[Guide]Barclays mobile banking anti-anti-rootcheck patching - Android General

Edit: I've created a xposed module which works with the banking app version 1.7.1 see post below.
---------------------------------------------------
Edit: The changes needed to work with the latest version of the app (1.7.1) are listed in a post below below.
---------------------------------------------------
*There was a error in the diff file. I've uploaded the correct version. Also this patch will definitely not work with the latest version of the app.*
I managed to patch the Barclays mobile banking app version 1.4.2 to make it work with cyanagonmod 10.0 and cyanogenmod 11.
I realize that the current version on play store is 1.7.1 but I haven't updated to the latest version yet. If you do try the latest version please let me know if it differs greatly from the current version in it's root checks
I'm not going to attach the patched apk since using banking app from a stranger on the internet is really not a smart thing . Instead I will detail the work I did which hopefully someone else will find useful.
This guide is geared towards more technical people who already have some experience with android development. It will not give a detailed step by step how to, rather a general information about the process.
Obfuscation methods used in the app
The app obfuscates the names of some but not all of the namespaces/classes/methods which can stump some decompilers.
It seems to generously sprinkle useless switch statements and loops which does nothing but make the code appear way more complicated than it really is. I would guess quite a lot of the bulk in the code is coming through these dummy statements. smali2java-toolkit was of great help to figure this out.
All strings in the app have been encrypted by a simple xor algorithm which is then decrypted at run time just before they are used:
for example rather than
Code:
myfunction(“Hello world”)
the code writes something in the sort of:
Code:
myfunction(decrypt(“Juqqdxidqw”, 'x'))
The decryption function is a static method 'bЮЮЮЮЮЮ' in the class appears to be 'rrrrrr.srrrrr' (the method/class/namespace names are obfusecated)
I extracted the decompiled code from this method to write a console application which let me decrypt any string in the application:
Code:
static String decrypt(String crypStr, char keyChar) {
char[] arrayOfChar1 = crypStr.toCharArray();
char[] arrayOfChar2 = new char[arrayOfChar1.length];
for (int i = 0; i < arrayOfChar1.length; i++)
{
int j = keyChar ^ arrayOfChar1[i];
arrayOfChar2[i] = ((char)j);
}
return new String(arrayOfChar2);
}
Anti root methods used in the app
Checking for 'test-keys' string in the build tag. (/system/build.prop file)
Checking for superuser related package/apk files.
Checking for superuser hider package/apk files.
Checking for existance of 'su' binary
Attempting to execute 'su' binary​The above checks are done both in the java/dex code and in a native code library.
Defeating the anti-root methods in Java/dex code:
The Java code is fairly easy defeat since changing the strings of the apk/file names which are checked as root related will make it think that no 'bad' apps are on the phone.
A bulk of checks happen in the isRootedDevice method of the com.barclays.android.application.BMBApplication class. While it checks for quite a lot of apk's, for my particular purpose I only needed to patch 2 lines in the method:
Smali file line 306 – which starts the checks for “test-keys” string in the build tag.
Smali file line 407 – which start the check for the string “/system/app/Superuser.apk”.​The next method in the same class 'runRootCommand' attempts to execute 'su'
Smali line: 956 – which contains the string “su” which will be passed to java.lang.Runtime.exec
A (mostly?) duplicate of the isRootedDevice function exists in the com.barclays.android.container.DeviceData the relevant lines are :
smali file line 1237: "test-keys" string check
smali file line 1271: "/system/app/Superuser.apk" file check​All of the above checks can easily be defeated by changing the the string so that it will check for a non existent package or file.
Keep in mind that all the strings listed above are in encrypted form. You can use the decrypt function listed above to decode them. I found the key char/byte needed to decrypt a given string is in the very next line to the one containing the encrypted string.
Defeating the anti-root methods in Native library
From what I can see the exact same tests which were done in the Java code is repeated in the native code library 'libtest_ndk.so'. As this check appears to form part of the authentication mechanism i don't believe it's possible to simply stop this check from being called from the Java code.
Also the com.barclays.android.container.sampler.SharedLibraryLoader which loads the native library appears to be doing some kind of checksum validation. While this probably could be easily worked around, disassembling an arm shared library was non trivial for me.
My approach was to write another native library which would hook into all the system calls such as 'system' 'stat' 'fopen', '__system_property_get' and redirect any operations to non existent targets, or change the return value. This achieves the same thing as what was done for the java code.
I put in some extra code into the smali classes to load my native library and to call it's initializer with the path to the actual native library.
Basic steps performed to patch the library:
Use apktool to decompile the original apk.
Code:
apktool d barclays.apk barclays
Use smali2java as helper to understand the code: This tool cannot decompile the critical check functions due to obfuscation. However it made it easier to understand the smali files generated by the apktool.
Patch the smali files to work around the checks as described above.
Build the hooking native library seperately
Code:
~/adt/adt-bundle-linux-x86_64-20131030/sdk/tools/android update project --path . --target android-19
ndk-build
Include the hooking shared library into the lib/armeabi of the decompiled package and change the smali files to load the new shared library.
Use apktool to rebuild the apk.
Code:
Apktool b barclays barclays.apk
Sign the apk from using your own key.
Create keystore:
Code:
keytool.exe -genkey -v -keystore my-release-key.keystore -alias release -keyalg RSA -keysize 2048 -validity 20000
Sign Keystore:
Code:
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore barclays.apk release
Attached is the code for the hook library native project and the diff for the smali changes. Please note that this is for the smali files for generated by apktool (v1.5.2) for the version 1.4.2 of the Barclays mobile banking app.
For Users of other ROMs/SU applications and root hiders.
The app checks for a lot of common packages which I did not bother to patch since I don't use them, but if you do then you should put fixes for all those package/file names in both the smali and native code hook library.
A non exhustive list of files it check are:
Code:
/system/bin/amphoras
/system/bin/su
/system/xbin/su
/system/app/superuser.apk
/data/data/com.amphoras.hidemyroot
/data/data/eu.chainfire.supersu
/data/data/stericson.busybox
/data/data/stericson.busybox.donate
/data/data/com.jrummy.busybox.installer.pro
/data/data/com.jrummy.busybox.installer
/data/data/com.rootuninstaller.free
/data/data/com.rootuninstaller

