Related
PenTesters_Paradise
Code:
[b][center]DISCLAMER[/center][/b]
I can not be held responsible for how you use this package.
I am also not to be held responsible if flashing this package
damages your device in anyway. This package is for
educational use only and should not be taken lightly. This is
the exact package that I use for my 2nd job, and is not meant
to just be played with willy nilly. Ask permission before doing
anything in public OR private.
PenTesters_ParadiseThis package was originally supposed to be a custom ROM, but I wanted to give everyone an equal opportunity to enjoy this package, so I converted it to something everyone can use! This package isn't for the faint of heart. This is for those of you curious about Pen Testing and for those who basically want to feel like they're bringing Watch_Dogs to the real world. Below I will explain the package, and what each item can actually do. I will also have YouTube videos (when I get the time to record them) explaining each app and package. I also have some custom content coming, some that will be shown off and not released as well. Please enjoy and remember to play it safe and always ask permission first before using any of these packages or tweaks.
What's A Pen Tester?If you're asking yourself this question, this package MIGHT NOT be for you. A Pen Tester is either a White Hat or Grey Hat hacker that gets hired by individuals or companies to basically purposely hack their products, networks, or any other sorts of electronically based applications. Pen Testers are becoming a big deal especially in the Gaming world. Dev companies are starting to get smart and are realizing that they honestly can't BEAT the hackers with out TRUE HACKERS of their own. This is slowly becoming a big money life style and more and more people want into it. This is basically your "License to Kill" when it comes to a product/project/ect. when the company or individual gives you the green light to crack in and have at it.
Package Includes
Screen Shots will be added to the 3rd post of this thread, tutorials for each app and the change log to the 2nd
AnDOSid
This app is an Android-based DOS attacker. Basically, this app allows you to simulate a DOS attack (Denial of Service) as a HTTP POST flood attack on either another person or a web server.
NetSpoofer
Network Spoofer lets you change websites on other people’s computers from an Android phone. Simply log onto a Wifi network, choose a spoof to use and press start. This can be a lot of fun, but always ask first.
AndroidVNC
please see this thread for all the info about this
http://forum.xda-developers.com/showthread.php?t=497187
aWPScan
This app lets you scan wordpress based sites for exploitable entrances to the sites admin panel. Fairly simple to use and can sometimes come in handy when working for a client and building them a WP based site.
DroidSheep and FaceNiff
These apps were popular for a very short time but are very powerful. They both kind of have the same functions as they work as a MITM (Man In The Middle) attacker service. Basically, login to any WiFi hot spot, and you will start capturing web traffic. You can manipulate the web traffic to do as you want from here.
DroidSheep Guard
This app guards you from anyone else using Droid Sheep. I'm not entirely sure if it will guard against FaceNiff as well.
DriveDroid
This app turns your device basically into a disc image mounting device. Basically, you can take an ISO or IMG file, mount it with this app, and install full operating systems to another PC. Read below on how to work it with the Galaxy S5 Specifically, as there's 1 special step you need to know
1.) Run the app and go through the setup.
2.) When you get to the selection about selecting a driver, select the 3rd item, which should be a "Legacy USB Driver"
3.) When you get to the point abut TESTING it and restarting your PC, this is where the trick lies.
3a.) As your PC boots up, boot directly to your BIOS (for HP and ASUS its either Escape or F2. not sure about others off the top of my head)
4.) From here, make sure your phone as connected successfully in MTP mode.
4a.) Go into Drive Droid (After MTP has been set), and select the IMG or ISO you wish to emulate from your device.
4b.) In the BIOS, Save Settings and restart (I know you didn't change anything, hear me out)
5.) From here, you need to test...
5a.) You'll either (after the bios loading screen) boot directly to the ISO or IMG, or into your standard OS.
6.) If you boot directly to your standard OS, reattempt from step 3 onwards, but at step 5, go to 6a
6a.) When the PC restarts, bring up your Boot Menu of options (F12 I believe on ASUS and HP)
6b.) From here, select the Samsung device listed, and it should boot!
dSploit
dSploit is a package of all sorts of tools ranging from MITM attacks to DOS attacks, and other testing abilities. Plenty of videos around on how to use this app.
HackAppData
This is for any app on your device. This app lets you modify the AppData of any application installed on your device.
Hackers Keyboard
Just a highly customizable keyboard.
Network Mapper
This app simply maps out the WiFi Network you are currently connected to, showing you every device connected.
Shark
Basically WireShark for Android. Lets you see incoming and outgoing data packets from your device and other things on the network.
Penetrate Pro
No this isn't a dirty joke (couldn't resist), This app works with decoding WiFi connections to allow you to connect to locked and private connections.
SQLMap
SQLMap is one of the most highly used tools around for SQL Injection attacks as its basically the best automated tool for it. There's tons of tutorials out there about it and soon I'll post one of my own.
LockScreen Widgets Tweak
Created by BigBot96, this tweak lets you apply Widgets to your lock screen. PLEASE Make sure you download the correct file. Currently, only the NE9 builds are supported with this tweak, but I'll have an option available for you to not have to worry about this.
Coming Soon...
Future Additions will be coming around soon for this, so keep checking the thread!
Kali Linux NetHunter Features.
So far, only supported by the Nexus devices, I'm attempting to port over the apps and data for this to the S5 as the first non-Nexus device to have support for Kali Linux control. Below will be the list of what will be included.
KaliLauncher
This is the heart of the NetHunter features. This controls everything, and launches all the different exploits available through Kali Linux. To learn more, keep reading
BadUSB
BadUSB is a form of undetectable Malware that is applied to specific USB devices that match the exploit. Basically, this hijacks your USB plug while your device is connected to a computer (windows based), and lets you install a faulty driver to it that houses your malware files. You could use this to transfer things like BotNets, Trojans, and many other forms of malware to a users system and they'd never even know.
DNSSpoofer
Basically, this tool just spoofs the DNS connection you're using or the other person/s are using and lets you reroute people. DNS Attacks are few and far between, but they're slowly getting easier.
PowerSploit
I'll admit, I haven't read up on this yet, but when I have, I'll edit this lol.
NoUpStream
This stops any up stream data entirely.
Other Future Additions
Basically, I'd like to convert this to something like a "Mini-ROM" that gives you a Launcher, themed Gapps, themed system apps, and much more, but for now, this is the temp solution. Next Update should have at least a custom boot animation.
How-To Install1.) Transfer the Zip file that matches your device to your SD card or Internal Storage
2.) Boot up into recovery mode and Flash the ZIP
3.) Done!
Special thanks to the creators of all these apps, scripts and tweaks that are being applied to this package. The ZIP packages below simply just need to be flashed to your Android device via SafeStrap (only method I can test). If someone could test a standard TWRP on a Dev Edition or another unlocked device, that'd be awesome.
Download Links Below
UPLOADING NEW ONES AFTER THE NEXT FLASH Test.
