The WebSetGo! Domain Checker is a tool that enables HD2 users to check the availability of domain names and create lists of domains they might like to register.
Point your HD2 OPERA browser to:
domain.websetgo.net
Currently the following features are available:
]Check if a domain is available
]Add available domains to your short list
]remove domains from short list
I am working on a feature to export short lists to excel mobile and a feature to let registered users (when registration works) tap "get domain" to have the domain registered for them with a single tap using pre-configured information from the users account.
Feedback would be great on this
https://github.com/venomous0x/WhatsAPI
What is WhatsApp?
According to the company:
“WhatsApp Messenger is a cross-platform mobile messenger that replaces SMS and works through the existing internet data plan of your device. WhatsApp is available for iPhone, BlackBerry, Android, Windows Phone, Nokia Symbian60 & S40 phones. Because WhatsApp Messenger uses the same internet data plan that you use for email and web browsing, there is no cost to message and stay in touch with your friends.”
Click to expand...
Click to collapse
Late 2011 numbers: 1 billion messages per day, ~20 million users.
Modified XMPP
WhatsApp uses some sort of customized XMPP server, named internally as FunXMPP, which is basically some extended proprietary version.
Login procedure
Much like XMPP, WhatsApp uses JID (jabber id) and password to successfully login to the service. The password is hashed and happened to be an MD5’d, reversed-version of the mobile’s IMEI (International Mobile Equipment Identity) or equivalent unique ID, stored in servers upon account creation and used transparently everytime the client connects the server.
The JID is a concatenation between your country’s code and mobile number.
Initial login uses Digest Access Authentication.
Message sending
Messages are basically sent as TCP packets, following WhatsApp’s own format (unlike what’s defined in XMPP RFCs).
Despite the usage of SSL-like communication, messages are being sent in plain-text format.
Multimedia Message sending
Photos, Videos and Audio files shared with WhatsApp contacts are HTTP-uploaded to a server before being sent to the recipient(s) along with Base64 thumbnail of media file (if applicable) along with the generated HTTP link as the message body.
FAQ
What’s with the hex chars floating all over the code?
Mostly WhatsApp’s proprietary control chars/commands, or formatted data according to their server’s specifications, stored in predefined dictionaries within the clients.
What’s your future development plans?
We don’t have any.
Would it run over the web?
We’ve tested a slightly-modified version on top of Tornado Web Server and worked like a charm, however, building a chat client is a bit tricky, do your research.
Can I receive chats?
Indeed, using the same socket-receiving mechanism. But you have to parse the incoming data. Parsing functions aren’t included in this release, maybe in the next one?
I think the code is messy.
It’s working.
How can I obtain my password?
It depends on your platform, with Android for example, you can use TelephonyManager
Code:
TelephonyManager tm = (TelephonyManager) getSystemService(Context.TELEPHONY_SERVICE);
tm.getDeviceId();
With the sufficent permissions of course
Code:
<uses-permission android:name="android.permission.READ_PHONE_STATE"/>
NOTES
This proof of concept is extensible to contain every feature that make a fully-fledged client, similar to the official ones, actually could be even better.
During the two weeks of analysis of service mechanisms, we stumbled upon serious design and security flaws (they fixed some of them since 2011). For a company with such massive user base, we expected better practises and engineering.
Perfectly working as PHP and JAVA ports.
License
MIT - refer to the source code for the extra line.
Venomous
Team of Bahraini Developers.
Ahmed Moh'd and Ali Hubail (@hubail) contributed to this release.
I really would like to know whats your debugging strategy in this case? I'm still not able to capture the traffic from my Android 4 VirtualMachine in order to decypher the ssl traffic.
I documented my setup on my blog, just search for "WhatsApp für Android 4.0.X-X86 ICS auf VirtualBox" on Google.
Could you please provide some infos on your setup?
Except for some requests ( Syncing and Status update) , all requests go on plain text ( although they use SSL port , they still send in plain text )
onnsoft said:
I really would like to know whats your debugging strategy in this case? I'm still not able to capture the traffic from my Android 4 VirtualMachine in order to decypher the ssl traffic.
