNLIMITED DATA PLAN OR YOU'LL BE SAD!!!
It allows you to control and view your PC by accessing Windows Remote Desktop using Pocket Cloud on your Android. I used this method on my T-mobile Samsung Vibrant and am now using it on my HTC Amaze. Currently, I have only tested this using Windows XP. I HAVE NOT TRIED IT ON WINDOWS 7. Someone smarter than I can tweak the process for Windows 7 and MAC OS. Please feel free.
I put this little solution together from some forums I found scattered all over the internet. When I needed it, I couldn’t find the complete solution in one place so; I consolidated it for you here. The VB script in particular is not my original work and I can't remember where I got it for the life of me so; my apologies to the author for not properly citing it here. PLEASE NOTE THAT I AM ONLY POSTING THE METHOD I USED. USE IT AT YOUR OWN RISK!
Now…down to business!!!!!
Here is how it works:
Your PC automatically accesses a website to gather your WAN IP information and sends an "email-to-text message" to your Android on a schedule of your choice. This ensures that you always have access to your current WAN IP address. This is important; DSL providers change your WAN IP address as much as 10 times/day where cable internet providers only do it about once/month.
You then use this information to configure Pocket Cloud (available for free on the Android Market) to connect to your home router/PC. Using the current WAN IP as the "host address" in Pocket Cloud, you can connect, control, and view your PC remotely over your Android's data connection.
Requirements:
In order for connection to work, the following must be done before you start the steps. Don't worry, these are all easy.
· Your PC must be powered on with an internet connection (obviously)
· Windows XP must have a windows logon password set (assuming you are not on a home network with an actual server).
NOTE
If you have a modem connected directly with no router, you are all set. Skip the next bullet.
· Your router must be set to forward "remote desktop" activity (port 3389) to the PC to which you'd like to connect; make sure the router doesn't block the remote desktop application (see your router manual).
· Make sure your internet security software (see your software manual) and Windows XP ("my computer" properties under the "remote" tab) allows remote access to your PC.
STEP 1. Tweak the RED ITALIC TEXT ONLY of the VB Script (attached at the bottom) in by creating a new "note pad" file; pasting it in to "Note Pad"; and saving the file as "EmailIP.vbs".
NOTE
You can test your script by double clicking the .vbs file you just created. If you then get a text message with your IP address in it, you are good to go. The text message should only take a few minutes to arrive.
STEP 2. Schedule the script to run at any interval you'd like by browsing to it from within Windows Task Scheduler. This is under Start>All Programs>Accessories>System Tools>Scheduled Tasks. If you need help with task scheduler, Google it.
NOTE
The task should be scheduled more frequently for those using a DSL home internet provider. I set mine for every 2 hours as I use DSL at home. Cable internet can be scheduled to run much less often.
STEP 3. Install and configure Pocket Cloud RDP free from Android Market. using IP just texted to your Android and your Windows Logon information.
· Create a new connection in pocket cloud.
· Enter a nick name of your choice into the "Nick Name" field.
· Enter the WAN IP which was just texted to your phone into the "Host Address" field.
· Enter your windows logon user name and password into the "User Name" and "Password" fields.
· Leave everything else alone!
· Scroll to the bottom and hit "Save."
· Tap the connection and you should be connected to your PC with in seconds.
Cheers!
I use MyPhoneExplorer, very easy and noob-proof
i use teamviewer for this...
teamviewer does not require u to have static WAN ip...
the only thing u need is teamviewer account which is free...
I have create a vpn and get the static ip from no-ip.org
.
Thread moved. Would advise you to read forum rules and post in correct section.
enox2604 said:
I have create a vpn and get the static ip from no-ip.org
Click to expand...
Click to collapse
Good choice, however, no-ip and teamviewer both require that a 3rd party have certain terminal info or it pings the server periodically. This solution keeps third arties out of the equation with the exception of a collecting your own IP from an outside URL. Again, somone much smarter than I would be able to write a script that collects your WAN from the CMD prompt or something native to OS rather than a URL. If you know how, Please do and post it here.
orb3000 said:
Thread moved. Would advise you to read forum rules and post in correct section.
Click to expand...
Click to collapse
My Apologies. I did read them and didn't see a good fit anywhere as this is neither an App nor a game. It will take me some time to figure out where threads should be posted. Thanks for your patience.
Related
hello all,
recently 2 - 3 days ago, i have re-developed the application
and uploaded the update on the market.
basically its a Mysql Client,
DIRECTLY, allows you to connect to a Mysql server, and perform sql quires, insert, delete, select,... and list the tables,views and sprocs.
with the great result viewer (grid) you can view results in stylish way.