Thought it was ready, and realized it wasn't.
All apps are force closing -_- I'll fix it when I wake up. I've been at it for 12 hours now
Planning on updating this/adding a download?
Nice waiting anxiously for this
Waiting like wagging dog.... I went to source and got working nice..like to wait for add ons.
http://forum.xda-developers.com/showthread.php?p=3518324
Subscribed.
Sent from my SM-G900V using Tapatalk
lol he posted this weeks ago.. he respondin in his rom thread also saying he was working on a new rom which isnt out yet and said a week or two ago that his tmo budfy got 5.0 lollipop which was false lol so not sure if and when this will actually be uploaded.. its been here for weeks with no zip or apks at all in the themes n apps section..
most of these apks are stuff you can manually install if you dont want to wait :-/
Reinventing the wheel
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
dmayniak said:
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
Click to expand...
Click to collapse
lol the last comment was me about 2 years ago
elliwigy said:
lol the last comment was me about 2 years ago
Click to expand...
Click to collapse
i know right? lol i gave up on this because at the time i sucked at making flashable zip's
Vortell said:
It would be cool if you started it back up!
Click to expand...
Click to collapse
The reason I haven't is because Kali Linux has an official release for this phone as long as your bootloader is unlocked and you're on CM
Update (5/18/2019)
Since the first tool was released, HappyZ has improved many features so I think I can just refer to
* HappyZ's rooting guide: https://github.com/HappyZ/dpt-tools/wiki/The-Ultimate-Rooting-Guide
- The only thing I want to add as Windows user is (because the guide is for Mac/Linux users) it gets much easier if you use Linux terminal like cygwin, and the port name should be something like COM# where # can be found in Device Manager by comparing before/after you attach the device.
* HappyZ's upgrade guide: https://github.com/HappyZ/dpt-tools/wiki/The-Upgrade-Guide (Recommend to read this before/after you update the new firmware.)
You may donate a cup of coffee to him there Thanks to all others who contributed a lot.
--
Update (12/02/2018) -- These are outdated.
Finally we manage to root the device! Many thanks to all of your efforts.
Just refer to HappyZ's well written guide: https://github.com/HappyZ/dpt-tools
For whom have never used python like me (and probably using Windows):
(1) Install Python 3 and add it to PATH.
(2) Install MINGW64 and run scripts here instead of Powershell due to xxd issue if you are on Windows.
(2) pip httpsig pyserial on bash.
(3) Download HappyZ's dpt-tools and unzip.
(4* this issue is fixed by HappZ)
(5) Follow HappyZ's guide. You should execute dpt-tools.py in the folder you unzipped to use get-su-bin because of how the script is written.
Some suggestions after rooting (let me know if you have better ideas):
Here is my setup: install "E-ink Launcher" and "Multi action home button" using adb install.
Use adb shell am start -a android.intent.action.MAIN to change the main launcher to your launcher.
Then change the setting of Multi Action Home button (say, the height should be large to be visible in the bottom) and assign its function to be Home for click and Back for double-click.
Whenever you want to use Sony's apps (these are good for pdf markup), just push the home button to open the pop-up menu.
Otherwise, touch the Multi Action Home Button to access to other Android apps. So far I've never experience any crash.
Yet more tips:
Some complain fonts are too small after installing generic apps.
adb shell wm density 320 changes your DPI by 2 times (160 is a default value.) EDIT: I found 200 is quite enough that does not distort Sony apps too much.
My application is using "Tasker" to execute the above code when specific apps are open and execute wm density reset when the apps are closed.
The reason why we cannot change the global DPI is sadly because it makes the default apps by Sony so awkward.
Alternatively, I could successfully install Xposed to try App Settings but this app crashed.
You can also install Gboard (but it has no hide button, so prepare with virtual back button) if you need another keyboard.
Enjoy your DPT devices
--
Sony recently released a new digital paper device DPT-RP1, apparently using their own linux firmware but underlying on Android 5.1.1. Few weeks ago, some Chinese successfully hacked it to jailbreak for third-party apps (without changing the original firmware), but they don't share any information to sell those hacked devices. I'm willing to pay for it, but it is too risky to send my device to China so I'm trying to root it by myself.
I don't know much about this world, but I found some information that might be helpful. It uses Marvell A140 IoT Processor a.k.a. PXA1908. There are two Android smartphones (as the same version 5.1.1) with this chip - Samsung Xcover 3 and Samsung Galaxy Grand Prime. Fortunately, they have been both rooted in the past here.
Is this information really helpful to root my device? If so, is there any way to apply the previous methods to easily jailbreak DPT-RP1? I think the problem here is that it does not look like Android at all, so has no setting menu or developer tools. And not sure how to enter to the recovery mode since it only has two buttons - power/menu.
I'd appreciate any help or advice. Thanks!
And here you can find source codes.
oss.sony.net/Products/Linux/dp/DPT-RP1.html
sartrism said:
Sony recently released a new digital paper device DPT-RP1, apparently using their own linux firmware but underlying on Android 5.1.1. Few weeks ago, some Chinese successfully hacked it to jailbreak for third-party apps (without changing the original firmware), but they don't share any information to sell those hacked devices. I'm willing to pay for it, but it is too risky to send my device to China so I'm trying to root it by myself.
I don't know much about this world, but I found some information that might be helpful. It uses Marvell A140 IoT Processor a.k.a. PXA1908. There are two Android smartphones (as the same version 5.1.1) with this chip - Samsung Xcover 3 and Samsung Galaxy Grand Prime. Fortunately, they have been both rooted in the past here.
Is this information really helpful to root my device? If so, is there any way to apply the previous methods to easily jailbreak DPT-RP1? I think the problem here is that it does not look like Android at all, so has no setting menu or developer tools. And not sure how to enter to the recovery mode since it only has two buttons - power/menu.
I'd appreciate any help or advice. Thanks!
Click to expand...
Click to collapse
You must be an iPhone user that isn't familiar with android. Jailbreak in is an Apple thing, not an android thing.
In android it's called "rooting" and it isn't quite the same thing as jailbreaking an Apple device.
This device does not at all seem to be worth the price, especially considering the limitations it has. What a waste of hardware.
I would assume that you could port something from one of those other devices to work on yours but it really depends on how your hardware is designed compared to those devices.
Does your device have a typical bootloader like other android devices?
Is the bootloader unlocked?
If it is locked, can it be unlocked?
Does the device use fastboot or does it have a flash mode that is used with a specific PC flashtool?
If it is unlocked or if you can unlock it and it has a flash mode that can actually be used, you might be able to port a custom recovery from one of the devices you named then use that recovery to somehow root the device. If the device can't install android apps then it would probably involve using adb to root the device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
You must be an iPhone user that isn't familiar with android. Jailbreak in is an Apple thing, not an android thing.
In android it's called "rooting" and it isn't quite the same thing as jailbreaking an Apple device.