Hey i will try this out shortly and post a APK (whether you use it or not thats up to you, but i am well known in the xperia play section of this website and should be trusted, Still its up to you.)
EDIT: well i am not a android developer, i can follow almost all this post except the bits about the native library any chance of a bit more information
specifically this bit "Include the hooking shared library into the lib/armeabi of the decompiled package and change the smali files to load the new shared library."
i assume that means just simply copy the built lib file in to that folder then include the file in the code somewhere? where do i do that to?

Sorry about the late reply but I just saw this message.
fma965 said:
EDIT: well i am not a android developer, i can follow almost all this post except the bits about the native library any chance of a bit more information
specifically this bit "Include the hooking shared library into the lib/armeabi of the decompiled package and change the smali files to load the new shared library."
i assume that means just simply copy the built lib file in to that folder then include the file in the code somewhere? where do i do that to?
Click to expand...
Click to collapse
That's pretty much correct. There is already a 'libtest_ndk.so' file in the lib/armeabi folder of the apk. You just have to build my code from the zip file to get the libhooktest.so, which should then be copied into the lib/armeabi folder alongside the libtest_ndk.so.
Edit: Not sure if this is enough instructions. I'm just not good at writing instructions. Steps you need to build the native library are in my post. If you need more info i suggest about building the library http://code.google.com/p/awesomeguy/wiki/JNITutorial#Setup_Environment is a good
Afterwards you have to do the modifications I've listed in the diff to the .smali files.
But i have some bad news about this patch:
The diff file i have attached in the post is wrong. I've mistakenly uploaded the patch to reverse the changes i did . I will update the post with the correct diff file.
It will only work for Barclays app version 1.4.2. it will definitely not work for the latest version of the app which is 1.7.1.
I'm currently going through the code of 1.7.1 I've made some headway into the code but there I'm quite way off from getting it to work.
If you wish I can give you a copy of the original 1.4.2 of Barclays app, the built lib file and the patched app. I would recommend against using the patched app blindly but it might make it easier to figure out the changes i did. I would rather not upload them to xda though.

HiddenRambler said:
Sorry about the late reply but I just saw this message.
That's pretty much correct. There is already a 'libtest_ndk.so' file in the lib/armeabi folder of the apk. You just have to build my code from the zip file to get the libhooktest.so, which should then be copied into the lib/armeabi folder alongside the libtest_ndk.so.
Edit: Not sure if this is enough instructions. I'm just not good at writing instructions. Steps you need to build the native library are in my post. If you need more info i suggest about building the library http://code.google.com/p/awesomeguy/wiki/JNITutorial#Setup_Environment is a good
Afterwards you have to do the modifications I've listed in the diff to the .smali files.
But i have some bad news about this patch:
The diff file i have attached in the post is wrong. I've mistakenly uploaded the patch to reverse the changes i did . I will update the post with the correct diff file.
It will only work for Barclays app version 1.4.2. it will definitely not work for the latest version of the app which is 1.7.1.
I'm currently going through the code of 1.7.1 I've made some headway into the code but there I'm quite way off from getting it to work.
If you wish I can give you a copy of the original 1.4.2 of Barclays app, the built lib file and the patched app. I would recommend against using the patched app blindly but it might make it easier to figure out the changes i did. I would rather not upload them to xda though.
Click to expand...
Click to collapse
No worries about the late reply, yeah you basically told me what i assumed it was i had to do, however when i was trying to do it i didn't have a 1.4.2 apk so was trying ot use 1.7.X and obviously failed .
Yeah the modifications to smali files is easy well when you know what your changing xD
if you could upload the apk for 1.4.2 that would be great, i would assume that as long as the signature matches the official apk its untampered, your modified one will obviously be signed with a different signature though.

:cyclops:

Good news. I've managed to get latest version 1.7.1 patched . I will try to post the patch information this weekend. In the meantime i suggest anyone interested download a copy from the play store and keep a backup of the apk in case they release a new version.

Fix for latest version of the mobile banking app (version 1.7.1)
I've figured out the changes required for the v1.7.1 of the app which is the latest version as of this post.
Changes from the old 1.4.2 are:
Almost all the classes in the app are now obfuscated, whereas before only some of the core class names were obfuscated.
The string encryption has changed. rather than a single encryption function it now uses a group of functions to perform the encryption. rrrrrr/vuuuvu class seems to manage invoking the proper decryptor based on the arguments.
All root checking is now done via the native library.
Native library now does some checks as soon as it's loaded before any methods are called.
The last change is a big problem since its not possible to do the patching of the dll after loading it as was done before. The onload/init of the dll exits the whole application as soon as it detects the phone is rooted.
My solution was to use a modified version of the 'crazy_linker' custom loader library which comes with the ndk to load the library into memory without invoking it's onload/init functions. This lets us hook into the necessary functions before they are called.
I've attached the smali changes as a diff and the new native hook library in this post.
As a side note I think the version 1.4.2 is a far better version. Why on earth would a banking app need to permissions to take pictures, who spends their time 'customizing' a banking app with personal pictures.
Edit: I've fixed a bug where the root was still being detected when used with chainfire su app. Special thanks to lil-diabo for helping me fix the issue. :good:

