Related
Thread is under construction.
WARNING: There have been 3 reports so far of failure to boot after installing the Shim HAL. This sort of problem should be assumed possible at this early "Alpha level research project" phase.
Please don't install if you have stock recovery or don't know what recovery is.
Please don't install if you are nervous. Wait a while for the bugs to get worked out and info compiled.
Don't install if not confident in your technical skills.
Don't install if you might freak out if your phone gets disabled for a little while.
For bootloops or to fix or remove: http://forum.xda-developers.com/showpost.php?p=52931431&postcount=67
Post #2 has download links and instructions: http://forum.xda-developers.com/showpost.php?p=52765309&postcount=2
Since interest has ramped up quickly, I've published a 99 cent "donate" version on Play: https://play.google.com/store/apps/details?id=fm.a2d.av (Wait until the $200 placeholder price disappears, LOL.)
I'm not sure "donate" is the right word, but it's the exact same app I'm distributing and will continue to distribute for free (for at least X months to a year ??), so nobody is under any obligation to buy to get the app. Updates will be automatic via Play though.
============================================================
AudioTricks / VolumeTricks is a new kind of "audio mod" that is HAL Shim based.
At present, it can raise or lower output volume and microphone input gains digitally.
Only works on ICS Android 4.0.3 and later. AOSP ROMs such as CM11 or other KitKat very much preferred. Many stock ROMs 4.1-4.3, won't work, especially HTC.
Post 2 has download link and instructions.
Disclaimer: Please understand that this is the first public release of this app. Although I endeavour to make my apps as safe as possible, one never knows whether or not some silly bug or unusual interaction might pop a speaker, headset or whatever. I have over 20 devices that I use for testing my apps and I try to "torture test" as much as possible. So if something goes pop, I'll be very sorry and do everything I can to analyze and fix any problems. If you're "not sure", just wait and more adventurous people will do the early testing needed to help ensure nothing breaks.
By it's very nature, any app that can boost volume creates risk for audio output devices as well as your ears.
For those who know my Spirit FM apps, this is a bit of a move for me. Spirit1 and Spirit2 both are alive and well, but the future of FM radio on Android seems to be dimming the last few years. I'll be splitting my time between apps based on the support I get.
Making this HAL Shim based provides some advantages and disadvantages over other methods of changing volume or gain.
Advantages include:
- Audio modification even for apps, games, etc. that use the low level Android NDK OpenSL ES API.
Disadvantages:
- Analog controls, if available, may be better.
AudioTricks is intended to be my name for a group of small apps, and/or a "master app" that includes the features of them all.
VolumeTricks is the first such small app to be released, and is focused on output volumes and input gains.
VolumeTricks may not be limited to the "HAL Shim" approach to audio mods. It may also include ALSA, ALSA UCM, and other methods to manipulate audio.
At this time, the app is free, but Copyright Me. I'll likely maintain a free version for some time, but I gotta eat too so there will be a paid version on Play when it seems ready.
At this time, this app has been tested mostly on CM11 and a few other AOSP ROMs. Many stock ROMs won't work, especially HTC.
The app is currently set to only work on Android KitKat 4.03+.
I haven't tested ART much yet, mostly Dalvik, but it's working OK on my One M7 w/ ART. Shouldn't be too hard to fix any ART issues.
So what the heck is a "HAL Shim" ??
Android uses HALs (Hardware Adaptation Libraries) as an API between Google's Android code and the phone OEMs hardware specific code. Android Audio has at least 2 HALs, one for "Policy" (selects outputs, inputs and some other stuff) and one for the audio transfers. The HAL Shim in this app works with the latter "Primary" HAL for audio transfers.
A SHIM is a component that sits between 2 other components and pretends to be the higher component as well as the lower component. Hierarchy:
Android AudioFlinger
------------------------
HAL Shim
------------------------
Primary Audio HAL
So, the HAL shim pretends to be an audio HAL to Android's AudioFlinger. AND it pretends to be Android AudioFlinger to the Primary Audio HAL.
The HAL shim acts as an intermediary. It can pass everything back and forth unmodified which makes it invisible. Or it can modify anything passing between, including the audio data.
Isn't there a better way to do this ? No, I don't think so. I don't want to be modifying a bunch of HALs on thousands of ROMs. I also don't want to be modifying AudioFlinger on those same hordes of ROMs.