Change log
** Enhanced securing the stored connection info (better encryption)
** Data can't be decrypted except on the very same device.
** Added new permission (get phone state and identity) needed for the point above!
1- Save old connections with better management (no duplications now, long press to delete).
2- Enhanced the resultset viewer USER CAN DELETE ROW NOW! (delete button added).
3- Better exceptions handling (i hope).
4- Better connection handling and stability (i hope).
5- Better Screen design for execute SQL.
6- Added loading (progress-bar) to almost every remote-action.
7- Removed Ads.
i will be glad to get feedback or bug reports her
Market:
https://market.android.com/details?id=com.yazan.msc&feature=search_result
thanks
nobody like it !!?
Niice, thanks op, am actually taking a MySQL course in the school and this'll allow me to mess with MySQL on the go.
Sent from my MB855 using XDA App
Would really like to use it, but...
stinger1 said:
hello all,
recently 2 - 3 days ago, i have re-developed the application
and uploaded the update on the market.
basically its a Mysql Client,
...
i will be glad to get feedback or bug reports her
thanks
Click to expand...
Click to collapse
HI
When I enter the details for a connection and then try to "connect" a popup saying "Please wait..... Connecting..." is displayed forever. I´m quite sure that the connect information is correct because I receive an error message otherwise. Problems are:
1. I cannot connect to my mySQL server.
2. I cannot cancel the connect or even the app. I have to got to the apps overview and "kill" the app.
I´m using a Motorola Xoom (Wifi only, MZ604) with Android 3.2 and the mySQL server is on a virtual server (vServer) located at some remote site.
Would be great if that could be fixed some day...
Greetings from Germany.
emmi59 said:
HI
When I enter the details for a connection and then try to "connect" a popup saying "Please wait..... Connecting..." is displayed forever. I´m quite sure that the connect information is correct because I receive an error message otherwise. Problems are:
1. I cannot connect to my mySQL server.
2. I cannot cancel the connect or even the app. I have to got to the apps overview and "kill" the app.
I´m using a Motorola Xoom (Wifi only, MZ604) with Android 3.2 and the mySQL server is on a virtual server (vServer) located at some remote site.
Would be great if that could be fixed some day...
Greetings from Germany.
Click to expand...
Click to collapse
hello,
the connection dialog has a timeout 30 seconds, so if you wait 30 seconds it will stop trying to connect,
but i think i have to make that dialog "cancelable" so you can hit back and cancel connection (good to keep that option to.).
on the other hand .. make sure you have enabled remote connect to your mysql server, and add/allow the IP you are trying to connect from, so the mysql server allow it.
thank you.
Ok, but...
stinger1 said:
hello,
the connection dialog has a timeout 30 seconds, so if you wait 30 seconds it will stop trying to connect,
but i think i have to make that dialog "cancelable" so you can hit back and cancel connection (good to keep that option to.).
on the other hand .. make sure you have enabled remote connect to your mysql server, and add/allow the IP you are trying to connect from, so the mysql server allow it.
thank you.
Click to expand...
Click to collapse
Thanx for the quick response. Here are my answers to your points:
1. I have been waiting VERY much longer than 30 seconds (several minutes), but the connection dialog never stopped.
2. I have allowed connections to my mySQL server from ALL hosts (%), so there is no need to allow access on an IP address basis. The IP address is unknown anyway when I´m using a mobile device, or is it? Anyway, it would be impracticable to add the dynamically provided IP address to the mySQL server configuration every time - especially when you have no access to the mySQL server since the client cannot connect...
(I have tried another mySQL client for Android, but this thing crashes everytime it tries to connect to the mySQL server...)
Tell me if I can be of any help in the investigation of this connection problem. I´d really like to use your app to manage my server with my tablet.
Regards
Emmi
emmi59 said:
Thanx for the quick response. Here are my answers to your points:
1. I have been waiting VERY much longer than 30 seconds (several minutes), but the connection dialog never stopped.
2. I have allowed connections to my mySQL server from ALL hosts (%), so there is no need to allow access on an IP address basis. The IP address is unknown anyway when I´m using a mobile device, or is it? Anyway, it would be impracticable to add the dynamically provided IP address to the mySQL server configuration every time - especially when you have no access to the mySQL server since the client cannot connect...
(I have tried another mySQL client for Android, but this thing crashes everytime it tries to connect to the mySQL server...)
Tell me if I can be of any help in the investigation of this connection problem. I´d really like to use your app to manage my server with my tablet.
Regards
Emmi
Click to expand...
Click to collapse
yes using % will allow all,
but its not secure.. anyway in a case of dynamic IP it can be used.
-side note- you can find your current real IP if you visit http://www.whatismyip.com/
from your mobile browser.
*** regarding the application:
- are you capable to login using a desktop client, like Navicat or MysqlTools?
