APKGrabber
APKGrabber is a fork of APKUpdater. Big thanks and of course all credits go to rumboalla.
I try to develop new features and maintain the software to stay available on latest android devices, but don't expect weekly updates.
For feature requests, issue tracking, new releases and all dev related stuff see my Github page.
License
Copyright © 2017 Rumboalla. Licensed under the GNU General Public License v3.
Readapted 2019 by hemker.
Contributors
hemker
Version Information
Status: Stable
GitHub: latest
APKMirror: latest
Izzy F-Droid: latest
Created 2019-03-04
Last Updated 2019-03-22
Thank You looking forward to a great app.
Thanks for owning the maintenance & upgrade of this beautiful app.
However, I have few issues related to APKGrabber
- Whenever, i click Ignore button, in a few seconds, I see a FC.
This is on Asus Zenfone Max pro m1, stock android, non-rooted, bootloader locked, non-twrped phone
Log option do not work all the time. i see an empty screen while i click on log from the right 3 vertical dots
- I would like to visit APKmirror instead of downloading from it.
Is it possible to provide an option to copy the link ( I mean click to download / Long hold to copy the link kind of option)
hbr_in said:
Thanks for owning the maintenance & upgrade of this beautiful app.
- I would like to visit APKmirror instead of downloading from it.
Is it possible to provide an option to copy the link ( I mean click to download / Long hold to copy the link kind of option)
Click to expand...
Click to collapse
I think if both methods ('old APKUpdater'; visit APKMirror and new APKGrabber; direct download) could be available as option in App preferences, that would be great and serve both needs.
//t
tjsuominen said:
I think if both methods ('old APKUpdater'; visit APKMirror and new APKGrabber; direct download) could be available as option in App preferences, that would be great and serve both needs.
//t
Click to expand...
Click to collapse
Please add all dev related stuff to the GitHub issue tracker.
Btw, new release is out fixing/adding that stuff, see link above.
Best
Dennis
Latest v1.1.3 says it is still v1.1.2 when installed and the update notification shows up.
Thanks, fixed it now. Just download again.
Hi,
Artem here from APKMirror. I'm glad someone revived APK Updater, so kudos on that!
However, the setting you added to directly download from the site now turns the app into a leech which uses up our bandwidth without giving so much as an ad or page view in return. We had an understanding with the previous author about this, and because of them we actively helped him with the fast API and did not block his app. This direct download addition to APKGrabber now, however, goes against all of that.
Please remove it, as it's against our terms of service.
Thank you for understanding.
Archon810 said:
Hi,
Artem here from APKMirror. I'm glad someone revived APK Updater, so kudos on that!
However, the setting you added to directly download from the site now turns the app into a leech which uses up our bandwidth without giving so much as an ad or page view in return. We had an understanding with the previous author about this, and because of them we actively helped him with the fast API and did not block his app. This direct download addition to APKGrabber now, however, goes against all of that.
Please remove it, as it's against our terms of service.
Thank you for understanding.
Click to expand...
Click to collapse
Hey,
sorry, didn't know about any agreements. New release is out, bringing back the old behavior. Furthermore, i deleted all previous artifacts containing that stuff.
@Archon810 is anybody actively maintaining the API? I would like to get in touch to propose some questions about it. That would help making APKGrabber an up-to-date, stable app.
Best
Dennis
dhemker said:
Hey,
sorry, didn't know about any agreements. New release is out, bringing back the old behavior. Furthermore, i deleted all previous artifacts containing that stuff.
@Archon810 is anybody actively maintaining the API? I would like to get in touch to propose some questions about it. That would help making APKGrabber an up-to-date, stable app.
Best
Dennis
Click to expand...
Click to collapse
Hey Dennis,
Thanks for the swift action. We have been hosting APK Updater on APKMirror (last release is https://www.apkmirror.com/apk/rumbo...lease/apkupdater-1-5-11-android-apk-download/), and I'm open to now hosting APKGrabber too, as it's getting updates. Would you like that?
Would you like to chat further about the API? PM me and we can connect on Telegram.
Nice to see a friendly community
Just want put it out there because there are bound to be some people who decide to take the ****... what happens if people don't bother updating to the version that removes the direct download feature?
I'm hoping some action can be taken without penalising the developer, having detrimental effects on APKMirror and the average user
hshah said:
Nice to see a friendly community
Just want put it out there because there are bound to be some people who decide to take the ****... what happens if people don't bother updating to the version that removes the direct download feature?
I'm hoping some action can be taken without penalising the developer, having detrimental effects on APKMirror and the average user
Click to expand...
Click to collapse
If there aren't to many probably nothing will happen otherwise direct linking will probably just be blocked.
Edit: I love the new ignore button right in the updates window.
SuperSandro2000 said:
If there aren't to many probably nothing will happen otherwise direct linking will probably just be blocked.
Edit: I love the new ignore button right in the updates window.
Click to expand...
Click to collapse
Cool, was just putting it out there because more often than not its just a handful of people that tends to ruin it for others.
hshah said:
Cool, was just putting it out there because more often than not its just a handful of people that tends to ruin it for others.
Click to expand...
Click to collapse
Yeah so far so good thank you for the updates. Continued fine tuning version detection would good.
When it would auto download from apkmirror we didn't see where it would download them too.
Is your app setup for the Google Feedback for when it crashes? I just sent a log of it crashing.
Can you please add play store link of the app to be updated?
Thank you.
Glad to see this project revived.
Though it still seems to struggle when in background on Pie - actually, I can't remember wether APKUpdater could even achieve a successful background scheduled search - it will start but won't ever finish.
Getting to its UI will show it still hasn't been able to fetch the installed apps' list & actually start the search. (VPN used + WiFi only setting ticked if relevant)
Also, APKGrabber updates never are found after just opening the app but only when a manual search is launched regardless of the auto option being active.
Also, if I may, I'd like to submit a couple of ideas :
- For when notifications are set to show up only when updates are available (or maybe even in other cases), I think it would be nice if the notification could get dismissed as the users gets to the available updates page.
- Available themes are ok but now not one seems coherent with the app's icon anymore. Replacing them with a tweakable theme engine would be better suited to each user's taste.