Xposed module for barclays banking app 1.7.1
Edit: New version (BarcPosed1.1.apk) has some support for barclays pingit. I've not tested this my self as I don't use the application personally. If anyone tries it please let me know.
I've converted my patch into xposed module. This module is compatible with the current banking app (version 1.7.1).
Please consider this as a beta version for now. I've tested it on cyanogenmod but it might have some issues with other roms. If you try it please let me know if it worked.
Assuming you already have a working xposed installation the steps to get the app working are:
1) Install banking app from playstore. Make sure it's version 1.7.1
2) Install the BarcPosed.apk from my post.
3) Run the BarcPosed app and click the 'install' button. You will need to grant it root permissions.
4) Enable the module in xposed and reboot.
5) Use the barclays app as normal.
6) Disable automatic updates for the banking app to prevent it from updating.
I've included the source code for the app.

Thanks, works perfectly. You sir (or madam) are a genius
Sent from my GT-I9300 using XDA Premium 4 mobile app

Works like a charm
Just tested it and it works!
Most excellent, Thanks again for your hard work.
So much easier than having to manually edit the files etc.

It works,excellent job, finally can use Barclays mobile, thank you very much
sent from Samsung Galaxy S4 Active

Just tested and it worked marvellously. Could you please make a fix for pingit as well?

Zell Dinch said:
Just tested and it worked marvellously. Could you please make a fix for pingit as well?
Click to expand...
Click to collapse
HiddenRambler said:
Edit: New version (BarcPosed1.1.apk) has some support for barclays pingit. I've not tested this my self as I don't use the application personally. If anyone tries it please let me know.
Click to expand...
Click to collapse
I've updated my post with version that stops the rooted warning from pingit. Don't use pingit myself so don't know how successful it is. Let me know if you try it.

Brilliant, been struggling in vain with Root Cloak Plus on my N5 but this works perfectly. Many thanks.
Sent from my Xoom Wifi using Tapatalk

Before I switched to KK, I used Barclays App 1.3 doing a small trick with SuperSU. It worked perfectly. I signed the app myself so that it wouldn't update itself from the market and so that I could still use the automatic update in the market.
Do you think it would be possible to make your AMAZING solution work with my v1.3 signed app instead?
thnx

vivelafrance said:
Before I switched to KK, I used Barclays App 1.3 doing a small trick with SuperSU. It worked perfectly. I signed the app myself so that it wouldn't update itself from the market and so that I could still use the automatic update in the market.
Do you think it would be possible to make your AMAZING solution work with my v1.3 signed app instead?
thnx
Click to expand...
Click to collapse
You could try "root cloak" or "root cloak plus" they probably will work.

Actually, what I did, is sign the app with OneClickSigner and it worked fine. Now, the app is not attached to the market anymore since the signature changed, so that means I can continue to use the "automatic update" from the market and it won't ask me to update the app all the time when Barclays upload a new version.
thnx

HiddenRambler said:
...
I've converted my patch into xposed module. This module is compatible with the current banking app (version 1.7.1).
...
Click to expand...
Click to collapse
Hello,
I have a request, can you make it compatible with GingerBread plz?
Thanks.

LoMAX_HUN said:
Hello,
I have a request, can you make it compatible with GingerBread plz?
Thanks.
Click to expand...
Click to collapse
Can you try the attached apk. It's the same code but built as an app for gingerbread version (API lvl 10). I couldn't test it as I don't have a phone for that version.
If it doesn't work please give me a logcat.

Banking Works, but Not PingIt
HiddenRambler said:
Edit: New version (BarcPosed1.1.apk) has some support for barclays pingit. I've not tested this my self as I don't use the application personally. If anyone tries it please let me know.
I've converted my patch into xposed module. This module is compatible with the current banking app (version 1.7.1).
Please consider this as a beta version for now. I've tested it on cyanogenmod but it might have some issues with other roms. If you try it please let me know if it worked.
Assuming you already have a working xposed installation the steps to get the app working are:
1) Install banking app from playstore. Make sure it's version 1.7.1
2) Install the BarcPosed.apk from my post.
3) Run the BarcPosed app and click the 'install' button. You will need to grant it root permissions.
4) Enable the module in xposed and reboot.
5) Use the barclays app as normal.
6) Disable automatic updates for the banking app to prevent it from updating.
I've included the source code for the app.
Click to expand...
Click to collapse
xposed is fantastic!
This worked for me. It's so nice to be able to update my SU binaries without fear of breaking the app.
I'm running Cyanogenmod v10.2.0 on a Samsung Galaxy S3 (International) (i9300).
I tried using the v1.1 of the BarcPosed.apk with PingIt, but it still tried to gain root and then closed itself immediately.

