Database Info

"Forknife" - the Android G1 controlled robot.

Since I got my G1 I have been thinking of interesting ways to talk with my arduino prototyping board since there is no USB support yet (my next software/hardware project?.. it would be handy to use a G1 as a serial console)
I ended up using DTMF tones and to see how well it worked, I quickly built a simple robot for testing. You can take a look at a video, pictures, overview of how it works, and the GPL-ed source code/schematics to build your own or improve it here:
http://macpod.net/misc/android_robot/android_robot.php
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Enjoy!

this is awesome man. fantastic work!
EDIT: Dude I got forknife on engadget!
http://www.engadget.com/2009/01/26/video-t-mobile-g1-powered-forknife-robot-goofs-off-eats-cupcak/
http://www.engadgetmobile.com/2009/...powered-forknife-robot-goofs-off-eats-cupcak/

If I just had your knowledge!
Awsome work !!!!!!!!

Awesome project!

Could someone make a quick program for the Dream to output all of its sensor data (GPS, Compass, accelerometer)?
It would save money from having to buy these parts for the arduino...

Yep, you could do this pretty easily. If you did it via dtmf you could send 1 nibble of data per tone without checksumming it. If you modified the kernel and made you own ttl level cable (I'm waiting on parts to make mine) you might be able to do two way communications up to 115Kbps!

I do not have a dtmf decoder to do this yet, so I am looking into alternate means to send the data.
It looks that I will have it set up opposite of the Forknife robot, with Android sending data over wifi (via a modified Gmote program) through the serial monitor in the Arduino Environment.
I'm also gonna try to grab the sensor data from the Tricorder app on my phone.
Time to see if I can get the Source code for these two.
-Brian

If you have wifi avaliable why would you need to reverse how this is done? I would just setup a server socket on the arduino, connect to it via the arduino and talk.
What wifi module will you use?
Oh, if you have a light sensor you could try sending out the G1's data by blinking the LED (you even have multiple colors so if you had a color sensor you could perform flow control!)
edit: check out bluetooth solutions too.
edit2: I guess it would make sense to reverse the flow.. I was thinking you were suggesting that there would be only one way communications from the arduino --> phone

My arduino doesnt have wifi, Android and my computer do.
At this point the Arduino isn't going anywhere, its plugged in with USB.
Would Android's Bluetooth API's allow for serial communication? as I was considering getting bluetooth modules for the Arduino.
Blinking the tricolor LED would be fun, but i have no experience coding Android, I am still working on setting up Eclipse for it.

Oh! Sorry, I didn't look at how the gmote setup worked.
If computer is in the picture this is really easy. You already have server code on the computer and client network code on the G1. All you would have to do is change what data is sent (and also send to the server as opposed to the server sending data to the client.. that's a trivial change).
On the server side you would need to forward the data you recieve from the G1 to your arduino.. and I'm sure the gmote code already shows how to work with serial ports.
On the client side, you would just need to rewrite the data in the thread to write out values from the sensors.
Edit: I'm not sure about bluetooth setups with the arduino as I have never worked with them. Something tells me that the communication protocols could be proprietary (i.e. both sender and recievers just work as serial ports.. they can't actually connect to other real bluetooth devices)

Hm, I cannot get the souce code for either the gmote.apk nor the server. I found a PICaxe based color sensor on sparkfun.com for $35, could that be used with the ardiuno to read the rgb notification LED on the G1? I would need a program to encode sensor data to the rgb.
I feel it would be easier to make a photo resistor read IO from the g1, and input directly into the RX on the arduino.

Using a photo sensor is a very hackish way to do this.. and would also cost more than just using wifi. It would also require significantly more code. Not to mention it only allows one way communication.
Just use the wifi method! It's the simplest method
I'm sure there is example code for how to read the sensors in android.
On the client side I'm sure there is code that discusses how to read sensor values
and on the computer side, all you need to do is implement code to talk to the serial port the arduino is associated with.. for linux/unix/os x it's just opening up a device in /dev/ for reading/writing!

