[APP][5.0+] Intercepter-NG 2.8 - Android Apps and Games

Intercepter-NG is a multifunctional network toolkit for various types of IT specialists. It has functionality of
several famous separate tools and more over offers a good and unique alternative of Wireshark for android.
The main features are:
* network discovery with OS detection
* network traffic analysis
* passwords recovery
* MITM attacks (ARP spoofing, DNS spoofing ...)
* security scanner
Intercepter-NG [Android Edition] v2.8
+ Captive Portal MiTM (Mostly for Windows targets)
+ SSL MiTM (HTTPS with SNI support)
+ SSH2 MiTM (Passwords + Sessions)
- ARP Defender removed
- Forced Download removed
* OUI and fingerprints updated
* X-Scan's report saving
* Samsung related bug fixed
* MDNS issue fixed
* Icons optimization
* SSLStrip improved
* Fixes and improvements
* Android support 5-12+ (x86, ARM, ARMv8)
[APP][4.4+] Intercepter-NG 2.5
-----
Intercepter-NG [Android Edition] v2.5
+ Automatical Save&Restore of routing rules and iptables
+ Preloaded results of the last scan + prescan on startup
+ Text resize by gestures, tab switch by swipes, vibro reactions
+ OS Fingerprinting system based on Satori format
+ Port Scan upgraded to X-Scan with EternalBlue checker
+ Scanning engine is greatly improved
+ HSTS Spoofing with improved sslstrip
+ Self-diagnosis for troubleshooting
+ LOTS of other fixes and improvements
************
* UI updated
* libpcap updated to 1.9.1 (for API >=24)
* No more SuperSU and Busybox dependencies -> Magisk
* Android support from 4.4 up to 10+ (x86, ARM, ARMv8)
************
https://github.com/intercepter-ng/intercepter-ng.github.io

Looking great!!
Sent from my Galaxy Nexus running Android 4.2 JB

Feel free to post feedback and features requests.

Will you make this open-source?
Or does it send the recovered passwords directly to you?

devrruti said:
Will you make this open-source?
Or does it send the recovered passwords directly to you?
Click to expand...
Click to collapse
lol, NO to both questions.

Hi. Does it run on lower resolutions? Like 480*854 or 320*240? And how is this different from DSploit? A lot of your features can be found in DSploit and that works great Ofc that is an open source project.
Keep up the good work

crancker said:
Hi. Does it run on lower resolutions? Like 480*854 or 320*240? And how is this different from DSploit? A lot of your features can be found in DSploit and that works great Ofc that is an open source project.
Keep up the good work
Click to expand...
Click to collapse
its runs on lower resolutions.
dsploit have a lot of useless functions and doesn't sniff a lot of stuff that intercepter do.
dsploit doesnt handle that much auth methods (http filter is very smart).
dsploit doesnt reconstruct files from tcp stream.
dsploit doesnt intercept messengers.
it says it does sslstrip, but i never had a luck with it.
at last, intercepter has unique raw mode.

And dSploit is open-source
One can easily dissassemble it with dex2jar and jad so if someone wants a source he can get it.
Why not share the experience you gathered with the world?
Sent from my Galaxy Nexus running Android 4.2 JB

mDroidd said:
And dSploit is open-source
One can easily dissassemble it with dex2jar and jad so if someone wants a source he can get it.
Why not share the experience you gathered with the world?
Sent from my Galaxy Nexus running Android 4.2 JB
Click to expand...
Click to collapse
actually, you dont know what you talking about.
dsploit is just a wrapper for different tools. it doesnt gather passwords itself (it runs ettercap), it doesnt scan network itself (it runs nmap) and so on.
android version of intercepter is just a wapper for original intercepter-ng console edition written in c. dex2jar will show you nothing

I just ran your tool, and I must say it's faster then dSploit.
But I have to say you really have to improve the UI.
You should make it more verbose, too. Some buttons won't tell people anything.
Good work
Sent from my Galaxy Nexus running Android 4.2 JB

Demo video - http://www.youtube.com/watch?v=IGVj2toH1Fc

Hey! It is just not starting. I am using a ZTE Grand X In with 4.0.4. The phone is rooted. After I click on the icon it seems like it is starting, but nothing happens. What should I do?

bkelemen said:
Hey! It is just not starting. I am using a ZTE Grand X In with 4.0.4. The phone is rooted. After I click on the icon it seems like it is starting, but nothing happens. What should I do?
Click to expand...
Click to collapse
first of all check if busybox installed. after that turn off your 3g connection and leave only wifi active.

Intercepter-ng said:
first of all check if busybox installed. after that turn off your 3g connection and leave only wifi active.
Click to expand...
Click to collapse
Actually it seems like the problem is on my end. I did install busybox, but since my phone has an Intel cpu in it, and all the busybox apps are written for ARM the problem might lie there. Hopefully there's gonna be a version which actually supports Intel. Thx anyways!

bkelemen said:
Actually it seems like the problem is on my end. I did install busybox, but since my phone has an Intel cpu in it, and all the busybox apps are written for ARM the problem might lie there. Hopefully there's gonna be a version which actually supports Intel. Thx anyways!
Click to expand...
Click to collapse
oh, sure it wont run...intercepter also compiled for arm.

http://sniff.su/intercepter.apk updated
intercepter now detects and prevents user from outer arp poison attacks. it doesnt just turns off wifi connection, but blocks attacker and allows to continue inet surfing.

http://sniff.su/intercepter.apk updated
runs on android >=2.1 (previously only 2.3)
new gallery tab. shows reconstructed pictures.

It cant find gateway
I have problem on milestone with android 4.0.3 (rooted - busybox 1.20.2 - 3G off)
In the first screen it finds other hosts, and correctly shows device IP and gateway but on the arp spoofing section after pressing play button it prints "Strating capturing on tiwlan0 ((null))" and after about a minute it prints Gateway not found

Thats strange. somehow gateway doesnt respond on arp requests for defined period of time. Are there any securty options set on your wifi network?