This device does not at all seem to be worth the price, especially considering the limitations it has. What a waste of hardware.
I would assume that you could port something from one of those other devices to work on yours but it really depends on how your hardware is designed compared to those devices.
Does your device have a typical bootloader like other android devices?
Is the bootloader unlocked?
If it is locked, can it be unlocked?
Does the device use fastboot or does it have a flash mode that is used with a specific PC flashtool?
If it is unlocked or if you can unlock it and it has a flash mode that can actually be used, you might be able to port a custom recovery from one of the devices you named then use that recovery to somehow root the device. If the device can't install android apps then it would probably involve using adb to root the device.
Click to expand...
Click to collapse
Thanks for suggesting a general principle! I just use the word jailbreaking not because I'm an iPhone user. What I actually want to do as the first step is not rooting an android system, but revealing it from the current customized linux system. Rooting is the next step if necessary. If the word choice is still not accurate and bothers you, I apologize.
It has apparently no typical bootloader, and neither PC nor adb recognize it as an android device. In fact, direct USB file transfer is blocked so I need to use Sony's designated software. But an android system surely coexists according to the hacker who already rooted it.
sartrism said:
Thanks for suggesting a general principle! I just use the word jailbreaking not because I'm an iPhone user. What I actually want to do as the first step is not rooting an android system, but revealing it from the current customized linux system. Rooting is the next step if necessary. If the word choice is still not accurate and bothers you, I apologize.
It has apparently no typical bootloader, and neither PC nor adb recognize it as an android device. In fact, direct USB file transfer is blocked so I need to use Sony's designated software. But an android system surely coexists according to the hacker who already rooted it.
Click to expand...
Click to collapse
Without some kind of way to flash or interface with the device there isn't much you can do.
I have a kindle fire HD that didn't come with a typical android system but does have a typical bootloader. The Amazon OS was removed and now it's full blown android but it required a "second" bootloader. You don't have a bootloader so I'm not sure what your options are with that device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
You must be an iPhone user that isn't familiar with android. Jailbreak in is an Apple thing, not an android thing.
In android it's called "rooting" and it isn't quite the same thing as jailbreaking an Apple device.
This device does not at all seem to be worth the price, especially considering the limitations it has. What a waste of hardware.
I would assume that you could port something from one of those other devices to work on yours but it really depends on how your hardware is designed compared to those devices.
Does your device have a typical bootloader like other android devices?
Is the bootloader unlocked?
If it is locked, can it be unlocked?
Does the device use fastboot or does it have a flash mode that is used with a specific PC flashtool?
If it is unlocked or if you can unlock it and it has a flash mode that can actually be used, you might be able to port a custom recovery from one of the devices you named then use that recovery to somehow root the device. If the device can't install android apps then it would probably involve using adb to root the device.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Click to expand...
Click to collapse
Jailbreaking is the process of modifying any electronic device in order to remove restrictions imposed by a manufacturer (Apple) or operator (to allow the installation of unauthorized software).
Rooting is the act of gaining access to the root account of a device (such as a smartphone or computer).
There is a huge difference between the two. You can't just say that rooting is Android's version of jailbreaking. Not accurate in the least.
https://www.androidpit.com/jailbreak-android
Sent from my SM-G928T using Tapatalk
MarkBell said:
Jailbreaking is the process of modifying any electronic device in order to remove restrictions imposed by a manufacturer (Apple) or operator (to allow the installation of unauthorized software).
Rooting is the act of gaining access to the root account of a device (such as a smartphone or computer).
There is a huge difference between the two. You can't just say that rooting is Android's version of jailbreaking. Not accurate in the least.
https://www.androidpit.com/jailbreak-android
Sent from my SM-G928T using Tapatalk
Click to expand...
Click to collapse
You're reading too much into what I said.
Basically, what I said was that jailbreaking isn't an android thing, it's an Apple thing(didn't say it was exclusively an Apple thing, just NOT an android thing). It applies to more than just Apple devices but on this website dedicated to mobile platforms, I'm only referring to its application in the mobile device world. For the mobile world it's pretty much only an Apple thing(still not exclusively but mostly so).
Then I said that in the android world it's called rooting(not exclusively an android thing, just NOT an Apple thing). And that jailbreaking and rooting aren't the same thing(this does not say that rooting is android's version of jailbreaking, that would imply that they are the same thing, I'm saying they aren't the same thing)
Basically, explaining what they "aren't", you explained what they "are".
I understand the difference, but thank you.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Droidriven said:
You're reading too much into what I said.
Basically, what I said was that jailbreaking isn't an android thing, it's an Apple thing(didn't say it was exclusively an Apple thing, just NOT an android thing). It applies to more than just Apple devices but on this website dedicated to mobile platforms, I'm only referring to its application in the mobile device world. For the mobile world it's pretty much only an Apple thing(still not exclusively but mostly so).
Then I said that in the android world it's called rooting(not exclusively an android thing, just NOT an Apple thing). And that jailbreaking and rooting aren't the same thing(this does not say that rooting is android's version of jailbreaking, that would imply that they are the same thing, I'm saying they aren't the same thing)
Basically, explaining what they "aren't", you explained what they "are".
I understand the difference, but thank you.
I DO NOT PROVIDE HELP IN PM, KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Click to expand...
Click to collapse
I tend to read too deeply into everything. It's the way I am. Lol.
Sent from my SM-G928T using Tapatalk
Could you please post some information about usb device? Just like PID & VID.
Do it like:
Connect DPT-RP1 to Linux, and then type this command 'lsusb'
P.S. Under Windows or MacOS system, you can find the information from system settings...
happy to help with simple things
thisvip said:
Could you please post some information about usb device? Just like PID & VID.
Do it like:
Connect DPT-RP1 to Linux, and then type this command 'lsusb'
P.S. Under Windows or MacOS system, you can find the information from system settings...
Click to expand...
Click to collapse
Bus 001 Device 008: ID 054c:0be5 Sony Corp.
It is good to see some people have been interested in this thread.
So far, I realized that the hacker used a hardware hacking method. I actually obtained the hacked system apps from one of his customer. I guess he did sometihng like directly modifying eMMC to root and put "USBDeviceSwitcher.apk" to allow an usual USB connection. Since I don't want to take such risk, I decided to wait until the first firmware to see if there could be an indirect way to penetrate the system files. But if you want to analyze the hacked system, contact me.
sartrism said:
It is good to see some people have been interested in this thread.
So far, I realized that the hacker used a hardware hacking method. I actually obtained the hacked system apps from one of his customer. I guess he did sometihng like directly modifying eMMC to root and put "USBDeviceSwitcher.apk" to allow an usual USB connection. Since I don't want to take such risk, I decided to wait until the first firmware to see if there could be an indirect way to penetrate the system files. But if you want to analyze the hacked system, contact me.
Click to expand...