What else can be done with the HAL Shim concept, besides "Volume Tricks".
I think some of these may be feasible:
- Recording all inputs and/or outputs. Maybe even both sides of phone calls.
- Analyze, Visualize, Equalize, Effects-ize all or many inputs and outputs.
- Bypass DRM.
- Maybe a method to modify (eg. encrypt / decrypt) phone call audio, inbound and outbound; possibly via pretending to be a BT headset....
Note that, at present, the HAL shim only works with the "Primary Audio Interface". Small-ish mods could do the same for HDMI, A2DP / BT, USB Audio, "Remote Submix" and whatever new audio devices Google defines.
Post 2 download link and instructions.
If a boot loop would ruin your day, please see warnings at top of post #1 and don't install this app until more mature.
Disclaimer: Please understand that this is the first public release of this app. Although I endeavour to make my apps as safe as possible, one never knows whether or not some silly bug or unusual interaction might pop a speaker, headset or whatever. I have over 20 devices that I use for testing my apps and I try to "torture test" as much as possible. So if something goes pop, I'll be very sorry and do everything I can to analyze and fix any problems. If you're "not sure", just wait and more adventurous people will do the early testing needed to help ensure nothing breaks.
By it's very nature, any app that can boost volume creates risk for audio output devices as well as your ears.
Android seems to have a ridiculously / hilariously complex audio system... LOL.
v140530: http://d-h.st/2lc#.U4hLA3KBugY
Fixes a LOT of issues, especially SU / mount issues with stock restrictive SELinux like Samsung stock 4.2+.
As always, Press Update/OK to update Shim HAL each new release.
- SU / root fixes, especially for SELinux Samsung 4.2+.
- Fine control removed.
- Coarse control range changed from -60 to +60 db ; now 0 to +36 db. Maybe I'm the only one w/ a need for gain reduction below 1.0 or 0 dB.
- Many other fixes.
Version av-140526:
- Fix the /system/addon.d/ ROM update backup/restore script used during ROM updates.
Version av-140525:
- Automatic gain reduction is now sticky, so reduces distortion when maxed. Touch sliders to reset.
- Numbers for VU.
- After amplification VU display.
- Sliders caiibrated in dB.
May not work on stock ROMs, especially older Android versions and HTC stock ROMs.
Starting this app for the first time should request root and prompt to install the HAL Shim and an addon.d backup/restore script to allow it to survive ROM updates.
After the Shim is installed, the "system_server" is killed in order to activate the Shim. Sometimes it may be better to completely reboot the phone, especially with effects, visualizers and player apps running at install time.
Once the app and Shim are installed, the app shows a "Remove" button that removes the Shim, should it be causing you problems or you just don't want/need it. The button will change to "Update" with newer versions of the app/Shim.
Sometimes, like on ROMs with old Legacy HALs, state detection won't work and the button will only offer to Install with no way to remove. As of v1.0.3 go to the 2nd tab (swipe from right to left) and there is a permanent Remove button.
If you remove the app without removing the Shim, the shim will remain, but should be mostly dormant. The easiest way to remove the Shim would be to reinstall the app and select the Remove button.
To manually remove the Shim and addon.d script, something like this should work from a connected PC with adb shell:
Code:
adb shell
su
mount -o remount,rw /system
ll /system/lib/hw/audio.primary.*.so
# !!!! Note the name of the HAL, like audio.primary.msm8960.so and use this name in next line. (If only audio.primary.default.so exists, use that.)
mv /system/lib/hw/audio.primary.orig.so /system/lib/hw/audio.primary.msm8960.so
rm /system/addon.d/99-audiotricks.sh
mount -o remount,ro /system
reboot
Using the app:
See post #3 for usage instructions.
Usage:
If a boot loop would ruin your day, please see warnings at top of post #1 and don't install this app until more mature.
Disclaimer: Please understand that this is the first public release of this app. Although I endeavour to make my apps as safe as possible, one never knows whether or not some silly bug or unusual interaction might pop a speaker, headset or whatever. I have over 20 devices that I use for testing my apps and I try to "torture test" as much as possible. So if something goes pop, I'll be very sorry and do everything I can to analyze and fix any problems. If you're "not sure", just wait and more adventurous people will do the early testing needed to help ensure nothing breaks.
By it's very nature, any app that can boost volume creates risk for audio output devices as well as your ears.