Okay, i have eclipse set up for android, but still cannot get source code for the gmote.apk, I tried adb pulling it, but it is encrypted, so I cannot edit it's settings.
could i use "ghost" programs to control my input through these programs. I can easily place the cursor in the Serial Monitor for Arduino, but could I use a program to copy the serial data, then Paste the input into the gmote program to be sent to the serial monitor on the computer's side.
How easy would a code like this be? it would have to run on top (or underneath another program).

Now, I heard you say that a kernel patch could enable serial communication through the USB port. A friend of mine is really good in linux and modifying kernels.
Would you have any idea of what part of the kernel I should look for, and what it has to be changed to? I have to have an idea of what to ask him.
Thanks
-Brian

belding said:
Now, I heard you say that a kernel patch could enable serial communication through the USB port. A friend of mine is really good in linux and modifying kernels.
Would you have any idea of what part of the kernel I should look for, and what it has to be changed to? I have to have an idea of what to ask him.
Thanks
-Brian
Click to expand...
Click to collapse
It's actually supported in the kernel already, although I'm not sure if that particular configuration option is turned on in the default built. So at worst you would just have to recompile the kernel with a different configuration.

So I will have to ask my friend to find usb serial communicaton in the kernel, and enable it for program use?
If that is the case, how would I write programs to take advantage of this, wouldn't I need a new API?
Or since the kernel already has it, is there already an API for serial communication?
Thanks

belding said:
So I will have to ask my friend to find usb serial communicaton in the kernel, and enable it for program use?
If that is the case, how would I write programs to take advantage of this, wouldn't I need a new API?
Or since the kernel already has it, is there already an API for serial communication?
Thanks
Click to expand...
Click to collapse
I haven't played with it, but I assume it's just a device in /dev that you can read/write

belding, what is it about the wifi solution you don't like? It is a software only solution to your problem and alot of code is already written for you in the robot project.
Indeed the serial solution over the 11 pin connector would be best, but that requires you to buy hardware, solder tiny pins, and then modify your kernel which you don't seem to be comfortable doing. In addition, it is my understanding the modification requires you to disable adb support!
Perhaps if you told us your knowledge background I could explain it better? I kinda assumed you were computer science oriented, but I suppose if you are cpe or ee oriented I could have lost you. It would also help to know what your computer is runnng.

The wifi solution would work, but i cannot get source code to rewrite the gmote client or server.
I do not currently have the hardware (DTMF decoder) to implement your premade solution.
Okay, For my knowledge background: in Android, most things I can see are update.zip based, and I can change anything in the android system that is contained on the update. Looking through /system/usr I found the kernel config, but most options were enabled, and the two that were not do not seem to be related to Serial. I have basic knowledge of command prompt tools in Windows and the Android terminal.
Knowledge again, I am learning Arduino and processing, and am fairly good with electrical circuits, the ee you mentioned.
My computer is dual booting Windows XP and Windows 7.
PS, I talked to my friend, and we are looking into the Android Kernel, specifically where it is located, and where the terminal is located.
Where is the terminal in android located, inside or outside Dalvik VM?

belding said:
The wifi solution would work, but i cannot get source code to rewrite the gmote client or server.
I do not currently have the hardware (DTMF decoder) to implement your premade solution.
Okay, For my knowledge background: in Android, most things I can see are update.zip based, and I can change anything in the android system that is contained on the update. Looking through /system/usr I found the kernel config, but most options were enabled, and the two that were not do not seem to be related to Serial. I have basic knowledge of command prompt tools in Windows and the Android terminal.
Knowledge again, I am learning Arduino and processing, and am fairly good with electrical circuits, the ee you mentioned.
My computer is dual booting Windows XP and Windows 7.
PS, I talked to my friend, and we are looking into the Android Kernel, specifically where it is located, and where the terminal is located.
Where is the terminal in android located, inside or outside Dalvik VM?
Click to expand...
Click to collapse
Well, you can get to a terminal with the terminal emulator application of course, or through adb shell.
But if you want an actual console on the phone itself, try out the recovery image from JFv1.41. It boots into the normal recovery image, but it provides an alt+x option to exit the recovery program, and go to a console.
Also, the android kernel source is here. Make sure you grab the .25 branch if you want it to work with the current official builds. The .27 branch is only for cupcake.
To download the source, make sure you have git installed, and then:
git clone git://android.git.kernel.org/kernel/msm.git
cd msm
git checkout android-msm-htc-2.6.25
to build the kernel, you can use the pre-compiled gcc cross-compiler that is provided in the android source. make sure that it is in your path, and then invoke make with the arguments ARCH=arm CROSS_COMPILE=arm-eabi-
(or you can set those variables in the Makefile, so you can just do "make").
If you have any questions about getting everything set up to compile the kernel, feel free to ask. It seems a bit daunting the first time you do it, but it's actually fairly straight forward.