Great to see APKUpdater revived! It was a long awaited news!
Are you planning to increase API target to Oreo at least? This is one of the few apps on my phone that still targets Nougat
FYI, APKGrabber is available on F-Droid via the IzzyOnDroid Repo.
The app is now live at https://www.apkmirror.com/apk/hemker/apkgrabber/ too.
Related
Hello everyone. I've a sort of proposal for the developers here, but before I get into that let me first briefly introduce myself:
I'm a communication designer for print, user interface, and illustration that completely advocates everything Android. I've been lurking the Dream development forums here for quite some time, trying to keep up-to-date with the latest ROMs, apps, etc., etc and I fully appreciate everything that goes on here and the endeavors that you devs put yourself through. Amazing stuff, really.
One thing I've noticed is that there are a slew of third-party / beta apps all over these boards, and other places on the internet as well. More often than not, I find myself scouring the cloud just to find a link for these non-market apps, and I usually get referred to them via some obscure site through another site. Despite getting the .apk file or ROM in the end, the process can get to be a bit tedious; especially for incoming users and those new to the Android platform.
My proposal is this: A website with a simple and clean user interface that has direct and succinct navigation with the purpose of consolidating and listing third-party / beta non-market applications into an easy access database. This website database would link these applications and have them be easily downloaded and installed via the Android browser, without having to mount the device.
I've actually come up with a fully-functional concept site, did the branding and everything for it, and also registered a short domain name for quick access while on your G1 or whatever Android device.
Navigate to: http://anda.pk to see what I had in mind, and how the overall layout/concept of the site would work.
I uploaded several .apk files I had backed up as examples for you to see how the database section would function. I also took into account the resolution of most Android phones and made the .apk application database section fit perfectly in the Android browser when in portrait mode right when you the load the site to ensure the best possible user experience when installing these third party apps. When you scroll to the right, you'll see info on what the site is about, and in the footer there are links to the FAQ, the about section, contact, etc.
I had also noted in the about link in the footer that the applications hosted on the download section are in no way accredited to the site, and that credit goes to their rightful developers. My being a communication designer has had the idea of peer collaboration engrained, and as such I give credit it where credit is due.
That said, I hope you guys here and the developers collaborate with me on on this site, possibly help contribute apks, and agree to them being hosted. If anything, I do hope you just embrace the concept, which originally was just going to be a reference for myself and my friends whom I've turned away from the iPhone, S60, and WinMo in favor of Android. I figured since I know the Android community is only going to get bigger, this website concept of mine could be a decent resource to have bookmarked.
Appreciate you reading this wall of text! Do hope to hear some feedback, so let me know what you guys think. Thanks!
Cheers.
I think this is a fabulous idea...automated version control would go over very well -- i.e. yum update
you should post up bits that you need help with and have folks contact you.
also..I love the logo!
question: do you propose a rating system or a review prior to listing type of approach or something new to keep this resource trustworthy?
Been following this on SA and twitter and it's a great idea.
Having the devs here on board would be a fantastic way to get something solid on the go. It's the kind of thing that can really help android become more hackable and useable for the average user...and it just make things easier for the rest of us.
Sounds good to me.
thelilliandivide said:
the applications hosted on the download section are in no way accredited to the site
Click to expand...
Click to collapse
Credit and accreditation are different things. To be accredited is to be given credentials or official approval. I think you meant "credited".
Sounds like a GREAT idea.
My opinion: The color scheme hurts. Love the logo.
i like the logo and the idea. I think the site should be more mobile friendly, or even better, an application for android that can work like the official market. I could help with that part if an application is going to be built.
camalot said:
i like the logo and the idea. I think the site should be more mobile friendly, or even better, an application for android that can work like the official market. I could help with that part if an application is going to be built.
Click to expand...
Click to collapse
i second that.. it should also have update checks if possible
I was going to complain that I didn't like your site layout, but in portrait mode you only see the left side which lists the apps. I like it.
One thing you might have to be leary of is dealing with apps that are considered warez unless your going to spend the time to verify every app that is uploaded or there has to a method in place.
As well there should be some kind of version control in place. You know what works on 1.1 and what works on 1.5. Obviously almost everybody within the next few weeks/months should be on 1.5, but will all the older apps run on 1.5 or does it really matter or does anybody care? The downloader will care.
CBowley said:
Sounds like a GREAT idea.
My opinion: The color scheme hurts. Love the logo.
Click to expand...
Click to collapse
Seconded. The text is much too light. A darker charcoal shade would be much better.
If the site gets an apk wrapper (a la FBook) version checking would be rather easy. Set up the directory tree something like this /downloads/WiFiTether/1.2.3.apk and just have the apk compare filenames. If the file names don't match, it needs to install the update.
EDIT: Now following your progress on twitter.
Some solid input. I'll play around with the color scheme and make some changes later this evening once I get back from class. And I actually do plan on making a mobile wrapper eventually, but as it stands as far as the concept layout goes, the site is best used when in portrait mode for easiest functionality. The rest of the site is to be considered supplemental. I do however, have a lot of things I eventually want to integrate; application tags, search, possibility of user uploaded apk files, etc. But for right now, I'm trying to keep the general site as simple as possible to make the workload on my end less stressful (graduating in 2 weeks).
bahnburner said:
If the site gets an apk wrapper (a la FBook) version checking would be rather easy. Set up the directory tree something like this /downloads/WiFiTether/1.2.3.apk and just have the apk compare filenames. If the file names don't match, it needs to install the update.
EDIT: Now following your progress on twitter.
Click to expand...
Click to collapse
Did not know how that version checker worked. Thanks. I'll re-work the apk directory scheme akin to that later tonight for when I do eventually get the wrapper up.
thelilliandivide said:
Did not know how that version checker worked. Thanks. I'll re-work the apk directory scheme akin to that later tonight for when I do eventually get the wrapper up.
Click to expand...
Click to collapse
That's not necessarily how most version checks work, but that's the simplest method I could think of, and probably one of the easiest to implement.
alapapa said:
I think this is a fabulous idea...automated version control would go over very well -- i.e. yum update
you should post up bits that you need help with and have folks contact you.
also..I love the logo!
question: do you propose a rating system or a review prior to listing type of approach or something new to keep this resource trustworthy?