Related

JFv1.31 Released! (updated 01-03-09)

Update (01-03-09)
v1.31 is out! This is a minor bugfix release to fix a few issues that had cropped up in v1.3.
The changes from v1.3 include:
Fixed the nandroid backup so that it works on sdcards with a raw fat32 filesystem (with no partition)
Added the telnetd binary from RC28
Fixed an issue with SuperUser where it was displaying the wrong processes in the su request popup
SuperUser should allow root to use su without displaying the popup (though there's not much point.. )
Added /system/modules and /system/xbin to fstab in normal and recovery mode
Minor fix for the update-script, so the progress bar acts more sanely
I have the usual RC30 and RC8 versions, and new for v1.3 is an ADP1 version.
ADP1: (md5: 96b2abd9a1da2852bc33b2052ea51b2a)
http://android-dls.com/forum/index.php?f=24&t=223&rb_v=viewtopic
http://www.gotontheinter.net/content/new-images-jf (at bottom of page)
RC30: (md5: 0f2e6a4244410e00028db55b4fbf808c)
http://android-dls.com/forum/index.php?f=24&t=223&rb_v=viewtopic
http://www.gotontheinter.net/content/new-images-jf (at bottom of page)
RC8: (md5: e008bbe1d93abd0c2e5e6218f012f20d)
http://android-dls.com/forum/index.php?f=24&t=223&rb_v=viewtopic
http://www.gotontheinter.net/content/new-images-jf (at bottom of page)
These updates are installed the normal way. Save them to your sdcard named update.zip, boot into recovery mode (home + power), and then press alt+l and alt+s. If you are switch between versions, e.g. from RC30 to ADP1, then it's usually a good idea to perform a wipe. You can try booting up without a wipe, but if it doesn't boot, or you get strange errors once it boots up, go back into recovery and perform a wipe (alt+w)
Note: To install these updates, you need to have a recovery image that uses test keys. If any of the following are true, you most likely have a recovery image that uses test keys
- you have installed my modified recovery image in the past
- you have an ADP1
- you currently have one of my modified firmwares installed
What's new?
The coolest new functionality in v1.3 is a new backup utility that allows you to perform a backup directly from recovery mode with alt+B. This is done using infernix's and brainaid's nandroid script, which they kindly modified to work in recovery mode. Let them know what you think . The backups are stored in a subfolder in the nandroid folder on your sdcard. To restore them, you have to copy them to your computer, and then flash them with the fastboot tool (sorry, no integrated restore yet).
If you get errors when making a backup, first make sure you have enough free space on the sdcard. it needs around 85-90mb. If you have enough space, then try reformatting the sdcard (fat32 is your best bet).
Other changes of note include
This version includes a new busybox binary that I compiled against uclibc, making it much smaller (1.8mb vs 700kb).
All busybox applets are linked at /system/xbin/bb, which is also in the path. So there are many more standard unix commands available in the terminal.
Many more modules and binaries are included in /system/xbin and /system/modules. They were also optimized for size, so even though there are more modules and binaries, they actually take up much less space than they did on v1.2
I added the terminal emulator application to /system/app. (don't worry, it won't, or at least shouldn't , cause any problems if you already have it installed)
got rid of the normal su binary, in favor of koush's su and SuperUser application. See details here
when you boot up into recovery, it will automatically show the text. You can press alt+L to turn off the text and ogle the background. (did I mention there's a new background? shhh. it's a secret )
fixed the annoying uptime bug, where the uptime is shown incorrectly in the settings
added /data/local/bin to the path. Feel free to add your own binaries/scripts here.
includes the /dev/mtd/mtd6 and /dev/mtd/mtd6ro devices, which allow access to the entire flash chip (other than certain restricted areas used by the radio)
new "ro.modversion" property, that is set to "JFv1.3". The intent of this property is so you can know you are running a modified version, as well as identify which version
added a modified /system/etc/security/cacerts.bks file, which contains additional certificates for cacert.org (courtesy of Disconnect)
added a /system/etc/resolv.conf file with the 4.2.2 family of DNS servers, to allow busybox's ping, wget, etc. to resolve host names
See the attached change logs for a complete list of changes with respect to the corresponding "official" firmware.
---------------
Update (01-03-09): Updated the links to point to the v1.31 versions
In addition to the updates themselves, I am also releasing a build environment that can use to build each update from scratch. You can use these to easily make your own custom updates. It includes some utilities that were built from git source. The binaries are for 32bit x86 linux. If you want to run it on a different platform, you're on your own.
NOTE: You don't need these to use my update. Just download one of the updates from above and install it. The build environments are only if you want to make your own customized update.
The general idea of the build environment is that it extracts the original files from the official update (or from my original ADP1 update), and then copies over anything from the various ModifiedFiles folders, then packages it all back up into a ready-to-be-applied update.zip. It does this for the boot image, recovery image and system folder. You can also specify files to delete in the various OriginalFilesToDelete.mk files.
Consider anything new that I created for the build environments (the makefiles, etc.) to be in the public domain. Everything else retains its original license of course.
Instructions:
- extract the build environment into a folder
- download the official update that the update is based on, and put it in the root of the build environment. (note: use my original ADP1 update for the ADP1 build environment. available on this page)
- run make as root. yes, it has to be with root, because the binaries in the 2 cramfs images should be owned by root. (note: I plan on using fakeroot in the future, to workaround the need to be root)
- after make finishes, assuming there are no errors, the update should be in Workspace/update.zip.
Download the build environments here:
ADP1: (md5: 2d116b334515d4d702776b9d74d2e658)
http://android-dls.com/forum/index.php?f=24&t=223&rb_v=viewtopic
http://www.gotontheinter.net/content/new-images-jf (at bottom of page)
RC30: (md5: 29ced6e7601bac47252e51e5ac4f0ca4)
http://android-dls.com/forum/index.php?f=24&t=223&rb_v=viewtopic
http://www.gotontheinter.net/content/new-images-jf (at bottom of page)
