Database Info

[QUESTION] RSA SecurID or Similar

Has anyone found an RSA SecurID App or something similar to provide the same function under Android?

Good question. I look for one too but could not find an Android version yet. There is only 1 for iPhone .

The RSA SecurID Token for the Java ME Platform runs perfectly well on my HTC Desire (Android 2.1) phone.
(Sorry I am a new user so can't post the URL)
Got to RSA's web site.
Click Products on the menu
RSA SecureID
Product Family
Software Authenticators
Java Smartphones
You will need to convert your tokenseed to work with the app, but it is worth it.

woffys said:
The RSA SecurID Token for the Java ME Platform runs perfectly well on my HTC Desire (Android 2.1) phone.
(Sorry I am a new user so can't post the URL)
Got to RSA's web site.
Click Products on the menu
RSA SecureID
Product Family
Software Authenticators
Java Smartphones
You will need to convert your tokenseed to work with the app, but it is worth it.
Click to expand...
Click to collapse
Yup, confirmed. I have RSA running on my Hero (CM6), here's what I did.
Download J2ME app as per woffy's instructions above
Go to http://www.netmite.com/android/ and download the andme runner APK, and install
Go to http://www.netmite.com/android/srv/2.0/getapk.php and upload the JAD and JAR files from the RSA app you downloaded. An APK should be generated, load it onto your phone any way you want.
Get the token converted from the RSA website as well, and get your token file from the appropriate source. Then run tokenconverter.exe <filename>.sdtid -f. You should get a long numeric string.
Click import token in the RSA app, and enter the code from above
If all goes well, you should be able to enter your PIN and get a token.
Hope this helps someone, several of my coworkers and I have been waiting for this for months - we all got tired of carrying either fobs or our blackberries just to be able to remote in. One phone to rule them all!

what about the hardware securid
Is there a software for the hardware securid version?

magickarle said:
Is there a software for the hardware securid version?
Click to expand...
Click to collapse
This is what this thread is about.
But you need a special file to initialize the software, from the team of your company that manages the SecurID server and the hardware tokens.

snark_be said:
This is what this thread is about.
But you need a special file to initialize the software, from the team of your company that manages the SecurID server and the hardware tokens.
Click to expand...
Click to collapse
Ho. I though there were 2 different products.
What would be the "technical term" for this file.
I don't want to sound stupid when I'll explain them this.
Thanks

According to this page, you need:
AES (128-bit) token seeds
Click to expand...
Click to collapse

magickarle said:
Ho. I though there were 2 different products.
What would be the "technical term" for this file.
I don't want to sound stupid when I'll explain them this.
Thanks
Click to expand...
Click to collapse
Your security dept will need to have available soft tokens. Tell them to generate a Windows Mobile 128bit AES token file for you. You should receive a file with a .sdtid extension. Use that file with the token converter as described by whoiswes.
@wolfys: Nice find!
@whoiswes: Nice step by step writeup!
confirmed working on my DX...
edit:
You cannot use the sdtid file from an existing WM soft token btw. TokenConverter will blow up on a schema parsing error if there's a WM deviceID statement (generally the case when WM softtokens are assigned). Make sure the security dept. generates the WM token with a blank deviceID. Generally that means that they will have to unassign your existing soft token then re-assign it to you.

There is RSA SecurID beta app on the Market now http://www.appbrain.com/app/rsa-securid-software-token/com.rsa.securid

HOWTO generate self-signed certificates to sign apk's and zips

This was taken from: openssl.org/docs/HOWTO/certificates.txt
1. Introduction
How you handle certificates depend a great deal on what your role is.
Your role can be one or several of:
- User of some client software
- User of some server software
- Certificate authority
This file is for users who wish to get a certificate of their own.
Certificate authorities should read ca.txt.
In all the cases shown below, the standard configuration file, as
compiled into openssl, will be used. You may find it in /etc/,
/usr/local/ssl/ or somewhere else. The name is openssl.cnf, and
is better described in another HOWTO <config.txt?>. If you want to
use a different configuration file, use the argument '-config {file}'
with the command shown below.
2. Relationship with keys
Certificates are related to public key cryptography by containing a
public key. To be useful, there must be a corresponding private key
somewhere. With OpenSSL, public keys are easily derived from private
keys, so before you create a certificate or a certificate request, you
need to create a private key.
Private keys are generated with 'openssl genrsa' if you want a RSA
private key, or 'openssl gendsa' if you want a DSA private key.
Further information on how to create private keys can be found in
another HOWTO <keys.txt?>. The rest of this text assumes you have
a private key in the file privkey.pem.
3. Creating a certificate request
To create a certificate, you need to start with a certificate
request (or, as some certificate authorities like to put
it, "certificate signing request", since that's exactly what they do,
they sign it and give you the result back, thus making it authentic
according to their policies). A certificate request can then be sent
to a certificate authority to get it signed into a certificate, or if
you have your own certificate authority, you may sign it yourself, or
if you need a self-signed certificate (because you just want a test
certificate or because you are setting up your own CA).
The certificate request is created like this:
openssl req -new -key privkey.pem -out cert.csr
Now, cert.csr can be sent to the certificate authority, if they can
handle files in PEM format. If not, use the extra argument '-outform'
followed by the keyword for the format to use (see another HOWTO
<formats.txt?>). In some cases, that isn't sufficient and you will
have to be more creative.
When the certificate authority has then done the checks the need to
do (and probably gotten payment from you), they will hand over your
new certificate to you.
Section 5 will tell you more on how to handle the certificate you
received.
4. Creating a self-signed test certificate
If you don't want to deal with another certificate authority, or just
want to create a test certificate for yourself. This is similar to
creating a certificate request, but creates a certificate instead of
a certificate request. This is NOT the recommended way to create a
CA certificate, see ca.txt.
openssl req -new -x509 -key privkey.pem -out cacert.pem -days 1095
5. What to do with the certificate
If you created everything yourself, or if the certificate authority
was kind enough, your certificate is a raw DER thing in PEM format.
Your key most definitely is if you have followed the examples above.
However, some (most?) certificate authorities will encode them with
things like PKCS7 or PKCS12, or something else. Depending on your
applications, this may be perfectly OK, it all depends on what they
know how to decode. If not, There are a number of OpenSSL tools to
convert between some (most?) formats.
So, depending on your application, you may have to convert your
certificate and your key to various formats, most often also putting
them together into one file. The ways to do this is described in
another HOWTO <formats.txt?>, I will just mention the simplest case.
In the case of a raw DER thing in PEM format, and assuming that's all
right for yor applications, simply concatenating the certificate and
the key into a new file and using that one should be enough. With
some applications, you don't even have to do that.
By now, you have your cetificate and your private key and can start
using the software that depend on it.
--
Richard Levitte