Click to expand...
Click to collapse
Thanks! And I feel I might need some help in the future as far as implementing the features that I want to get working. But I'm not quite sure I understand your question. Are you referring to how I choose which applications get posted onto the site?
i'm a graphic designer and web designer, i'll throw in a helping hand if you want, pm me or whatever.
(think about an android based layout to bring it to the phone like Cough*cydia*cough
very cool and much needed
Xda-dev is great, but there is alot of stuff thats not on the market and they have shown to bow down to the tmobs pressure(ie: tether app) so another place to get apps would be great, and your weppage is beautiful and looks like it would be very finger friendly on the g1, but there is a basic model in linux of repositories(which is about what ur doing) and a simple app to d/l them maybe somebody could just make a market.apk with a modded addy, depending on how much is known about the market and its inner workings... it would be nice to do it as it has been always done....but as I stated above your webdesign is very nice and would work well in the native browser(im heading there now on my g1)
bhang
not a bad idea. I think this is great for all verified apps that are pulled from market...
I really like this idea. Go for it.
Just one (stupid) remark about the logo... it's like it has a big nose and a :-| expression... sorry
apetit said:
I really like this idea. Go for it.
Just one (stupid) remark about the logo... it's like it has a big nose and a :-| expression... sorry
Click to expand...
Click to collapse
Haha, I just noticed that actually. Now it's all I see. But yeah, I'm hoping to have a few more apps to upload by the end of next week. Revisions to the site are imminent once I get out of this last class.
I love the idea. One bookmark to check up on all the good non-market apps will be much easier than having several bookmarked threads.
Some applications may benefit from having tags such as [beta], [stable], [experimental], [contains-ads], etc.
As others have mentioned once/if user uploads are implemented an app approval system will be crucial to keep the spam at bay. I can see this really taking off.
im a supporter
zgmf-x322a said:
im a supporter
Click to expand...
Click to collapse
+1 this sounds like a great idea, there was something like this for apps for the dash,mda & sda.
Bitdroid - Home | Bitroid - Tracker | Bitdroid - Forum
Introducing Bitdroid! The dedicated torrent tracker for Android ROMs!
After a couple of weeks of trial-and-error, I have finally got a torrent tracker site setup and running for Android ROM developers; a place for them to create and track a torrent for their ROMs.
Why use a torrent tracker like Bitdroid.org versus regular download links? Easy: better flow of download traffic, which equates to faster downloads!
Peer-2-Peer, or P2P, (torrents in this case) are better for high-flow traffic compared to normal HTTP (sites like Mediafire) or FTP. In HTTP or FTP, users can only download, and it's only from a single server. The more people downloading a file from a single server, the slower the download for everybody on that server requesting the same file. This is not the case for P2P connections. Every user that's downloading, downloads from another user. All of the users download are also uploading to other users, so the traffic is not coming from a single source. It is coming from many sources, alleviating slow downloads, enabling higher traffic. P2P is a much superior way to distribute large files (such as Android ROMs).
So where did this idea come from? After the release of several popular ROMs, I saw people complaining about slow download speeds, and having to upload to several different download mirrors for others to download at a fast pace again, until those became "clogged" for a while as well. P2P, as previously mentioned, would have alleviated this and reduced (or even eliminated) the need for several HTTP / FTP mirrors. HTTP download links could still be provided, but torrent links could also be provided to help alleviate high traffic, congested downloads.
P2P also allows tracking and stats of an individual download. Each file is tracked by the amount of seeders (people uploading), leechers (people downloading), and total downloads.
I've searched, and I couldn't find a dedicated torrent tracker for Android ROMs; I could only find trackers for general use, or other specific uses (movies, games, etc.), of which not all of these are completely safe due to concern of possible copyrighted content. With Bitdroid, only Android ROMs are allowed, and it is preferred that the original developer of the ROM uploads the file (or with permission from the developer, a 3rd-party user could upload the ROM). Since Android is open-source, there aren't any legal concerns of piracy and such due the open-source licensing of the Android OS.
For an added layer of "security" only an approved member group is allowed to upload files. You must be manually added to the group before being able to upload torrents, to try and further discourage potential piracy or unauthorized uploading of ROMs.
I currently have a splash-page setup, that links to the actual tracker, as well as a forum (work-in-progress).
If you're a developer or know a developer, please sign up on the torrent tracker and/or forum and I can get you setup to upload your torrents, and don't forget to spread the word!
If you have any questions or comments, please either post here or on the website! Come and check it out!
Note: I have permission from YZ to post this.
Bump. Got mixed reviews in the Rezound forum about this; not much response from Dev's yet (which is what I would like the opinion of as well).
I think this is awesome!
Sent from my GT-I9300 using Tapatalk 2
News page, forum what next apps we have to pay ?
The idea is great but you should respect the word *torrent*.
this is a brilliant idea, its annoying having to navigate through those nasty ad filled, speed restricted file hosting sites, i hope it grows and grows
my signup email conformation hasnt come through though
Donated $3 has not shown. Still Says Zero. Also been waiting on a confirmation email...It's new. Kinks to work out. Hope my $3 helps is the most I can spare.
---------- Post added at 02:16 AM ---------- Previous post was at 02:14 AM ----------
tarekkkkk said:
News page, forum what next apps we have to pay ?
Click to expand...
Click to collapse
Wait what? That's not a real sentence.
Oh finally i become a reality.
erktheerk said:
Donated $3 has not shown. Still Says Zero. Also been waiting on a confirmation email...It's new. Kinks to work out. Hope my $3 helps is the most I can spare.
Click to expand...
Click to collapse
check your spamfolder!
Check out some of my work and ths work of my team mates in the sprint epic4g touch section. Let me know If we qualify.
BRING IT ON! I'll seed like a mofo!!!
Always been intrigued why no Android ROM developer uses torrent technologies... Even on questionable tracker as Pirate Bay (Yes, you can find legal stuff there ^^).
Now there is no excuse ! With this tracker, we can download almost eyes closed. And now, every body can help, even if no developer, even without giving money. Let's seed !