- if you can get a logcat from your device while trying to connect that would be great, i think it will be useful,
-one more thing is if u can try it from a mobile not a tablet, since supporting tablets was added recently and i could not test it ( no tablets around ).
** one last thing:
if all that did not work, you may create a user with very simple privileges,
and pass me (private message) the login info (ip, username, password), and i will try to connect with the app using my hTC Desire.
Thanks & best regards.
I can login and access the server using Navicat.
Do you know an app to get a logcat?
Unfortunately I have no Android phone available.
I´ll send you login info via pm.
I´ve found the follwoing errors in logcat (using catlog ;-)):
01-16 22:18:46.530 E/dalvikvm(4300): Could not find class 'javax.naming.StringRefAddr', referenced from method com.mysql.jdbc.ConnectionPropertiesImpl$ConnectionProperty.storeTo
01-16 22:18:46.530 W/dalvikvm(4300): VFY: unable to resolve new-instance 525 (Ljavax/naming/StringRefAddr in Lcom/mysql/jdbc/ConnectionPropertiesImpl$ConnectionProperty;
May be you can take this as a start...
emmi59 said:
I´ve found the follwoing errors in logcat (using catlog ;-)):
01-16 22:18:46.530 E/dalvikvm(4300): Could not find class 'javax.naming.StringRefAddr', referenced from method com.mysql.jdbc.ConnectionPropertiesImpl$ConnectionProperty.storeTo
01-16 22:18:46.530 W/dalvikvm(4300): VFY: unable to resolve new-instance 525 (Ljavax/naming/StringRefAddr in Lcom/mysql/jdbc/ConnectionPropertiesImpl$ConnectionProperty;
May be you can take this as a start...
Click to expand...
Click to collapse
i've tried and i confirm the application waas not able to connect to ur server.
also i found that error log, when i try to connect only to ur server..
i think its related to host name converted to an IP address reference ...
it looks to be a bug in the driver i am using (i've googled it)
i am working on a fix or workaround for now ...
thanks again.
how is it done...
hi stinger1..
i recently starting using your pheonix my sql client ...
my question is how does your app connect to the mysql server...
is there a middleware web service that connects to the database or
does the app directly connect to the database...if yes..how ?...
i mean using what....
how did you use the jdbc drivers...
An interesting read
Closing Open Holes
#JDevil#
With the spread of Hackers and Hacking incidents, the time has come, when not only system administrators of servers of big companies, but also people who connect to the Internet by dialing up into their ISP, have to worry about securing their system. It really does not make much difference whether you have a static IP or a dynamic one, if your system is connected to the Internet, then there is every chance of it being attacked.
This manual is aimed at discussing methods of system security analysis and will shed light on as to how to secure your standalone (also a system connected to a LAN) system.
Open Ports: A Threat to Security?
Now, which option is used to display all open connections on the local machine. It also returns the remote system to which we are connected to, the port numbers of the remote system we are connected to (and the local machine) and also the type and state of connection we have with the remote system.
For Example,
C:\windows>netstat -a
Active Connections
Proto Local Address Foreign Address State
TCP ankit:1031 dwarf.box.sk:ftp ESTABLISHED
TCP ankit:1036 dwarf.box.sk:ftp-data TIME_WAIT
TCP ankit:1043 banners.egroups.com:80 FIN_WAIT_2
TCP ankit:1045 mail2.mtnl.net.inop3 TIME_WAIT
TCP ankit:1052 zztop.boxnetwork.net:80 ESTABLISHED
TCP ankit:1053 mail2.mtnl.net.inop3 TIME_WAIT
UDP ankit:1025 *:*
UDP ankit:nbdatagram *:*
Now, let us take a single line from the above output and see what it stands for:
Proto Local Address Foreign Address State
TCP ankit:1031 dwarf.box.sk:ftp ESTABLISHED
Now, the above can be arranged as below:
Protocol: TCP (This can be Transmission Control Protocol or TCP, User Datagram Protocol or UDP or sometimes even, IP or Internet Protocol.)
Local System Name: ankit (This is the name of the local system that you set during the Windows setup.)
Local Port opened and being used by this connection: 1031
Remote System: dwarf.box.sk (This is the non-numerical form of the system to which we are connected.)
Remote Port: ftp (This is the port number of the remote system dwarf.box.sk to which we are connected.)
State of Connection: ESTABLISHED
Netstat? with the ? argument is normally used, to get a list of open ports on your own system i.e. on the local system. This can be particularly useful to check and see whether your system has a Trojan installed or not. Yes, most good Antiviral software are able to detect the presence of Trojans, but, we are hackers, and need to software to tell us, whether we are infected or not. Besides, it is more fun to do something manually than to simply click on the ?Scan? button and let some software do it.