To select output volume or input gain, swipe left or right or use the tabs. The primary/left screen is for output volume.
Set the enable switch to ON to enable volume/gain adjustments.
The Left and Right indicators are logarithmic/DB audio level indicators, updated every 0.1 seconds with the peak audio level. These show the signal level before amplification. If they are VERY near the full width of the screen, there is little amplification that can be reasonably done. (But 80-90% leaves some room, given the exponential nature.)
For no boost, IE an amplification factor of 1.0, the Coarse and Fine controls should both be set to 0 at centre.
Setting Fine all the way right to +6 dB doubles audio power, setting to -6 dB halves audio power.
Setting Coarse to +30 dB creates an amp factor of 32, assuming Fine is set to 0. Setting -30 dB is about 0.03.
Note that an amp factor of 32 is very high, unless you are dealing with very low input signals.
The Shim detects when the signal will overload, and reduces the amp factor as needed to prevent overload/distortion. To raise it again, use the UI to reset.
There are some "streams" for which amplification will not work. I will support as many stream flags (such as Fast) as I can; remains to be seen; this is still kind of a "research project" at this stage.
At present, all streams are amplified the same amount. Per stream or stream type amp factors will be supported.
Just go to post #11 on next page.
Nothing to see here, move along.
Technical info to fill in later.
Pay no attention...
... to the man behind the curtain...
8 is lucky 7 + 1; even better.
Trouble-shooting info.
#10 is always "Future".
Comments and questions start here.
Volume control?
Hi Mike,
You are making me curious about this new project of you.
I bought a long time ago this app for level control. It is doing his job, but has lack of storing the settings and sometimes still adjust (unwanted) the volume.
Count me in for testing :fingers-crossed:
Edit: get an error parsing the apk :crying:
Rinoceros said:
Hi Mike,
You are making me curious about this new project of you.
I bought a long time ago this app for level control. It is doing his job, but has lack of storing the settings and sometimes still adjust (unwanted) the volume.
Count me in for testing :fingers-crossed:
Edit: get an error parsing the apk :crying:
Click to expand...
Click to collapse
Welcome to my new thread and app.
AFAICT, that app mostly just manipulates standard Android volume levels, which is fine, but not much different than the standard volume control.
I just downloaded my new app linked http://d-h.st/plb myself (7 downloads in first 2 hours now), and it installs fine on my One M7, and matches bit for bit the 1.0 version installed on my test phones.
So you're on stock based InsertCoin ROM ?
As long as it's Android 4.4 KitKat (API Level: 19), it SHOULD parse and install OK.
The binaries are for ARM devices only (ie 99+% of Android devices). Intel x86 or MIPs can't work (at present.)
I can't think of any other reason it won't parse, unless your copy is corrupted. This is the MD5 I get:
Code:
md5sum ~/Downloads/av-release.apk
2c8328e8cbe1f585f3b1634e36200c8f /home/mike/Downloads/av-release.apk
I'm happy to hear anyone else's stories of success or failure, but I'll need a good 7 hours of sleep first.
------------
Happy Victoria Day to all fellow Canadians & CommonWealther's, and Good Long Weekend to all those with a day off of work this Monday. Finally nice weather here lately...
mikereidis said:
I just downloaded my new app linked http://d-h.st/plb myself (7 downloads in first 2 hours now), and it installs fine on my One M7, and matches bit for bit the 1.0 version installed on my test phones.
So you're on stock based InsertCoin ROM ?
As long as it's Android 4.4 KitKat (API Level: 19), it SHOULD parse and install OK.
Click to expand...
Click to collapse
Aha, here might be my problem. My InsertCoin is still the good old JellyBean 4.3 (I am happy with this version and had nearly no problems and all the stuff is working on this one. So if it ain't broke; don't fix it )
The binaries are for ARM devices only (ie 99+% of Android devices). Intel x86 or MIPs can't work (at present.)
I can't think of any other reason it won't parse, unless your copy is corrupted. This is the MD5 I get:
Code:
md5sum ~/Downloads/av-release.apk
2c8328e8cbe1f585f3b1634e36200c8f /home/mike/Downloads/av-release.apk
I'm happy to hear anyone else's stories of success or failure, but I'll need a good 7 hours of sleep first.
Click to expand...
Click to collapse
Got the same MD5: 2C8328E8CBE1F585F3B1634E36200C8F
I am confused or it doesn't work on 4.3
Sleep well!