I have that problem: 'Interface not found,very strange'..anybody had this messege?
Sent from my GT-I9001 using xda premium

Related

[Discussion] Android VNC Server [1.1RC0]

This is the Droid VNC server discussion page.
Before reporting your success/insuccess install the latest build from this thread.
CHANGELOG:
v1.1RC0
- ICS support
- Changed to official libvncserver v0.9.9.
- Decoupled native screen grabber from jni sources, you wont need to have AOSP anymore to compile the daemon, just the precompiled libs.
- Fixed misc random segfault
- Added display rotation to 180, for zte
v1.0a3
- Rotation now fully working (on demand with F4 key)
- Speed improvements and bug fixes
- Improved server state detection (using IPC)
- changed to LibVNCServer from kanaka repository
- New webserver vnc client (noVNC), uses javascript
- Ability to make a reverse connection
- Two new framebuffer access methods (gingerbread and adb)
- New minimalistic interface
--------------------------
To download the app
Download from Play Store:
https://play.google.com/store/apps/details?id=org.onaips.vnc
OR
Download latest dev version:
https://github.com/oNaiPs/droid-VNC-server/tree/master/bin
still green on nexus one, froyo, frf83
Support for Nexus added on version 0.2b.
See my blog.
0.2b does work fine. Thanks.
Some things I learnt.
- Right click acts as "home" button press
- Escape on the keyboard acts as the "back" button
- Cursor keys work fine.
Cool
Now i'd just need to alter the framebuffer change detection to speed up the performance in updating screen...
How is the screen update performace on pc of nexus?
its not very snappy, slight delay before rendering new windows.
Whoah! Kudos to you, it works on my HTC EVO 4G!! Thanks a bunch!
wow i've been researching and looking into a possible solution to windows mobile mymobiler
www.mymobiler.com before making the complete jump to android and your project looks like a really good solution to mymobiler for me compared to the android screencast app
i was looking around on your blog (added it to my rss feed to keep up) i'm really interested in this
i'm a part time android user (dual boot windows and android 2.2) next time I switch over to android I will definitely install this and check it out with tinyvnc
keep the updates coming great job
and if possible add some of the ideas from mymobiler a lot of people are really interested in seeing a mymobiler for android and it looks like your working on a great solution
Green lines on HTC Desire.
Thanks for the job.
Is it possible to install landscape mode for looking on TV?
CU Ulli
If there are much people interested i think i can implement it
UPDATE: The app is already on the market, search for vnc server
Dear lord, this app is FANTASTIC! Works great (though the interface is a tad rough).
And just for fun, I couldn't help but try a camera feedback loop between my laptop & Evo running a VNC connection:
hxxp://i26.tinypic.com/2r2u7w1.jpg
Thanks so much for the app!
onaips said:
If there are much people interested i think i can implement it
UPDATE: The app is already on the market, search for vnc server
Click to expand...
Click to collapse
Very many thousands of users have a Dreambox Dbox or (Linux set-top box, satellite receiver) with VNC client. Look here: www_tuxbox_org
Greets Ulli01
Rotate VNC Window
Does anyone know how to rotate the VNC window (without rotating the entire desktop) for when the phone is in landscape mode?
This is cool!
Downloading in now.....
would be nice it to work on over wifi without rooting but nevertheless great app!
ulli01 said:
Very many thousands of users have a Dreambox Dbox or (Linux set-top box, satellite receiver) with VNC client. Look here: www_tuxbox_org
Greets Ulli01
Click to expand...
Click to collapse
Ok, i think it wont be to hard to implement it...
Don't hope to visualize movies this way though...
http installation:
download complete... installation successful.
market installation:
downloading droid nvc server... item downloaded successfully... installation unsuccessful: package is signed incorrectly.
evo 4g dc 3.2.3
Did you have an older version installed by apk? Please remove it...
i dont think so i got it from your qr and then tried to install from the market like 10 min later
also any help with this?
edit: uninstalled http version and market installed correctly which corrected problem 2