[Release] RT Jailbreak Tool

RT Jailbreak Tool
By Netham45, Version 1.20
An all-in-one program to jailbreak Windows RT tablets using the method recently released by clrokr​
Usage
Boot your RT device and log in, allow it to sit on the desktop for about a minute.
Extract all files out of the latest version of the .ZIP attached to this post. To do this on Windows RT, right-click on the .zip, choose 'Extract all', and select the destination folder.
Run runExploit.bat. It'll prompt you to either install the jailbreak to run on login, uninstall it not to, or run the jailbreak once.
Choose an option and follow all subsequent prompts. They're all quite easy and self-explanatory.
FAQ
Q) What does this do, in layman's terms?
A) It allows non-Microsoft ARM-compiled .exes to run on the desktop. That is it.
Update (03/01/2013): The jailbreak now allows unsigned drivers to load.
Q) Can I use this to run Photoshop, Steam, AutoCAD, <Insert commercial product here>?
A) While it is -technically- possible for the companies to port their stuff over to Windows RT using the hack it is extremely unlikely. As a rule of thumb, if it's a commercial piece of software it won't run on the ARM.
Q) Can I use this to run PuTTY, VNC, X-Chat, <Insert open-source product here>?
A) Yes! Open-source programs are ones that you, having the source code, can recompile to work on the ARM. If it's not already available (A small but growing number of programs are) it's easy to get started. There are some useful threads in the Windows 8 Development and Hacking board on XDA-Developers.
Please note that not all programs can reasonably be ported over to ARM, due to either program complexity, overuse of inline assembly, or the current lack of a GNU Compiler
Q) Can I use this to run any random x86 app I find on the internet?
A) No. Apps must be recompiled for ARM. Stop asking why Chrome doesn't run.
Q) Can I use this to hack my Android tablet?
A) Not really. Most Android hacks require custom kernel-mode drivers (APX, Odin, ADB all require drivers that are unavailable), and this hack only allows us to run unsigned User-mode code.
If you don't know the difference between User-mode and Kernel-mode, I'm sure Wikipedia has a good article on the subject.
Q) Will Chrome/Firefox be ported over?
A) I don't see any major technical hurdles for those, but I probably won't be the one to do it.
Q) Are there any precompiled apps for this available?
A) Check out THIS THREAD for a list of all currently known compiled apps.
Q) I ran the jailbreak, now where can I download pirated apps from?
A) Nowhere. This jailbreak does not allow for pirated apps, and it is a long ways off from actually supporting pirated apps. If you manage to get pirated apps to run on Windows RT you will be doing the entire community a large disservice, along with ruining what credibility this hack may have in Microsoft's eyes.
Q) I don't know how to recompile code, can I get someone else to do it?
A) If it's a simple project you can likely find someone who will be more than happy to recompile it for you. If it's a large project with numerous dependencies, or a commercial project, I will be willing to take a look at it and quote a price to do it. (On that note, please realize that I am not affiliated with XDA-Developers at all.)
Q) I keep BSoD'ing! What's up?
A) I haven't managed to track down the cause of the BSoDs, except that they seem to happen when the exploit is ran within the first minute or so of the tablet booting and logging in. If you're getting BSoDs, boot your tablet to the desktop and wait 2 or 3 minutes before trying the exploit. Also, make sure that you're up to date with Windows Updates, as of 2/26/2013.
Q) I ran the .bat and it told me it couldn't find it's bin folder. What's wrong?
A) Extract the ZIP in entirety. Don't just open the ZIP and double-click on the runExploit.bat.
Q) It's not working! What do?
A) Post in this thread describing what you're doing and the issue you're having, do not PM me, even if you don't have the number of posts to post in the developer sections. I'll consider it spam and disregard it. Don't message me on Twitter either, the only place that I will provide support for this tool is in this thread.
Q) Is this persistent across reboots?
A) No, it resets every time the device reboots.
Q) Is this a tethered exploit?
A) No. Tethering is connecting the device to a computer, or other device to jailbreak it. This is done entirely on the device. It just has to be redone at reboot.
Q) Will this work with all the latest updates, as of 02/26/2013?
A) There was an updated .zip posted for the latest update (Patch Tuesday, Feburary 2013.) It should work.
Q) How do I compile apps for the Surface RT? It says I'm missing a bunch of .libs!
A) Visual Studio 2012 does not come with all the required ARM .libs for compiling most desktop apps. Please see THIS post by _peterdn for a useful utility for generating .libs and .exps from the .dlls on the tablet.
Q) Why would you want desktop apps? They suck for touch.
A) Mainly for the library of easily ported software, along with the things that metro apps just can't do. I agree, they're more inconvenient to use with touch, but that's the tradeoff for having a huge library of software. You also don't have to use desktop mode, the tablet still is quite good without it (Except the mail client). I also believe that since it's my device I should be able to do whatever I want with it, regardless of what MS says. Traditionally MS has leaned the same way with Windows, which makes it rather disappointing they chose to lock this platform down.
