My situation:
In my company we have about 30+ handsets currently running Android (standard and custom ROMs from XDA). The handsets include HTC Desire HD, HD2, Desire S and Desire Z. The users cannot be trusted not to brick the phones if they are allowed to download apps and modify them in anyway (not to mention they are business phones so shouldn't have facebook etc on them any way).
I've heard about admin tools which allow control of handsets remotely.
Requirements:
So, if possible, what i would like does something along the lines of...:
1: Blocks further apps from being added to the handset without a password
2: A lock to keep as many of the settings as is originally provided (wallpaper etc)
3: A master admin tool which i can remotely manage all the handsets from (download requested and approved apps, wipe, lock, locate and reset the phones if lost...etc)
What i have done before to stop the users adding further apps is register my email address to Android Market on all the phones, then changed the password using my desktop). While this stops new apps from being downloaded from the market, it does mean i cannot remotely roll out approved apps as they are no longer signed in to the account.
Is there anything out there which does any/all/some of the above?
Is there one tool which can manage all these tasks? Or will it have to be seperate apps like Norton Mobile Security (such as) etc?
Can anyone get their heads around this?
Thanks!
The market lets you download apps to a phone.
Lookout Security does all of the security tasks you want.
Thanks, that would take care of the remote wiping, locating and locking.
Does Android provide any corporate setup for administration of lots of handsets? Surely this is a niche in the market for some devs to jump on if there isn't something like that already.
And i know Android Market allows you to remotely download apps to multiple phones but i want to make it impossible to download through the phone itself. (so i can add apps but the user can't)
Something that performs like MFormation Enterprise Manager but avoiding the $20k price tag! (a tall order i know)
Sonic_Sonar said:
Something that performs like MFormation Enterprise Manager but avoiding the $20k price tag! (a tall order i know)
Click to expand...
Click to collapse
Hello,
Have you found any apps that fit your needs? Do you use them? If no, is your organization still interesting in mobile device management service?
I'm asking because I'm working for http://bloove.com (personal phone management service) and we're going to expand our offer to small and medium companies.
This new service will combine existing contact, sms, phone log and bookmark backup for personal phone with MDM features like centralized app management, location and wipe service etc.
We're looking for early adopters who will have a chance to add their custom requirements to the service and get this service for free for up to six months.
Please let me know if you're interested and want to discuss this further.
Thank you,
Rostislav
[email protected]
Please use the Q&A Forum for questions Thanks
Moving to Q&A
I did something like this ...
I first installed openssh server, plus a script that checks a specific URL for remote access needs (had to do it that way since my carrier blocks connections on all ports).
The server side is a simple php script that you call like this: check.php?deviceid=[ID]. The script checks a DB to see if there is anything new for that device ID and acts accordingly. I implemented three features: Tunnel, Script, Install APK. So, If I want to install an APK to all devices, I just upload it on our webserver, and on the MySQL DB I add devices id = all, action=install, file=/apks/whatever.apk. If, for instance, I want to do something more complex on certain devices, I add: id = all, action=script, file=/apks/whatever.sh. I write the script, then all phones check for updates on this check.php every 5 minutes, if they find a script, they'll download and execute. If it's an APK, they'll download and install. If I insert a line with deviceID=[deviceid], action=tunnel, file=[PORT NUMBER], then the phone will SSH into a remote server and do a reverse port forward, on [PORT NUMBER]. Then I can just SSH into localhost:[PORTNUMBER] on the server, and I'll have a terminal inside the phone to do whatever I need.
This doesn't address the restrictions issue, but it does allow you to control the phones however you want.
Regards,
Almafuerte.
Surprised nobody did a thread about this, so let me be the first one.
Lets start of what I mean with the title:
http://en.wikipedia.org/wiki/Internet_Control_Message_Protocol#Redirect
The Internet Control Message Protocol (ICMP) is one of the main protocols of the Internet Protocol Suite. It is used by network devices, like routers, to send error messages indicating, for example, that a requested service is not available or that a host or router could not be reached.
Click to expand...
Click to collapse
Now, there is a relatively interesting named attack called "DoubleDIrect".