RC8: (md5: b26f3cd244da9b8662766db69734000e)
http://android-dls.com/forum/index.php?f=24&t=223&rb_v=viewtopic
http://www.gotontheinter.net/content/new-images-jf (at bottom of page)
Sweet! great timing JF works like a dream!
Btw, love the new recovery background...I feel seizures coming on...
Stericson
Fantastic! Been waiting for your update, looking forward to it. THanks JF and others who made this possible!
Thanks for the great work!!!
Awesome, thanks!
So what would we need to do to replace the browser with Koush's auto-rotating version and how about replacing the alarm clock with Klaxon?
This is awesome! a little pre 2009 present! thanks JF for all that you do !!!
Just posting to say this update worked a-ok for me. Thanks JF for changing busybox and for the new su.
s0niqu3 said:
Awesome, thanks!
So what would we need to do to replace the browser with Koush's auto-rotating version and how about replacing the alarm clock with Klaxon?
Click to expand...
Click to collapse
Download the build environment for the version you want, extract it, put the klaxon and browser apk into system/ModifiedFiles/system/app, put in a delete entry into system/ModifiedFiles/OriginalFilesToDelete.mk for the alarm apk and odex, then run make as root.
JesusFreke said:
Download the build environment for the version you want, extract it, put the klaxon and browser apk into system/ModifiedFiles/system/app, put in a delete entry into system/ModifiedFiles/OriginalFilesToDelete.mk for the alarm apk and odex, then run make as root.
Click to expand...
Click to collapse
Will this work on windows vista with cygwin as opposed to a full linux VM?
Are there any specific binaries I need to install?
thanks again!
one last comment... love the Alt+B i know B is supposed to be for backup, but in my mind it stands for BADASS!!!!!!
s0niqu3 said:
Will this work on windows vista with cygwin as opposed to a full linux VM?
Are there any specific binaries I need to install?
thanks again!
Click to expand...
Click to collapse
JesusFreke said:
The binaries are for 32bit x86 linux. If you want to run it on a different platform, you're on your own.
Click to expand...
Click to collapse
You might be able to get it to work. You'll need to replace the linux binaries in the tools folder with windows equivalents.
But tbh, you're best bet is to install vmware and get an ubuntu VM running.
Did a quick search and could not find what ADP1 is. Is this the developer version?
JesusFreke said:
In addition to the updates themselves, I am also releasing a build environment that can use to build each update from scratch. You can use these to easily make your own custom updates. It includes some utilities that were built from git source. The binaries are for 32bit x86 linux. If you want to run it on a different platform, you're on your own.
The general idea of the build environment is that it extracts the original files from the official update (or from my original ADP1 update), and then copies over anything from the various ModifiedFiles folders, then packages it all back up into a ready-to-be-applied update.zip. It does this for the boot image, recovery image and system folder. You can also specify files to delete in the various OriginalFilesToDelete.mk files.
Consider anything new that I created for the build environments (the makefiles, etc.) to be in the public domain. Everything else retains its original license of course.
Click to expand...
Click to collapse
I applaud you, sir.
momentarylapseofreason said:
Did a quick search and could not find what ADP1 is. Is this the developer version?
Click to expand...
Click to collapse
ADP1 stands for Android Dev Phone 1.
jashsu said:
ADP1 stands for Android Dev Phone 1.
Click to expand...
Click to collapse
What I figured.... thanks!
JesusFreke said:
You might be able to get it to work. You'll need to replace the linux binaries in the tools folder with windows equivalents.
But tbh, you're best bet is to install vmware and get an ubuntu VM running.
Click to expand...
Click to collapse
Ah, thanks for the confirmation.
Is there anyone out there that can tackle this for me? I'm visiting family through the 5th, and don't feel right installing a linux VM on their computer.
If so, PM me, and I can give you the specifics, but really all I'd like is for the alarm clock to be removed and replaced with Klaxon, and for the browser to be replaced with koush's build that auto-rotates.
This would be for a G1 RC30 build.
Cheers, and thanks in advance!
jashsu said:
I applaud you, sir.
Click to expand...
Click to collapse
I stand.. applauded?
Thanks!
Thanks JF, I just flashed the ADP1 version and it is working great so far.
Have you attempted to add in the MyFaves app to the ADP build? I had tried a couple of things previously, but I was running into some errors. I may try it with your new build environment later if it is something you haven't attempted.
BTW - for those looking for a virtualized Linux environment, I also recommend Sun's Virtualbox (http://www.virtualbox.org/). It is free for personal use and provides a lot of the functionality that you get from the paid versions of VMWare. In fact, some things seem to run smoother when running Linux virtualized on Vista 64bit; i.e. I can get copy/paste between OSes and auto-resizing guest screens without a lot of extra hassle. Just make sure that you read up on how to use the USB virtualization so you can create the filter for the phone as a USB device.
Great work once again JesusFreke!
-Brint
s0niqu3 said:
Ah, thanks for the confirmation.
Is there anyone out there that can tackle this for me? I'm visiting family through the 5th, and don't feel right installing a linux VM on their computer.
If so, PM me, and I can give you the specifics, but really all I'd like is for the alarm clock to be removed and replaced with Klaxon, and for the browser to be replaced with koush's build that auto-rotates.
This would be for a G1 RC30 build.
Cheers, and thanks in advance!
Click to expand...
Click to collapse
You can always do it manually of course. Install the update, then remount the system as rw, then delete the alarm apk and odex and the browser apk and odex from /system/app, and copy the klaxon and modified browser apk to /system/app
JF!!! You... are a scholar and a gentleman... A happy new year to you...
s0niqu3 said:
Is there anyone out there that can tackle this for me? I'm visiting family through the 5th, and don't feel right installing a linux VM on their computer.
Click to expand...
Click to collapse
Couldn't you also use an Ubuntu LiveCD just as easily? That would allow temporary access to a 'nix environment without touching the existing drive, mount one of the partitions temporarily for your make environments. Just a thought...