The following is a list of Trojans and the port numbers which they use, if you Netstat yourself and find any of the following open, then you can be pretty sure, that you are infected.
Port 12345(TCP) Netbus
Port 31337(UDP) Back Orifice
For complete list, refer to the Tutorial on Trojans at: hackingtruths.box.sk/trojans.txt
----
Now, the above tutorial resulted in a number of people raising questions like: If the 'netstat -a' command shows open ports on my system, does this mean that anyone can connect to them? Or, How can I close these open ports? How do I know if an open port is a threat to my system's security of not? Well, the answer to all these question would be clear, once you read the below paragraph:
Now, the thing to understand here is that, Port numbers are divided into three ranges:
The Well Known Ports are those from 0 through 1023. This range or ports is bound to the services running on them. By this what I mean is that each port usually has a specific service running on it. You see there is an internationally accepted Port Numbers to Services rule, (refer RFC 1700 Here) which specifies as to on what port number a particular service runs. For Example, By Default or normally FTP runs on Port 21. So if you find that Port 21 is open on a particular system, then it usually means that that particular system uses the FTP Protocol to transfer files. However, please note that some smart system administrators delibrately i.e. to fool lamers run fake services on popular ports. For Example, a system might be running a fake FTP daemon on Port 21. Although you get the same interface like the FTP daemon banner, response numbers etc, however, it actually might be a software logging your prescence and sometimes even tracing you!!!
The Registered Ports are those from 1024 through 49151. This range of port numbers is not bound to any specific service. Actually, Networking utlites like your Browser, Email Client, FTP software opens a random port within this range and starts a communication with the remote server. A port number within this range is the reason why you are able to surf the net or check your email etc.
If you find that when you give the netstat -a command, then a number of ports within this range are open, then you should probably not worry. These ports are simply opened so that you can get your software applications to do what you want them to do. These ports are opened temporarily by various applications to perform tasks. They act as a buffer transfering packets (data) received to the application and vis-a-versa. Once you close the application, then you find that these ports are closed automatically. For Example, when you type www.hotmail.com in your browser, then your browser randomly chooses a Registered Port and uses it as a buffer to communicate with the various remote servers involved.
The Dynamic and/or Private Ports are those from 49152 through 65535. This range is rarely used, and is mostly used by trojans, however some application do tend to use such high range port numbers. For Example,Sun starts their RPC ports at 32768.
So this basically brings us to what to do if you find that Netstat gives you a couple of open ports on your system:
1. Check the Trojan Port List and check if the open port matches with any of the popular ones. If it does then get a trojan Removal and remove the trojan.
2. If it doesn't or if the Trojan Remover says: No trojan found, then see if the open port lies in the registered Ports range. If yes, then you have nothing to worry, so forget about it.
***********************
HACKING TRUTH: A common technique employed by a number of system administrators, is remapping ports. For example, normally the default port for HTTP is 80. However, the system administrator could also remap it to Port 8080. Now, if that is the case, then the homepage hosted at that server would be at:
http://domain.com:8080 instead of
http://domain.com:80
The idea behind Port Remapping is that instead of running a service on a well known port, where it can easily be exploited, it would be better to run it on a not so well known port, as the hacker, would find it more difficult to find that service. He would have to port scan high range of numbers to discover port remapping.
The ports used for remapping are usually pretty easy to remember. They are choosen keeping in mind the default port number at which the service being remapped should be running. For Example, POP by default runs on Port 110. However, if you were to remap it, you would choose any of the following: 1010, 11000, 1111 etc etc
Some sysadmins also like to choose Port numbers in the following manner: 1234,2345,3456,4567 and so on... Yet another reason as to why Port Remapping is done, is that on a Unix System to be able to listen to a port under 1024, you must have root previledges.
************************
Firewalls
Use of Firewalls is no longer confined to servers or websites or commerical companies. Even if you simply dial up into your ISP or use PPP (Point to Point Protocol) to surf the net, you simply cannot do without a firewall. So what exactly is a firewall?
Well, in non-geek language, a firewall is basically a shield which protects your system from the untrusted non-reliable systems connected to the Internet. It is a software which listens to all ports on your system for any attempts to open a connection and when it detects such an attempt, then it reacts according to the predefined set of rules. So basically, a firewall is something that protects the network(or systen) from the Internet. It is derived from the concept of firewalls used in vehicles which is a barrier made of fire resistant material protecting the vehicle in case of fire.
Now, for a better 'according to the bible' defination of a firewall: A firewall is best described as a software or hardware or both Hardware and Software packet filter that allows only selected packets to pass through from the Internet to your private internal network. A firewall is a system or a group of systems which guard a trusted network( The Internal Private Network from the untrusted network (The Internet.)