Trident Sandbox : Sandbox Scripting IDE

View attachment 2813343
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
This is an effort to make the best out of what Microsoft gave us 'out of the box' with Windows RT as far as on-device scripting and coding.
It is an browser-app development environment which runs within a browser itself. It was originally intended to fill a void in the Windows RT app development ecosystem. Internet Explorer's rendering engine is called Trident (version 7 in IE11), and it is a sandboxed environment, so the 'sandboxing' is at the browser level.
It now supports WinJS 4.0 library, supports linting, code completion, backup and restore and the sandbox api has been reorganized into a namespace-like hierarchy you can traverse with code completion or view an api reference with a keyboard shortcut. Keyboard shortcuts are now rebindable, and for users running directly off their device I now support an in-memory database adapter where you can set up an elaborate database of saves, script and markup units, and data to be backed up and restored as a single file.
All you have to do to install this native web app is visit this web site :
http://www.obeliskos.com/TridentSandbox
This project is hosted on GitHub at :
https://github.com/obeliskos/TridentSandbox
Trident Sandbox now supports the Microsoft WinJS 4.0 framework which used to be intended for JavaScript Windows Store Apps, but now work outside the appstore, in the browser, and are cross-browser compliant. WinJS allows for browser apps which behave like native apps. For more information on the WinJS framework go here : http://dev.windows.com/en-us/develop/winjs.
There are two ways to install Trident Sandbox and both offer advantages over the other so you may want both:
(1) Run off Local Filesystem. For this method, you can just download the attached zip, then right click on it and choose properties and unblock it. Then extract it... when its done you can double click the TridentSandbox.htm file or drag and drop the .htm file onto your desktop Internet Explorer and then make it a favorite. Running off local filesystem you have the ability to make web requests to the internet to grab data.
(2) AppCache install. For this method you just visit this page : http://www.obeliskos.com/TridentSandbox . Wait until the AppCache status changes from 'Downloading' to 'Idle' and then the site will continue to run this 'cached' version indefinitely (even if you have no internet connectivity). Running using this method you cannot make internet request but you can use LocalStorage and IndexedDB... two very useful storage mechanisms.
There is a workaround for making ajax requests using the AppCached install, which may or may not be appropriate for your particular concerns. It is described in the 'Making Data Requests in Hosted/AppCached environment' section of this help page : http://www.obeliskos.com/TridentSandbox/docs/HostingAndAppCache.htm
Upgrading an AppCache version :
If you already have an AppCache for an older version of TridentSandbox, you can upgrade to the latest version using either of the following two methods. (1) go into internet options/settings/caches and databases and delete the old obeliskos.com entry, then revisit the site at link below. If you want to preserve the data you have stored in the TridentDB/IndexedDB, you can visit the site using the desktop Internet Explorer and it will show 'Downloading' and then 'Update Ready', then press F12. This brings up the developer's tools from which you go to the console and type applicationCache.swapCache() and then reload the page... you should be updated.
Additionally (for users of my AppCache site) : When using an appcache website while online it will check for updates by downloading the appcache.mf manifest file... if that file does not exist and the response code is something like file not found, then the appcache will be invalidated. So if you expect/want the appcache site to work even after I may have taken the site down (which I have no intention of doing anytime soon), then you might want to host block the site in your windows hosts file. I believe it would run forever in that mode with no online dependencies (or updates). If you see I have created a new update, you can unblock it to update. The version which is downloaded and run from local filesystem has no such dependencies so this does not apply to the zip download install.
Hosting your own TridentSandbox Server :
You don't need to do this since I offer my own webserver, but if you want to can can host TridentSandbox on your own website. If you just want to host the files on a server of your own and do not need appcache functionality, then edit the TridentSandbox.htm main page and find (near the beginning of the file) the HTML tag and remove the reference to appcache.mf. If you want to use appcache, then leave the html tag at its default. You might need to register mime types for .mf files (text/cache-manifest) and .prg files (application/json). The newly added Awesome Fonts library may also need mime types configured for a few fonts, you can either add these mime types or remove them from the appcache.mf file (and lose offline support for those). You should be able to use F12 on the desktop IE and monitor the Debugger window as it downloads the appcache and if it fails it will usually tell you the file it had trouble with.
Within TridentSandbox, there are Help pages which provide much better overall information.
TridentSandbox comes with some third party javascript libraries which are made available for you to use in your own scripts.... these include jQuery, jQuery-UI, alertify, jqPlot, jqGrid, fullcalendar, dynatree, highcharts, CryptoJS, Loki.JS (simple JSON object database), Metro.JS, Springy, FontAwesome, Pixi.js, EaselJS, Mathjs. It's structured into a file system hierarchy so you can add your own libraries (local filesystem version only) and register them with the main webpage if you want to extend the environment.
To install local filesystem version :
- Download TridentSandbox.zip to an area like your Documents or Downloads folder.
- IMPORTANT : If you are on Windows RT, Windows 8 or 8.1, right click on the downloaded zip file and choose properties... it may say the file came from the web and give you an option to unblock it... unblock it. Then extract it. If you already extracted it you can right click on the TridentSandbox.htm file choose properties and it will have same option to unblock it... so unblock it.
- Go into the newly extracted directory and run TridentSandbox.htm (it will run in either metro or desktop ie, but I prefer desktop ie, which in that case you might need to drag and drop the htm file onto desktop ie program to load (then bookmark).
- If it asks you to enable scripts, choose yes
- You can load samples which are located in the samples subfolder.
- You can save samples into that folder as well as anywhere else... like SkyDrive. Files manually loaded and saved can be located anywhere but assets referenced as urls within your programs need to be in folder hierarchy (at or below the Trident Sandbox web page you loaded).
Downloads (If you prefer to download and run off your device or server) are now available here :
https://github.com/obeliskos/TridentSandbox/releases