Recompile and overwrite applications in system/app

As an experiment I am trying to rebuild some standard android applications and replace them in system/app on the G1. I have been through all the steps to get the source code and build for the dream platform and have built the various .apk files of interest (e.g. AlarmClock.apk, Browser.apk etc)
To put the files on the device I delete the old .apk and .odex files and copy my newly built .apk file on to the device. However when I try to run the application it crashes with the following message.
The application Alarm Clock (process com.android.alarmclock) has stopped unexpectedly. Please try again.
I know that replacing the applications like this is possible, because the AutoRotating Browser build works fine when copies over in this manner.
I'm using JF1.31 (RC8)
My initial reaction was that I was not signing the applications properly but having read some posts I think the default built .apk should have the right key already in it.
Another theory I have is that perhaps the applications from the head of the source tree are not compatible with the RC8 (or RC30) Android OS releases. Can anyone tell me how to get the source tree which corresponds to this baseline, I've done some reading around but cannot figure it out. I presume I need to do a repo init -u git://android.git.kernel.org/platofrm/manifest.git -b BASELINE but I can't figure out what BASELINE should be.
Many thanks in advance for any help you can give me!!!
There are some branches in android sources:
master
cupcake
release-1.0
Apps from the first two will not run on default G1, you need to reinstall a whole system. I think by default, following google docs you'll get master. So you need to download a release-1.0 sources.
I may be wrong, but that is what I'm see from my experience.
Thanks for that, I'll get the 1.0 branch downloaded and have a go with that.
Cheers for your help!
I was also trying to recompile some of the built-in apps, specifically the browser, but I can't even get it to build. I get a bunch of import errors, stating that it can't find some of the android libraries, such as android.net.http.AndroidHttpClient, android.os.AsyncTask, etc. I've got the android.jar from the SDK in my build path, and it finds some of them, such as android.webkit.URLUtil.
Can anyone shed some light on what I need to do to get it to see the missing libraries? Thanks.
UndeadCretin said:
Thanks for that, I'll get the 1.0 branch downloaded and have a go with that.
Cheers for your help!
Click to expand...
Click to collapse
There are around a dozen build breaks in release-1.0... all of them are due to missing header #includes in various .c and .h files. So, when it doesn't work, don't give up. Fix the breaks and everything will build properly.
Are you resigning the .apk files? Cuz you have to do that for them to work correctly.
Koush said:
There are around a dozen build breaks in release-1.0... all of them are due to missing header #includes in various .c and .h files. So, when it doesn't work, don't give up. Fix the breaks and everything will build properly.
Click to expand...
Click to collapse
Yep I fixed these problems but I have now hit upon the following problem:
(unknown): error 17: Field android.hardware.SensorManager.LIGHT_NO_MOON has changed value from 0.0010f to 0.001f
******************************
You have tried to change the API from what has been previously released in
an SDK. Please fix the errors listed above.
******************************
I've been in and modified SensorManager back to 0.0010f and that let me build get further but I hit the same error again later in the build.
Given that release-1.0 should be a stable branch is it normal to get all these build issues?
Managed to fix the java issue by modifying public_api.xml. Then hit several more C++ problems which I fixed and finally I can build the lot!
Just tried building the AlarmClock application and running on the G1 and it works fine. Thanks everyone for your help!
>Managed to fix the java issue by modifying public_api.xml. Then hit several more C++ problems which I fixed and finally I can build the lot!
Can you write, what did you fix?
^ Agreed, let us know which files need modifying and what needs doing, i've been trying to get my release-1.0 build root working too!
Alternatively, UndeadCretin, could you build the firmware (release-1.0) with a modified framework-res i can send you?
Ok, I managed to compile it without any editing of xml.
Just added stdlib, string, vector headers to dozen of cpp/h.
worry said:
>Managed to fix the java issue by modifying public_api.xml. Then hit several more C++ problems which I fixed and finally I can build the lot!
Can you write, what did you fix?
Click to expand...
Click to collapse
To fix the java issue, I modified frameworks/base/core/java/android/hardware/SensorManager to change the LIGHT_NO_MOON value to 0.0010f (from 0.001f) and in out/target/common/obj/PACKAGING I modified the <field name="LIGHT_NO_MOON" to have value-"0.0010f">
After this there were several other c++ files which were missing relevant includes. I'm afraid I didn't keep a note of these so cannot provide much detail but mostly they were missing one of the following
#include "stdlib.h"
#include "string.h"
#include "stdio.h"
I think one file needed the following include
#include <string>
and there were a couple of other files that needed other includes. The best way to find these is to google for the function name that isn't building and you should be able to find the appropriate include (that's how I did it).
Hope that helps a bit!
were you able to repo sync after adding the local_manifest.xml?
ximonx said:
were you able to repo sync after adding the local_manifest.xml?
Click to expand...
Click to collapse
I did try that previously but it didn't work. I don't think the relevant files for the dream build are available in the release-1.0 branch. This wasn't a problem for me since I'm only interested in building the applications which work fine with the generic build.
I would like to do the same for the mms application. Could you give me the steps or a link how to do it? I mean do I need the whole sources from android platform to do it? How can I just compile one application?
Phlogiston said:
I would like to do the same for the mms application. Could you give me the steps or a link how to do it? I mean do I need the whole sources from android platform to do it? How can I just compile one application?
Click to expand...
Click to collapse
I downloaded the whole Android source (the release-1.0 branch) and compiled the lot. It may be possible to just build the individual application but I do not know how. It is not vital to build for the dream platform if you only care about the applications since they will work fine with the generic build.
So the basic steps to start are:
Get yourself a Linux or Mac OS platform (I use Ubuntu running in VMWare on my XP box).
Follow the instructions here: http://source.android.com/download but when you come to repo init add the flag -b release-1.0
Fix various build problems
When recompiling individual apps to replace system apps is there a way of just building a single application or does the entire thing need making?
ximonx said:
When recompiling individual apps to replace system apps is there a way of just building a single application or does the entire thing need making?
Click to expand...
Click to collapse
My experience is that you have to do the whole thing if you are building from source. There is one way I know of to get around this, which is to use baksmali and smali.
Just to be clear, making the entire thing = build from source root?
ximonx said:
Just to be clear, making the entire thing = build from source root?
Click to expand...
Click to collapse
If you are asking me--yes, that's what I mean. Make sure to build for dream-open as the target (it's generic by default).