I'll warm up my seed box this evening !
we can only say you THANK alot and good job . but one thing ..
it is for every Rom ( custom and shipped rom ) or just rom leaked by private developers ?
ps : I haven't paypal from me ( Country's restricted ) , sure I would donate you some $$ ...
awesome news !
guys pay alot for hosting 300mb allinone roms on their hosting , torrent solution rocks!
Any Torrents with this Symbol are Ratio Boosters. Only your Upload is Recorded!!
This is a Great way to Boost your Ratio. Normal Site Seeding Rules Apply.
Seed to 1.0 or 36 hours to avoid Hit and Runs.
Click to expand...
Click to collapse
The idea is good, however i think having a ratio system on the site will do it more harm than good.
Unless you download the rom soon after its uploaded your probably going to struggle to seed it back, especially if its from a developer who updates the rom every couple of days. I think its very unlikely someone would download the older version once the next build is out.
Wow, my site made the front page news! Awesome .
Emba4 said:
this is a brilliant idea, its annoying having to navigate through those nasty ad filled, speed restricted file hosting sites, i hope it grows and grows
my signup email conformation hasnt come through though
Click to expand...
Click to collapse
Hmm, weird. Like previously mentioned, check your spam folder. I'll see what I can do later when I get off work.
erktheerk said:
Donated $3 has not shown. Still Says Zero. Also been waiting on a confirmation email...It's new. Kinks to work out. Hope my $3 helps is the most I can spare.
---------- Post added at 02:16 AM ---------- Previous post was at 02:14 AM ----------
Wait what? That's not a real sentence.
Click to expand...
Click to collapse
Yeah, there's kinks to work out (new to PHP as well so that doesn't help lol). Not sure why the donation thing isn't updating... I'll have to look into that.
timmetal6669 said:
Check out some of my work and ths work of my team mates in the sprint epic4g touch section. Let me know If we qualify.
Click to expand...
Click to collapse
Sure! Just post a thread in the Bitdroid forums in the Uploader Request board!
djibrilcoulibaly said:
we can only say you THANK alot and good job . but one thing ..
it is for every Rom ( custom and shipped rom ) or just rom leaked by private developers ?
ps : I haven't paypal from me ( Country's restricted ) , sure I would donate you some $$ ...
Click to expand...
Click to collapse
It's for any ROM. There's categories for stock ROMs, custom ROMs (from developers), or 'Other' (for kernels or something like that). I can always add more categories as well if anybody has suggestions!
InsaneNutter said:
The idea is good, however i think having a ratio system on the site will do it more harm than good.
Unless you download the rom soon after its uploaded your probably going to struggle to seed it back, especially if its from a developer who updates the rom every couple of days. I think its very unlikely someone would download the older version once the next build is out.
Click to expand...
Click to collapse
I've disabled ratio restrictions on the site. Where did you find that tidbit at? Was it in the rules/FAQ? If so, that's just because I haven't really had any time to update that at all, due to classes starting up again.
Worry not, ratio is not a concern (but sharing what you download always looks good ).
if so it's better thank once more .
It's for any ROM. There's categories for stock ROMs, custom ROMs (from developers), or 'Other' (for kernels or something like that). I can always add more categories as well if anybody has suggestions!
Click to expand...
Click to collapse
No problem. The categories I currently have:
- AOSP / AOKP
- Other
- Proprietary GUI (for ones like Sense, TouchWiz, etc.)
- Stock (Rooted)
- Stock / RUU's
Would just like to thank everybody for their support!
Unable to register. It claims that I'm not matching the CAPTCHA (I think...)
Code:
The confirm code you entered is too short.
The confirmation code you entered was incorrect.
There is no CAPTCHA, and I have filled out all 5 fields that are shown on the registration page properly.
dstruct2k said:
Unable to register. It claims that I'm not matching the CAPTCHA (I think...)
Code:
The confirm code you entered is too short.
The confirmation code you entered was incorrect.
There is no CAPTCHA, and I have filled out all 5 fields that are shown on the registration page properly.
Click to expand...
Click to collapse
Are you trying to register through the forum or the tracker?
If you're trying through the forum, try registering through the tracker instead. Another user PM'd me with a similar error I believe, and he was trying to go through the forum.
Alright, sorry about the issues registering on the forum guys. There was a conflicting option turned on that I missed when setting up the forum.
It should be working now for registration.
Hello XDA,
I'm releasing a modified version of Kik to the public. This is version 7.9 - without video playback support. I created this in January after discovering an exploit within Kik Messenger that allowed me to crash other users. This gave birth to what are known as "lag codes", which are long strings that cause instability within Kik.
If you're on kik and people post strings like:
0la.3p.snai7.eo.490.0la.3p.snai7.eo.490.0la.3p.snai7.eo.490.0la.3p.snai7.eo.490.(etc)(shout out to TL1 for his work in this area)
you will lag, ios and android are affected by this.
I have modified the parser within Kik to stop those short lag codes from causing lag.
I issued these Pikik clients to only a handful of individuals (hardcoded their usernames and disabled editing) , typically being used to crash pedophile chatrooms. Someone in this handful decided to leak the file. They attached AndroRat and distributed it under my credibility and name and I don't appreciate that.
The exploit (along with other exploits I've discovered) and suggested fixes have been emailed to Kik without reply.
This is version 7.9 without video support. You can do the same with 8.0+ as I have done but I don't want to distribute that yet. as I'd like to make a menu via smali to add additional features to Kik. (Confirmed fake camera is possible among other things) Hopefully within that time, Kik will patch the exploits I've emailed them about.
Please be respectful to one another with Pikik, it can cause issues for other users without Pikik if you so choose.
I will create additional links if necessary. Happy Easter.
May 6 update:
Added Kik 8.0apk for video playback. Added another layer of lag protection.
-gunther210
Admin note: APK has been removed due to legal complaint from Kik. Do not re-upload. https://github.com/xda/Notices/blob/master/2015/Kik-20150624.md
Warning, I would not recommend trusting. The app was leaked. Gunther stated that he would release the application to the public in the month of July.
424aca said:
Warning, I would not recommend trusting. The app was leaked. Gunther stated that he would release the application to the public in the month of July.