Link to article :
Link
So what is it? A Man in the middle attack,
“Man-in-the-Middle” attack (MITM) enabling an attacker to redirect a victim’s traffic to the attacker’s device. Once redirected, the attacker can steal credentials and deliver malicious payloads to the victim’s mobile device that can not only quickly infect the device, but also spread throughout a corporate network.
Click to expand...
Click to collapse
There is a trick you can use to disable ICMP redirects to your phone, linux laptop or even windows laptop, to prevent this exploit.
For android you need root and a terminal app.
So, firstly write su
su
then write
echo 0 > /proc/sys/net/ipv4/conf/all/accept_redirects
If you want to check if you have disabled it, all you need to do is write.
cat /proc/sys/net/ipv4/conf/all/accept_redirects
it should answer with 1 if its enabled or 0 if it isnt.
This only works until you restarted your phone. So, best to create a sh file and run it automatically.
I have created a sh, just incase I need to enable or disable it.
The same thing goes for linux if you have a linux machine
For windows, open regedit:
go to HKEY_LOCAL_MACHINE > SYSTEM > currentcontrolset >Services > Tcpip > parameters
and then there is a reg dword called enableICMPredirects, open it and change the value to 0.
The attackers are not only sniffing all the DNS traffic of the victim, but everything that is resolved through it.
Who is at risk?
Quote from the article:
– iOS: The attack works on latest versions of iOS including iOS 8.1.1
– Android: On most Android devices. Including Nexus 5 + Lollipop
– Mac: Mac OS X Yosemite is vulnerable.
Most of GNU/Linux and Windows desktop operating system do not accept ICMP redirect packets.
Click to expand...
Click to collapse
My xperia Z ultra , running 4.4.4 anrdoid kitkat, was vulnerable to this exploit just as my windows 8.1 notebook.
Stay safe!
Edit: if you somehow manage to brick your phone during the rooting process or this, I am not responsible.
Important Note
The information shown below has been deliberately thought to violate a safety mechanism used on Android. The ideas should only be used for beneficial, experimental and controlled uses and not to harm others privacy and security.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
PROBLEMA rooted phone (via root-genius) contains a non-authorized application that needs to grant su permissions. The phone has already been deployed and distributed, boxed and closed therefore no user’s touch is permitted to allow root authorization or VNC remote control. The superuser manager app is KingUser v3.4.8 64, so whenever the non-authorized app would try to do something with su permissions, a prompt asking the user to explicitly authorize the request will appear. We have never been on a scenario where this non-authorized app had to do something related to su commands, so it worked fine so far.
By now, because we are mandated to, we have to do some superuser operations remotely without user intervention from the non-authorized app. In order to accomplish this, we were trying to modify KingUser configuration files programmatically, since KU has a setting called Timeout Default Response (Deny / Authorize). This setting allows or denies respectively the request when the authorization prompt times out. Unfortunately we haven’t foreseen this before the project was launched and now, all the phones has this setting on DENY (moreover, they are already deployed on field). Despite we are able to modify KU’s configuration file, however a prompt appears requesting for authorization, and the user is not able to touch the screen.
Its not a simple problem to hack, we are aware of that. But under the current installation layout there could be something we are missing and maybe you guys can point it us out.
REWARD
I will make a consistent donation whoever helps solving this complex problem and promote the hacking.
Environment:
We have installed root permissions on Android phones before leaving the company premises, via root genius tool. By doing so, the phones were installed with KingUser application. The phones also contain an application capable of running and performing scheduled tasks (aka App1). A second application located at /system/apps is capable of updating App1 (aka App2) connecting to a server and overriding App1. We have the sources of App1, but we do not have the sources of App2. Its a private domain and environment built for commercial use, not for hacking third party apps nor cellphones. (In fact, these phones are used as video screens, in kiosk mode).
Objective / Goal:
We must find a way to elevate root permissions to the non-authorized App1. Please remember the phone is actually rooted with KingUser installed.
We must skip any prompt the user should click in order to give permissions for the request. If necessary we should find a way to remotely “click” the authorization prompt.
What we need:
Currently we have App1 and App2 working as shown in the picture above. The plan is a new deploy of App1, which programmatically will issue a “su command” (getRuntime(“su -c”)). Once installed by App2, App1 would run, and the command would be executed. At this point we are okay, however we need to authorize the prompt of the KingUser programmatically without user intervention. Now this is challenging because of security constraints. Android is based on a security layout where the user has to physically touch any popup of any application that request to grant permissions either to elevate privileges or accept remote control.