I documented my setup on my blog, just search for "WhatsApp für Android 4.0.X-X86 ICS auf VirtualBox" on Google.
Could you please provide some infos on your setup?
Click to expand...
Click to collapse
WebOS port!!!
Sent from my R800x using XDA
Looks like Whatsapp is quite secure...
Swypesation
Isn't there anyway to hack it???
Sent from my MT11i using xda premium
google it
Hi,
I have developed a small app, which will turn your mobile in to a SMS gateway (Incoming and Outgoing). Actually I have built this software for one of our web app, which send SMS on user registration or when there is any bill due.
Bulk SMS from web interface
Advance group handling i.e. create multiple groups with 1 million members each
API support (for outgoing and incoming SMS). You can integrate this gateway with your website or desktop application to send SMS on trigger basis. Our API is platform and language independent, therefore you can use it with any programming language like JavaScript (node.js, jquery), Ruby on Rails, PHP, ASP.NET, ASP etc.
Two-way SMS i.e. incoming SMS processing. Check the response rate of your campaign.
Missed Call Service
Delivery Reports
You will be charged only for delivered SMS.
Post-paid billing by your carrier.
Your brand, your number.
Add multiple numbers (SIM/Phone) to build a large cluster.
Send SMS even on DND listed numbers if, they are registered with you.
SMS queuing (i.e. if your mobile can not connect to internet to fetch the data than we will queue the messages till it gets a connection.)
Runs as a gateway i.e. it will work in background on your mobile without interrupting your day to day tasks.
Full control on message sending.
Application can be downloaded from market://play.google.com/store/apps/details?id=com.znisms.bulksms
Once you downloaded the app and registered an account just reply to the welcome mail and I will add a lifetime license on your account (it's free for one month only for a normal user) as my thanks to XDA community from, which I have learnt a lot.
API Details
<Sorry, Not allowed to post links>
Parameters:
userid: ID created on ZNISMS.com
apikey: 32bit API Key (provided by ZNI)
sendto: Mobile number on which message has to be sent.
message: URL encoded message. Max 160 characters.
device: device ID from, which you want to send SMS, in case multiple devices are registered with us.
Please note this application (while running) consumes battery at very fast rate therefore it is recommended that you keep your phone plugged in while using this app.
Login from mobile.znisms.com to manage groups and send SMS.
Feel free to ask for features whatever you feel useful for your app or service.
Hi guys,
I'm looking for an android app to read the value of an NFC chip and write that value to a text file.
What I'm looking for is basically the same functionality as when you would hook up an USB NFC-reader to a PC, and write the scanned values to a notepad file.
The situation in which this would be used is to scan people entering a training session on a company event.
Attendees would have an NFC-enabled name tag, and we have a list of nfc-values to correspond to the attendees already stored in the database.
Do you guys know of any apps that could provide this functionality?
gday folks
intro
i'm planning an app that will hide valid/ private calendar data within a larger body of fake data, such that any calendar u.i could be used to view & edit these data, and any of the standard android synch tools would also function as expected
the design would work in such a way that any copy of the calendar data could be de-obfuscated by any implementation of the algo combined with the shared secret
this must work without root, and would be nice to appear to the casual observer as a valid calendar
tech. specific
my limited understanding is that a custom calendar provider would act as a suitable intermediary between the stored data and the de-obfuscated data that should be displayed in the (/ any) calendar u.i.
android api: calendar-provider
i envisage a bunch of patsi... err, notable people's names could also be scraped from wikipedia on a per-key basis which maybe a grand datasource for 'attendees'
phone numbers could be scrambled to uselessness if the data model's allowance for string length isn't too restrictive
times could be stretched and skewed
the number of events could be increased by a factor of 3 or more to give enough junk data without raising any eyebrows, or imposing too excessively on synch adaptors or service providers
wikipedia: steganography
please share any thoughts you might have, from the thoughts on using 'calendar provider', to the security, to any existing functionality like this or even just answer the poll!