Now something really interesting is coming...

deleted

deleted

I updated to version 1.6 which you can either download or run from my hosted AppCache version. This appcache version will download all files to allow you to run offline. Running this appcache version will let you use local storage and indexeddb as well as some other options.
See first post for link to AppCache version or download attachment for local filesystem (or both).
Help system also covers this in detail.

As far as on-device, in-browser scripting environment for Surface/Windows RT, I consider the latest 1.76 version to be 'Done'. I have opened up a github site where I will host future development at :
https://github.com/obeliskos/TridentSandbox
I will continue to run my AppCache site at http://obeliskos.com/TridentSandbox/ and keep it updated since that is the primary method of distribution still... but at github you can download ZIP of source tree (unblock zip if on Windows 8/8/1/RT), extract, and use the same way as the zip download hosted here.
If you want to contribute to development or make change request you can do that at the github site.
I'll still be around here waiting for announcements by netham :victory:

I was trying Trident on my Surface (which is very cool and useful by the way) and I found that Windows RT (not RT 8.1) doesn't have WebGL support so the 3D demos didn't work. This is supposed to be a limitation of IE 10 which comes with the surface. IE 11 which comes with Windows RT 8.1. I was wondering if anyone knows what files I should copy from a WIndows RT 8.1 tablet to get the files necessary for IE 11 to work with WebGl.
Everything else works so well.