Q) Will this void my warranty?
A) Since it doesn't persist across reboots chances are the support center will never know, though it may be against the terms of your devices warranty.
Q) Is there any warranty for this program?
A) No express or implied warranty exists.
Q) Your hack caused the paint to chip off my tablet, the felt to peel off my type keyboard, the kickstand to fall off, and my tablet to display nothing but satanic messages while it's on! I want you to buy me a new one!
A) No it didn't, and see my warranty policy.
Q) Can Microsoft patch this?
A) Yes and no. They can patch it through Windows Update, but since we have the ability to reinstall from recovery partitions we can revert any Windows Updates they release.
Q) Will this allow people to run viruses on my tablet?
A) Yes and no, if something malicious is compiled and ran while jailbroken it could act like a virus, yes. Once you reset, though, it'll be gone.
Q) I came across a malicious RT application! Who do I tell?
A) If it's a jailbroken application then the most you can do is make a post informing about it. That's one downside to having unsigned code, there's no one regulating body who can decide what is and isn't available, and manage safety. If it's a store application then I suggest you contact Microsoft. If it's a Modern UI app that requires the jailbreak to run you still may have luck contacting Microsoft, as they can blacklist the developer's certificate.
Q) Can any random Store app do this?
A) No, this requires tools and privileges that Windows Store apps can't possess. The appcontainer model that MS uses is very strict and good at preventing things like this from happening. There's a number of things that flat-out aren't possible to do from a Store app that this uses, not to mention that it would get rejected by MS.
Q) Will I (The user) get my developer license banned?
A) It's possible, though I doubt that MS will do that.
Update: With the new payload (as of 1/18/2013) users no longer need to get their own developer certificate.
Q) Won't you (Netham45) get your developer license banned?
A) Time will tell, I knew the risk when I posted this. I suspect that their banning system is more geared towards piracy, though, which this doesn't really enable.
Update: With the new payload (as of 1/18/2013) my developer certificate is no longer required.
Q) I've got this great feature/idea for the jailbreak! Where can I tell you at?
A) Post it in this thread. Note that the area where we can script and such before the exploit is limited and restricted to pretty much batch scripts, and that I am under no obligation to implement a feature if you suggest it. And, seriously, do not PM me about it. If you don't have the prerequisite number of posts to post in the developer section then go get them.
Q) Can I throw money at you for writing the tool to automate this?
A) There's a donate link on the side of this post. (I'd love to get a Surface Pro. )
Q) Can I throw money at clrokr for documenting the exploit?
A) You'll have to talk to him about that.Here's his profile.
FAQ last updated 2/26/2013 10:17 PM MST
Thanks to clrokr for documenting the usage of the exploit, and to the numerous people who contributed positively in the [Q] Hacking Windows RT to Run Desktop Apps thread
Download is attached to this post.
Update log
Update 1.01(1/10/2013): Uncommented pause in the PS script to install the ModernUI app -- It was causing it not to prompt to install a developer license/my cert for some reason.
Update 1.02(1/10/2013): Fixed issue on non-English devices.
Update 1.03(1/11/2013): Fixed issue with usernames with spaces in them, fixed issue where the user running the jailbreak isn't the first user logged in
Update 1.1(1/18/2013): Redid functionality; it now gets the kernel base inside the payload, instead of requiring a Metro application. Added a startup folder that gets ran after jailbreak. Cleaned up output. Click for more info
Update 1.11(1/18/2013): Added commandline options, added a simple interface to handle creating scheduled tasks to run, added a powershell script to keep it from running if the system hasn't been up for two minutes, added missing startup folder, added sanity check so it doesn't freak out if the startup folder isn't there
Update 1.12(2/12/2013): Fixed the scheduled task to not require AC power to run, tweaked script to not crash on latest patches, Fixed startup folder not getting executed properly
Update 1.12a(2/12/2013): Fixed it to actually work on the latest updates. Oops.
Update 1.13(2/14/2013): Added the ability to dynamically get the signing level. It now requires internet on the first launch, and after an update changes ntoskrnl.exe. This version is slightly experimental, so if it doesn't work use one of the older versions.
Update 1.13a(2/15/2013): Tweaked the script to return from the hook in a way that seems more robust. If 1.12a or 1.13 work for you there's no need for an update.
Update 1.20(3/01/2013): Made the bat use registry keys instead of files in system32, added registry-based startup folder, altered payload to support unlocking kernel-mode code
Click here to download the latest version​
Older versions may be downloaded here
(Note: If you wish to mirror this post please retain a link to it at http://forum.xda-developers.com/showthread.php?t=2092158 so users can always get the latest version.)