Unfortunately we are not able to manually authorize an already distributed system to thousands of cellphones which mean a complete hassle since the phones are closed in a box that would have to be opened to do so.
Possible Approaches:
Installing a remote desktop client when updating non-authorized App1. By doing so, we would be able to click remotely the authorization prompt once the su command is issued by itself.
Any other way to “remotely click” the authorized prompt. We have tried injecting touch events via Java instrumentation or adb.
Any other way to modify KingUser configuration files and database from a non-authorized App without facing this authorization prompt (for us is almost impossible).
Any other way of injecting code via App1. For example replacing the apk installed as App1 and run a script via reflection. Bare in mind App2 installs App1 programmatically and is located on /system/app a privilege location to run elevated commands.
Any other way of exploiting know vulnerabilities such as WebView injecting Javascript. Downloading contents of the SD card and the exploited application's (in our case App1) data directory extending to obtaining root privileges. Bare in mind our Android deployed versions are 4.1.2 and 4.2.2 and the vulnerability is there, API less or equal than 17.
RESEARCH DONE
Remote Control and VNC
Remote control on Android is possible, can be achieved using a VNC Server either included into the sources of App1 or else started via command line and initialization. The big constrain being unrooted and without user intervention. We have made tests with an unrooted professional solution like TeamViewer QuickSupport that implemented with a very nice Android SDK for running unattended. Its ideal because solves any firewall vnc port block specially dealing with 3G, however the moment the connection is being established from a PC a popup is prompted to the user asking to Allow the remote control connection. I called TeamViewer support and confirmed this prompt is a policy that cannot be skipped.
In order to check the real functionality we also made a test with rooted droid-VNC-Server connecting to an SSH Server via Connectbot establishing a tunnel to port forward 5900 port. It works well and guarantees the communication. Ultimately merging the source of the bot into App1 should be feasible.
Steps:
Start droid-VNC at port 5900.
Connect to your ssh remote server with connectbot.
Goto Port Forwards an set Type: Remote, Source 5901, Destination localhost:5901.
At your server start a vnc client and target localhost.
Trying to replicate the just mentioned scenario but without root I made a test with older android-vnc-server and fastdroid-vnc. Both are executable libraries that I have been trying to run on my App1 environment with Java runtime code.
Code:
getRuntime("/data/data/com.package/nativeFolder/fastdroid-vnc");
The result on both is “Initializing framebuffer device /dev/graphics/fb0…” on android-vnc-server I get an error “cannot open fb device” however nothing happens on both and cannot connect.
VMLite: A third option could be using VMLite which is the only unrooted server that can efficiently VNC Android devices. I am currently in conversation with the authors figuring our a way how to install a version unattended by the user.
Injecting a touch event at (x,y) coordinate to Authorize.
The problem we are facing is that the KingUser authorization dialog is not running within our App1 application scope. Therefore is a third party application for us as any other application on the OS. Typically the result is “Injecting to another application requires INJECT_EVENTS permission”. There is a lot of information how to inject a touch event, unfortunately all of them require either root permission or second level permission. In case the ROM is custom I could sign the apk with the built certificates and then I would be able to trigger touch events however these are non-custom and don't have the OEM certificates.
Injecting code via background installation reflection:
As mentioned on the Environment, App2 located on /system/app (and closed source) is capable of updating App1. App2 connects to a webservice, download a new version and by means of reflection method installs App1 in the background and in silent mode like Android-InstallInBackgroundSample. Going deeper into the installation method there is a security window we can exploit. This is the method.
Code:
method.invoke(pm, new Object[] {apkFile, observer, INSTALL_REPLACE_EXISTING, null});
Test of exploits running from /system/app App2 could gain root access considering we can replace App1 with a script. As long as tests goes we have not been able to achieve it.
Exploit injection via know Android vulnerability:
There are known vulnerabilities on Android that we can take advantage of, for example the known WebView Javascript vulnerability can allow us to exploit a rooted code we can deliberately run on our App1. Bare in mind we have the source of App1 and we compiled it. We can force the method
Code:
addJavascriptInterface (Object object, String name)
to run reflection code as means of string elevating the privileges. We have not even tried this code and I assume needs an expert in security to vulnerate it. There is a broad article on this regards with an overview on the subject. I still have not been able to go deeper.