Yep that was a new feature Microsoft added for Windows 8.1 (and updated for more complete implementation in 8.1 update 1). For what its worth my Surface 1 upgraded to 8.1 runs the opengl demos fine... so once jb for 8.1 comes out it should upgrade to full functionality. I'll probably put a notice in those samples if I detect rt 8.0.
I do not know about which files are needed, sorry... you might need updated video drivers too.
On an unrelated note, I just discovered that the AppCache version CAN do internet ajax requests. You can go into Tools/Internet Options/Security/Custom Level... and scroll down to the 'Miscellaneous' section and the first 'Access data sources across domains' setting to Enable. You should then be able to make your ajax calls assuming the website allows requests from outside its own domain. Not sure if there is any reason why you would want to leave this disabled, if you are worried you might try the prompt setting to approve requests... most times this is enforced at the web server level. I'm pretty sure the same workaround applies to IE 10 but I can't test that.
So while I am pretty much feature complete on the local filesystem version, I will probably continue to update my AppCache site (and github) with new features in the future. I will probably update the file hosted here to a 1.82 version with updated help system and samples to clear this up in a few days... after that I will probably just update the github site (with its zip download).

The reason for "Access data sources across domains" usually being restricted is that sites which aren't explicitly configured for safe CORS (Cross-Origin Resource Sharing) may leak information to an attacking website (things like authentication credentials, for example) if the browser doesn't check to ensure CORS is safe before sending the request. Basically, it breaks the same-origin policy which protects sites from one another. If you're signed into A.com and visit B.com, and B.com wants to get resources from A.com, the browser usually first checks with A.com to see if this is permitted. Disabling that check is very dangerous.

That sounds like good advice...
This is the guidance I have put in the help pages starting in version 1.82 :
Making Data Requests in Hosted/AppCached environment : By default, you can only make AJAX calls to websites to get data when you are running off of your local filesystem (zip file distribution). If you are running Hosted or AppCached, this ability to make AJAX requests is disabled by default. There is a workaround (which I will describe here) that may or may not be appropriate depending on how you use it. In Internet Explorer, if you go into Tools/Internet Options/Security, you have Zones like 'Internet', 'Trusted', 'Restricted', 'Intranet'. If you do not currently have sites in the 'Trusted' Zone, then you can add the Trident Sandbox AppCache domain (http://www.obeliskos.com) to that zone. In order to do that you will have to disable the checkbox 'Require server verification (https for all sites in this zone' since my AppCache site does not support SSL. Now, if the 'Trusted' Zone is highlighted click on 'Custom level...', scroll down to the 'Miscellaneous' section and set the 'Access data sources across domains' option to 'Enable' for your data requests to work. It is important to not to apply this setting to the 'Internet' Zone for security purposes that would open this feature to pretty much every site you visit. If you already have sites in your 'Trusted' zone you probably don't want to do this, and you should just do this temporarily when you need internet access not as a permanent policy. Do not visit any untrusted sites while the setting is active. When you are done you can re-apply the https: required checkbox and set the 'Access data sources across domains' back to disabled. If you host Trident Sandbox yourself on a server with https enabled and your site was the only site in the Trusted zone, then you could safely leave it enabled all of the time. That said, and all warnings duly noted, this workaround opens the possibly of implementing all sorts of creations which require internet ajax web requests -and- data storage capabilities.

Now including WinJS framework
I now include and support Microsoft's WinJS library which allows browser apps to behave more like native apps. This WinJS library originally (and still is) used to create JavaScript AppStore apps, but it has been open sourced and made available to use in regular browser apps, as well as now having cross browser support.
If you visit my new landing page at : http://www.obeliskos.com/TridentSandbox you will be able to see some examples (HieroCryptes Notepad, Antikythera, and JSON Databank) which use a few of the new controls.
To see all available controls included with this WInJS library, you can try out Microsoft's own sandbox here : http://try.buildwinjs.com/
WinJS provide many UI controls like Hub, ListView, AppBar, NavBar, FlipView, ContentDialog, Pivot control, toggle buttons, as well as structural mechanisms like data binding, promises, javascript scheduler, etc.
If you have an old version of TridentSandbox it should update automatically and afterwards you may need to reload the page and you should be taken to a new landing page. If your version is very old, you might to delete the old appcache from (in Internet Explorer) Settings/Internet Options/Browsing History/Settings/Caching and Databases.