[APP][2.2+] Server Auditor SSH client with easy navigation

Hello,
ServerAuditor application is available on Google Play now (https://play.google.com/store/apps/details?id=com.server.auditor.ssh.client). We released it a couple of days ago. We are linux developers mostly and sometimes would like to have remote access through remote devices. This is initial release and more features are coming. Client is implemented from scratch and it isn't a clone of some opensource SSH client implementations.
We appreciate any feedback which would have to make our application easier to use as we believe it is possible to have convenient mobile SSH client.
Version 1.4
It's been a while since my latest update. Now we completely reworked the UI and added several features like port forwarding. Please also note that an app has a new URL in the market.
Version 1.2
- Aliases are finally available.
- A lot of new cool color schemes.
- Incredible copy-paste implementation. Allows instant search of copied buffer in Google or Serverfault.
- A lot of bug fixes and improvements.
- Colours support and connection grouping
- SSH scripting and ability to execute one command on several servers for easy cluster managment
- Port forwarding
- Smart command and filesystem navigation (we aren't 100% sure how we will exactly implement this, so some tests needed, any ideas are appreciated).
Version 1.1
- Full xterm support
- Incredible improvement of the rendering speed!
- Close all connections functionality
- Various UI improvements
- New option 'Background connection's timeout'
- Hackers keyboard is supported
- Redesigned help page
- Bug fixes for certain Android devices
Version 1.0.2
- Crash on Nexus fixed
- Import keys functionality implemented
Version 1.0.1
- We tried to make access to control keys more convenient than in existing SSH clients
- Meta-actions (like shake for CTRL-C and Volume buttons are used).
- Easy connection and keys management.
- Gestures like swipe up/down/left/right are used for replacing corresponding terminal buttons.
We would like to know which features by your opinion are most important and shortcomings of current version
Thank you for your time!
Dmitriy.
Please check for new update.
BEST ssh client out there! Much better, much more up to date than Connectbot.
Thanks, Jewremy!
We have just published Server Auditor in Amazon app market (http://www.amazon.com/Crystalnix-Se...qid=1344677892&sr=8-1&keywords=server+auditor).
Are there any plans to support Tasker and/or Intents, so the SSH client can be launched, connected before Tasker (or any other automation program) launches a task? Being able to disconnect and close the client would be crucial as well (this last part is something ConnectBot can't handle afaik).
Hi, ppc_dan.
We are going to release next version with support of terminal colors soon. At the moment we have several feature requests (like scripting support, grouping, etc). Thank you for your suggestion, I think we will try to implement Tasker support within our scripting support task.
ServerAuditor has gained a huge update. Please find the most significant changes below:
Version 1.1
- Full xterm support
- Incredible improvement of the rendering speed!
- Close all connections functionality
- Various UI improvements
- New option 'Background connection's timeout'
- Hackers keyboard is supported
- Redesigned help page
- Bug fixes for certain Android devices
Enjoy!
This is a great app. My only suggestions are to add the ability to use aliases. It would be nice since a lot of my connections are also remote connections with a FQDN so they all look the same but the port.
Also I'm trying to add keys but i cant seem to figure it out. I have tried to attach both a public key and a private key. (created by puTTy) with no success.
Thanks again for the app.
pman860507 said:
Also I'm trying to add keys but i cant seem to figure it out. I have tried to attach both a public key and a private key. (created by puTTy) with no success.
Click to expand...
Click to collapse
I have the same problem. I've imported a private key that is in OpenSSH format and attached it to a connection. Authentication fails and falls back to asking for password. The same key works great when using Bitvise on my laptop.
/Relnah
Might have to do with version of Android. My original HTC Desire with 2.2 won't work. But my Transformer with 4.x works with the exact same key.
/Relnah
pman860507 said:
This is a great app. My only suggestions are to add the ability to use aliases. It would be nice since a lot of my connections are also remote connections with a FQDN so they all look the same but the port.
Also I'm trying to add keys but i cant seem to figure it out. I have tried to attach both a public key and a private key. (created by puTTy) with no success.
Thanks again for the app.
Click to expand...
Click to collapse
Thanks! New release will be available soon and aliases are already available. We had a lot of responses about keys and will try to fix all issues.
relnah said:
I have the same problem. I've imported a private key that is in OpenSSH format and attached it to a connection. Authentication fails and falls back to asking for password. The same key works great when using Bitvise on my laptop.
/Relnah
Click to expand...
Click to collapse
Could you please let us know which application have you selected while importing this key (which file manager I mean)?
New version 1.2 with a huge update!
- Aliases are finally available
- A lot of new cool color schemes.
- Incredible copy-paste implementation. Allows instant search of copied buffer in Google or Serverfault.
- A lot of bug fixes and improvements.
Great work. I still cant get keys to import, but i love the aliases. It always says invalid filetype. Keep it up. This is test best ssh app available.
dlyfar said:
Could you please let us know which application have you selected while importing this key (which file manager I mean)?
Click to expand...
Click to collapse
I'm using either the file manager or ghost commander.
I'm trying to import a private key.
Sent from my SAMSUNG-SGH-T989 using Tapatalk 2
Port Forwarding
in the OP it says that Port Forwarding is possible.
Can someone explain how I do this? I can't find the setting anywhere...
thanks!

[APP][4.0+] #NoChromo - A wild ad-blocking browser appears [v51.0.2695.0][2016/04]