Click to collapse
Does it have a web browser? Maybe you can utilize for example the Stagefright Exploit + DirtyC0W to get root.
I have found out some interesting stuff about the device with the help of the Digital Paper App.
The app is built using electron and there is a file: /Applications/Digital\ Paper\ App.app/Contents/Resources/app.asar
This file contains the electron javascript files, which handle all the communication with the device.
It can be extracted with: sudo asar extract app.asar output
(github_com/electron/asar)
This also requires node to be installed: with e.g. brew install node (changelog_com/posts/install-node-js-with-homebrew-on-os-x)
The app communicates with the device via Restlet-Framework/2.3.7 on port 8443 with tcp (no matter if it is the bluetooth, wifi or usb connection).
This is the only port that is open.
In the file: /Applications/Digital\ Paper\ App.app/Contents/Resources/output/node_modules/mw-error/lib/codeparams.js you can find all the relative paths, which are getting called during e.g. file transfer, firmware update and stuff.
Running the app and placing breakpoints reveals that before you can transfer files and stuff:
'/auth'
'/auth/nonce/'
are called in order to authenticate, which looks e.g. like url digitalpaper.local:8443/auth/nonce/1e9ee24d-6613-433a-9770-76b04333ac95
the last part of the call is the "client_id": "1e9ee24d-6613-433a-9770-76b04333ac95", which is retrieved via the url digitalpaper.local:8443/auth call.
digitalpaper.local:8443/auth/
Important:
In /Applications/Digital\ Paper\ App.app/Contents/Resources/output/lib/config.js
change the line
config.DEVBUILD = false;
to
config.DEVBUILD = true;
After you finished your modifications you have pack the output folder again:
sudo asar pack output app.asar
I did not have time to continue, but the following relative urls look promising (especially recovery_mode):
'/testmode/auth/nonce',
'/testmode/auth',
'/testmode/launch',
'/testmode/recovery_mode',
'/testmode/assets/{}',
mcplectrum said:
I have found out some interesting stuff about the device with the help of the Digital Paper App.
The app is built using electron and there is a file: /Applications/Digital\ Paper\ App.app/Contents/Resources/app.asar
This file contains the electron javascript files, which handle all the communication with the device.
It can be extracted with: sudo asar extract app.asar output
(github_com/electron/asar)
This also requires node to be installed: with e.g. brew install node (changelog_com/posts/install-node-js-with-homebrew-on-os-x)
The app communicates with the device via Restlet-Framework/2.3.7 on port 8443 with tcp (no matter if it is the bluetooth, wifi or usb connection).
This is the only port that is open.
In the file: /Applications/Digital\ Paper\ App.app/Contents/Resources/output/node_modules/mw-error/lib/codeparams.js you can find all the relative paths, which are getting called during e.g. file transfer, firmware update and stuff.
Running the app and placing breakpoints reveals that before you can transfer files and stuff:
'/auth'
'/auth/nonce/'
are called in order to authenticate, which looks e.g. like url digitalpaper.local:8443/auth/nonce/1e9ee24d-6613-433a-9770-76b04333ac95
the last part of the call is the "client_id": "1e9ee24d-6613-433a-9770-76b04333ac95", which is retrieved via the url digitalpaper.local:8443/auth call.
digitalpaper.local:8443/auth/
Important:
In /Applications/Digital\ Paper\ App.app/Contents/Resources/output/lib/config.js
change the line
config.DEVBUILD = false;
to
config.DEVBUILD = true;
After you finished your modifications you have pack the output folder again:
sudo asar pack output app.asar
I did not have time to continue, but the following relative urls look promising (especially recovery_mode):
'/testmode/auth/nonce',
'/testmode/auth',
'/testmode/launch',
'/testmode/recovery_mode',
'/testmode/assets/{}',
Click to expand...
Click to collapse
Hope you get some result from wifi side. I also realized they use the port 8443 but couldn't get further as you.
For whom trying to hack it, here is the link for the already 'hacked' system apps (including the original files) - that of the famous hacked RP1 video. Inside the subfolder S1, there are also the hacked system apps for DPT-S1 just in case.
https://www.dropbox.com/sh/dvtvokdzrgwjc83/AACXOJA-E56nUpUfiWUOzrM3a?dl=0
George Malas said:
Does it have a web browser? Maybe you can utilize for example the Stagefright Exploit + DirtyC0W to get root.
Click to expand...
Click to collapse
The stock device has no web browser, no sd-card, no usb connection, and no typical system. I think SONY was haunted by some security issues maybe because they thought the major users are lawyers or very important people? lol
Any chance to create a buffer overflow PDF to attack RP1's pdf reader?
I am unable to help, but wanted to let you know I am definitely interested in and supportive of this. If this device can be unlocked as suggested in that one youtube video then I would buy it, despite the steep price.
jess91 said:
I am unable to help, but wanted to let you know I am definitely interested in and supportive of this. If this device can be unlocked as suggested in that one youtube video then I would buy it, despite the steep price.
Click to expand...
Click to collapse
If you're interested and supportive of this then go buy one anyway and apply yourself to going forward figuring out how to get it done. Other than that, you're not supportive, you're just hopeful that someone figures it out and then you'll probably go get one.
DO NOT CONTACT ME VIA PM TO RECEIVE HELP, YOU WILL BE IGNORED. KEEP IT IN THE THREADS WHERE EVERYONE CAN SHARE
Hey guys,
I also recently got the RP1 and am also looking for ways to mod it. Big kudos and thanks to all of you for posting this! This alread is amazing. @sartrism: can you maybe give me a hint how to load the files on the rp1? Sorry if this might be a stupid question but I'm new to adroid and that stuff.
Paderico said:
Hey guys,
I also recently got the RP1 and am also looking for ways to mod it. Big kudos and thanks to all of you for posting this! This alread is amazing. @sartrism: can you maybe give me a hint how to load the files on the rp1? Sorry if this might be a stupid question but I'm new to adroid and that stuff.
Click to expand...
Click to collapse
Just a little update from my side. I'm currently tryng to recreate the steps @mcplectrum was using. It seems that my RP1 also uses other ports. I tried to wireshark the USB and WiFi connection. By that I saw that often GET /registration/information is called for Host: localhost:58052. Moreover the first call is GET /register/serial_number also on port 5808. This was via USB.
Trying to trigger the /auth/ call via Telnet returns nothing unfortunately. But also the 8080 port is open. Trying to call digitalpaper.local:8443/auth/ returns nothing on firefox.
@mcplectrum: how did you get the client_id and what would one need that for?
I also tried to change the config.DEVBUILD to true but that seemed to change nothing at all.
So to sum up what we know:
The device is using some kind of android structure, the source code seems to use the uboot bootloader, all communication is done by a rest restlet framework. So actually there should be some kind of way to use the restlet framework to PUT or POST the modified files.
The other option would be directly flash the eMMC right? I would take the risk and just load it on my device and see what happens. Any hints on how to do that?