[TOOL] Signare - Quickly Sign APKs - [18 SEP]

Signare
"-to sign"
v1.1​
Having decided to completely rewrite my previous Sign & Aligner tool, I have come to the stage where it is ready for testing.
Version 1.1 Released
Added JDK 7 Install Path To USER PATH - Temporary Change, USER PATH Restored On Closure
Added Detection Of JDK Installation
Code Improvements
Features
Sign with Test Keys
Sign with Private Keys
Generate Your Own Private Key
ZipAlign your APKs
You can generate your own set of Private Keys to sign your own APKs. The keys generated are fully compliant with current Android Market requirements.
Prerequisites
Windows XP/Vista/7
Java JDK 7 MUST Be Installed
Instructions
Download
Extract
Copy Unsigned APKs Into Input
Open "Signare.exe" (Vista/Win7 - Open As Administrator)
Follow On-Screen Prompts
Thats It
Future Development
Eliminate Need For JDK Installation
Port To Linux - Currently Under Development
Port To Mac OS X
Code Improvements
Currently its bundled with a TestApk.apk (renamed Contacts.apk) so it can be tested straight away.
DOWNLOAD HERE - Download Statistics
Mirror
Please post your experience with this tool as I will fix any issues that people report.
Good work my friend, maybe you can make it for linux too
see ya
Good Stuff!!
thanks buddy, downloading now
thanks again m8,
take care
Whats the function of signing apk's?
Do android phone need sign apps too?
i thought only symbian requires signed apps since u'll get cert error if it isnt signed..
I dont have problem installing apk files on android b4
I'll bet other would have the same question
flawlessx92 said:
Whats the function of signing apk's?
Do android phone need sign apps too?
i thought only symbian requires signed apps since u'll get cert error if it isnt signed..
I dont have problem installing apk files on android b4
I'll bet other would have the same question
Click to expand...
Click to collapse
The Android OS will not install or run unsigned code.
If you create or modify any APK it will need to be signed before it can be installed.
If you publish to the Android Market, your APKs need to be signed to verify that they are indeed yours.
I'm assuming all the apps you have installed have previously been signed. Otherwise you wouldn't be able to use them.
Version 1.1 Released
Linux port is under development.
Support For This Tool Has Been Moved
Please Post Your Questions
HERE​
Click to expand...
Click to collapse

[APP] µSuper - Minimalistic superuser implementation

Inspired by SimpleSU (I really love it), which is not so simple to use after all (mainly because it is intended for shipping in the ramdisk or the likes), and closed source, I made my own superuser implementation, µSuper.
I provide it to you, mainly so you can give me some feed back or just try it, whatever you prefer.
Just like SimpleSU it uses a text file.
Unlike SimpleSU this text file contains the UIDs of the apps, not their package names (which makes µSU less vulnerable to frauds). It is also not on the hard to access /system partition, but in the private data directory of µSU, and globally set to read-only.
With only 309 SLOC (app and binary combined) I think it is safe to say that it is really tiny.
The source code is publicly available on Github.
@MarcoToo I know this has been here for ages but I'm amazed this thread has less than 600 views and You've only got 3 thanks... It's my favourite SuperUser app as it uses next to no resources. The only thing wrong is that it won't work with anything above JellyBean 4.2.2 which is a shame; I don't supposed you plan to support further Android versions? or is it easy for me to build this to support further versions?
Thanks anyway, all the people not using this are missing out
HTCDreamOn said:
@MarcoToo I know this has been here for ages but I'm amazed this thread has less than 600 views and You've only got 3 thanks... It's my favourite SuperUser app as it uses next to no resources. The only thing wrong is that it won't work with anything above JellyBean 4.2.2 which is a shame; I don't supposed you plan to support further Android versions? or is it easy for me to build this to support further versions?
Thanks anyway, all the people not using this are missing out
Click to expand...
Click to collapse
theres a reason to it, because the developer hasn't kept the app updated, while supersu is updated almost weekly. The lastest SuperSU has way more support as to this because it is outdated, and in beta at that. Safer and more compatible alternative would be SuperSU
Aiko0923 said:
theres a reason to it, because the developer hasn't kept the app updated, while supersu is updated almost weekly. The lastest SuperSU has way more support as to this because it is outdated, and in beta at that. Safer and more compatible alternative would be SuperSU
Click to expand...
Click to collapse
I see your point but I still stick with this SU: SuperSU is closed source, and even Koush' open source Superuser app is theoretically less secure than this, due to the whole granting mechanism; with µSuper the user must explicitly select which apps gain su access whether they ask for it or not, and the code is so small there's little which could go wrong. Each to their own, though , I use this because the Desire Z is lacking in memory and CPU power so every little helps, but on a more powerful device it wouldn't bother me.
HTCDreamOn said:
I don't supposed you plan to support further Android versions? or is it easy for me to build this to support further versions?
Click to expand...
Click to collapse
I think the location for app files has changed from /data/data to something else. Since µSuper's su binary uses a hardcoded path to the permissions file (using an environment variable would be quite unsafe), the only things you would have to change are the targetSdkVersion in the app's AndroidManifest.xml and (if it did change) the path to the permissions file in su.c.
MarcoToo said:
I think the location for app files has changed from /data/data to something else. Since µSuper's su binary uses a hardcoded path to the permissions file (using an environment variable would be quite unsafe), the only things you would have to change are the targetSdkVersion in the app's AndroidManifest.xml and (if it did change) the path to the permissions file in su.c.
Click to expand...
Click to collapse
Forked and synced let's see if I can fix this for later versions I don't suppose you'd know how to implement this into a ROM (using source code)? From the README I assume I'm allowed to