Once upon a time the lord Google releaseth teh Chrome, and the people marvelled in great wonder. Never before could they partake in so many internets in so little time.
Yet even then, the ceiling of lolcats/hour was quickly reached, for the pages were blinky and full of distractions, and the leeching of bandwidth delayed any reactions. Viagra! Cialis! Which button to button to download the download? What happened next will amaze you.
Reinforcements arrived in the form of extensions, blocking ads and performing malware prevention. Alas, as usual the exploits of the big and resourceful are no help at all to the friend in your hand.
Solutions abound. Proxies. Jailbreaks. None sanctioned by the ever-controlling and -vengeful bohemoth.
Here I present you with yet a different take on the problem, because I love you internet... #NoChromo
Err, what?
Right! This is nothing more than a modified build of Chromium (which recently saw a lot of sources from Chrome for Android added). It offers some built-in ad- and malware-blocking.
Note that it doesn't attempt any hiding of ad-sections, so you may be presented with blocks of empty space (or containing errors).
This is not a port of any existing ad-blocking plugin for 'grown-up' Chrome, it's just a quick reimagining of some of the parts. Sooner or later Chrome for Android will get extension support for a truly proper adblocker, I hope sooner.
FAQ
Reimagining?
It's coded in C++ and compiled directly into Chromium (a handful of ms per request, total memory use about 3mb), but it only covers URL manipulation at this time. It doesn't modify page content (remove/hide ad blocks), nor does it keep track of the type of request (some ad blockers do this for improved blocking).
vs hosts-based blocking, AdBlock Plus, uBlock?
Resource-wise it's as lean as host-based blocking, but its blocking is much finer grained than hosts-based, and doesn't require root. It does still lose from (desktop) ABP and uBlock in ad-blocking capacity, but uBlock isn't available on Android and I'm not a fan of ABP's methods (neither the technique of their Android solution nor their philosophy). So I'd put it squarely in the middle between hosts-based and the better known extensions.
What are the drawbacks?
Google did state the current Android source for Chromium is missing some codecs and other proprietary stuff. I haven't run into anything major, but you certainly might.
Will you support this?
Not officially, no. I built this for me, and it works on the sites I frequent. I'm just sharing it here so you can use it if you want to, or not if you don't. I may update it to newer sources once every while, or I might not. If it doesn't work for you on some site, just open it with regular Chrome.
That being said, it seems the Chromium source is not updated all that often, so if I update this once every few months you still wont be far behind. Not to mention that the sauce for my modifications are actually in the download folder, so you could build your own update if you wanted to.
And you are?
A dev from here on XDA who doesn't want his main account publicly associated with this, because I don't want to deal with possible retaliation from Google. Some of the site leadership know who I am, though. If this were malware, they'd take it down instead and tell everyone. If you don't want to trust me, sauce is available. If you can guess or know who I am, kindly STFU.
Download
Behold the glorious download links, for they are shiny and full of Chrome.
v51.0.2695.0 @ MEGA
Code:
ef337bce4e06b50d7c551f9940a9361f NoChromo-arm32-v51.0.2695.0.apk
d16bc732ae9b89bb50e3ba4ea421842d NoChromo-arm64-v51.0.2695.0.apk
4b28f614acb2f7e3e5d87502eeb621d9 NoChromo-mips32-v51.0.2695.0.apk
c2ec836cb94e18caaa905d88067b1322 NoChromo-x64-v51.0.2695.0.apk
bb440a9a582ac00d9ad9dd55ca49cb6c NoChromo-x86-v51.0.2695.0.apk
be3a25f8f52992df313881e186c5403d sauce-v51.0.2695.0.zip
(mips64 version does not currently build)
(Mirrors welcome, but please make sure to list the exact version numbers as stated here!)
The arm64 version is also available from the XDA Labs app!
Credits
Chromium contributors
AdBlock Plus
uBlock
EasyList and EasyPrivacy
MalwareDomains
Peter Lowe's Adservers
Changelogs
2016.04.05 - v51.0.2695.0
2015.06.09 - v45.0.2420.0-2
InstaDownloadAndInstallAndOpenAndUseAnd ... Yay! No ads!
BTW, your main account name is (j*****)
And also, please alternative links? If I don't use VPN, MEGA returns Server Not Found Error.
Thanks for sharing. I will definitely check this out.
+1×10^999999999 for that intro
Thanks OP, downloading now!
Your name shows in the "edited by" section of the post. great work though!
rjt.rockx said:
And also, please alternative links? If I don't use VPN, MEGA returns Server Not Found Error.
Click to expand...
Click to collapse
There you go:
Mediafire folder: https://www.mediafire.com/folder/80164iifzyp0s/NoChromo
Current ver: v58 by ponchofiesta
PS. Pm ME if there is new ver 2 upload.
Thanks.
Not working on Zenfone 2 551ML (amr32 not starting, arm64 not installing).
marcof93 said:
Not working on Zenfone 2 551ML (amr32 not starting, arm64 not installing).
Click to expand...
Click to collapse
Zenfone is x86.......
@nochromo : thanks a lot.
As you work on the source, can you tell us if this version can enable us to navigate more anonymously than the original Chrome ? There's still a request at start to connect to Google Account !?
@marcof93
Zenfone 2 551ML uses Intel Atom CPU which is not ARM.
nochromo said:
Behold the glorious download links, for they are shiny and full of Chrome.
Click to expand...
Click to collapse
Witness me!
Also, good job. Definitely not mediocre.
topjohnwu said:
Zenfone is x86.......
Click to expand...
Click to collapse
Intel Atom Z3580 is a 64bit processor, the Android version used in Zenfone 2 is a 32bit version, I tried both and shared my experience so the author can add this to the first post or work on it (also if he told that he doesn't want to support it).
@knot2006 I know, I want to help to community, now we know 100% that id doesn't work, I don't think I'm killing someone.
marcof93 said:
Intel Atom Z3580 is a 64bit processor, the Android version used in Zenfone 2 is a 32bit version, I tried both and shared my experience so the author can add this to the first post or work on it (also if he told that he doesn't want to support it).
Click to expand...
Click to collapse
x86 is microprocessor architecture look here:
http://en.wikipedia.org/wiki/X86
ARM:
http://en.wikipedia.org/wiki/ARM_architecture
lets try this browser for a spin
And, umm, after a few minutes of usage on Bluestacks, it gives " Unfortunately, #NoChromo has stopped. " every time I open it.
Tried clear data.
arm 32 !!1 arm64 ?? which one should i use ??
i have samsung s advance with cm12.1 lollipop .
Doesn't work for Ti-Omaps?
Force closes on my Droid RAZR xt912 which is Lollipop 5.1.1 which has a Ti Omap 4430 32bit Arm-A9, works on my Galaxy s3 which is also Lollipop 5.1.1 so I thought it might just not work on Lollipop but maybe its just Ti Omap is just too outdated?
Works and does what it says on the tin on my Xperia Z2 (ARM32 version)and it's taken a long time to get something like this.