I've created this thread to manage all files and documents at one place which might be helpful for all Teclast T10's users.
Teclast Master T10
Teclast
Product Page
Firmwares
Here.
Benchmarks
Here.
Accessories
XDA Thread (http://forum.xda-developers.com/general/general/teclast-master-t10-accessories-t3722233/).
Root / TWRP
XDA Thread (http://forum.xda-developers.com/android/help/root-teclast-master-t10-t3705533/).
Firmwares
Device overview
Teclast Master T10 is sold with two different device identifiers, E3C5 and E3C6. An user of this tablet can get the device identifier looking at the rear side of the tablet, there is a phrase including the device name, the device ID and the SN (serial number) of the device. An example is "T10 ID:E3C5 SN:XXXXXXXXXXXXXX", in this example the device ID is E3C5.
Firmware overview
Regarding the firmware, each device identifier is classified depending on the country the tablet is sold. So chinese people refer to E3C5 (device E3C5) and E3C6 (device E3C6) firmwares, while people outside China must refer to E3C5_G (device E3C5) and E3C6_G (device E3C6) firmwares - the "_G" (underscore G) suffix should mean "Global".
The difference between E3C5/E3C6 and E3C5_G/E3C6_G firmwares is due to the starting language of Android environment (chinese language for E3C5/E3C6, english language for E3C5_G/E3C6_G) and the additional chinese software (included only in E3C5/E3C6 firmwares).
Starting from year 2018, Teclast is pushing chinese firmwares (E3C5/E3C6) to have the TOS interface (a Phoenix OS-like environment), while for global firmwares (E3C5_G/E3C6_G) Teclast continues to provide with the standard Android environment.
Full Firmwares
Regarding the full firmware file (useful in case of downgrade of firmware or in case OTA doesn't properly work), Teclast provides the firmwares for chinese firmwares (E3C5/E3C6) and not-chinese firmwares (E3C5_G/E3C6_G) in two different official websites.
Chinese people may use the first official Teclast's website (http://www.teclast.com/tools/pad/pad.php?t=p) and input their own device identifier (E3C5 or E3C6) to get a list of available firmwares.
People outside China may use the second official Teclast's website (http://www.teclast.com/en/firmware/) and input their own device identifier (E3C5 or E3C6) to get a list of available firmwares.
For all firmwares not included in above-mentioned websites, users should ask to Teclast the full files for firmwares (providing the serial number of the device if requested), usually Teclast will provide you with a download link to a cloud service.
OTA Firmwares
Regarding the OTA firmware file (to be used only to update from the current firmware), the things become simpler. Teclast uses a method to get the internet address in order to download the single .ZIP file for upgrading the firmware. Teclast OTA app, included in all T10 units (E3C5,E3C6,E3C5_G,E3C6_G), search for the current firmware id (E3C5,E3C6,E3C5_G,E3C6_G). To get the proper file it computes:
ota.teclast.com/T10_[firmware_id]/update/
where [firmware_id] is the current firmware ID (E3C5, E3C6, E3C5_G, E3C6_G).
Inside the folder there is a file named "update.xml" used by Teclast OTA app in order to know the correct file to use to update the firmware.
So, summarizing all this matter, we have the following internet addresses :
E3C5 - http://ota.teclast.com/t10_e3c5/update/
E3C6 - http://ota.teclast.com/t10_e3c6/update/
E3C5_G - http://ota.teclast.com/t10_e3c5_g/update/
E3C6_G - http://ota.teclast.com/t10_e3c6_g/update/
Other Download sources
All Teclast users may download the firmware files also from NeedRom website (http://www.needrom.com/download/teclast-t10-e3c5/), but the files are mixed, so we have to search for the correct firmware number (in this website there is only the difference between E3C5 and E3C6 devices, not the classification about chinese or not-chinese firmwares).
Another source for downloading firmware files (both full and OTA files) is listed in post #437 of this thread.
Firmware changelogs
E3C5 - here
E3C6 - here
E3C5_G - here
E3C6_G - here
Benchmarks
Antutu Benchmark 6
Antutu Benchmark 7
3DMark - The Gamer's Benchmark
Sling Shot Extreme
Sling Shot
Ice Storm Extreme
Ice Storm Unlimited
PCMark for Android Benchmark
Work 2.0
Storage
Geekbench 4
CPU
COMPUTE
HWBOT Prime - CPU Benchmark
E3C5 - FIRMWARE CHANGELOG
TOS_V2.02_20180503
1, the task bar shows the speed of the network;
2, modify part of the system icon;
3, calendar clock dynamic display date, time, week;
4, set the interface layout changes;
5, security center function update;
6, add a key to clear the background function;
7, update Google suite;
OTA - update 09
1. Added task bar to display network speed.
2. Optimization System ICON.
3. Calendar ICON added dynamic display date.
4. Optimize Settings app layout.
5. Update Security Center app.
6. Added "one-click cleanup" background application.
7. Update Google Suite.
TOS V2.01_20180227
The first version of the external release;
OTA - update 08
Update information (08) 1, update Taipower TOS system.
First, Taipower TOS new features:
1, the use of a menu design, the interface is more refined and beautiful, run more smoothly;
2, a unique desktop mode, seamlessly with the tablet mode to switch;
3, wallpaper blur degree can be adjusted, the icon shows clearer;
4, APP can be windowed, multi-tasking operation more efficient;
5, the file manager supports global search, decompression, LAN access and so on.
Second, upgrade considerations:
1. After the OTA is upgraded to the TOS system, it can no longer be returned to the original system through the OTA upgrade, but the OTA can still be upgraded to the subsequent TOS version.
2, for the return of the original system, brush brush can be used way to brush machine. Specific steps: download the corresponding ID firmware in the official website of Taiwan Power Company, brushing machine can be based on the tutorial included.
3, the use of brush brush brush the opportunity to empty all the data plate, before operation, please back up important data.