NOTE: This was a very brief desciption of what a firewall is, I would not be going into the details of their working in this manual.
Anyway,the term 'Firewalls', (which were generally used by companies for commerical purposes) has evolved into a new term called 'Personal Firewalls'. Now this term is basically used to refer to firewalls installed on a standalone system which may or may not be networked i.e. It usually connects to an ISP. Or in other words a personal firewall is a firewall used for personal use.
Now that you have a basic desciption as to what a firewall is, let us move on to why exactly you need to install a Firewall? Or, how can not installing a firewall pose a threat to the security of your system?
You see, when you are connected to the Internet, then you have millions of other untrusted systems connected to it as well. If somehow someone found out your IP address, then they could do probably anything to your system. They could exploit any vulnerability existing in your system, damage your data, and even use your system to hack into other computers.
Finding out someone'e IP Address is not very difficult. Anybody can find out your IP, through various Chat Services, Instant Messengers (ICQ, MSN, AOL etc), through a common ISP and numerous other ways. Infact finding out the IP Address of a specific person is not always the priority of some hackers.
What I mean to say by that is that there are a number of Scripts and utilities available which scan all IP addresses between a certain range for predefined common vulnerabilities. For Example, Systems with File Sharing Enabled or a system running an OS which is vulnerable to the Ping of Death attack etc etc As soon as a vulnerable system is found, then they use the IP to carry out the attacks.
The most common scanners look for systems with RAT's or Remote Administration Tools installed. They send a packet to common Trojan ports and display whether the victim's system has that Trojan installed or not. The 'Scan Range of IP Addresses' that these programs accept are quite wide and one can easily find a vulnerable system in the matter of minutes or even seconds.
Trojan Horses like Back Orifice provide remote access to your system and can set up a password sniffer. The combination of a back door and a sniffer is a dangerous one: The back door provides future remote access, while the sniffer may reveal important information about you like your other Passwords, Bank Details, Credit Card Numbers, Social Security Number etc If your home system is connected to a local LAN and the attacker manages to install a backdoor on it, then you probably have given the attacker the same access level to your internal network, as you have. This wouls also mean that you will have created a back door into your network that bypasses any firewall that may be guarding the front door.
You may argue with me that as you are using a dial up link to your ISP via PPP, the attacker would be able to access your machine only when you are online. Well, yes that is true, however, not completely true. Yes, it does make access to your system when you reconnect, difficult, as you have a dynamic Internet Protocol Address. But, although this provides a faint hope of protection, routine scanning of the range of IP's in which your IP lies, will more often than not reveal your current Dynamic IP and the back door will provide access to your system.
*******************
HACKING TRUTH: Microsoft Says: War Dialer programs automatically scan for modems by trying every phone number within an exchange. If the modem can only be used for dial-out connections, a War Dialer won't discover it. However, PPP changes the equation, as it provides bidirectional transportmaking any connected system visible to scanners?and attackers.
*******************
So how do I protect myself from such Scans and unsolicitated attacks? Well, this is where Personal Firewalls come in. They just like their name suggests, protect you from unsolicitated connection probes, scans, attacks.
They listen to all ports for any connection requests received (from both legitimate and fake hosts) and sent (by applications like Browser, Email Client etc.) As soon as such an instance is recorded, it pops up a warning asking you what to do or whether to allow the connection to initiate or not. This warning message also contains the IP which is trying to initiate the connection and also the Port Number to which it is trying to connect i.e. the Port to which the packet was sent. It also protects your system from Port Scans, DOS Attacks, Vulnerability attacks etc. So basically it acts as a shield or a buffer which does not allow your system to communicate with the untrusted systems directly.
Most Personal Firewalls have extensive logging facilities which allows you to track down the attackers. Some popular firewalls are:
ZoneAlarm: The easiest to setup and manage firewall. Get it for free at: www.zonelabs.com
Once you have installed a firewall on your system, you will often get a number of Warnings which might seem to be as if someone is trying to break into your system, however, they are actually bogus messages, which are caused by either your OS itself or due to the process called Allocation of Dynamic IP's. For a details description of these two, read on.
Many people complain that as soon as they dial into their ISP, their firewall says that such and such IP is probing Port X. What causes them?
Well, this is quite common. The cause is that somebody hung up just before you dialed in and your ISP assigned you the same IP address. You are now seeing the remains of communication with the previous person. This is most common when the person to which the IP was assigned earlier was using ICQ or chat programs, was connected to a Game Server or simply turned off his modem before his communication with remote servers was complete.