Nice job! Good to have an all-in-one. Is this tool using the decrement by 0x80000 or trying the option of a slightly lesser decrement?
Also, it would be good to have a unified selection of RT-compiled desktop apps. I'm working on porting Pidgin (the Windows Store IM clients kind of suck...) but it's not easy; the "build under Windows" instructions boil down to "make your Windows system as Unix-y as possible, then build it there". There may be a way to target RT from GCC, but I am not aware of it.
EDIT: What I meant to say is, perhaps a thread linking all the various apps that people have built (preferably with links to their source, for those of us mildly paranoid types who like to see what other peoples' code is doing on our systems) would be a good idea.

GoodDayToDie said:
Nice job! Good to have an all-in-one. Is this tool using the decrement by 0x80000 or trying the option of a slightly lesser decrement?
Also, it would be good to have a unified selection of RT-compiled desktop apps. I'm working on porting Pidgin (the Windows Store IM clients kind of suck...) but it's not easy; the "build under Windows" instructions boil down to "make your Windows system as Unix-y as possible, then build it there". There may be a way to target RT from GCC, but I am not aware of it.
Click to expand...
Click to collapse
I'm decrementing by 0x7EFF0, it seems to not get the 0x18 bugcheck at all with that number. The one it gets if you run it too soon is a different bugcheck.

Install Fails
Brilliant!
I tried running it but it keeps going in an endless cycle because the Metro app fails to install.
Using a Surface with the latest patches from Microsoft.

merill said:
Brilliant!
I tried running it but it keeps going in an endless cycle because the Metro app fails to install.
Using a Surface with the latest patches from Microsoft.
Click to expand...
Click to collapse
Does it give you any error messages when it fails to install?

netham45 said:
Does it give you any error messages when it fails to install?
Click to expand...
Click to collapse
When installing the metro app, the installation fails because the certificate isn't added to the cert-store by default and the batch just tries again.
I uncommented the #Pause in PrintMessageAndExit to read the error message and that made it possible to choose to install the certificate, the powershell just closed otherwise.
After that the metro app installs fine, and tries to start it. I can see the app start, though the cmd still doesn't recognize it and tries to install it again...
I wrote my own metro app for that today and installed it instead of yours and it worked fine with mine.
My App is just this:
protected override void OnFileActivated(FileActivatedEventArgs args) {
WriteAddress((StorageFile)args.Files[0]);
}
private async void WriteAddress(StorageFile file) {
using (Stream s = await file.OpenStreamForWriteAsync()) {
using (StreamWriter wrt = new StreamWriter(s)) {
uint adr = GetKernelAddress.Address.Get() + 0x19FFBC;
await wrt.WriteAsync((adr & 255).ToString("X2") + " " + ((adr >> 8) & 255).ToString("X2") + " " + ((adr >> 16) & 255).ToString("X2") + " " + ((adr >> 24) & 255).ToString("X2"));
}
}
App.Current.Exit();
}
Click to expand...
Click to collapse

sebmaster16 said:
When installing the metro app, the installation fails because the certificate isn't added to the cert-store by default and the batch just tries again.
I uncommented the #Pause in PrintMessageAndExit to read the error message and that made it possible to choose to install the certificate, the powershell just closed otherwise.
After that the metro app installs fine, and tries to start it. I can see the app start, though the cmd still doesn't recognize it and tries to install it again...
Click to expand...
Click to collapse
Having the same issue, uncommenting the pause seems to fix it all for me. I'll update the zip in the top in just a second.
Edit: New zip with that uncommented uploaded.

Metro app failed to run. Trying to (re)install the metro app...
Found certificate: C:\Users\Merill\Downloads\RT_Jailbreak\bin\ModernUI_App\Get Kernel Base_1.0.
Before installing this package, you need to do the following:
- Install the signing certificate
Cannot invoke method. Method invocation is supported only on core types in this language mode.
At C:\Users\Merill\Downloads\RT_Jailbreak\bin\ModernUI_App\Add-AppDevPackage.ps1:497 char:9
+ $IsAlreadyElevated = ([Security.Principal.WindowsIdentity]::GetCurrent() ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: ) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : MethodInvocationNotSupportedInConstrainedLanguage

merill said:
Metro app failed to run. Trying to (re)install the metro app...
Found certificate: C:\Users\Merill\Downloads\RT_Jailbreak\bin\ModernUI_App\Get Kernel Base_1.0.
Before installing this package, you need to do the following:
- Install the signing certificate
Cannot invoke method. Method invocation is supported only on core types in this language mode.
At C:\Users\Merill\Downloads\RT_Jailbreak\bin\ModernUI_App\Add-AppDevPackage.ps1:497 char:9
+ $IsAlreadyElevated = ([Security.Principal.WindowsIdentity]::GetCurrent() ...
+ ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
+ CategoryInfo : InvalidOperation: ) [], ParentContainsErrorRecordException
+ FullyQualifiedErrorId : MethodInvocationNotSupportedInConstrainedLanguage
Click to expand...
Click to collapse
Try the new zip I just uploaded, I believe I fixed that.
Edit: I see what happened. The file that MS distributes has a signature at the bottom which allows it to make unrestricted system calls and when I commented out the pause I broke that.