King User Configuration File Hack:
We have studied KingUser quite a lot. Our main plan (in order to achieve a modification on the KU’s prompt default action) was to modify any KU configuration file, so we could be able to change this behavior programmatically. We were successful on this task, since we found that overriding these files would allow any application to be authorized to perform su operations (when countdown is finished). We are though enabling this feature to the current deploys locally. Below are a screenshot of the KU data folder:
Hack when KingUser Version is 3.4.5:
In the picture I ran a cat command on the file “RootManagerSetting.xml”. The red circle shows that the PermissionTimeoutResponse is to “1”, which means that when the prompt’s countdown expires, it will authorize any application asking for “su” permissions. Unfortunately our already deployed phones are configured with this feature in DENY mode (so this value would be seen as “0” if “catted”). Our non-authorized app (App1) is already capable of editing this value programmatically, and thus, changing the default KU behavior.
Hack when KingUser Version is 3.4.8:
In KU 3.4.8, is pretty similar than 3.4.5. The difference is that the line to be edited is in shared_prefs.txt, as shown below. Nevertheless, the value “1” still mean “AUTHORIZE” as default behavior, and value “0” DENY default behavior.
The problem with this approach is that the early fact of editing these files from a non-authorized app (App1) programmatically throws a KU prompt asking the user for permissions to edit the configuration file. In this case we are not able to authorize this attempt, because the user has no physical access to the phone. Hence, we cannot modify the prompt default timeout behaviour. Maybe combining this approach with a remote desktop one, we could remotely “click” on the very first prompt (when attempting to change these files). But we couldn’t work this out yet. Any suggestions are welcome.
CELLPHONES DETAILS
We are working on two cell phones: LG D680 (aka Optimus Pro Lite) and HUAWEI ASCEND G7 (G730). Below are the specs of both phones.
HUAWEI G730 (from http://www.gsmarena.com/huawei_ascend_g730-6290.php):
LG D680 (from http://www.gsmarena.com/lg_g_pro_lite-5772.php):
Hi
I did try to replace kingroot or any similar rooting app with supersu with cleaning up ku command on recovery adb shell with su at /system/xbin. It success when at supersu as user app. But when I move supersu to /system. It drop back to kingroot Ku over su.
core7x said:
Hi
I did try to replace kingroot or any similar rooting app with supersu with cleaning up ku command on recovery adb shell with su at /system/xbin. It success when at supersu as user app. But when I move supersu to /system. It drop back to kingroot Ku over su.
Click to expand...
Click to collapse
Hi core7x,
Very interesting castling, I will take it into account.
The problem is that among the limitations that we have we cannot plug any computer and do adb, unfortunately. Any solution has to be remote and installed via unrooted code.
Appreciate the answer and I keep poster on the advances.
Thanks,
Jose
PATCHED APK'S HERE - by @wolfballz
What to do if you don't want to use Messenger, rather to send messages from the Facebook app itself?
a) If you'd like to use the voip function, use 55.0.0.18.66 patched.
Do NOT use the unpatched app with Messenger 1.0 because it won't let you see your messages, instead it will ask you to update Facebook.
b) If you don't care about voip calls, but need Facebook's new features and a rich messaging interface like in Messenger, use either 85.0.0.0.18 patched or 78.0.0.16.67 patched (both for ARM only).
It also offers some extra features that the APK patched with 2.9 doesn't have:
● Version modified to 999 so the app won't ask you to update.
● Fixed crash when opening gallery from composer.
● No duplicate emoji buttons in composer.
● Bubble style delivery state icons like in Messenger.
● Blue title bar to fit FB's design (v85 only).
c) If you'd like to stay up-to-date, you can always patch the latest version using Facebook Patcher 100+. The latest version where message notifications work is 106.0.0.26.68. Note that you'll only see the mobile messaging site in the in-app browser on the latest versions!
● 106.0.0.26.68 patched for ARM devices (51.9 MB)
● 106.0.0.26.68 patched for x86 devices (54.8 MB)
FEATURES
● Send messages directly from the main Facebook app without the need to install Messenger.
● Send emojis and stickers.