4.4
Does it work on Android below 4.4?
Can't wait to try it. Your work with Spirit was amazing, so I am sure this is too.
Thanks for the effort, but it ain't working on i9100, cm 11/kk 4.4.2. Tried to increase volume a little (level was about 3, but as you know, first written value is 5), there was a very strange noise as I tried to.increase volume via volume buttons while listening music via headphones. It was a crackling noise, looked to me like the phone is going to get damaged, so I removed HAL and uninstalled your app.
Rinoceros said:
Aha, here might be my problem. My InsertCoin is still the good old JellyBean 4.3 (I am happy with this version and had nearly no problems and all the stuff is working on this one. So if it ain't broke; don't fix it )
Got the same MD5: 2C8328E8CBE1F585F3B1634E36200C8F
I am confused or it doesn't work on 4.3
Sleep well!
Click to expand...
Click to collapse
Here's a v1.0.2 test release that will install on Android 2.2+: http://d-h.st/QfV
Draw Em! said:
Does it work on Android below 4.4?
Click to expand...
Click to collapse
It may. Here's a 2.2+ test release: http://d-h.st/QfV
Chances are lower the lower the Android version. I'd recommend 4.1+, but it may work on some Android 4.0 as well. Android 2.3 GB and older used a "legacy HAL API" which won't work.
At this time it's a "bleading edge" release, and most people comfortable with that have been running 4.4 the last 6 months, I'd think.
pilgrim011 said:
Thanks for the effort, but it ain't working on i9100, cm 11/kk 4.4.2. Tried to increase volume a little (level was about 3, but as you know, first written value is 5), there was a very strange noise as I tried to.increase volume via volume buttons while listening music via headphones. It was a crackling noise, looked to me like the phone is going to get damaged, so I removed HAL and uninstalled your app.
Click to expand...
Click to collapse
It sounds like it was working then, as it does for me on my 9100 with CM11.
In many circumstances audio amplitude will already be maxed out, and trying to increase volume will only result in the automatic gain control kicking in with a different value many times per second, thus leading to distortion and other audio "artifacts".
This solution is more helpful when, for some reason, the audio source material doesn't use the full 16 bits of amplitude. If the VU indicators in the app are showing peaks around 80-90% of the screen width, when the normal volume control is maxed, then amplitude is probably above 16,000 and could be near the absolute peak around 32,000.
For example, some audio may have been recorded that only peaks around 4,000 - 8,000, and for this, and amp factor of 4 may be useful. Another possible solution for this scenario is to enable Compression in DSP Manager or whatever. As with everything, this has pros and cons.
In many circumstances, when possible, it's better to raise analog gain, like Voodoo sound does on the Galaxy S GT-I9000. I'm going to look into this, but this sort of solution is very audio chip dependent.
PenTesters_Paradise
Code:
[b][center]DISCLAMER[/center][/b]
I can not be held responsible for how you use this package.
I am also not to be held responsible if flashing this package
damages your device in anyway. This package is for
educational use only and should not be taken lightly. This is
the exact package that I use for my 2nd job, and is not meant
to just be played with willy nilly. Ask permission before doing
anything in public OR private.
PenTesters_ParadiseThis package was originally supposed to be a custom ROM, but I wanted to give everyone an equal opportunity to enjoy this package, so I converted it to something everyone can use! This package isn't for the faint of heart. This is for those of you curious about Pen Testing and for those who basically want to feel like they're bringing Watch_Dogs to the real world. Below I will explain the package, and what each item can actually do. I will also have YouTube videos (when I get the time to record them) explaining each app and package. I also have some custom content coming, some that will be shown off and not released as well. Please enjoy and remember to play it safe and always ask permission first before using any of these packages or tweaks.
What's A Pen Tester?If you're asking yourself this question, this package MIGHT NOT be for you. A Pen Tester is either a White Hat or Grey Hat hacker that gets hired by individuals or companies to basically purposely hack their products, networks, or any other sorts of electronically based applications. Pen Testers are becoming a big deal especially in the Gaming world. Dev companies are starting to get smart and are realizing that they honestly can't BEAT the hackers with out TRUE HACKERS of their own. This is slowly becoming a big money life style and more and more people want into it. This is basically your "License to Kill" when it comes to a product/project/ect. when the company or individual gives you the green light to crack in and have at it.