Very Nice job! Thank you again!

Yahoo!!! Works. Have PuTTY running. Now to get all ARM compatible apps in one place!

merill said:
Yahoo!!! Works. Have PuTTY running. Now to get all ARM compatible apps in one place!
Click to expand...
Click to collapse
Glad to hear it's working.
Now, 6 AM, time to go to bed.

merill said:
Yahoo!!! Works. Have PuTTY running. Now to get all ARM compatible apps in one place!
Click to expand...
Click to collapse
I agree! If anyone gets Utorrent working ill be eternally greatful
Sent from my HTC One X using xda premium

vincepg13 said:
I agree! If anyone gets Utorrent working ill be eternally greatful
Click to expand...
Click to collapse
With 7Zip, Putty and an .Net 4.0 FTP Uploader app... all I need now is a Transmission console and I no longer really need my laptop.
Would be great to associate .torrent with Transmission on the Surface.
What other "needed" apps that are projects (like SourceForge) that people can think of?
MediaInfo would be handy... wonder if it could also integrate with explorer...
Perhaps this discussion needs its own thread

I'm actually starting a thread for this topic... but since we're here, one thing that would be awesome (instantly add support for a ton of software) would be a Java runtime. Unfortunately, they're huge and complex beasts, and tend to either require assembly or be buildable only on Linux (sometimes both...).

in asus vivo tab rt , I can not go where I say,
please press the volume down now

Silverlight ideally. But it sounds like thats a no go.
Also Chrome or Firefox would be good!
Filezilla would also be nice.
Nice work guys.

It works, but I still get the SmartScreen filter when I try to run apps from Explorer. When I run them from command line, it works fine.
I believe there's a registry entry that needs to be changed, but I don't remember what it is.

randomned said:
It works, but I still get the SmartScreen filter when I try to run apps from Explorer. When I run them from command line, it works fine.
I believe there's a registry entry that needs to be changed, but I don't remember what it is.
Click to expand...
Click to collapse
in the pop up, click more info then click 'run anyway' - itll never bother you again for that app.

will this work with the latest updates installed

Perl for Windows RT

All,
Please find the attached binaries for Perl 5.12.4
These binaries were distributed freely by Microsoft in its Hardware Certification Kit and still contain the original Perl5 licensing agreement (curious if they modified the source and where it is though).
Perl and its core modules are distributable (and re-distributable) under a variety of open source licensing options. I've chosen to publish the Perl binaries here under GPLv1 - specifically section 3c. I have received no information regarding the location of the source code. I can only presume this came from the Perl 5.12.4 development repository (http://dev.perl.org/)
If anyone feels I have violated any licensing agreement, I will happily remove the binaries.
Enjoy!
Code:
C:\Perl>perl -v
This is perl 5, version 12, subversion 4 (v5.12.4) built for MSWin32-ARM-multi-thread
Copyright 1987-2010, Larry Wall
Perl may be copied only under the terms of either the Artistic License or the
GNU General Public License, which may be found in the Perl 5 source kit.
Complete documentation for Perl, including FAQ lists, should be found on
this system using "man perl" or "perldoc perl". If you have access to the
Internet, point your browser at http://www.perl.org/, the Perl Home Page.

A completely useable development language for Windows RT (no jailbreak required!) .. and less than 15 downloads.. ?..
Not a lot of Perl fans here I guess.. . Ha!

I dont actually know anyone that knows perl

SixSixSevenSeven said:
I dont actually know anyone that knows perl
Click to expand...
Click to collapse
ouch. you just made me feel old...
ha..

I was wondering, who still use Perl and for what?
---------- Post added at 10:26 PM ---------- Previous post was at 10:14 PM ----------
It works like a charm.

ctitanic said:
I was wondering, who still use Perl and for what?
---------- Post added at 10:26 PM ---------- Previous post was at 10:14 PM ----------
It works like a charm.
Click to expand...
Click to collapse
supposedly: amazon.com, BBC.co.uk and Ticketmaster all use it in their CGI scripts. I guess if your a company with a script written in perl 18 years ago but it still works, well, why fix what isn't broke?
Looking around it seems it was pretty popular wherever text needed to be parsed in particular ways.

It was a popular choice for web apps in the early days of such things, since modifying text (including HTML) is something the language is pretty great at. On a more user-ish level, it's still reasonably commonly used for little "do something more complex than a shell script but simpler / more hackable than is worth a full executable binary" tools, but python has largely displaced it there. The *nix community uses it a lot more than the Windows community, too.

bfosterjr said:
All,
Please find the attached binaries for Perl 5.12.4
These binaries were distributed freely by Microsoft in its Hardware Certification Kit and still contain the original Perl5 licensing agreement (curious if they modified the source and where it is though).
Perl and its core modules are distributable (and re-distributable) under a variety of open source licensing options. I've chosen to publish the Perl binaries here under GPLv1 - specifically section 3c. I have received no information regarding the location of the source code. I can only presume this came from the Perl 5.12.4 development repository (http://dev.perl.org/)
If anyone feels I have violated any licensing agreement, I will happily remove the binaries.
Enjoy!
Click to expand...
Click to collapse
Awesome... Thanks for posting!

level 3
SixSixSevenSeven said:
supposedly: amazon.com, BBC.co.uk and Ticketmaster all use it in their CGI scripts. I guess if your a company with a script written in perl 18 years ago but it still works, well, why fix what isn't broke?
Looking around it seems it was pretty popular wherever text needed to be parsed in particular ways.
Click to expand...
Click to collapse
When I worked at level 3 we still used Perl all over the place. It still technically 'runs the internet' as the saying used to go - as level 3 owns the AS1 network (largest segment of the internet).
I still use perl today for formatting files quickly or backend systems dev, though for other types of development I typically use something else these days.