Click to expand...
Click to collapse
Hey mate, that wasn't the case.
I planned to publish the technical details of the xss exploit within kik.com in July but that also leaked.
I encourage anyone to decompile this apk and look for anything malicious or suspicious if they don't trust it. It isn't my style to do that.
I understand you're just looking out for the community.
Take care mate.
Apologies and Results
Yah sorry to come out as aggressive or as if I was pointing fingers. If you are truly gunther, then you are very much aware of the presence of individuals on kik who post links which intercept IP's and I see a new exploit regarding a phishing link "video" with your name on it etc. I just want individuals to be careful. Because I made seemingly false accusations, I have done the task of running a scan on the app in a virtual machine (genymotion) running a various security scans on it. Only avast gave a security warning, but upon rescan it was gone. I have uploaded four images of four different tests. Please, proceed with caution for this application is as wonderful as you anticipate it to be. To those that have root and xposed, i would advise using I believe xprivacy to block any SMS or call log interaction which this app may present if the proof supplied below does not suffice your paranoia which I seem to be having right now.
-424aca
View attachment 3247779
View attachment 3247780
View attachment 3247781
View attachment 3247782
Thx for the tests.
I'm aware of the games being played on Kik. That's not likely to go away but their lack of willingness to correct the problems leaves everyone vulnerable. At least this protects a regular user from another regular user being annoying. The xss exploit needs to be patched immediately. The amount of people getting phished is amazing. I regret sharing info about that exploit.
As I mentioned long ago to anyone on Kik who asks the status quo kik hacker question "can you get ips thru kik?" My response has always been the image handler. The way kik handles their images has been exploitable forever but I'm not yet certain to what degree. After reporting the 2 "main" exploits to Kik, I moved onto checking out my suspicions and getting some confirmation/vindication.
The entire handler for images is a wreck. It's possible to create corrupt image headers (see my pastebin) which will crash Android upon receiving said picture. It's possible to create corrupt image headers to get IP addresses via images (confirmed on iOS by Host 4/6/2015). It's possible to create corrupt image headers to crash Android for lack of associated action.
It's possible to send videos as Gallery, Gallery as Camera, Camera as "Gunther", custom icons, and most likely offsite pngs (apache log taps). It is possible to build a card that exploits these same flaws but with more parameters. The card:// handler is probably only "more secure" because less people use it.
The fact that I can send you a picture that crashes your kik is absurd and it was obvious to me this style of attack would be possible from the first glance at it.
I like Kik but it is a dangerous hangout lately.
424aca said:
Yah sorry to come out as aggressive or as if I was pointing fingers. If you are truly gunther, then you are very much aware of the presence of individuals on kik who post links which intercept IP's and I see a new exploit regarding a phishing link "video" with your name on it etc. I just want individuals to be careful. Because I made seemingly false accusations, I have done the task of running a scan on the app in a virtual machine (genymotion) running a various security scans on it. Only avast gave a security warning, but upon rescan it was gone. I have uploaded four images of four different tests. Please, proceed with caution for this application is as wonderful as you anticipate it to be. To those that have root and xposed, i would advise using I believe xprivacy to block any SMS or call log interaction which this app may present if the proof supplied below does not suffice your paranoia which I seem to be having right now.
-424aca
View attachment 3247779
View attachment 3247780
View attachment 3247781
View attachment 3247782
Click to expand...
Click to collapse
So is it safe or not?
I don't like its dark background. Fix it
PrinceCoc said:
I don't like its dark background. Fix it
Click to expand...
Click to collapse
I changed mine to white.
I recommended you do not try this app. Probably the maker of this modified version add some malicious things. Or something for stealing personal infos
GreekDragon said:
I recommended you do not try this app. Probably the maker of this modified version add some malicious things. Or something for stealing personal infos
Click to expand...
Click to collapse
Damn I've already been using it
GreekDragon said:
I recommended you do not try this app. Probably the maker of this modified version add some malicious things. Or something for stealing personal infos
Click to expand...
Click to collapse
I didn't. Instead of talking dumb ****, why don't you decompile it and check for yourself. I have no desire to take anyone's info.
ODSTZ3RO said:
Damn I've already been using it
Click to expand...
Click to collapse
You're fine mate.
Me Host and Link have been working together on adding several features for pikik2 and their similar releases.
For now pikik2 will be:
Based on 8.1.x
Probable:
Turn off read receipts (Host)
Turn off typing notification (Host)
AntiLagV2 (Gunther)
Fake-Camera Mod (Gunther)
AntiLagv2 secondary check (Link)
(Theme choices by download if below doesn't work)
Possible:
Turning links on/off
AntiLagv2 override by conditional regex by input
Selectable Theme by input
Selectable Image background (Link/Host)*
*This works now but needs some more tweaking.
If you or someone you know is a smali pro, please PM me.
We are hoping to build these ideas as switches from a panel within kik
Also. If you're interested in building an Xposed Module to do these things, please PM me and I will help point to where the above things are taking place.
All credits will be given
If someone wants to reach us on kik. Check in #pikik
Appreciative said:
I didn't. Instead of talking dumb ****, why don't you decompile it and check for yourself. I have no desire to take anyone's info.
You're fine mate.
Me Host and Link have been working together on adding several features for pikik2 and their similar releases.
For now pikik2 will be:
Based on 8.1.x
Probable:
Turn off read receipts (Host)
Turn off typing notification (Host)
AntiLagV2 (Gunther)
Fake-Camera Mod (Gunther)
AntiLagv2 secondary check (Link)
(Theme choices by download if below doesn't work)
Possible:
Turning links on/off
AntiLagv2 override by conditional regex by input
Selectable Theme by input
Selectable Image background (Link)
If you or someone you know is a smali pro, please PM me.
We are hoping to build these ideas as switches from a panel within kik
Also. If you're interested in building an Xposed Module to do these things, please PM me and I will help point to where the above things are taking place.
All credits will be given
If someone wants to reach us on kik. Check in #pikik
Click to expand...
Click to collapse
OK I wasn't going to delete it I just changed its appearance a bit.
NOT working?