You might even get a message like: Such and Such IP is trying to initaite a Netbios Session on Port X. This again is extrememly common. The following is an explanation as to why it happens, which I picked up a couple of days ago: NetBIOS requests to UDP port 137 are the most common item you will see in your firewall reject logs. This comes about from a feature in Microsoft's Windows: when a program resolves an IP address into a name, it may send a NetBIOS query to IP address. This is part of the background radiation of the Internet, and is nothing to be concerned about.
What Causes them? On virtually all systems (UNIX, Macintosh, Windows), programs call the function 'gethostbyaddr()' with the desired address. This function will then do the appropriate lookup, and return the name. This function is part of the sockets API. The key thing to remember about gethostbyaddr() is that it is virtual. It doesn't specify how it resolves an address into a name. In practice, it will use all available mechanisms. If we look at UNIX, Windows, and Macintosh systems, we see the following techniques:
DNS in-addr.arpa PTR queries sent to the DNS server
NetBIOS NodeStatus queries sent to the IP address
lookups in the /etc/hosts file
AppleTalk over IP name query sent to the IP address
RPC query sent to the UNIX NIS server
NetBIOS lookup sent to the WINS server
Windows systems do the /etc/hosts, DNS, WINS, and NodeStatus techniques. In more excruciating detail, Microsoft has a generic system component called a naming service. All the protocol stacks in the system (NetBIOS, TCP/IP, Novel IPX, AppleTalk, Banyan, etc.) register the kinds of name resolutions they can perform. Some RPC products will likewise register an NIS naming service. When a program requests to resolve an address, this address gets passed onto the generic naming service. Windows will try each registered name resolution subsystem sequentially until it gets an answer.
(Side note: User's sometimes complained that accessing Windows servers is slow. This is caused by installing unneeded protocol stacks that must timeout first before the real protocol stack is queried for the server name.).
The order in which it performs these resolution steps for IP addresses can be configured under the Windows registry key
HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\Tcpip\ServiceProvider.
Breaking Through Firewalls
Although Firewalls are meant to provide your complete protection from Port Scan probes etc there are several holes existing in popular firewalls, waiting to be exploited. In this issue, I will discuss a hole in ZoneAlarm Version 2.1.10 to 2.0.26, which allows the attacker to port scan the target system (Although normally it should stop such scans.)
If one uses port 67 as the source port of a TCP or UDP scan, ZoneAlarm will let the packet through and will not notify the user. This means, that one can TCP or UDP port scan a ZoneAlarm protected computer as if there were no firewall there IF one uses port 67 as the source port on the packets.
Exploit:
UDP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sU 192.168.128.88
(Notice the -g67 which specifies source port).
TCP Scan:
You can use NMap to port scan the host with the following command line:
nmap -g67 -P0 -p130-140 -sS 192.168.128.88
(Notice the -g67 which specifies source port).
JDevil
Nice tutorial! Thanks!...But while having a look at the topic I had to smile... Vulnerabilities sounds better.
Lol exactly hahhahahah , thanks for the kind words
Sent from my SAMSUNG-SGH-I317 using xda app-developers app
Pretty amazing read, I'm impressed. What OS do you you on your home PC jeremyandroid? just curious?
js663k1 said:
Pretty amazing read, I'm impressed. What OS do you you on your home PC jeremyandroid? just curious?
Click to expand...
Click to collapse
Kali Linux, been a while bro, still got your badge I'm signature hahahha nice ,even though I havnt done anything in a long time but papers .
MyMobiler always did work good on Windows Mobile. However on new PCs and with Android, connections were no longer reliable. The cure was:
1. Do an install of SideSync on the PC side first.
2. After you finish and reboot, and uninstall SideSync.
3. Next set up MyMobiler according to the instructions on their web site. After that, it has been rock solid. In fact so good that that I turned off Autoconnect so it wouldn't pop up every time I plugged my phone into my USB port.
PS: I've been attempting to contact the author, but I have not been able to. What I would like to tell him is:
1. While MyMobiler also allows connecting via IP address, it does not support IPV6. All new devices are IPV6. Thus, the only place this feature works in the real world is on internal networks. If that were corrected, the remote control could work across the web.
2. Make a new version of MyMobiler with the drivers needed for the new computers, like SideSync has, give it away on Google Play, and promote it that it doesn’t need access to your personal data. Make it USB connections only. Include an easy access help file for the keystrokes.
3. Make a Pro version, enable the IP connection abilities that includes the newly added IPV6, and sell it on GooglePlay. Then they also have remote control of their phone via IP locally, and remotely, no other remote control software necessary. Include any necessary router setup instructions.
If anyone can put me in touch with the author, that would be appreciated. The links on his site do not work.
Tutorial version 1.0 by: Talbot *TBOT* Simons “Monsieurtalbot”
WHY?