Package Includes
Screen Shots will be added to the 3rd post of this thread, tutorials for each app and the change log to the 2nd
AnDOSid
This app is an Android-based DOS attacker. Basically, this app allows you to simulate a DOS attack (Denial of Service) as a HTTP POST flood attack on either another person or a web server.
NetSpoofer
Network Spoofer lets you change websites on other people’s computers from an Android phone. Simply log onto a Wifi network, choose a spoof to use and press start. This can be a lot of fun, but always ask first.
AndroidVNC
please see this thread for all the info about this
http://forum.xda-developers.com/showthread.php?t=497187
aWPScan
This app lets you scan wordpress based sites for exploitable entrances to the sites admin panel. Fairly simple to use and can sometimes come in handy when working for a client and building them a WP based site.
DroidSheep and FaceNiff
These apps were popular for a very short time but are very powerful. They both kind of have the same functions as they work as a MITM (Man In The Middle) attacker service. Basically, login to any WiFi hot spot, and you will start capturing web traffic. You can manipulate the web traffic to do as you want from here.
DroidSheep Guard
This app guards you from anyone else using Droid Sheep. I'm not entirely sure if it will guard against FaceNiff as well.
DriveDroid
This app turns your device basically into a disc image mounting device. Basically, you can take an ISO or IMG file, mount it with this app, and install full operating systems to another PC. Read below on how to work it with the Galaxy S5 Specifically, as there's 1 special step you need to know
1.) Run the app and go through the setup.
2.) When you get to the selection about selecting a driver, select the 3rd item, which should be a "Legacy USB Driver"
3.) When you get to the point abut TESTING it and restarting your PC, this is where the trick lies.
3a.) As your PC boots up, boot directly to your BIOS (for HP and ASUS its either Escape or F2. not sure about others off the top of my head)
4.) From here, make sure your phone as connected successfully in MTP mode.
4a.) Go into Drive Droid (After MTP has been set), and select the IMG or ISO you wish to emulate from your device.
4b.) In the BIOS, Save Settings and restart (I know you didn't change anything, hear me out)
5.) From here, you need to test...
5a.) You'll either (after the bios loading screen) boot directly to the ISO or IMG, or into your standard OS.
6.) If you boot directly to your standard OS, reattempt from step 3 onwards, but at step 5, go to 6a
6a.) When the PC restarts, bring up your Boot Menu of options (F12 I believe on ASUS and HP)
6b.) From here, select the Samsung device listed, and it should boot!
dSploit
dSploit is a package of all sorts of tools ranging from MITM attacks to DOS attacks, and other testing abilities. Plenty of videos around on how to use this app.
HackAppData
This is for any app on your device. This app lets you modify the AppData of any application installed on your device.
Hackers Keyboard
Just a highly customizable keyboard.
Network Mapper
This app simply maps out the WiFi Network you are currently connected to, showing you every device connected.
Shark
Basically WireShark for Android. Lets you see incoming and outgoing data packets from your device and other things on the network.
Penetrate Pro
No this isn't a dirty joke (couldn't resist), This app works with decoding WiFi connections to allow you to connect to locked and private connections.
SQLMap
SQLMap is one of the most highly used tools around for SQL Injection attacks as its basically the best automated tool for it. There's tons of tutorials out there about it and soon I'll post one of my own.
LockScreen Widgets Tweak
Created by BigBot96, this tweak lets you apply Widgets to your lock screen. PLEASE Make sure you download the correct file. Currently, only the NE9 builds are supported with this tweak, but I'll have an option available for you to not have to worry about this.
Coming Soon...
Future Additions will be coming around soon for this, so keep checking the thread!
Kali Linux NetHunter Features.
So far, only supported by the Nexus devices, I'm attempting to port over the apps and data for this to the S5 as the first non-Nexus device to have support for Kali Linux control. Below will be the list of what will be included.
KaliLauncher
This is the heart of the NetHunter features. This controls everything, and launches all the different exploits available through Kali Linux. To learn more, keep reading
BadUSB
BadUSB is a form of undetectable Malware that is applied to specific USB devices that match the exploit. Basically, this hijacks your USB plug while your device is connected to a computer (windows based), and lets you install a faulty driver to it that houses your malware files. You could use this to transfer things like BotNets, Trojans, and many other forms of malware to a users system and they'd never even know.