[The following features aren't offered by Facebook Patcher 100+, just by FBPatcher 2.9 up to version 85.0.0.0.18]
● Use QuickCam to capture & send images and short videos instantly.
● Edit images and videos before sending them.
● Share images from conversations to Facebook.
● Send hot likes, audio clips, events and locations.
● See cool snow fall and floating hearts when sending the appropriate emojis.
● Play Messenger's basketball and soccer game (unfortunately, without score submission).
[The following features are only applicable to Facebook Patcher 100+]
● No matter what variant you download, the patched APK will be a 4.0.3+ one.
● Removes lots of junk from the APK and compresses it --> much smaller app size!
USAGE
0. Install the latest Java runtime if you don't have it yet.
1. Download a Facebook APK from apkmirror.
2. Download the patcher (from V100, use Facebook Patcher 100+), start it with double click and follow the instructions.
3. Uninstall the official Facebook app.
4. Copy the patched apk to your device, install and enjoy!
TROUBLESHOOTING
Can't start the patcher
Firstly, update to the latest Java -- the patcher requires version 1.8 at least. If you can't start it with double click on Windows, you should associate jar files with 'javaw.exe' (NOT 'java.exe' as it won't work). It's in the bin folder of your Java installation (typically 'Program Files\Java\jre*').
On Linux/Mac, you should use 'chmod +x' on the jar file before the first run to get execution permission. Google it if you're not familiar with that command.
Got an error while patching
● Most likely: Facebook changed something in the code, please wait for patcher update.
● Very unlikely: you don't have enough space (<100MB) for the patcher's temporary files.
● Very unlikely: APK file is corrupted, try to download it again.
If nothing helps, post a log or screenshot here.
Can't install patched APK
● You have the official Facebook app installed, you should uninstall it first.
● You have it preinstalled (flashed on 'system') -- you can only get rid of it with root, sorry, not my fault.
● You're trying to install a 4.0.3+ variant over a 5.0+ one and vice versa, uninstall the app first.
● You're trying to install a 5.0+ variant on a pre-Lollipop system, try patching & installing a 4.0.3+ variant.
Patched app quits on start
● If you've just updated to a patched alpha, you may have to clear app data before first start. Some alphas may get in an infinite loop on start if old app data is present. This is not the patcher's fault, the original app also has this issue.
● It's very likely that you've downloaded an APK built for an architecture that's different from your device's one. For example, you have an x86 device and installed an ARM APK that won't work. Since x86 mobile devices are rather rare, you could hardly find any x86 APK's. To obtain one for your device, you should install it from Google Play and save the APK with a backup application or Total Commander. Then you can pull it to your PC and patch it. Don't forget to uninstall the original app before trying to install the patched one!
KNOWN ISSUES
These issues are known and can't/won't be fixed.
● On some versions prior to 75.0.0.23.69 the app crashes when scrolling down 20 messages in thread list, this is not the patcher's fault, use a later version to avoid this bug (85.0.0.0.18 is recommended).
● Back and info buttons on title bar, GIF and Payment buttons don't do anything.
● On Android 6.0+, clicking the blue button in the Messenger permission request window causes a crash. Grant the permissions for the app from Settings/Apps.
● Your basketball and soccer score won't be submitted to the thread.
● From v107, message notifications don't work because Facebook messed up something - use v106 stable instead.
QUESTIONS & ANSWERS
Q: What does it do to the Facebook app?
A: FBPatcher is a desktop Java application that needs a Facebook APK file as input and will provide you a patched APK as output, with Messenger functionality. It only does minimalistic (but yet not trivial) modifications to some classes and the manifest, new code isn't inserted into the app -- the Messenger window with all of its resources and code is in the original APK, this patcher just makes it accessible.
Q: Will the patched app be updated via Play Store?
A: No, you should always download, patch and install the latest version manually to be up-to-date.
Q: Is there any way to make VoIP calls working?
A: From V56, no. Use 55.0.0.18.66 if you need free calls.
DESCRIPTION
Operations performed by the patcher
● Extracts manifest and dex files.
● Finds patchable classes in the dex files by searching for patterns that identify those classes.
● Disassembles dex files that contain patchable code, automatically modifies the classes and reassembles the files.
● Patches the manifest to remove FB specific permissions and modify the Messenger window's theme.