Know about various Android viruses

Please add in the list if you know about any virus that may effect Android OS :thumbup:
Here are list of various virus/malware/worms that effect your Android:
¤Gingermaster : A trojan
developed for an Android
platform that propagates by
installing applications that
incorporate a hidden malware
for installation in the
background. It exploits the
frailty in the version Gingerbread
(2.3) of the operating system to
use super-user permissions by
privileged escalation. Then it
creates a service that steals
information from infected
terminals (user ID, number SIM,
phone number, IMEI , IMSI,
screen resolution and local time)
by sending it to a remote server
through petitions HTTP .
¤DroidKungFu: A trojan
content in Android applications,
which when executed, obtains
root privileges and installs the
file com.google. ssearch.apk,
which contains a back door that
allows files to be removed, open
home pages to be supplied, and
'open web and download and
install' application packages. This
virus collects and sends to a
remote server all available data
on the terminal.
List would be updated as soon as possible
Please add in the list if you know about any virus that may effect Android OS :thumbup:
Sent from my GT-S5302 using xda app-developers app

You forgot to copy/paste the rest from here:
http://en.wikipedia.org/wiki/Mobile_virus
:silly:
/Closed

Framework discussion

Hi all,
As part of a class I'm doing, we are required to post some content to a forum to engage in discussion on security:
.
Cross Site Scripting (XSS)
OWAPS describes Cross Site Scripting (XSS) where a website has been marked as a trusted website, which for some reason, can run malicious code or scripts through inputs such as forms. As the end user’s browser sees this site as trusted, it allows the malicious script or code to execute, which can give access to client side information before it is encrypted (such as usernames, passwords, session IDs, cookies, etc).
In PHP for example, a normal input box where a user would enter their name, would be able to enter the following:
When PHP prints this back out after submission, it will execute the script between the script tags (In this case, just a simple popup).
In this scenario, this can be solved by wrapping the input value with htmlentities:
This would print any script as literal text rather then executing it.
In Java,
XSS is still a major issue, both due to some sites not implementing simple work around such as htmlentities or htmlspecialchars, or for reasons where these cant be used. XSS affects PHP applications by as much as 86% - its PHPs biggest vulnerability.
In Java, the easiest method is to simply validate inputs and to encode special characters (<>[email protected]#$%^&*). Alternativley, OWASP have a XSS class which includes easy methods to best prevent against certain types of XSS.
Code Injection
Code injection is where using the sites scripting language, you can inject (rather, have the site pull) code from somewhere else.
For example, php can call one of its own pages like so:
however, if we replace the contact.php page with an external hosted script:
This will cause the enduser to execute that script. This all comes down to PHP validation which is coded within the PHP to ensure only valid respsonses are accepted.
This is unlike command injection. Command Injection is an attack which is designed to execute commands on the PHP hosted system (server). This can be done where most parameters are passed (headers, input boxes, etc) and will typically display any output on the returned webpage.
For example, to return a password for a certain user, you could use a command like:
Typically, to prevent such commands from executing, a whitelist of command can be made, whereby only those listed are allowed to be executed on the server. Alternativly, it is recommend where the application needs to invoke system side commands, to do this through local python scripts, rather then PHP calling the commands.
CRLF injection
CRLF injection comes from the elements CR (Carriage Return) and LF (Line Feed) – together (CRLF) this denotes a new line (done simply by pressing the enter button). If a website for example, allows you to upload a file, an attacker may name this file as follows:
This would result in a system command being carried out to delete everything in the /bin folder.
It also allows an attacker to write to the log file, by creating it own new line. If the logs are configured in such a way that they will email out any WARNINGS or ERRORS, an attacker may add these to a new log line repetitively, backing up the email and bandwidth.
The simple way around this is for JAVA to sanitise any input strings, either through substituting known commands, or through methods such as
SQL Injection
.NET SQL Injection allows an authorised SQL command to be sent to the SQL server and executed.
An SQL string may be built using inputs from a form. A possible example of this is:
Code:
SELECT email, passwd, login_id, full_name FROM members WHERE email = 'formemail';
where the red is the text from an input field.
However, we can modify this string which can allow some malicious stuff to happen:
Code:
SELECT email, passwd, login_id, full_name FROM members WHERE email = 'formemail'; DROP DATABASE members --';
Adding the red text to the email input box, would allow us to delete the whole table, or alternatively insert a new record into a table, or possible delete records, modify records (change passwords), or even delete whole tables.
To prevent this, you can limit the damage an SQL injection can do you using proper database permissions (deleting records, tables, etc), and to also use good sanitisation – look for -- or ; in any field and invalidate the data if it has these characters.
Directory Traversal
Directory traversal can also be referred to as a “dot dot slash” attack.
In php, a resource (page) can be called as follows:
However, it may be possible to get other files, not even part of the web directory using the following examples:
The easiest way to prevent this is to assign proper permission on the server itself. However, many web developers do not own the server, therefore, another layer of protection is fully qualify the file path, with the root being where the webpage sits.
Connection String Injection
Also known as connection string pollution, it is possible for an attacker to inject parameters into a connection string to a database. Typically a connection string is built by delimiting each value with a comma. In an injection attack, strings can be built using semi colons as a delimiter.
A typical connection string to a windows SQL server may look like the following:
Code:
Data source = SQL2005; initial catalog = db1; integrated security=no; user id=+’User_Value’+; Password=+’Password_Value’+;
However, if an attacker places a rouge windows SQL server on the internet, and then uses a connection string like follows:
Code:
Data source = SQL2005; initial catalog = db1; integrated security=no; user id=;Data Source=Rogue Server; Password=; Integrated Security=true;
This allows the target windows SQL server to connect to the rouge server using its own Windows credentials, exposing much data.
Backdoors
Backdoors can be common within applications and web applications and can occur across many types of frameworks, however, it’s the security around the knowledge of backdoors, and what they allow, which can be of concern. All modems, routers and some managed network infrastructure have administrator usernames and passwords. However, sometimes, the network vendor (CISCO, NETGEAR, etc) or ISP may choose to put a backdoor access onto these devices. This may be in case a user forgets their administrator credentials, for automatic firmware updates, or for remote troubleshooting. Some of these backdoors may allow for more settings then what is normally shown to an end user.
For example, some older Optus supplied modems had the hidden user: Admin, and a password of: Y3S0ptus. This was standard across thousands of supplied modems. The problem was, the end user had no way of changing the default setting for remote web access from Enabled to Disabled, which meant anyone that knew of their IP address or domain name, could now remote access their modem router, add port redirects, and now connect to devices within their LAN.
In the case of ISP provided modems, it might be safer to simply by something else, not supplied by the ISP.