[DEV][APP] waut.ch! - Calibration for Android - version 145

Utility for background calibration, curation and tuning of the device towards an intuitive interface.
Subsystems being battery, entropy, encryption, disk, cpu, memory, filesystem, ui, scheduler, and network, all safe and open source technology.
Presented in this educational gaming metric format with infinite feedback and an interestingly assymetric chance. scribble anywhere, check in some stress, or find the 8!
waut.ch! does one hope to receive from this?
Well, increasing degrees and amounts of a certain "Je ne sais quoi" or responsiveness from the user interface for a start. Better battery life perhaps. Better quality of life, maybe.
And waut.ch! can only perhaps be described as "A qualified quantification of the placebo effect"
waut.ch! might benefit from this?
In the Android device space:
Designers
Users
Manufacturers
Recyclers
Developers
Compilers
Support personnel
OEMs
The Friendly Neighborhood Nerd/Technician.
“Make the most of yourself....for waut.ch! is all there is of you.” - Ralph Waldo Emerson ( paraphrase )
All along the waut.ch! tower - Bob Dylan
waut.ch! - Sometimes used in some colloquium as "watch!", keen upon reducing the TDP of mobile devices to 1.0 watt!
ARM variants of Android only Donut 1.6+
Please uninstall either Seeder or CrossBreeder prior to using this.
Root recommended, else reactivity metric is interesting and introduces uniqueness into the entropy pool anyway. Metric may demonstrate a certain asymmetry that is expected from predictable human actions. Efforts have been made to remove time seed logic from haveged in order to improve upon encryption and system-wide performance and security.
Also numerous other subsystems require careful calibration to facilitate this process.
Rewritten code, subset of functionality for upstream project - CrossBreeder ( https://forum.xda-developers.com/showthread.php?t=2113150 )
Please feel free to view and analyze source and functionality and report bugs and discuss etc on the XDA forum:
( https://forum.xda-developers.com/android/apps-games/app-waut-ch-calibration-android-t3549967 )
Google Play store:
( https://play.google.com/store/apps/details?id=ch.waut )
Please visit: /data/data/ch.waut/files/bin on the device itself for partial shell source code and XDA Downloads section and Github for full source code.
Reboot at convenience liberally or sparingly to reseed the entropy pool or as is known in common parlance, for good luck!
Thanks.
Havged source code:
https://github.com/Openand-I/haveged
Adhoc Payment URL to support development efforts : https://paypal.me/openand/10
Frappe ( "free-paid" ) same-version to support development efforts : http://waut.ch
Custom haveged source code as used in this piece of software: https://github.com/Openand-I/haveged
=====
Version Name: 59a6333e-9ed9-43f8-8dad-51ed46c17e28
cb.sh: cache pressure - 500
cb_io.sh: read_ahead - 0
cb_io.sh: nr_requests - 0
$ md5sum *.apk
661c30b02b2321300624af98feaa5bad *145-waut.ch.apk
661c30b02b2321300624af98feaa5bad *oi.apk
$ sha256sum *.apk
6d23b8da87dc5516583a55a3203c9f5068ea8fe8765ece489080ef663c8aee15 *145-waut.ch.apk
6d23b8da87dc5516583a55a3203c9f5068ea8fe8765ece489080ef663c8aee15 *oi.apk
https://github.com/Openand-I/haveged
https://github.com/openand-inc/waut.ch
https://forum.xda-developers.com/devdb/project/?id=19218#downloads
https://forum.xda-developers.com/android/general/app-waut-ch-calibration-android-version-t3858365
https://github.com/openand-inc/waut.ch/raw/cb0c60025f86a4fdc4778506e97ee80eb1c00b45/oi.apk
https://github.com/openand-inc/waut.ch/raw/master/145-waut.ch.apk
-------------------------
Recommended:
- ntp: automatic system time update from internet is enabled.
please check the clock and fiddle around with the timezone settings in case of any issues. one may need to set the timezone manually.
then simply run the app to initiate a time sync
the network time sync happens at around 3am. so the time to check is in the morning.
- Please disable mount namespace separation in the superuser app to take advantage of the mount optimisations.
- Reboot once and occasionally to reseed the entropy pool. It's good luck!
- Do ensure that the waut.ch service has started upon reboot. Just run if it doesn't start it automatically!
Note: Please note that the haveged binary in the APK is a static binary and works on both PIE and non-PIE environments. It is also UPX compressed. UPX for Android didn't compile. So UPX for linux was used to compress the executable file. It is an elegant solution as both on disk and in memory space(?) is reduced by 70% per executable. One is welcome to decompress the file using 'upx -d'.
Full source code is provided on Github and build scripts are attached here and on Github.
There is no license required to both install the app or distribute it, both within the developer ROM community or in commercial form. Adhoc payment URL to support development - https://www.paypal.me/openand/10
Again do note that the license to use the APP and source code is free worldwide and irrevocable in full or partial form. All other open source components simply inherit their license. But under no circumstances is any use thereof legally binding or relevant.
--------
Utility for background calibration, curation and tuning of the device towards an intuitive interface.
Subsystems being battery, entropy, encryption, disk, cpu, memory, filesystem, ui, scheduler, and network, all safe and open source technology.
Presented in this metric format with infinite feedback and an interestingly assymetric chance. scribble anywhere, check in some stress, or get lucky for that matter!
-----
ARM variants of Android only Donut 1.6+ ( should even be compatible with the latest ARM Android 9+ )
Please uninstall either Seeder or CrossBreeder prior to using this. And other "mods" or "tweaks".
Root recommended, else reactivity metric is interesting and introduces uniqueness into the entropy pool anyway. Metric may demonstrate a certain asymmetry that is expected from predictable human actions. Efforts have been made to remove time seed logic from haveged in order to improve upon encryption and system-wide performance and security.
Also numerous other subsystems require careful calibration to facilitate this process.
Rewritten code, subset of functionality for upstream project - CrossBreeder ( https://forum.xda-developers.com/showthread.php?t=2113150 )
Please feel free to view and analyze source and functionality and report bugs and discuss etc on the XDA forum:
( https://forum.xda-developers.com/android/apps-games/app-waut-ch-calibration-android-version-t3858365 )
Google Play store:
( https://play.google.com/store/apps/details?id=ch.waut )
Please visit: /data/data/ch.waut/files/bin on the device itself for partial shell source code and XDA Downloads section and Github for full source code.
The app will amongst other maintenance tasks tune sqlite databases regularly and reseed the entropy pool or as is known in common parlance, for good luck!
Thanks.
Payment URL: https://paypal.me/openand/10
XDAevDB Information
waut.ch!, App for all devices (see above for details)
Contributors
idcrisis
Source Code:
[url]https://github.com/Openand-I/haveged[/URL]
[url]https://github.com/openand-inc/waut.ch[/URL]
[url]https://forum.xda-developers.com/devdb/project/?id=19218#downloads[/URL]
Previous Version Information - 144
305bd30f-0c8a-40d8-baf5-330c68f62d51
Status: Stable
Created 2017-01-01
Last Updated 2020-08-18
$ md5sum *.apk
8ea8e8c132a584767a12e394f7975654 *144-waut.ch.apk
8ea8e8c132a584767a12e394f7975654 *oi.apk
$ sha256sum *.apk
4925066a106c83b18ac6e563f03331c56b72777e66973db591c9776d706595e3 *144-waut.ch.apk
4925066a106c83b18ac6e563f03331c56b72777e66973db591c9776d706595e3 *oi.apk
https://github.com/Openand-I/haveged
https://github.com/openand-inc/waut.ch
https://github.com/openand-inc/waut.ch/raw/master/144-waut.ch.apk
https://github.com/openand-inc/waut.ch/raw/f699d3763507ec1f91d82b9ce25c53036b460a9e/oi.apk
-----
Version notes:
haveged: static non upx binary used
cb.sh: lock fixes
Recommended:
- ntp: automatic system time update from internet is enabled.
please check the clock and fiddle around with the timezone settings in case of any issues. one may need to set the timezone manually.