● [100+ only] Reduces app size by removing unused files.
● Updates the APK with the patched files and signs it.
List of patched stuff
● AndroidManifest.xml -- modifies ThreadViewActivity's theme and removes FB specific permissions to allow other FB apps to be installed, also adds CreateThreadActivity again.
● ForceMessenger -- enables in-app messaging.
[The following classes don't exist from a specific version / aren't touched by Facebook Patcher 100+]
● MessengerMSiteUriIntentBuilder -- creates entry points for Messenger code instead of mobile messaging site, also enables some features.
● DiodeMessengerActivity -- replaces the 'Install Messenger' Fragment with Messenger thread list.
● ThreadListFragment -- defines an on-click event for thread list items (ThreadViewActivity will be opened with the selected thread / mobile site will show up when tapping message request).
● FacebookActivityDelegate(Impl) -- crash fix for ThreadViewActivity.
● MuteThreadWarningNotification -- crash fix for ThreadViewActivity.
● BballView(.3) -- crash fix for basketball game.
● SoccerFeedbackEmojisView -- crash fix for soccer game.
● MessagesVideoConfigModule -- Enables gallery video sending/transcoding.
● InboxFilterManager.NoSaveStateBehavior -- was missing, added again
● TwoLineComposerView -- remove Payment button action
● ThreadListContextMenuHelper -- remove 'Mute thread' option
Included third party libs
● XZ for Java by Tukaani
● smali/baksmali by JesusFreke
● SignApk (part of AOSP)
Click to see licenses.
Licensing of XZ for Java
All the files in this package have been written by Lasse Collin and/or Igor Pavlov. All these files have been put into the public domain. You can do whatever you want with these files.
This software is provided "as is", without any warranty.
Licensing of smali/baksmali
[The "BSD licence"]
Copyright (c) 2010 Ben Gruver (JesusFreke)
All rights reserved.
Redistribution and use in source and binary forms, with or without modification, are permitted provided that the following conditions are met:
1. Redistributions of source code must retain the above copyright notice, this list of conditions and the following disclaimer.
2. Redistributions in binary form must reproduce the above copyright notice, this list of conditions and the following disclaimer in thedocumentation and/or other materials provided with the distribution.
3. The name of the author may not be used to endorse or promote products derived from this software without specific prior written permission.
THIS SOFTWARE IS PROVIDED BY THE AUTHOR "AS IS'' AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE AUTHOR BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
Licensing of SignApk
Copyright (C) 2007 The Android Open Source Project
Licensed under the Apache License, Version 2.0 (the "License");
you may not use this file except in compliance with the License.
You may obtain a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software distributed under the License is distributed on an "AS IS" BASIS, WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
See the License for the specific language governing permissions and limitations under the License.
FOR ADVANCED USERS ONLY -- If you place a file called 'fbpatcher.dev' next to the FBP100+ jar file, containing the following text: 'I want my intern settings menu!', internal settings will be enabled in the Facebook app.
Free of Facebook code.
WHAT'S NEW
Version 2.9, 07-21-2016
● Support for latest versions (web view messaging only)
Version 2.8, 07-06-2016
● Fixed crashing new message option (mobile site fallback)
● Patchability check (does not proceed if Messenger code is missing)
Version 2.7, 06-25-2016
● Support for message requests
Version 2.6, 06-17-2016
● Fixed new message option for 83.0.0.0.39
Version 2.5, 06-16-2016
● OS native look and feel with support for high DPI displays
● Sticker search feature
● Fixed new soccer game
● Removed crashing options (mute thread & payment)
Version 2.4, 06-08-2016
● Same as 2.3 but has a GUI
● Reduced size (425KB)
Version 2.3, 06-04-2016
● Support for latest versions (tested up to 81.0.0.0.49 alpha)
● Reduced size thanks to proguard
Version 2.2, 06-01-2016
● Support for latest versions (tested up to 81.0.0.0.20 alpha)
● Removed aapt without losing backwards compatibility
Version 2.1, 05-30-2016
● Support for latest versions (tested up to 80.0.0.0.44 alpha)
● Much faster patching (dex files are assembled in memory)
Version 2.0, 05-26-2016
● 'New message' function: tap [<-] button on title bar in thread list
Version 1.9, 05-25-2016