Sadly, there isn't an RT 8.1-signed version of Perl out there that I know of. The RT version of Perl has a nice security hole that could be exploited to bootstrap a jailbreak on 8.0, but not 8.1 if you can't run it >.<
Oh well, my PowerShell exploit is enough.

nutrapi said:
When I worked at level 3 we still used Perl all over the place. It still technically 'runs the internet' as the saying used to go - as level 3 owns the AS1 network (largest segment of the internet).
I still use perl today for formatting files quickly or backend systems dev, though for other types of development I typically use something else these days.
Click to expand...
Click to collapse
It might have fallen out of favour with alot of people, but it still has its place in the world.

ctitanic said:
I was wondering, who still use Perl and for what?
---------- Post added at 10:26 PM ---------- Previous post was at 10:14 PM ----------
It works like a charm.
Click to expand...
Click to collapse
I use it for my self-made home-automation. A web-site on my hacked FritzBox! (with freetz) which let me communicate through a self-made "Usb-Serial-device". I don't know why, but my perl-script runs smoother than my php-serial-script.
Long Story, but in short: THANK YOU SOO MUCH for sharing this with us

BIade said:
I don't know why, but my perl-script runs smoother than my php-serial-script.
Click to expand...
Click to collapse
Sometimes its best not to question it I have found...
Why the hell does an overflowing positive integer in C# give me a negative integer and then become zero (which is somewhat logical when you look at the binary representation) whereas in VB.net it seems to go straight to giving the string "infinity", I dunno, i dont question it.

SixSixSevenSeven said:
Sometimes its best not to question it I have found...
Why the hell does an overflowing positive integer in C# give me a negative integer and then become zero (which is somewhat logical when you look at the binary representation) whereas in VB.net it seems to go straight to giving the string "infinity", I dunno, i dont question it.
Click to expand...
Click to collapse
xD well spoken, sir

In C# (and all other languages, typically including BASIC dialects), a signed int goes negative on overflow because that's how two-complement binary representation works. Calling it "somewhat logical" is like suggesting that 'A' + 1 == 'B' is "somewhat logical"... no, that's how ASCII works. These are things which have been part of the computing world for over five decades. They are literally some of the oldest standards in computing.
If an int is turning into a string for you in VB, for the love of $DEITY stop using variants. Dim foo as Integer = (Integer.MAX + 1) should give Integer.MIN, or throw an exception if you have overflow checking enforced.

GoodDayToDie said:
In C# (and all other languages, typically including BASIC dialects), a signed int goes negative on overflow because that's how two-complement binary representation works. Calling it "somewhat logical" is like suggesting that 'A' + 1 == 'B' is "somewhat logical"... no, that's how ASCII works. These are things which have been part of the computing world for over five decades. They are literally some of the oldest standards in computing.
If an int is turning into a string for you in VB, for the love of $DEITY stop using variants. Dim foo as Integer = (Integer.MAX + 1) should give Integer.MIN, or throw an exception if you have overflow checking enforced.
Click to expand...
Click to collapse
I know why the hell a signed int goes negative on overflow. If you want I can write out the IEEE floating point representation in binary for a given number. Somewhat logical was a play on words, it is very logical. I am not a moron, But no, every time you quote me it seems to be you putting me down no matter what I say, so I am used to that now.
I'm doing anything funny in VB.net other than reading in 2 numbers from the console, casting them to int, adding them, printing the result out, gives "Infinity" for some reason. Never goes negative beforehand. The same code in C# does go negative and then to zero. VB does seem to carry on doing arithmetic on it fine as if it was 0 still, it just shouldn't write to the console as Infinity, it should write as zero, almost seems to be .NET catching and marking the overflow and then the .ToString() method catching the overflow as "infinity" instead of 0. But why bother in VB.net yet not C#. Why bother at all.

There is a wonderful program frn. It is very much important for amateur radio operators. for it is in perl source. If somebody started it all would have been grateful. It is used to link a raspberry-based Pi.

[APP][4.1+][v0.91 - 20141220] Easy Token - OSS SecurID token with lock screen widgets