V1.35_20180224 (android7.0)
1, modify the "Sina microdisk" client to open the black screen problem;
2, modify some of the Chinese parkour game running Huaping problem;
3, modify the "Wilderness Action" part of the game shade and characters screen will appear Huaping problem;
4, QQ front camera to modify the use of small video or camera direction;
5, optimizing the stability of life;
OTA - update 07
1. Solve Sina micro-client login black screen after the problem.
2. Solve part of the parkour game running probabilistic Huaping problem.
3. Solve the shades of the wilderness action game and character interface Huaping problem.
4. QQ front camera to solve the problem of using a small video or camera upside down.
5. Optimize life stability.
V1.32_20171220 (android7.0)
1, optimize the touch effect, enhance the compatibility of the firmware on the TP;
2, increase the virtual taskbar hidden function;
OTA - update 07
1. Optimize the touch effect.
2. Increase the virtual taskbar hidden features.
V1.31_20171207 (android7.0)
1, optimize the touch effect with third-party applications;
2, to enhance system stability and compatibility;
OTA - update 06
1. Optimize the touch effect.
V1.28_20171120 (android7.0)
1, optimize WIFI function when the machine sleep connection strategy to enhance the life of the tablet;
2, optimize the automatic brightness adjustment function to enhance the screen display;
3, join the WIFI network for data exchange upload or download real-time speed display ;
OTA - update 05
1. Optimize WIFI working mechanism and improve the battery life.
2. System notification bar added real-time speed display.
3. Optimize the effect of automatic brightness adjustment.
4. Improve the front camera settings.
V1.24_20171011 (android7.0)
1, optimize the touch effect;
2, optimize the system application lock function;
3, optimize the file manager to play music function;
4, optimize the automatic brightness function;
OTA - update 04
1. Optimize the effect of light-sensitive brightness adjustement.
2. Optimize the application lock function.
3. Optimize lock screen wallpaper.
4. Improve system stability.
V1.23_20170921 (android7.0) - builtin firmware
1, optimize the direction of the QQ video chat;
2, optimize the settings screen saver function experience;
3, optimize and enhance TP compatibility;
OTA - update 03
1. Optimize the direction of the QQ video call screen.
2. To solve the standby screensaver error BUG.
V1.20_20170831 (android7.0)
1, optimize the brightness adjustment function;
2, to optimize system fluency and compatibility;
OTA - update 02
1. Optimize the function of automatically adjusting the brightness.
V1.19_20170825 (android7.0)
1, update the system built-in apps;
2, to optimize the machine in the state of the charge and discharge mechanism;
3, to optimize system stability;
OTA - update 01
1. Update the gallery.
2. Optimize system stability.
T10 (E3C5) - Android7.0-V1.16: the first version of the firmware release.
==================================================================================
Note : first part of the changelog has been translated via Google Translator from chinese language (source is Teclast website).
OTA changelog is what is showned by Teclast's TeclastOTA application when an upgrade is found.
E3C6 - FIRMWARE CHANGELOG
TOS V2.05_20180523 (android7.0)
1. the task bar shows the speed of the network;
2. modify part of the system icon;
3. calendar clock dynamic display date. time. week;
4. set the interface layout repair;
5. security center function update;
6. add a key to clear the background function;
OTA - update 05
1. Added task bar to display network speed.
2. Optimization System ICON.
3. Calendar ICON added dynamic display date.
4. Optimize Settings app layout.
5. Update Security Center app.
6. Added "one-click cleanup" background application.
TOS V2.04_20180409
1. update the Google framework and repair the Play service can not update the problem;
OTA - update 04
1.Update Google Suite to Resolve Issues with Google Services Unable to Update.
TOS V2.02_20180320
1. Optimize the burning of WLAN MAC address and Bluetooth address;
OTA - update 03
1.Update WIFI MAC Patch.
TOS V2.01_20180305
1. modify the Sina micro-disk client to open a black screen problem;
2. modify part of the Chinese parkour game will have Huaping problems;
3. modify the wilderness action game shade part and the character interface will appear Huaping problems;
4. modify the QQ front The camera uses a small video or camera direction;
5. optimize the stability of life;
OTA - update 02
1.Solve Sina micro-client login black screen after the problem.
2.Solve part of the parkour game running probabilistic Huaping problem.
3.Solve the shades of the wilderness action game and character interface Huaping problem.
4.QQ front camera to solve the problem of using a small video or camera upside down.
5.Optimize life stability.
V1.02_20180224 (Android7.0)
1. modify the "Sina micro disk" client to open a black screen problem;
2. modify part of the Chinese parkour game will have Huaping problems;
3. modify the "Wildness Action" game shade part and character interface will appear Huaping problems;
4. Modify QQ front camera to use small video or direction when taking pictures;
5. optimize the stability of life;
OTA
Not available via OTA.
TOS V2.00_20171221
The first version is released externally;
OTA - update 01
1. Update Teclast TOS system.
V1.00_20171214 (Android7.0)
First release.
==================================================================================
Note : first part of the changelog has been translated via Google Translator from chinese language (source is Teclast website).
OTA changelog is what is showned by Teclast's TeclastOTA application when an upgrade is found.
E3C5_G - FIRMWARE CHANGELOG
V1.05_20180306
OTA - update 04
1.Solve Sina micro-client login black screen after the problem.
2.Solve part of the parkour game running probabilistic Huaping problem.
3.Solve the shades of the wilderness action game and character interface Huaping problem.
4.QQ front camera to solve the problem of using a small video or camera upside down.
5.Optimize life stability.
V1.03_20171127
OTA - update 03
1.Optimize WIFI working mechanism and improve the battery life.
2.System notification bar added real-time speed display.
3.Optimize the effect of automatic brightness adjustment.
4.Improve the front camera camera camera settings.
V1.02_20171016
OTA - update 02
1.Optimize the effect of light-sensitive brightness adjustment.
2.Optimize lock screen wallpaper.
3.Improve system stability.
V1.01_20170914
OTA - update 01
1.Improve the fingerprint system in the English system to display the Chinese language.
V1.00_20170831
First release.
==================================================================================
Note : Descriptions are only for OTA updates. Dates are retrieved from .ZIP file.
OTA changelog is what is showned by Teclast's TeclastOTA application when an upgrade is found.
E3C6_G - FIRMWARE CHANGELOG
V1.01_20180307
OTA - update 01
1.Solve Sina micro-client login black screen after the problem.
2.Solve part of the parkour game running probabilistic Huaping problem.
3.Solve the shades of the wilderness action game and character interface Huaping problem.
4.QQ front camera to solve the problem of using a small video or camera upside down.
5.Optimize life stability.
V1.00_20171220
First release.
==================================================================================
Note : Descriptions are only for OTA updates. Dates are retrieved from .ZIP file.
OTA changelog is what is showned by Teclast's TeclastOTA application when an upgrade is found.
Reserved #7
Reserved #8
Reserved #9
Reserved #10
Thanks, @italianquadcore for making this thread. I really appreciate it.
I've just purchased one last week. Still waiting for the shipment from China, and since many people have already complained about its malfunction everywhere (review websites, comments, videos, etc.) I knew I had to prepare to overcome those problems too.
I'll help you out when I get some new information. As for now, I'm still figuring out how to use this forum....
I have been experiencing some issues with my tablet. I have contacted Teclast via Facebook Messenger to see if they can resolve this issue. I purchased it from GeekBuying.com and they have yet to respond to any of my emails I have sent over the last few days. My issue: constant force closures. Once it starts, it won't stop until I reboot the tablet, and that only sometimes cures the issue. and when I say cure, I mean it works for another 5 minutes before it starts to crap out again. My issue seems to be a unique one since I have not seen any similar posts or complaints regarding this happening. Might be worthwhile to input what issue you are experiencing in this thread (if it is not already been mentioned), just so we can all be on the lookout for known bugs / issues. I started with v1.02, then OTA to v1.03 immediately after I first booted the tablet. I was immediately having issues, so I hopped on XDA and saw that I could flash other versions, one for the 'Chinese' (E3C5) and one for 'Global' (E3C5_G). No matter the version, I still have the same issue. Also, is anyone having NO issues at all with their tablet? (unfortunately for us, if you are not then you are probably not in this thread!)