Shaw Canada HDMI Mod

Hi,
Im modded Shaw Canada apk for playing at Android Box
http://199.175.53.21/shawmodhdmi.apk
New Latest Shaw Canada Mod
Fix Crash on Some Device + Leanback Icon
http://199.175.53.21/shawfreerangetv.leanback422001.apk
Never tested. Please leave respond.
This is nothing working anymore, can you mod the latest version of the app ?
The version of the Shaw app I had has stopped working too. Any chance you could mod it and upload or share the workflow you did to mod it?
Thanks!
fillalph said:
The version of the Shaw app I had has stopped working too. Any chance you could mod it and upload or share the workflow you did to mod it?
Thanks!
Click to expand...
Click to collapse
The newest version of the Shaw app can be modded to remove the HDMI check, but it doesn't quite work on Fire TV Stick 4k (guide is missing, searches result in 500 error, and other issues) and I've heard it has the same issue on other FireOS devices as well. I'm currently using a modded version 531004 on my Fire TV stick and it works well, but requires a mouse or the Mouse Toggle app and at least on the Fire TV Stick, location services enable via ADB shell.
My workflow for disabling the HDMI requirement is as follows:
1. Decompile the app using apktool with the -r flag to leave the resources compiled
- I've not been able to successfully recompile the resources, so if anyone has a solution for that, I'd love to know what it is.
2. Edit <decompile folder>/smali_classes2/com/xfinity/cloudtvr/model/video/locks/SecondaryDisplayPlaybackLock$2.smali
3. Find the string "android.intent.action.HDMI_PLUGGED" and replace it with ""
- In other words, delete android.intent.action.HDMI_PLUGGED leaving empty quotes
4. Recompile/build the app using apktool and the --copy-original flag
5. Sign the modded app
6. Side-load it on to your device
Hope this helps!
If anyone knows how to recompile the resources without error, and if it's possible to make it work without the --copy-original flag, please let me know the solution as I'd love to be able to modify the AndroidManifest.xml.
deleted because it was a nood question and I found my answer with research
zer0blivion said:
If anyone knows how to recompile the resources without error, and if it's possible to make it work without the --copy-original flag, please let me know the solution as I'd love to be able to modify the AndroidManifest.xml.
Click to expand...
Click to collapse
I'm almost a decade removed from Java programming, but can't you use a Java Bytecode Editor to do this without having to decompile?
zer0blivion said:
The newest version of the Shaw app can be modded to remove the HDMI check, but it doesn't quite work on Fire TV Stick 4k (guide is missing, searches result in 500 error, and other issues) and I've heard it has the same issue on other FireOS devices as well. I'm currently using a modded version 531004 on my Fire TV stick and it works well, but requires a mouse or the Mouse Toggle app and at least on the Fire TV Stick, location services enable via ADB shell.
My workflow for disabling the HDMI requirement is as follows:
1. Decompile the app using apktool with the -r flag to leave the resources compiled
- I've not been able to successfully recompile the resources, so if anyone has a solution for that, I'd love to know what it is.
2. Edit <decompile folder>/smali_classes2/com/xfinity/cloudtvr/model/video/locks/SecondaryDisplayPlaybackLock$2.smali
3. Find the string "android.intent.action.HDMI_PLUGGED" and replace it with ""
- In other words, delete android.intent.action.HDMI_PLUGGED leaving empty quotes
4. Recompile/build the app using apktool and the --copy-original flag
5. Sign the modded app
6. Side-load it on to your device
Hope this helps!
If anyone knows how to recompile the resources without error, and if it's possible to make it work without the --copy-original flag, please let me know the solution as I'd love to be able to modify the AndroidManifest.xml.
Click to expand...
Click to collapse
I followed your instruction but I am having trouble installing the .apk. Getting App not installed package appears to be corrupted error.
I used apktool b -c command to rebuid the apk and I signed the modded app too
nevermind. i got it figure out. apktool b -c doens't copy the certificate properly, and when i manual sign the apk, there is couple things that error out.
did a little bit of research and able to use the injection method and use the apk studio ediot to pack it back up nicely
i create a github repo with instruction on it.
https://github.com/wtengi/redsquaretvapp
afai1984 said:
nevermind. i got it figure out. apktool b -c doens't copy the certificate properly, and when i manual sign the apk, there is couple things that error out.
did a little bit of research and able to use the injection method and use the apk studio ediot to pack it back up nicely
i create a github repo with instruction on it.
https://github.com/wtengi/redsquaretvapp
Click to expand...
Click to collapse
latest Shaw tv apk for fire sticks aren’t working
Do you have a working one or able to mod the latest version?

Categories

Resources