DNSSpoofer
Basically, this tool just spoofs the DNS connection you're using or the other person/s are using and lets you reroute people. DNS Attacks are few and far between, but they're slowly getting easier.
PowerSploit
I'll admit, I haven't read up on this yet, but when I have, I'll edit this lol.
NoUpStream
This stops any up stream data entirely.
Other Future Additions
Basically, I'd like to convert this to something like a "Mini-ROM" that gives you a Launcher, themed Gapps, themed system apps, and much more, but for now, this is the temp solution. Next Update should have at least a custom boot animation.
How-To Install1.) Transfer the Zip file that matches your device to your SD card or Internal Storage
2.) Boot up into recovery mode and Flash the ZIP
3.) Done!
Special thanks to the creators of all these apps, scripts and tweaks that are being applied to this package. The ZIP packages below simply just need to be flashed to your Android device via SafeStrap (only method I can test). If someone could test a standard TWRP on a Dev Edition or another unlocked device, that'd be awesome.
Download Links Below
UPLOADING NEW ONES AFTER THE NEXT FLASH Test.
Thought it was ready, and realized it wasn't.
All apps are force closing -_- I'll fix it when I wake up. I've been at it for 12 hours now
Planning on updating this/adding a download?
Nice waiting anxiously for this
Waiting like wagging dog.... I went to source and got working nice..like to wait for add ons.
http://forum.xda-developers.com/showthread.php?p=3518324
Subscribed.
Sent from my SM-G900V using Tapatalk
lol he posted this weeks ago.. he respondin in his rom thread also saying he was working on a new rom which isnt out yet and said a week or two ago that his tmo budfy got 5.0 lollipop which was false lol so not sure if and when this will actually be uploaded.. its been here for weeks with no zip or apks at all in the themes n apps section..
most of these apks are stuff you can manually install if you dont want to wait :-/
Reinventing the wheel
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
dmayniak said:
Kali nethunter had been out for a while for the S5 variants, it's like having a VM copy of Kali on your galaxy S5 the instructions/apps/kernel are all available
http://forum.xda-developers.com/galaxy-s5/unified-development/kali-nethunter-galaxy-s5-t3298477 all the other apps he's taking about are available just search on Google or download a app called bugdroid pro from the app store it provides downloads and installs for all of these.
Faceniff
Droid sheep
I don't think those function anymore on anything.. on pretty sure those security holes they exploit have been patched..
Click to expand...
Click to collapse
lol the last comment was me about 2 years ago
elliwigy said:
lol the last comment was me about 2 years ago
Click to expand...
Click to collapse
i know right? lol i gave up on this because at the time i sucked at making flashable zip's
Vortell said:
It would be cool if you started it back up!
Click to expand...
Click to collapse
The reason I haven't is because Kali Linux has an official release for this phone as long as your bootloader is unlocked and you're on CM
I can see it as a root process running /vendor/bin/bastetd ,
also some components in the kernel and recently it was mentioned
by Huawei personally in the context of "multiple security holes":
http://www.huawei.com/en/psirt/security-advisories/huawei-sa-20170405-01-smartphone-en
Google search has found some chinese-language documentation talking about the 'Bastet Network API for the partners', which makes it a perfect spyware candidate.
Can i at least safely delete this '/vendor/bin/bastetd' without any side effects, or do i also need to zero out the kernel components in RAM, without simultaneously hitting some security watchdog ?
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
The Android community isn't what it used to be that's for sure. No help, no suggestions. Just nothing.
BLEEDCOLORYOU said:
Okay so ive been battling this for sometime. I'm starting to get a little more knowledgeable but still don't know what to do with all this.I experienced this first back in 2015 then I completely made a switch. Well now I'm back to same issues.
The problems I'm experiencing is it's happening on all the devices I have. The phone I'm on now bought brand new from metropcs. and not even a day 30minutes later I get an update for the phone. I new not to install or download. But it inventively did. Now it's sitting on my storage wanting me to move files to root.
LET ME MAKE THIS CLEAR. NON OF MY DEVICES ARE ROOTED.
to make this short. My devices seem to have a Bluetooth admin. And connects to any Bluetooth device without me knowing.
So far from what I see chromium and stage fright is a big part of what I'm seeing.
I'm attaching some pictures to give more detail look. And it's not just my Android devices it's my Xbox one S as well.
looking to completely remove. I'm not trying to waste money on switching networks or completly going Mia.
Fast responses please.