I was looking around the internet a while ago for a good tutorial on this. Sadly, after many years no one had released one – and after many hours of testing I have managed install and run a mumble (murmur) server - from an Android device using a Debian compatibility layer app called Debian NoRoot. It took a lot of tinkering over a couple years to discover this working method - and it works really well.
There are many benefits to having your own Mumble server… not to mention one that fits in the palm of your hand and can be transported… Not to mention one that can act independently – INCLUDING a built in WIFI network and battery – but using this method, not only is it possible to take a private VOIP server everywhere you go – it’s possible for it to run really smoothly with any mid-range smartphone made after 2012. Broadcast your own WIFI network and connect with friends in a private offline chat within WIFI range…. Or connect to a WIFI network, forward a port from your router and expand the coverage to all of the internet… All with an old android you probably have lying around somewhere. Use it anywhere a walkie talkie might be needed, but not available. Text chat is also included and working – and it’s all as private as possible really… You are even able to encrypt your connection at that point – or simply host it locally and use it anywhere you have a large local network you can tap off of… Hotels & cruises – speak between rooms via the WIFI… etc etc. I can see this being implemented in places where internet is scarce and communication is needed… It will work on devices many people are discarding – and in a world where privacy is becoming scarce – it’s nice to know that the method of your communication is safe.
DISCLAIMER - MUST READ
I am not responsible for any data loss or device damage. Proceed at your own risk, though none of what we’re doing here should be considered risky. I’m not including pictures as I’m a busy man – but the process is quite simple and the instructions are quite exact. I think you’ll be fine.
This has been tested on several Android devices of various screen sizes and processor architectures going back to 4.0. It should work on most if not all devices. An old Android you have sitting in a drawer is a perfect candidate for this – not a bad thing to just keep installed on your personal device as well if you’re a power user like me. The program we’ll be using is able to run most if not all Linux apps … A lot of possibility here. No root is required for most of the features to work in this tutorial. Root isn’t needed if you are on an unlocked device, or if you have tethering provisioned on your wireless account. Tethering is only needed if you plan on using the device to broadcast a WIFI network to make it truly independent from a WIFI router.
Some features of the server may or may not be broken, I personally don’t require much besides a server with no password. If anyone runs into any issues down the road, please let me know!
Click to expand...
Click to collapse
With that being said – let’s begin.
___________________________________________________________________________________
INSTALLATION -
1. Download the following apps from the Play Store on your Android “server device”.
1. Debian NoRoot – The Debian linux environment (takes about 900MB space on internal SD)
2. Plumble – (mumble client) either free or paid version is fine.
3. Fing – Network tools for scanning IPs and networks.
ALSO EITHER:
Stock WIFI hotspot feature (if you have active wireless service)
OR
WIFI Tether Router – (requires root) allows for WIFI networks to be created without a WAN connection.
OR
If you just want a local server hosted and want to use your home router (with or without port forwarding for WAN access to your server) – you can do that too.
Click to expand...
Click to collapse
2. Open the Debian NoRoot app you just downloaded – let it install and set your DPI and font scale to whatever is best for your device. Typically messing with the stock settings won’t do much good for you.
3. Open the terminal that is found on the desktop of Debian, or open it from the menu if your screen is small. Execute the following commands:
sudo apt-get update
(wait for the process to finish - accept any dependencies with Y)
sudo apt-get upgrade
(wait for the process to finish - accept any dependencies with Y)
sudo apt-get install mumble-server
(accept any dependencies with Y – there will be some errors, ignore them.)
sudo dpkg-reconfigure mumble-server
(Autostart: Yes, High Priority: No, Then set the super user password when prompted.)
sudo nano /etc/mumble-server.ini
(This is where you’ll edit the server info – there is much documentation on setting up a mumble server and configuring this file elsewhere on the web… Things like server name, welcome message, server password – etc etc are located in this setting file. Save the file and go back to the terminal.)
sudo /etc/init.d/mumble-server restart
(That’s it, the server should now be running with your new settings in the background. There is no UI and no icons that pop up.)
Click to expand...
Click to collapse
4. Once this is done – keep in mind even though you set the Autostart it is not going to work in this environment – so you will need to manually start the process via it’s script file – so lets create a shortcut to it on the desktop to make starting the server easier.
The script file is located at:
Code:
/usr/bin/murmur-user-wrapper
“Two finger tap” the file and “send to -> Desktop (create link)”
You will now double click this desktop link to start your server after you open the Debian Environment.
5. You can now press the home button to put the Debian environment in the background. Open the “Plumble” app you downloaded *on the same device* and set up a new server with the following settings:
Label : LOCAL SERVER
Address: 127.0.0.1 - leave the port as 64738 or change it as you like.
Username: Whatever you want – I used ADMIN for the server device.