● Support for latest versions (tested up to 80.0.0.0.18 alpha)
● Resource name obfuscation resistance
Version 1.8, 05-21-2016
● Bugfixes for latest stable and beta versions
Version 1.7, 05-21-2016
● Support for latest versions (tested up to 79.0.0.0.52 alpha)
Version 1.6, 05-20-2016
● Support for latest versions (tested up to 79.0.0.0.39 alpha)
● Basketball game re-fix
● Much faster and error-free patching
● APK verification
● Reduced size (removed apktool, wrote own manifest hacking routine)
● Improved cleanup method - requires less free space
Version 1.5, 05-07-2016
● Better logging and error handling
● Other Facebook apps can now be installed
● Backwards compatibility down to V59
Version 1.4, 05-04-2016
● Video sending from gallery
● Inline video playback
● Floating hearts
● Linux aapt permission fix
Version 1.3, 05-01-2016
● Easy starter batch file included for Windows users
● Reduced size
● No more separate 'tools' directory, everything is within 'fbpatcher.jar'
● More readable and structured command line output
● Error codes
Version 1.2, 04-30-2016
● Apktool/smali logging
● Safety cleanup on start
● Support for latest versions (tested up to 76.0.0.0.49 alpha)
● Messenger thread list instead of mobile site
● QuickCam video sending
● Basketball game fix
Version 1.1, 04-27-2016
● Support for latest versions (tested with 73.0.0.18.66 stable and 76.0.0.0.19 alpha)
If you like FBPatcher, you can support its development, or simply click Thanks or share this thread on social media sites.
Instructions
To keep all discussion on this thread I'm coping my reply here as well.
How do I do that?
2. Run the patcher: java -jar fbpatcher.jar <input_apk> <output_apk>
Click to expand...
Click to collapse
Here is step by step instructions i followed to get it work on windows ( i think linux users knows how to do this simple things )
this guide was written for earlier version of patcher, but @lorantm is providing much easier automated patcher version now (from v1.3+ ) so just follow OP's USAGE GUIDE
still you can go through my guide for some deeper details and reference it wouldn't hurt and you will learn some history of patcher !
1. you need JAVA installed in PC if not install it from here https://java.com/en/download/
2. Download official (Not patched ) apk of latest stable Facebook(for now v76 here ) or as per recommendation of OP according to patcher version.(USE V75+ TO AVOID THE THREAD LIST SCROLL DOWN BUG! )
3. download patcher by @lorantm from OP
4. extract patcher in fbpatcher folder (use extract to fbpatcher/ )
5. put donloaded FB version form 2nd point in this folder and rename it to fb.apk for ease.
6(new). hold Shift and right click on empty space, then select open command prompt here in empty space of your folder that contains fb.apk & fbpatcher.. now No need to copy cmd.exe at that folder...this method will open your system inbuild cmd so skip directly to Point 9
8. now your folder should look like this
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
9. open cmd.exe and write java -jar fbpatcher.jar fb.apk fbpatched.apk (mind on spaces... see below pic for clarity )
10. wait for 5-10 min and let patcher do its job you will get fbpatched.apk as patched file.
Install & enjoy
Tomi_Ohl said:
Nice guide! Only one thing: I think it would be enough to hold Shift and right click on empty space, then select open command prompt here (in step 6).
@lorantm köszönöm szépen, nagyszerű!! (Thanks, it's awesome!)
Working fine with the suggested FB version on Xiaomi Mi3 with Marshmallow
Waiting for the version with that message icon, right now I can't access groups from app if there are no new messages.
Click to expand...
Click to collapse
that's nice suggestion ! actually i forgot about it while writing guide.
How do you patch the apk on a mac?
Smoking Monkey said:
How do you patch the apk on a mac?
Click to expand...
Click to collapse
I never had a Mac, but I think you should do it just like on Windows or Linux. Install Java, open a command line and run it from there.
So when using patched facebook app, when we click on msg icon, msg interface is loaded in mobile web mode inside the fb app itself. But i am using latest fb app, and latest facebook chat enabler , and it do the same thing. What's the benefit of patching ?
Sent from my MI 3W using XDA-Developers mobile app
a.broken.star said:
So when using patched facebook app, when we click on msg icon, msg interface is loaded in mobile web mode inside the fb app itself. But i am using latest fb app, and latest facebook chat enabler , and it do the same thing. What's the benefit of patching ?