I have tried to download the File but i keep getting an error saying I don't have the app installed when I do? Maybe it's because a recent update that I did yesterday April 14, 2016. Any help?
Delete the kik you already have
INTRUTHS said:
I have tried to download the File but i keep getting an error saying I don't have the app installed when I do? Maybe it's because a recent update that I did yesterday April 14, 2016. Any help?
Click to expand...
Click to collapse
Yeah man your in the future, please tell us what its like in 2016
I reeeaally enjoy this app. Buuuut I like the new material design update (8.2.0) more. Pls update.
gallowsArisen said:
I reeeaally enjoy this app. Buuuut I like the new material design update (8.2.0) more. Pls update.
Click to expand...
Click to collapse
Didn't you read the post, their working on it, if you know someone that's good with smali tell them to contact us at #pikik
theattackingdildo said:
Didn't you read the post, their working on it, if you know someone that's good with smali teller them to contact us at #pikik
Click to expand...
Click to collapse
Sorry. I'll look out for anyone with experience. I'm in a few good groups so I'll ask around.
gallowsArisen said:
Sorry. I'll look out for anyone with experience. I'm in a few good groups so I'll ask around.
Click to expand...
Click to collapse
I'll ask some people about it.
First, let me/us say thanks for all the support. It helps keep us motivated to get pikik2 how we want it.
Updates:
We have pretty much narrowed down all the future feature locations.
We are still stuck in the same spot however.
We need a little advice or guidance on how to use toggles and inputs.
We can build the toggles, we can associate them in the places they need to be. But, we aren't sure how to do the following:
We need a generic or simple way to write and read toggle values into the database or preferences. We need to be able to pull these into smali. We are getting progress on Smali knowledge and may be able to import the values ourselves but we need to have a better understanding of how to implement this.
We want to create a check box, no problem. How do we add the value of check box (or inputs) into the db or prefs in the simplest way?
Next, how do we then read the value out of these?
We are reading to use <checkboxprefs but that's not working easy for us so far. We have tried literally hundreds of tests at this point.
My last test was duplicating the widget check box and associating it.
We need help. Someone. Give us a run down of the fastest way to what we need, please. As always, credits will be given.
Thanks mates,
gunther210
I will make a thread asking for more direct help when I have enough posts to do so. Anyone out there who has any advice, we will investigate.
Thanks again.
Spotify DogfoodThe open-source ad-free version of Spotify for Android
Hello all,
First of all, I'd like to address about the reason behind making this thread, and the project that is behind it.
I thought to myself, why people are free to publish YouTube mods to avoid ads, but not Spotify? So there's why the project started.
Spotify Dogfood is a mod of the Spotify Android App, coming directly from the Google Play Store and in both it's Beta and probably Stable releases, and modded in the cleanest way possible. This mod is "open-source". The Spotify app itself of course isn't, but the alterations/modifications done to the app in order to avoid ads are clear and concise, well-documented, and are getting uploaded as patchsets, so that they are perceptible and crystal clear at plain sight. This is because people, starting by myself, don't easily trust modded applications out there, so this makes it easier for you all to "audit" the modifications, and even contribute to the project by forking it, making your changes and then pushing it back to me.
This project has been running for several months now, and it's been now that I decided to move a step forward and make it public.
Restrictions and limitations:
This application replaces your current Spotify installation. You need to uninstall any previous installations of it first.
If the app came bundled with your device, like most Samsung devices, you can't use this mod out of the box, since you need to change the package name to a different one.
This application has been signed with a different key than the one used by Spotify. This means that Facebook login won't work unless you don't have Facebook's app installed, or you uninstall and/or deactivate it, if it came bundled with your device. Once done, log-in to your account using Facebook and, once logged-in, re-download and/or re-activate your Facebook app, if you want to.
This application won't work with Android Auto, since it hasn't been installed by the Google Play Store's agent. Fortunately, there's a fix found by XDA's News Writer @MishaalRahman, which you can read here.
As commented by Senior Moderator @matt4321, please, refrain from asking for other premium features to be unlocked.
What is different from *others'* mods:
Like I said previously, I didn't feel comfortable trusting code I had never seen, then I started investigating on how to disable Ads and such on my own and with help of awesome pages like this one that helped me clear my mind on how to properly modify the liborbit-jni so file. Once I had finally understood how it worked, I've made it public so that anyone can revise it on it's own.
How to contribute:
You can have a bit more information in the README uploaded in the repo. But basically, feel free to fork any branch you want, modify or investigate the patchsets as you want and recreate them in a different package.
Cool story bro, where's the download??!1:
Whoa there, cowboy!
All downloads, both precompiled APKs and Source code can be found in the GitHub Releases section.
Please, also kindly note the following - Do NOT re-upload them.
GitHub Releases - GitHub Main page - Project's webpage - Telegram Group
Disclaimer / Final words:
This thread, as well as the provided patchsets and precompiled APKs are just for demonstrative & educational purposes. They should not be used for illegal actions, and/or any action that can imply a violation in the ToS of the software used in the thread.
XDA-Developers.com takes no responsibility either, as this thread is hosted only and exclusively as for information purposes and doesn't attach any content that is copyrighted, but a link to it, just as it could have been found at Google.
It is yours, the final user, the one who takes the responsibility of using it wisely, as a functional PoC, and not for piracy or any other illegal actions.
XDA:DevDB Information
Spotify Dogfood, App for all devices (see above for details)
Contributors
linuxct
Version Information
Status: Stable
Current Stable Version: 8.4.39.612-dogfood
Stable Release Date: 2018-01-28
Created 2017-07-06
Last Updated 2018-03-01
How to apply the PatchSets
To apply the patchsets manually, you need the following tools:
Git, and preferably GitHub's app for Windows.
Java JDK and it's environment variables properly set-up
APKtool
An Android Keystore to sign your APKs
The version you wish to apply the patchset to, from APKmirror.
Android Debugging Bridge installed (perferably system-wide), as well as it's drivers if you're on Windows.