then simply run the app to initiate a time sync
the network time sync happens at around 3am. so the time to check is in the morning.
- Please disable mount namespace separation in the superuser app to take advantage of the mount optimisations.
- Reboot once and occasionally to reseed the entropy pool. It's good luck!
- Do ensure that the waut.ch service has started upon reboot. Just run if it doesn't start it automatically!
Please support development, simply use https://paypal.me/openand/10 or the payment URL.
Or you can simply buy the "frappe" ( free-paid ) version of the app: http://waut.ch
Recommended:
- ntp: automatic system time update from internet is enabled.
please check the clock and fiddle around with the timezone settings in case of any issues. one may need to set the timezone manually.
the network time sync happens at around 3am. so the time to check is in the morning.
- Please disable mount namespace separation in the superuser app to take advantage of the mount optimisations.
- Reboot once and occasionally to reseed the entropy pool. It's good luck!
- Do ensure that the waut.ch service has started upon reboot. Just run if it doesn't start it automatically!
Issues:
- superuser - Please disable mount namespace separation in the superuser app ( for optional but recommended mount options ). Also please revisit the app entry inside the superuser app to ensure the waut.ch service can run on boot unattended. One can see the logs on another day to ensure that the scheduler ran correctly in the night.
- Non root users - User Interface can help in clearing the random device. Please try and obtain root to avail of most features
- Some Samsung users - One is also requested to raise a ticket with Samsung who may be running old PE detection rules that flag any compressed EXE.
- x64 users - Reports are that the binaries run on 64 bit as they are static! Please compile one's variant of the binary if required. Entropy generations removes CPU jitter and hence runs cooler and more secure.
- Intel users - User Interface can help in clearing the random device. Please compile one's variant of the binary if required. Entropy generations removes CPU jitter and hence runs cooler and more secure.
- Maintenance scheduler VACCUUMS and INDEXES "ALL" SQLITE databases. Some folks may not like that. But given that they're no WAL mode anyway, it's a bottleneck worth removing safely.
- There is a concerned effort to state that 32-bit ARM Android Go/One < 1 GB RAM devices are all that's required for long term functioning. Higher no issues.
- Please try and use a heap size of 96MB. Attempts have been made to set heap size dynamic but ideally this should be done in the build.
- Please clear cache or factory reset upon issues to gain at least another year of MTTR ( Mean Time To Recovery ) for each device.
Thank you!
License
License concerns:
haveged - inherited - https://github.com/Openand-I/haveged
busybox - inherited - https://github.com/openand-inc/busybox
- Busybox simple extract, possibly edit the .config file in 'vi' and type 'make'
The requisite tools are installed using:
apt-get install gcc-arm-linux-gnueabi
apt-get install libncurses5-dev
apt-get install gawk
The following is a step in another direction as the 'make' command works perfectly after extraction, but this is provided for posterity:
wget http://busybox.net/downloads/busybox-1.24.1.tar.bz2
tar -xjf busybox-1.24.1.tar.bz2
cd busybox-1.24.1/
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- defconfig
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- menuconfig
At the menu, you can configure BusyBox options. Once configured, you can build BusyBox:
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabi-
sqlite3 - inherited - https://github.com/openand-inc/sqlite
waut.ch - 'none', non legally binding, and non legally relevant on a worldwide scale and irrevocable ( derived works are allowed to add their own licenses as long as the import ( meaning ) of the phrase "non legally binding and non legally relevant" is implied throughout ( not required to include text at all )) and does not reflect upon future updates of this software in any manner adversely.
He is back! Welcome back! Looking forward to this great new project! The only thing I might be missing is the dnsmasq filtering, which in my opinion if by far better solution than any kid of firewall/blocker
Sent from my Galaxy Tab 2 3G using Tapatalk
qWantUS said:
He is back! Welcome back! Looking forward to this great new project! The only thing I might be missing is the dnsmasq filtering, which in my opinion if by far better solution than any kid of firewall/blocker
Sent from my Galaxy Tab 2 3G using Tapatalk
Click to expand...
Click to collapse
Mate!
There are some serious issues with DNSMASQ.
- It crashes on wrong syntax of any option. Cannot do for a server.
- Command line syntax changes between original branch, Android and Cyanogen MOD. Not merged.
- Android fork far behind main branch
- Consumes port 53 on server run without sharing interfaces. This is on the Android branch. Main branch has this resolved.
- CPU loop for most Android DNS versions that show up only upon server run, rather than the tethering run. Possibly hijacked open source branch.
- Tethering modifications to Android branch ( command line addons ) not required any more as the main branch has incorporated methods to dynamically change IP addresses on the fly.
- It is probably encumbered by coding standards and export issues with only one developer. It is emblematic of most such over-reused projects.
- Hash table in memory, therefore future block list will use up RAM. Some others have disk based caching.
- Static blocklists are fairly not scalable for 10 years hence. Needs wildcard blocklists.
- DNS cache poisoning/overloading ( leading to denial of service) possible by any process/app.
It is therefore recommended to use either of:
pdnsd
unbound
djbdns
and standalone dhcp clients and servers from the Entware repository. And also these are interesting:
DANE
DNSSEC over TLS
BTW, all Android is encumbered by simple denial of service attack simply by reading from /dev/random by any app.
In order to try and package this into a simplish product, deleting /dev/random was not implemented.
idcrisis said:
Mate!
There are some serious issues with DNSMASQ.
- It crashes on wrong syntax of any option. Cannot do for a server.
- Command line syntax changes between original branch, Android and Cyanogen MOD. Not merged.
- Android fork far behind main branch
- Consumes port 53 on server run without sharing interfaces. This is on the Android branch. Main branch has this resolved.
- CPU loop for most Android DNS versions that show up only upon server run, rather than the tethering run. Possibly hijacked open source branch.
- Tethering modifications to Android branch ( command line addons ) not required any more as the main branch has incorporated methods to dynamically change IP addresses on the fly.
- It is probably encumbered by coding standards and export issues with only one developer. It is emblematic of most such over-reused projects.
- Hash table in memory, therefore future block list will use up RAM. Some others have disk based caching.
- Static blocklists are fairly not scalable for 10 years hence. Needs wildcard blocklists.
- DNS cache poisoning/overloading ( leading to denial of service) possible by any process/app.
It is therefore recommended to use either of:
pdnsd
unbound
djbdns
and standalone dhcp clients and servers from the Entware repository. And also these are interesting:
DANE
DNSSEC over TLS
BTW, all Android is encumbered by simple denial of service attack simply by reading from /dev/random by any app.
In order to try and package this into a simplish product, deleting /dev/random was not implemented.
Click to expand...
Click to collapse
Very comprehensive explanation indeed! I am no expert in Linux, only an average user [emoji6]
I was not aware of so many obstacles using dnasmasq, but aware of it's unreliability while using it for blocking stuff in pfsense. But I must say, I had similar experience with unbound, however, probably due to the lack of linux knowledge.