Sent from my MI 3W using XDA-Developers mobile app
Click to expand...
Click to collapse
I replied in the other thread.
lorantm said:
I never had a Mac, but I think you should do it just like on Windows or Linux. Install Java, open a command line and run it from there.
Click to expand...
Click to collapse
I don't think .exe files work on mac, so where would i be able to find the mac .dmg equivalent of the cmd.exe file?
Smoking Monkey said:
I don't think .exe files work on mac, so where would i be able to find the mac .dmg equivalent of the cmd.exe file?
Click to expand...
Click to collapse
It's Terminal. Open it, navigate to the directory (with the cd command) where you have extracted the patcher and the official apk. Then run java -jar fbpatcher.jar FB72.apk FB72P.apk.
Smoking Monkey said:
I don't think .exe files work on mac, so where would i be able to find the mac .dmg equivalent of the cmd.exe file?
Click to expand...
Click to collapse
http://www.wikihow.com/Get-to-the-Command-Line-on-a-Mac
personally even i never used Mac so i don't know how to open it in any specific folder (like windows has Shift+right click in empty space of folder ) but you can try to navigate to your folder via cd/ commands ( try to google it )
For anyone doing this on a mac you open up terminal and type cd /
Then drag the fbpatcher folder into terminal and press enter.
Copy and paste java -jar fbpatcher.jar FB72.apk FB72P.apk then press enter again.
Work perfect thanks
I use the latest version Facebook*73.0.0.18.66 APK and it work perfect thanks
Sent from my LG-H631 using XDA-Developers mobile app
:crying::crying::crying::crying:
guys i have problem.. when i try cmd.exe i get error saying it isnt compatible with my windows..
i searched and to fix i do run command scf/scann something like that and after scan it found conflict but it didnt fix it. :crying:
am very bad at command prompt if i go to accessories and use the comand promt there it works , is there a way for me to do it from there or it must have the cmd.exe in folder.?
if not can osme upload it and share please.. or help fix why cmd says its not compatible.? windows tiny7.
raptorddd said:
:crying::crying::crying::crying:
guys i have problem.. when i try cmd.exe i get error saying it isnt compatible with my windows..
i searched and to fix i do run command scf/scann something like that and after scan it found conflict but it didnt fix it. :crying:
am very bad at command prompt if i go to accessories and use the comand promt there it works , is there a way for me to do it from there or it must have the cmd.exe in folder.?
if not can osme upload it and share please.. or help fix why cmd says its not compatible.? windows tiny7.
Click to expand...
Click to collapse
hold Shift and right click on empty space, then select open command prompt here in empty space of your folder that contains FB.apk & fbpatcher..No need to copy cmd.exe at that folder...this method will open your system inbuild cmd
jineshpatel30 said:
hold Shift and right click on empty space, then select open command prompt here in empty space of your folder that contains FB.apk & fbpatcher..No need to copy cmd.exe at that folder...this method will open your system inbuild cmd
Click to expand...
Click to collapse
thanks it worked :highfive:
Hi, I want to ask, there is no call function on this "messenger"?
and when are you going to release the one with working messenger button?
Thanks!!
Guys Plz Share ur Patched APK file I want to use on Android Lollipop
New version!
V1.1 is out! I successfully patched 73.0.0.18.66 and 76.0.0.0.19 alpha with it and they worked perfectly.
The new version of FBPatcher can be downloaded from the first post, I updated the link.
Explanation: a method in com.facebook.messaging.banner.MuteThreadWarningNotification had to be dummied to make it work.
motfis said:
Hi, I want to ask, there is no call function on this "messenger"?
and when are you going to release the one with working messenger button?
Thanks!!
Click to expand...
Click to collapse
You can't make calls. Facebook removed WebrtcIncallActivity from the manifest and its theme from the resources so even if the voip code is still in there, it's not possible. Also, native library fb-webrtc-jni that is needed to make calls was removed. Earlier I tried to add it from Messenger's apk and hack the code to be able to start a call. It was ringing out, but the conversation could not be started because the in-call UI theme was not present and the app crashed immediately.
I plan to add Messenger thread list feature at the weekend or next week but I already wrote that it will not work on all devices.