Once you meet all of the above, it's as easy as it follows:
Code:
#unpack the apk
java -jar apktool_WhateverVersion.jar d NameOfTheApk.apk && cd NameOfTheApk
#now copy the patch file to the dir you're on
git apply --stat NameOfThePatch.path #checks the stats
git apply --check NameOfThePatch.path #sees if it's compatible with the environment
git apply NameOfThePatch.path #applies the patch
#compile the result
java -jar apktool_WhateverVersion.jar b NameOfTheDirectory
#sign with your key
jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore /path/to/your/keystore NameOfTheDirectory/dist/NameOfTheResultingFile.apk YOURALIAS
#install the final apk
adb install -r NameOfTheDirectory/dist/NameOfTheResultingFile.apk
If you want to review the patch itself, you can use git-am.
You have more info in GitHub's README file.
In order to comply with XDA's Rules and CoC, Spotify Dogfood has taken a new direction, and now offers *exclusively* Ad-free music playback. Any other features won't be included anymore in this mod. But, that doesn't mean anything if you're a true, a core user of this app, because there will still be regular updates to it, as there has been up until now.
However, all patchsets, branches and everything that has been posted up until now will be deleted progressively, in order to comply with the above mentioned.
Still have doubts? Read this:
preference said:
FOR ALL THE PEOPLE WHO WON'T READ THE FIRST POST:
1. Dogfood only supports shuffle mode at normal quality with No ADVERTISEMENTS.
2. The mod had to be changed due to xda rules
3. This thread is not the place to complain. If you have an issue with the changes go to the telegram chat and talk with other dogfood users
4. There is nothing you can do to change the situation - be happy with what you get. No advertisements is still a really good perk
5. Support the developer if you can, monetarily or through teaching noobs about how to read the OP.
6. Look outside of xda if you can't handle the changes, but do not post any information on this board. Keep it related to dogfood
Click to expand...
Click to collapse
Thanks for this.
I can finally ditch the warezwebsite mods for something more trustworthy.
thank for this, awesome
Worth a try!
Sent from my A0001 using Tapatalk
Only 3 replies? Seriously?
paed808 said:
Only 3 replies? Seriously?
Click to expand...
Click to collapse
¯\_(ツ)_/¯
I pretty much think all of my new threads are damned at this point... Sigh.
linuxct said:
¯\_(ツ)_/¯
I pretty much think all of my new threads are damned at this point... Sigh.
Click to expand...
Click to collapse
Anyways, thanks again for making this.
Let's hope it continues to work and Spotify doesn't get buttmad.
I tried it and no ads so far. Good job =)!
Thanks !!!
great job !
After a day of usage, Spotify now tells me to buy premium to play my songs.
Sent from my A0001 using Tapatalk
dnle71 said:
After a day of usage, Spotify now tells me to buy premium to play my songs.
Sent from my A0001 using Tapatalk
Click to expand...
Click to collapse
How many songs/hours worth of music have you played non stop? Have you tried basic stuff like rebooting your device or clearing the app data? Can you try running Spotify in your desktop pc and let it run for a few songs to see how it reacts?
I've been using latest version at my workplace for 8+ hours, and I've a small group of early adopters that have been trying it out too, and none of us have ever seen that kind of message in our devices.
linuxct said:
How many songs/hours worth of music have you played non stop? Have you tried basic stuff like rebooting your device or clearing the app data? Can you try running Spotify in your desktop pc and let it run for a few songs to see how it reacts?
I've been using latest version at my workplace for 8+ hours, and I've a small group of early adopters that have been trying it out too, and none of us have ever seen that kind of message in our devices.
Click to expand...
Click to collapse
I haven't done any of that, sorry. I jist tried playing around 30 minutes last night then tried the morning and then it started giving me the message.
Let me try to do the following later.
Sent from my A0001 using Tapatalk
Thank you very much! This is awesome, you are awesome!
I’ll try! Thanks!
Oh yeah!!!!!! Great work and great dev to make this open source app... Congrats
Enviado do meu ONEPLUS A3003 através de Tapatalk
Nice, I'm currently using a modded one anyway but an open source version on XDA is always preferred. Can you add a changelog at all? The one I'm currently used to using shows all changes and features that it enables but I haven't seen a list like that here.
Awesome job I need this
This is amazing. Works like a charm. Thank you very much!
I have started an open source project to support Chromium + custom patches for adblocking:
https://www.bromite.org/
What is Bromite?
Bromite is Chromium plus ad blocking and privacy enhancements; it started as a port of NoChromo and nowadays adds more privacy-focused patches and is maintained against the latest stable Chromium.
Development & donations
Please join the development on Github for improvements.
Donations are welcome and help supporting development and build server costs!
Download & availability
Bromite is available for download from the Bromite Official website, which points to the Github Releases for all the downloads, and via the official third-party F-Droid repository.
Frequently Asked Questions
Q. Does Bromite support Google Sync, Translate or Data saver?
No. This is not a limitation of Bromite but of all Chromium-based projects in general, as general public is not allowed to use Google's APIs for free unless when using Chrome.
Q. Does Bromite require root?
No.
Q. What is the SystemWebView?
It is the core component of Android for all web page visualizations. For example when you access a new wifi network and need to activate it, that is using the SystemWebView. If you do not know what it is then you do not need to install it.
How to enable DNS-over-HTTPS?
See this wiki page.
Q. Can you add dark mode/some cool themes?
No.
Bromite is about adblocking and privacy.
For other F.A.Q.s see https://github.com/bromite/bromite/blob/master/FAQ.md
Resources
Bromite GitHub project
Bromite GitHub discussions
CHANGELOG
Bromite SystemWebView
Chromium
Bromite fingerprinting mitigations test page
Releases atom feed
Bromite @ DNS Privacy
https://chromium.woolyss.com/#chromium-forks
Social/discussion platforms
Announce on Reddit's r/androidapps
some tweets from DNSPrivacy:
https://twitter.com/i/web/status/1008735795052793857 and
https://twitter.com/i/web/status/1008736050150297604
In the news
Bromite is another Google Chrome Port with Built-in Ad Blocking
Bromite: Android-Browser mit hehren Zielen (in German)
-----------------------------------------------------------------------------------------------------------
NOTE: the author (@csagan5) is not posting frequently on these forums, for official information about Bromite refer to the official website and GitHub project.
143MB?
aviranx said:
143MB?