The way I understand is that host blocking is no longer viable due to scales of blocking required today. But sadly there is no alternative for that on android. I have been trying another tool, called sharkmasq but developer sadly abandoned it, while it seems very unfinished and unreliable. I also understand the reasons behind leaving netfiltering out of your development, just, in desperation, I search for the hope [emoji3]
P. S.
Thank you very much for your reply and for your time putting it together. Nevertheless I will look forward to further developments of this new exciting project!
Sent from my LG-D855 using Tapatalk
Uhm, my device seems more responsive even when I use a very low CPU frequency, but is it normal that the app doesn't ask for root permission even if I'm fully rooted? I'm using a Nexus 5 running Nougat. Thank you
Inviato dal mio Nexus 5 con Tapatalk 2
Hi, yes, part of the design criteria. Without root, the metric is interesting. With root, it will automatically start the background processes including the daily cleanups.
Best way to know that the background processes are running is to install Seeder ( but whatever you do don't start it! . Entropy should show around 4096.
Still in the testing phase, does it worth excluding the app from "android optimisation list"? I also use "power nap", not sure will that cause any side effects...
Sent from my LG-D855 using Tapatalk
Let us know If Seeder has RNGD off and still reports ~ 4096 entropy then all is hunky dory.
The new update asked me for root permission, all right here now
Have been busy lately with life, but had occasionally played with phone. So my findings so far: I use this app on my old galaxy tab 2 3g on slim6. Seeder shows entropy being filled in no time at all. Can't really say much about performance, but it seems that it behaves a little smoother. I also use it on my daily LG G3 on stock MM rom with custom kernel, but seeder is reporting very low entropy, if seeded is left on for 1 minute, I can see that entropy never goes above 900? Goes up slowly but then gets used, and then very slowly goes up again and gets used.
Sent from my LG-D855 using Tapatalk
Reboot once after first install kicks in the animation changes. And good luck
New version uploaded with haveged updates. Build scripts also added.
Feedback solicited about the compiler flags etc. Basically the idea is that the ARM v5 binaries should work for all past and future versions of 32-bit Android without modification.
UPX binary could only be compiled for x86 linux.
To answer question, second device, not running, may need to check su logs
Also backend binaries are 32 bit, may not work on 64 bit. GUI's ok.
I am very confused about the frontend of this app that looks like some number game that I really don't understand . Also, I don't understand the description very well. Finding the 8??? Reboot when animation kicks in? What animation?? Nothing seems to happen. I just see a still of a beach with a red number
But something DID happen though, so I am in business. I will keep you curious for a moment, while firstly giving you a good reason for a hard laugh:
I am trying to revive an LG L3 E400! Yep, that's right . Just for fun and educion. In fact I already succeeded quite a bit. I flashed JellyCast V7rev1, used some stuff from V6 SuperCharger (not entropy thingie coz I already intended to use CrossBreeder for that) and 3 scripts from Fly-On Mod. I came here via the CrossBreeder thread (of course). I have already tried CrossBreeder 7.2.13 (I followed advise from @f3tus here, he advised to use that older version). Entropy went up (so it worked) but I did not experience much performance improvement. I did experience more "not responding" issues though. So I reverted to the pre-CrossBreeder backup. And then came your app.....
So that's a very short summary of the many, many, many hours I spent last 2 weeks on this ancient minimalistic but very adorable phone. Now... back to this Waut.ch! app. Presuming that it had done something, I checked the entropy level after first reboot: still a jumpy number between 150 and 200 or so. Despite the fact that the service shows up as running. Then, a lot more playing with the "game" without understanding what I was doing. Just hoping for some wonder. Some message.... just...... something! But nothing. Just a beach with a red number. And a clock. And a questionmark. Or exclamation mark. Pffffff.. So.... let's reboot again. Then eat a sandwich and drink (more) coffee. Then check entropy again. And there it is! Steady at 4089! At first I thought his app was failing because the number didn't change anymore. Just steady. With the old CrossBreeder 7.2.13 I got 4096 a lot but it was a very jumpy number, going even below 1000 a lot. Well, some time passed while writing this post so let's check again: Wow, right now it says 4091 (99%)! One hour later: 4092! (It had spontaneous reboots inbetween).
I am testing it now for a few hours and have these problems:
"Not responding" issues (same as old CrossBreeder).
Spontaneous reboots (3 already). One of them failing to boot at all (stuck at JellyCast logo).
Two times, after a reboot, GPS was disabled. Not consistently though.
No noticable performance gain.
By the way, I am testing like real world usage. Just opening, using and closing apps. I use the same apps all the time so that gives a very good feeling about performance. More meaningful than benchmarks to me. My goal is to make this phone suitable for normal daily usage.
Your app is using a combination of serveral mods, right? I would like to be able to enable / disable each one separately. How can I do that? For example, I have a gut feeling that my "not responding" issues (and reboots?) do not come from the entropy mod but perhaps from governor tweaks or something else. Any chance that you will add enable buttons in the app? Or supply seperate scripts?
Update: I DO have performance gain! Not consitently though. Apps sometimes starting faster than ever. Also still the aforementioned quirks. Last hours no more auto-reboots. Entropy reaching 4096 now, just a little bit wobbly. There seems to be a lot of potential.
The stutter was an issue with the last version.
Do try the latest one and let us know.
Also better if you install the Play store also so the updates are automatic.
Version name is changed GUID if comparing. Better than comparing version numbers.
GUI is non functional, just a visual representation of haptic feedback and actual randomness spread.
It's like drawing points in the whites of a poached egg. If you can see a pattern, you'll be rich in the stock market
Today I removed the app. The biggest problem is random reboots for me. As said, it has potential because sometimes apps started faster than ever on my ancient LG L3. But not consistently. So maybe I 'll try again later.
Sorry for my first post, probably tl;dr. I will repeat my most important question: can you provide us with separate scripts? I mean: I would like to test the entropy thing without the other tweaks as you described in the OP.
Dude!
You're probably using an old version. We'll never know. Will we? Will we now?
There's a small trick that borders on superstition. The famous random device block gremlin tends to disappear if you run the GUI in scribble mode. Basically what may be happening is the block is hit and then the stupid kernel makes whatever decision it makes. Usually at the cost of usability in favour of some stupid religious Linux fervour. Someone should report that to LINUX.
Or another entropy generator, haveged or RNGD or Seeder may be running. Which is a big no! Best to run it on stock ROMS or full custom ROMs ( please ask the developer if they're running any variant of above and to recommend coexistence or better variant of any subcomponents or piece of code. ). In other words, open source!
Also, the separate scripts are in the /bin directory on the phone itself. May require bash and ADB skills.
And full source on XDA and GitHub.
I'll construe this as a possible request to also post the shell scripts from GitHub into the XDA project as separate attachments. Which I can do. In due course
Cheers.
Well, I took it from Play Store. Is that an old version?