Tyanders1987 said:
I have been experiencing some issues with my tablet. I have contacted Teclast via Facebook Messenger to see if they can resolve this issue. I purchased it from GeekBuying.com and they have yet to respond to any of my emails I have sent over the last few days. My issue: constant force closures. Once it starts, it won't stop until I reboot the tablet, and that only sometimes cures the issue. and when I say cure, I mean it works for another 5 minutes before it starts to crap out again. My issue seems to be a unique one since I have not seen any similar posts or complaints regarding this happening. Might be worthwhile to input what issue you are experiencing in this thread (if it is not already been mentioned), just so we can all be on the lookout for known bugs / issues. I started with v1.02, then OTA to v1.03 immediately after I first booted the tablet. I was immediately having issues, so I hopped on XDA and saw that I could flash other versions, one for the 'Chinese' (E3C5) and one for 'Global' (E3C5_G). No matter the version, I still have the same issue. Also, is anyone having NO issues at all with their tablet? (unfortunately for us, if you are not then you are probably not in this thread!)
Click to expand...
Click to collapse
It is possible that you have serious problem either in RAM memory modules or in eMMC storage.
Try this:
1) install app SD Insight (https://play.google.com/store/apps/details?id=com.humanlogic.sdi&hl=it), open it, select "MMC Card" in dropbox, I have this:
Manufacturer = Hynix
Model : HCG8e
Size : 64 GB
Manufacturer Date : Aug 2016
What do you have?
2) Install the following 3 apps and try to run a benchmark for each app, just to see if eMMC or RAM are defective or not. Do they properly work? Do they run benchmarks without problems?
SD Card Test (https://play.google.com/store/apps/details?id=com.pzolee.sdcardtester)
A1 SD Bench (https://play.google.com/store/apps/details?id=com.a1dev.sdbench)
Androbench (https://play.google.com/store/apps/details?id=com.andromeda.androbench2)
3) Have you installed an external MicroSD? Eventually remove it.
italianquadcore said:
It is possible that you have serious problem either in RAM memory modules or in eMMC storage.
Try this:
1) install app SD Insight (https://play.google.com/store/apps/details?id=com.humanlogic.sdi&hl=it), open it, select "MMC Card" in dropbox, I have this:
Manufacturer = Hynix
Model : HCG8e
Size : 64 GB
Manufacturer Date : Aug 2016
What do you have?
2) Install the following 3 apps and try to run a benchmark for each app, just to see if eMMC or RAM are defective or not. Do they properly work? Do they run benchmarks without problems?
SD Card Test (https://play.google.com/store/apps/details?id=com.pzolee.sdcardtester)
A1 SD Bench (https://play.google.com/store/apps/details?id=com.a1dev.sdbench)
Androbench (https://play.google.com/store/apps/details?id=com.andromeda.androbench2)
3) Have you installed an external MicroSD? Eventually remove it.
Click to expand...
Click to collapse
Thanks for the help! However, once the crashes start i cannot open an app again until i factory reset (reboots doesn't even cure it).. then by the time i have anything installed i get the crashes again. Im just going to assume its hardware and have already contacted GeekBuying.com about a refund / replacement. Of course they are taking their sweet sweet time. So far the response has been "You can factory reset to solve the issue'.. lol. Think i just want a refund and then to purchase from GearBest.com
Expected mine to arrive tomorrow. Luckily, that's before Christmas Eve (since in my country there won't be any shipping activity on holiday).
By the way, is there anyone here who officially got a global firmware in packaging? I've seen some people do the unboxing and have confirmed no Chinese apps (except Teclast ones) at first light. Just my curiousity.
MedriVia said:
Expected mine to arrive tomorrow. Luckily, that's before Christmas Eve (since in my country there won't be any shipping activity on holiday).
By the way, is there anyone here who officially got a global firmware in packaging? I've seen some people do the unboxing and have confirmed no Chinese apps (except Teclast ones) at first light. Just my curiousity.
Click to expand...
Click to collapse
When I received the tablet, inside there was firmware v1.23, with only the 3 Teclast apps (TeclastOTA, Teclast Manager and AppLock). After upgrading to v1.31, I faced some issues with touchscreen due to ghost touch. I reverted back to v1.28 using NeedRom full firmware file, and I discovered that not only there were the 3 above-mentioned apps, but there were other 5 chinese apps that I simply removed using the following adb commands:
adb uninstall com.sohu.tv
adb uninstall com.UCMobile
adb uninstall cn.ninegame.gamemanager
adb uninstall com.pp.assistant
adb uninstall cn.kuwo.kwmusichd
These 5 chinese apps are located in folder /system/preinstall - so we can eventually reinstall them if we need them.
italianquadcore said:
When I received the tablet, inside there was firmware v1.23, with only the 3 Teclast apps (TeclastOTA, Teclast Manager and AppLock). After upgrading to v1.31, I faced some issues with touchscreen due to ghost touch. I reverted back to v1.28 using NeedRom full firmware file, and I discovered that not only there were the 3 above-mentioned apps, but there were other 5 chinese apps that I simply removed using the following adb commands:
adb uninstall com.sohu.tv
adb uninstall com.UCMobile
adb uninstall cn.ninegame.gamemanager
adb uninstall com.pp.assistant
adb uninstall cn.kuwo.kwmusichd
These 5 chinese apps are located in folder /system/preinstall - so we can eventually reinstall them if we need them.
Click to expand...
Click to collapse
So..., those apps were not depending on which firmware it had back on, right? Ah, I forgot to mention those ones I mentioned also had English interface (including settings) initially.
Btw, why did you change back to v1.28 instead of v1.03(G)? Is something wrong with the latter even the fact that it's much bloatless?
Speaking of adb, I did use that tool intensely through Windows cmd (don't know how to use it directly). It truly comes in handy when trying to remove lots of bloatware on my budget phone (which is... Samsung), but then I realized it only removed files from user data, not the apk itself. So, when I did a factory reset once, those bloatware apps came back to life. Since knowing the fact, I've never touched that tool again (as it also has been rooted, anyway).
MedriVia said:
So..., those apps were not depending on which firmware it had back on, right? Ah, I forgot to mention those ones I mentioned also had English interface (including settings) initially.
Btw, why did you change back to v1.28 instead of v1.03(G)? Is something wrong with the latter even the fact that it's much bloatless?