Click to expand...
Click to collapse
Are you referring to the ARM64 MonochromePublic build? It is described here: https://chromium.googlesource.com/c...d_instructions.md#Multiple-Chrome-APK-Targets
Edit: these are the same size Google Play store would return you, as described there
pato2015 said:
i installed your browser.. notice a red blink on sides.. using s8 plus... ty
Click to expand...
Click to collapse
@pato2015 let me reply here to stay on topic: yes, I also noticed this problem yesterday...it's due to a build setting in Chromium. I am rebuilding it with the fixed flag and will take some hours now to complete.
Tomorrow I'll post again when it's ready.
@Sangean replying here.
Sangean said:
Hi,
It would be good if you could compile the official version which is v61 at the moment just like 'ponchofiesta' did with Chromium instead of this dev version.
This version you did is development version with many bugs.
Click to expand...
Click to collapse
I assumed that all tagged versions are stable releases; can you point me to the official explanation about this? Like, how do I know which tags are stable or not.
Sangean said:
For example the audio stream does not play on this site:
http://www.maiige.hu/maiige
Click to expand...
Click to collapse
This might be due to missing codecs; I suggest checking again after I release a more recent tag, then reporting a bug on Bromite's github issue tracker otherwise.
Sangean said:
Plus there is sometimes a red border for the whole phone... I remember ponchofiesta used to have the same issue, but somehow he fixed it.
Click to expand...
Click to collapse
This is also fixed, but build is still in progress and it takes time. Probably in one or two days will be published.
Sangean said:
Your current version is 63.0.3236.0, meanwhile I tried dev version 63.0.3236.6 which plays audio stream correctly on the site above, but I guess things can break here and there with dev version, thats why official version would be a better solution.
Thanks for your efforts!
Click to expand...
Click to collapse
See question above.
video codecs also missing. Cannot play videos. I always get a message that I should install flash or h.264.
jho55 said:
video codecs also missing. Cannot play videos. I always get a message that I should install flash or h.264.
Click to expand...
Click to collapse
Can you open an issue on github? I need to know android version, architecture (ARM or ARM64) and the sample video that fails.
I also suspect that some codecs are missing; I have found some information about how to enable them and will try; if anybody else has more information about how to enable all codecs on Android, please post here or on the GH issue
Edit: I am now building with codecs, it's going to take a long while..so keep tuned and I will post when builds are done. This means I restarted the build for the red blink too.
Great view Chrome+Ad blocking is back for Android
But please make builds for x86.
I have Android 4.4.4 tablet with x86.
c-sanchez said:
Great view Chrome+Ad blocking is back for Android
But please make builds for x86.
I have Android 4.4.4 tablet with x86.
Click to expand...
Click to collapse
coming up soon :victory: meanwhile, no donations received so far!
jho55 said:
video codecs also missing. Cannot play videos. I always get a message that I should install flash or h.264.
Click to expand...
Click to collapse
This is fixed in latest release 63.0.3239.6
Cc @Sangean
63.0.3239.6 is released; see CHANGELOG here.
OP is also updated.
csagan5 said:
63.0.3239.6 is released; see CHANGELOG here.
OP is also updated.
Click to expand...
Click to collapse
- What is OP?
- I just installed it from bromite.org and it is actually v64.3242.0 not v63 as stated above. How come?
- Change log says: "added x86 target CPU" so is it already included? If yes, the bromite.org site still only have radio button for ARM and ARM64 for download... no x86
- I guess the Bookmark sync will not work in this either as Google disabled it for third party builds, right?
- I guess donation will start coming once people start using your builds and are pleased with it
Sangean said:
- What is OP?
Click to expand...
Click to collapse
https://en.wikipedia.org/wiki/OP#Internet I meant original post
Sangean said:
- I just installed it from bromite.org and it is actually v64.3242.0 not v63 as stated above. How come?
Click to expand...
Click to collapse
Don't know. The source code tag is exactly what I posted, the Google Chromium developers have probably changed the internal version string but not the tag.
If you build from the tag 63.0.3239.6 you will get the same version you found, not something I am responsible for.
Sangean said:
- Change log says: "added x86 target CPU" so is it already included? If yes, the bromite.org site still only have radio button for ARM and ARM64 for download... no x86
Click to expand...
Click to collapse
It will be there as soon as it's ready.
Sangean said:
- I guess the Bookmark sync will not work in this either as Google disabled it for third party builds, right?
Click to expand...
Click to collapse
The Google API keys are not embedded (would be pointless, I cannot pay for the quotas needed for a project of this size and the free quota would be exhausted in a blink); but you can always make your own and specify them via environment (not sure how that works on Android).
The only thing disabled are embedded API keys; everything else is enabled (except NaCl, still buggy compilation even after my patches).
Sangean said:
- I guess donation will start coming once people start using your builds and are pleased with it
Click to expand...
Click to collapse
Yeah, but I meant: requests that add more work for me would be better come from donors I have limited time and the server I am using for builds for sure is limited. Will not accept wide range expectations without any help I am not really Google (so I also don't profit from your personal browsing data ), just an open source developer
csagan5 said:
coming up soon :victory: meanwhile, no donations received so far!
Click to expand...
Click to collapse
Thanks!
I will tried send some donation later although I'm not really gaining too much for now
X86 finished building and it's now available. Updated OP with information about future plans to build the stable Chrome release.
c-sanchez said:
Thanks!
I will tried send some donation later although I'm not really gaining too much for now
Click to expand...
Click to collapse
No worries, I do this because I want an adblocking browser for myself (without root), and thought I'd share the build for others too. If I match the server costs I am happy already.
Thanks for your donation!
Just donated. Good luck with this project, happy to see NoChromo live on and hopefully become something even better.
James_Ward01 said:
Just donated. Good luck with this project, happy to see NoChromo live on and hopefully become something even better.
Click to expand...
Click to collapse
Thanks!!!
In future builds can you remove the Google sync feature since it doesn't work?
James_Ward01 said:
In future builds can you remove the Google sync feature since it doesn't work?
Click to expand...
Click to collapse
Does it create any malfunction if left there?
I am actually planning to play a bit around with this to see if it can be enabled with API keys