dSploit/cSploit continuation

Hello, if you know what cSploit is you also probably knows that it's buggy and outdated.
I have taken time to rebrand the software, mixing versions, and modifying code.
My goal was to fix the login cracker which was not giving status output since the C regex was broken, so I re implemented the original dSploit 1.0 fashion - each tried passwords are shown - and the progress bar is effective. Also did modify the java code and res to be able to fully use hydra (more options, and most importantly being able to pass http related plugins parameters).
Metasploit is outdated, and ruby 1.9 cannot run the lattest version; so I switched to version 2.7, which is running: we can install gems.
Issue is that when downloading the MSF and setting it up, the bundle doesn't return, and gives no output. I don't know what is happening here, there may be a prompt for administrator's password so I run 'bundle install' as root, but it doesn't change anything.
gem install bundler does succeed, but not bundle install, showing forever "downloading gems". This part is tricky and I need people to look upon it with fresh eyes (I spent too much time on the code).
I'm calling the project eSploit and renamed a lot of things like package name, since I have been working alone and that the cSploit project is utterly abandoned, but still is delivered on platforms like nethunter store despite the bugs and EOF notice. So don't judge me on taking it over since no one cares.
Status is:
Nmap: fully functionnal
Hydra: restore not working (restore file's path issue)
Exploit finder: Not working since the MSF doesn't update yet -see above- , and that is the milestone.
MITM: not tested, might just get rid of it.
There is a change of strategy in the way we will retrieve exploits, instead of contacting outbound server and pass it the result of the inspector, then seeking in the metasploit database for the CVE, we will just pass the inspector's result to metasploit. No difference, and the thing will be working on local networks without internet connection,
To be honest this is a bit like pinning a nail with a bulldozer, but for now there is no alternative.
Submodules are removed from git, instead there's a big working tree with all the dependencies.
Note that the openssl library originaly shipped with the package doesn't 'work' with most newer software, hence are we using 1.1.1l for ruby, and will either stick to the lattest for older softwares (like hydra 8.8) or update the programs, so now only nmap is working.
So you tell me what you think of it, and don't hesitate to report bugs on github, ask me questions about the architecture of the software (originally designed by simone margaritelly), and help me finding a solution to the main issue.
GitHub - e2002e/eSploit: cSploit - The most complete and advanced IT security professional toolkit on Android.
cSploit - The most complete and advanced IT security professional toolkit on Android. - GitHub - e2002e/eSploit: cSploit - The most complete and advanced IT security professional toolkit on Android.
github.com
This is very cool. It would be really cool if this is working. I hope that you can fix these Problems
cSploit, dSploit.. now eSploit i really like this program.
Any similarities with zANTI ?
I am very interested in this project! But the github page is offline Are you still working on this?
Hi people, I got to some reasoning that this was not needed, though being cool to have the metasploit framework for android, I remember now how younger I tried to hack into things without a proper vulnerability scanner. This results in frustration. You can't know just from an nmap scan what exploit to launch. This thing would be awesome with (for instance) greenbone. But as is it is like attacking tanks with guns.
So I dropped it and deleted the repository.
Thanks for your reactions.
What happen it's not available

Categories

Resources