Exposing bluetooth HCI/Link Layer on Pixel 2

Hello,
I am attempting to control HCI commands and events directly from the command line (I have access to a few OS's, so bash/cmd are both an option). My test device specifically is a rooted pixel 2.
I've looked into using hcitool, but its no longer a part of the Android OS.
I've looked into using bluedroid test tool, but its no longer a part of the Android OS.
I've looked into using Android Comm Test Suite, but I am unable to secure root permissions without starting an adb shell, and the scripts run outside of the shell - so that hasn't worked out.
I've looked into using Intents/Activities from the com.android.bluetooth apk, running adb shell am -a (activity) or -n (package./activity) but haven't gotten meaningful results from the available commands.
I want my solution to be as generic and portable as possible (work for as many android devices and versions as possible), but I've only found two 'solutions' to this problem thus far.
Currently my options look like:
1) GUI automation (emulating user input to change parameters via nrfConnect or some similar app that would result in changes to HCI/LL level parameters), but this is device specific to the extreme and might break for even simple updates.
2) Building an application that has many functions controlling different bluetooth parameters and interactions, then creating its AndroidManifest.xml file in such a way as to be able to more or less call these functions from the command line.
If there are simpler ways to control these events and commands (alternatives to the now deprecated hcitool) please let me know.
If there are any problems with the two approaches I've listed above, please let me know.
Thank you in advance for any advice.