Highlights
Convenient lock screen and home screen widgets provide instant tokencodes without navigating to an app.
Optionally save your PIN.
Supports SDTID files, importing http://127.0.0.1/... tokens from email, and QR tokens.
100% open source (GPLv2+)
Click to expand...
Click to collapse
Requirements
A token seed file from your system administrator
JB 4.1+
Click to expand...
Click to collapse
Downloads
Binaries are attached to this post and available from Google Play.
Source code: https://github.com/cernekee/EasyToken
Click to expand...
Click to collapse
Changelog
Code:
v0.91 - 2014/12/20
- Use more specific MIME type matches so that Easy Token associations don't
show up in Contacts.
- Update libstoken to v0.81 and switch from tomcrypt to nettle. Most of
the changes in v0.8/v0.81 won't matter on Android, but it is now possible
to import hard token seed files if desired.
Older changelogs:
Code:
v0.90 - 2014/07/26
- Rework handling of bound device IDs during token import. Try to guess
it based on the current (unique) device ID and all known class GUIDs.
Allow the user to override it, in case of a collision.
- Limit import string to 64kB to avoid OutOfMemoryError crashes on invalid
tokens.
v0.81 - 2014/07/06
- Fix bug in lock screen widget where it would "bounce" between the tokencode
display and the clock display for no apparent reason
- Show the "confirm import" screen unconditionally, so there is a clear
indication that email import succeeded
v0.80 - 2014/07/05
- Initial public release
Click to expand...
Click to collapse
XDA:DevDB Information
Easy Token, App for all devices (see above for details)
Contributors
cernekee
Source Code: https://github.com/cernekee/EasyToken
Version Information
Status: Beta
Created 2014-07-05
Last Updated 2014-12-21

Attaching a couple of randomly generated tokens, in case it is necessary to test Easy Token without a real seed file. These were created with:
Code:
qrencode -l H `stoken export --random --android` -o v2.png
qrencode -l H `stoken export --file pinless.sdtid --v3` -o v3.png
stoken export --random --sdtid > token.sdtid
The rightmost (denser, v3) QR code is a 6-digit PINless token. You may need to zoom in to scan it.

Verrr niice..
Thanks for making this, it works great and looks much better than the official RSA one. One thing, though, what is the network access permission for?

phigan said:
Thanks for making this, it works great and looks much better than the official RSA one. One thing, though, what is the network access permission for?
Click to expand...
Click to collapse
It isn't currently used, but future uses could include:
Internet token provisioning via CTKIP
NTP clock sync, so that if multiple devices use the same seed, they all read back the same tokencode at the same time
Better problem reporting; currently ACRA is set up to use email but there are some limitations associated with that approach. All problem reporting in this app is user-initiated.

Reported via email as well, but here's the problem I'm having:
Trying to import a token given via an http 127.0.0.1] url in an email:
USER_COMMENT=importing new key via (http link omitted, because xda forums don't like it) failed, with chrome saying "connection refused"
ANDROID_VERSION=4.4.4
APP_VERSION_NAME=0.90
BRAND=oneplus
PHONE_MODEL=A0001
CUSTOM_DATA=
STACK_TRACE=java.lang.Exception: Report requested by developer
at org.acra.ErrorReporter.handleException(ErrorReporter.java:626)
at org.acra.ErrorReporter.handleException(ErrorReporter.java:583)
at app.easytoken.MainActivity.sendProblemReport(MainActivity.java:121)
at app.easytoken.MainActivity.onOptionsItemSelected(MainActivity.java:139)
at android.app.Activity.onMenuItemSelected(Activity.java:2600)
at com.android.internal.policy.impl.PhoneWindow.onMenuItemSelected(PhoneWindow.java:1065)
at com.android.internal.view.menu.MenuBuilder.dispatchMenuItemSelected(MenuBuilder.java:741)
at com.android.internal.view.menu.MenuItemImpl.invoke(MenuItemImpl.java:152)
at com.android.internal.view.menu.MenuBuilder.performItemAction(MenuBuilder.java:884)
at com.android.internal.view.menu.MenuBuilder.performItemAction(MenuBuilder.java:874)
at com.android.internal.view.menu.MenuPopupHelper.onItemClick(MenuPopupHelper.java:177)
at android.widget.AdapterView.performItemClick(AdapterView.java:298)
at android.widget.AbsListView.performItemClick(AbsListView.java:1113)
at android.widget.AbsListView$PerformClick.run(AbsListView.java:2911)
at android.widget.AbsListView$3.run(AbsListView.java:3645)
at android.os.Handler.handleCallback(Handler.java:733)
at android.os.Handler.dispatchMessage(Handler.java:95)
at android.os.Looper.loop(Looper.java:136)
at android.app.ActivityThread.main(ActivityThread.java:5146)
at java.lang.reflect.Method.invokeNative(Native Method)
at java.lang.reflect.Method.invoke(Method.java:515)
at com.android.internal.os.ZygoteInit$MethodAndArgsCaller.run(ZygoteInit.java:796)
at com.android.internal.os.ZygoteInit.main(ZygoteInit.java:612)
at dalvik.system.NativeStart.main(Native Method)
Screenshot of Chrome attached.

gehrehmee said:
Trying to import a token given via an http 127.0.0.1] url in an email:
Screenshot of Chrome attached.
Click to expand...
Click to collapse
When you clicked on the email link, did it send you straight to Chrome? Android should notice that the URL matches a pattern that can be handled by two different apps, and let you choose whether to open the link with Chrome (incorrect) or Easy Token (correct).
If this doesn't happen, you may need to clear the default association for Chrome.
If you still can't convince it to pop up the app chooser, another option is to copy the URL to the clipboard (long-press may do it), navigate to Easy Token, then choose Manual Entry.