Speaking of adb, I did use that tool intensely through Windows cmd (don't know how to use it directly). It truly comes in handy when trying to remove lots of bloatware on my budget phone (which is... Samsung), but then I realized it only removed files from user data, not the apk itself. So, when I did a factory reset once, those bloatware apps came back to life. Since knowing the fact, I've never touched that tool again (as it also has been rooted, anyway).
Click to expand...
Click to collapse
V1.28 and other releases come with Chinese language, while v1.03 comes with English language.
I reverted back to v1.28 because there's not an official support for v1.03 and e3c5_g device, this firmware remains in the hands of Teclast technical support, only Teclast itself provides a link of the full .zip firmware. What about the future of e3c5_g series of firmware? Only Teclast knows....
Those 5 apps are really uninstalled, but logically they are installed again after a factory reset because that folder /system/preinstall is used by Android to install Oem software (really a no-sense with stock Android).
italianquadcore said:
V1.28 and other releases come with Chinese language, while v1.03 comes with English language.
I reverted back to v1.28 because there's not an official support for v1.03 and e3c5_g device, this firmware remains in the hands of Teclast technical support, only Teclast itself provides a link of the full .zip firmware. What about the future of e3c5_g series of firmware? Only Teclast knows....
Those 5 apps are really uninstalled, but logically they are installed again after a factory reset because that folder /system/preinstall is used by Android to install Oem software (really a no-sense with stock Android).
Click to expand...
Click to collapse
I don't really get how Android operates..., but yeah. As long as they're still in system folder, they will come back again (after factory reset) automatically.
In the meanwhile.... My tablet has just arrived!! XD
---
I just recently switched it on, and when I check the build number on settings..., it turned out to be v1.02(G).
Which means I can't test out today's new update (v1.32) for now. ._.
Hey! I'm currently trying to find an app that enables me to take screenshots without using the physical buttons on my phone, and I've run into a somewhat strange issue: third-party screenshot apps create images showing nonsense or things that happened in recovery mode.
Sorry for the wall of text below.
Phone details
I'm using a Nexus 5 running stock ROM Android 4.4.4. For recovery I'm using TWRP and for kernel I'm using Linaro by LaboDJ. The phone is rooted and also has Xposed Framework installed. Screenshots on this device are, as you probably know, normally taken by holding down the Volume Down and Start buttons simultaneously, but issues with the Start Button is making me seek an on-screen-based approach instead.
Issue
So far I've tried several different apps which can take screenshots by pressing overlay icons, shaking the phone, and so on. None of the screenshots come out as wanted, however. Depending on the app, screenshot files may fail to be generated, be pitch black, or feature something entirely different than the actual screen. The last type is made using root-requiring apps that scan for different methods to make screenshots (Screenshot Easy, Screenshot Ultimate).
The screenshots created by root-using apps (all images provided below are from Screenshot Easy) initially looked like this or this (depending on selected method, image). For testing I used /system/app mover to turn Screenshot Easy into a system app. This changed what it was able to make into this and this, revealing that the app provides screenshots of things I did in recovery mode. The coloration makes it even stranger (this is what the color scheme of TWRP looks like). In addition, the app retained the ability to make such screenshots even after being turned back into a non-system app or being reinstalled. There has been some days since I made these images, and right now the app can only create this. I'm having a hard time determining what affects output.
I would expect this app to work on a Nexus 5 for different reasons. Firstly, the majority of Google Play reviews for Screenshot Easy on this phone model are positive. Secondly, my phone is able to make screen recordings (SCR Screen Recorder) and take button-screenshots systemwide (DisableFlagSecure). I should also add that while I want to avoid using the physical buttons, they do create regular screenshots if I use them.
What I've tried so far
Fixes I've tried include changing Screenshot Easy settings, reinstalling the app, restoring the stock kernel, disabling various Xposed modules that may or may not be involved, starting the phone in Safe Mode to disable potentially interfering apps (Screenshot Easy was still usable due to being converted to a system app), deleting the TWRP backup on the phone, using an older version of Screenshot Easy from an APK-hosting website, wiping app cache, and wiping dalvik cache. I also tried changing resolution or DPI values (using SecondScreen or changing build.prop values), but this either turns the screenshots black (resolution change) or has no effect (DPI change).
Frankly I cannot make heads or tails out of this issue. If anyone could make any suggestions of what to try next or perhaps diagnose what is going on I would be very grateful!
TL;DR: third-party apps used for taking screenshots behave stangely and don't work no matter what I try. What to do?
Update
Update: it's been about 6 months since my above post, and for shiz and giggles I decided to yet again try downloading a screenshot app to see if I still get strange results. Went for Screenshot Easy (non-pro version) and granted it root permission, and to my surprise it works as it should, creating proper screenshot files.
It is difficult for me to tell if the reason Screenshot Easy now works is caused by some change in my phone, or in the app. However, while Screenshot Easy has received at least three updates since my previous attempt (I reckon the previous version I tried was 1.6.2, and now I'm using 2.9.6), Screenshot Ultimate has not received any updates and still gives me black (or gray), nonsense, or no images.
Edit: Testing suggests the reason is app change; the APKpure copy of v1.6.2 does not work (same issues described above) while v2.1.6, v2.8.2, and the already tested v2.9.6 does. What exactly has changed within the app is still hard to say. A difference is that v.1.6.2 with root permission but without being a system app has two faulty "Method 7" and "Method 8" methods for taking screenshots (image - this somehow differs from my previous experience) while the three working versions have a functional "Root 10" method (image).
According to the app update history (logged by App Annie (direct link, requires login)), the update info for v1.6.2 was simply:
Screen Record (Android 5.0+: Video & Audio)
Improved layout
Improved screenshots
Fixed bugs
Hey guys,
so I lately had a bunch of issues with my Samsung and had to restore several backups etc after failed firmware updates.
Sometimes I lost a few apps, had to reinstall it, etc - it was a HUGE mess. I'm fairly certain at some point bumble downgraded me because I had so many reinstalls/reactivations/etc.
Here's the issue - I'm trying to create a new account and its easy to get around geo-location, IP and new phone-number and verification but I'm fairly certain they also track my device-ID or device-IDs if that changed with the backup/restores/reactivations.
I downloaded device-ID-changer and all the apps show up, ASIDE bumble... I'm wondering if I screwed up something like the registry (if android has something like this) with all the re-installs... the app opens, works, all good, but I can't sign up on this device because of the ID.
I'm on Pie so every app has a separate ID but Device ID changer cant find app.bumble.com.
I can sign up just fine from my tablet (on Nougat) - set geo-location/proxy/verification, easy - works every time, but as soon as I log in on phone I'm getting kicked off.
Where could the issue be? Why can't Device ID changer not find the app? Is there a way to find out if something went wrong with the install? I HIGHLY doubt they hardcoded all my device IPs in the installer (tried offline installs as well, so 0 change they send data down)
Could someone check if Device ID Changer 2019 can find com.bumble.app in the list on their phone?
thanks