Password: leave blank unless you set it up in the settings file.
Click to expand...
Click to collapse
Once you save the server if should show as online. Connect to it and change the default audio setting to push-to-talk in Plumble settings… If you don’t see it online, restart the phone, or some devices require to be connected to some form of network before the server will show as online. See the next step.
5. Once the server is running you have a number of options on how you can set it up and connect to it. – if you aren’t seeing the server – attempt the following - either step A, B or C first before ripping your hair out.
A. Connect to a WIFI network – set a static IP for your network in Android WIFI settings… You can then use it locally… or you can forward the port you used in the last step to the static IP you set in your router’s settings.
B. Broadcast a stock android hotspot – if you have active wireless service and tethering provisioned or an unlocked device – if you don’t, some custom Android roms will activate and broadcast a network anyway, some won’t… depends on device – your mileage may vary. This is cool for direct device to device communication but will not allow you to use it over the internet. Wireless carriers block a lot of ports incoming.
C. Open WIFI tether router – set it up based on your device. This app requires root but is the most likely to work in a completely offline scenario with no available external WIFI network or when you don’t have service but want to turn a couple phones into walkie talkies in the grocery store. Option B and C are very similar in function but C works with no service – in a plane, a cruise ship, the middle of nowhere, etc etc.
Click to expand...
Click to collapse
6. At this point – we can start connecting other devices… Either get the mumble client for PC/Mac or download “Plumble” and “Fing” on another android device. iPhone also has free mumble clients and network scanners.
7. Open “Fing” on the server device and run a scan if you are on a WIFI router network. Note your server device’s IP address and confirm that the devices you are trying to have connect have an IP address themselves. You may need to run “Fing” or another network scanning app on the secondary device to determine the server device’s IP address… Especially if you are doing this with option B or C for connection.
8. Open Plumble (Android) or your PC/Mac/iOS mumble client and configure it to the server IP you determined in the last step… As long as they are on the same network you should see the server online… Connect and set the push to talk setting on the second device. You should now be able to chat between the server device and the secondary device… and you should be able to connect multiple others as well.
9. Reboot the device.
10. At this point It’s 100% installed and ready to go. The server boot process to recap is quite simple.
- Connect the server device and secondary devices to the same network, hotspot, whatever.
- Open “Debian NoRoot” from a fresh device boot. Sometimes a fresh boot is needed for the server to run properly.
- Once Debian environment is fully loaded, two finger click the shortcut we created for the murmur server and choose the top option – “execute”
-Open Plumble on the server device and connect to the local server profile you created
- Determine the server’s IP address based on how you connected and set up the client devices.
- PROFIT.
Click to expand...
Click to collapse
I hope you enjoyed this tutorial and find it useful – if anyone takes these steps, please help the community and provide screenshots that I may add to this post. The information was sourced and pieced together from so many places… I’d like to thank… Google search - as well as the developers behind the apps used in this tutorial. I'm amazed that after all this time something just clicked and low and behold - it works!
Cheers and best wishes all!
Just an update - this is surprisingly stable, and I have had a server running on an old android device for over 2 weeks with no downtime.
Awesome work! I've been debating trying to port Murmur to Android for a while now as I have an Android STB sitting around that would make a perfect server.
zyperion said:
Awesome work! I've been debating trying to port Murmur to Android for a while now as I have an Android STB sitting around that would make a perfect server.
Click to expand...
Click to collapse
There's already an armhf distro for murmur on debian... This is actually still working great. It's the only reason this works... Same package for the raspberry pi. =]
Any app for Android that allows you to boot I to a chroot Linux environment this will work on...
Sent from my LG-US996 using Tapatalk
Yeah, it's a very clever solution that seems to be working pretty well. I'll have to give it a try! I've also been looking into trying to get Ubuntu installed on my Minix Neo X5 instead since I don't have any need for it as a media box anymore which makes Android far less desirable than a functional Linux install.
Hello World! : D.
Can I create Internet domains in Ubuntu or Windows ?, or can they only be purchased for free or by paying a domain registrar ?.
That any external user can access through the browser's search bar without modifying the hosts file, without previous steps for the one who is going to visit my URL ?
Apache created me a domain that can only be accessed by configuring the hosts on the second PC. And as I read from Bind9 you need the same configuration. With the IP I have been able to access from any external IP by typing it in the search bar and it shows me the perfect Apache page página without configuring anything on the client.
Now, I would like the same but without the IP, and without paying a domain, and without free domains (No-ip ...), and without matching the two machines. It would only be to create my own internet domain on my PC and that anyone can access without doing more than typing the URL in the browser.
I have Ubuntu 18.04 TLS. If possible, however you can tell me, I will go there to look. ?
Thanks for your attention. ?