cernekee said:
When you clicked on the email link, did it send you straight to Chrome? Android should notice that the URL matches a pattern that can be handled by two different apps, and let you choose whether to open the link with Chrome (incorrect) or Easy Token (correct).
If this doesn't happen, you may need to clear the default association for Chrome.
If you still can't convince it to pop up the app chooser, another option is to copy the URL to the clipboard (long-press may do it), navigate to Easy Token, then choose Manual Entry.
Click to expand...
Click to collapse
Interesting:
I installed the official app as well as EasyToken now, and I do get the "choose application" dialog -- but EasyToken isn't in the list.
I copied the URL into the "manual" entry, and it didn't un-grey the "Next" button.
The URL is in the form:
http (noise added to stop xda forum from rejecting post) ://127.0.0.1/securid/ctkip?scheme=https&url=hostname.company.com:443/ctkip/services/CtkipService

gehrehmee said:
The URL is in the form:
http (noise added to stop xda forum from rejecting post) ://127.0.0.1/securid/ctkip?scheme=https&url=hostname.company.com:443/ctkip/services/CtkipService
Click to expand...
Click to collapse
Unfortunately CTKIP is not currently supported. CTKIP URLs do not actually contain the token seed. Instead, they direct the client to handshake with a remote server to securely exchange information. I have not figured out how to implement this scheme yet.
Easy Token normally expects a URL that uses the "compressed token format" (ctf), such as:
Code:
http://127.0.0.1/securid/ctf?ctfData=219561515777421437245254320241301611451327661056547012064173126400766246671676001
The ctf string is entirely self-contained (it doesn't need to talk to a remote server).

Change Device ID
Would it be possible to let users change the device ID? The default one is calculated differently from the official RSA app, so I can't install the same token on both or migrate from one to the other without having a new token issued to me.

pfcrow said:
Would it be possible to let users change the device ID? The default one is calculated differently from the official RSA app, so I can't install the same token on both or migrate from one to the other without having a new token issued to me.
Click to expand...
Click to collapse
If the app is unable to successfully decrypt the token using the default device ID, it should prompt you to enter a different ID (see attached screenshot). You can copy the device ID from the official RSA app if your token is bound to that installation.
Are you getting an error instead?

cernekee said:
If the app is unable to successfully decrypt the token using the default device ID, it should prompt you to enter a different ID (see attached screenshot). You can copy the device ID from the official RSA app if your token is bound to that installation.
Are you getting an error instead?
Click to expand...
Click to collapse
That's awesome! Thanks. I'm also stuck on the CTKIP issue that others discussed above. I suspect I'm not going to have any luck getting the other app to cough up the token once I download it, though.

pfcrow said:
I'm also stuck on the CTKIP issue that others discussed above. I suspect I'm not going to have any luck getting the other app to cough up the token once I download it, though.
Click to expand...
Click to collapse
That's correct - it is stored in a different format, and obfuscated.
I wonder how much demand there would be for an Xposed Framework module that exports stored tokens from the official RSA app?

cernekee said:
That's correct - it is stored in a different format, and obfuscated.
I wonder how much demand there would be for an Xposed Framework module that exports stored tokens from the official RSA app?
Click to expand...
Click to collapse
A lot - my employer will only issue tokens in CTKIP format, and if I can't copy the RSA app's token out I'm stuck with the default app. And what's worse, I'm stuck with using it on just that one phone - this is the whole reason I found your app in the first place, because I have 2 phones and want to clone the token onto both.
If you figure out a way to read the token from the RSA app, I'd happily PayPal you $20 for the effort
Edit: Even better would be an app to extract the RSA token from a Titanium backup.

I am using this on Android and it works great. Today I tried to install this to chrome using ARC. It worked. I was able to import tokens and all seemed well except the tokens are generating the wrong numbers. They should match the android device but they do not. I verified the serial# and dates are the same but the digits after the same PIN numbers are entered are different. I realize ARC is new but figured i'd give it a go.

cernekee said:
That's correct - it is stored in a different format, and obfuscated.
I wonder how much demand there would be for an Xposed Framework module that exports stored tokens from the official RSA app?
Click to expand...
Click to collapse
Was this solved?
I'd love to get more info and give it a go!
It seems a fun challenge. :cyclops:

I gotta tell you - I love this app. I can easily move my token from phone to phone without getting a new token from my sysadmins. That is huge! I wish you a also had a Mac OS X app

Tasker/KLWP
This app is brilliant - so much better than RSA's!
But could you tell me is it possible to get a code from Easy Token into KLWP or Tasker? Using intents?
Cheers!

Great work, loving it !

The token in the official Android app is stored in a sqlite database. If your phone is rooted, it's easy to copy it out and dump the database. You can probably dump it out of any backup program. The problem is that the critical fields are obfuscated. They appear to be 256-bit numbers in hex, and I don't know how they translate into the fields used by stoken (the token program that powers the app we're discussing here).
A dump of the table shows:
Code:
CREATE TABLE tokens (
SERIALNUMBER text primary key not null,
NICKNAME text not null,
EXPIRATIONDATE text not null,
PINTYPE integer not null,
PRNPERIOD integer not null,
PRNLENGTH integer not null,
ROOTSEED blob not null,
OTPMODE integer not null,
DEVICEBINDINGDATA text not null,
ALGORITHM integer not null,
BIRTHDATE integer not null,
MAXTXCOUNT integer not null,
SIGNATURECOUNT integer not null,
LASTTXTIME integer not null,
TOKENHASH blob not null);
The ROOTSEED and TOKENHASH fields are both 64-character (256-bit) hex codes. I think everything else is either zero or reasonably obvious.
My two thoughts are to either make sense of all this data to create a converter, or to investigate the Windows token storage format (which might use the same fields) and see if the official token converter can extract it.

Is any results with CT-KIP? Or any workaround?