Sincerly,
-Desperate androidian
Click to expand...
Click to collapse
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Ref his other post
https://forum.xda-developers.com/general/security/security-global-family-credientals-t3665851
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
IronRoo said:
I'm no expert but I'm struggling to see your exact issue you seem to think you have, is it just t your Bluetooth is switching on. All those licences, security certs, file locations etc look normal to me (without checking numbers or being able to compare to same phone os etc) though I have disabled many of those certs eg the Turkish ones etc & my Bluetooth files are different but I can find ref hill those locations online eg Xieomi phones
You appear to have a ZTE, please give model number and current OS & rev (must be stock I suppose). ZTE was found with a backdoor in older phones, sending data to China, so it's possible, & some Chinese phones also update their apps without notification. But as you say your whole network appears compromised so the source may be something else, like your router/modem, or Bluetooth as you think (though some apps require Bluetooth admin permission legitimately, you can disable it as an Admin). Tell us what behaviors you are seeing that you believe are malicious. New phone update soon after you turn on is quite common, as I'm sure you know.
When I had a quick look at your log it did have a lot of activity going to the US DOD, would you expect this, as well as the usual google & Facebook connections. Though (perhaps) strangely also to a server from a small marketing company here in Australia, but I'm no expert even if I looked at your log line by line I wouldn't understand it all.
Things to try. Run a reputable antivirus. Boot into safe mode, so only system apps run, is it still happening? Can you turn off anything that is listed as a device admin? Try run a root checker app. Even if it all comes back negative you may still have a problem as a port may already have been opened and malicious app self deleted or something. Use an app like Fing to see if any device you don't recognise are connected to your network.
You may be able to block some activity if it's not going through root with a firewall eg NetGuard no root firewall, start with everything blocked.
Above are just some general hints, without knowing specifics I can only suggest you backup any stuff you want to keep then factory reset everything & change ALL passwords to strong ones (no good just adding a number on the end of your old ones!), better still reflash all firmware (updates if available) to overwrite everything. This incl your internet access points eg router, and only reconnect to the net/networks after you have done them all (one at a time preferably then you may be able to identify source of problems)
That turned out a lot longer than I intended!
Click to expand...
Click to collapse
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
And code.auroa? What is this
BLEEDCOLORYOU said:
Thank-you. Now for a better visual. There's to many apps.
And if u can give me links to apps that will help.
And on my oneplus one the Bluetooth thing says :1002 sharing or midi or something.
Click to expand...
Click to collapse
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection, it only scans apps on demand, so you should run a good antivirus also)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
---------- Post added at 05:12 AM ---------- Previous post was at 05:02 AM ----------
BLEEDCOLORYOU said:
And code.auroa? What is this
Click to expand...
Click to collapse
edit: not Firefox then.
org.codeaurora.bluetooth is a legit part of Bluetooth .... Well unless it's flagged by virustotal then it probably is a malicious app just given a common name to try and hide
IronRoo said:
I don't have that phone so can't really tell what is a suspect app or not, especially just from screen shots.
Here use this app to run on demand scans against the virustotal database (this is not an "antivirus app" like Avast so offers no protection)
https://play.google.com/store/apps/details?id=com.funnycat.virustotal
it should flag any suspect apps and you can submit any unknown ones you are worried about.
Click to expand...
Click to collapse
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
BLEEDCOLORYOU said:
Okay but what is provisioning? Code auroa smartcard services googleplay for instance apps and
And IV never encrypted this phone.
Click to expand...
Click to collapse
And alot of the overlay apps n simtoolkit are all questionmarked
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function, not sure what you mean). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
BLEEDCOLORYOU said:
And IV never encrypted this phone.
Click to expand...
Click to collapse
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
IronRoo said:
ser my edit above re aurora
sometimes virustotal will have 2 or 3 antiivirus companies flag a file, these are probably false positives so probably nothing to worry about (though could just be a new submission, other companies should soon update if real malicious code, check back in a day or two). If lots of companies flag an apk then you haven a problem.
It looks like you have a problem whit overlays (unless it's an app your phone company installs for that function). You should install a proper antivirus app like Avast, malwarebytes etc as a first step, hopefully it can remove malicious apk
---------- Post added at 05:51 AM ---------- Previous post was at 05:37 AM ----------
Doesn't matter, encrypting phone only protects unauthorised access to your data. Once it is unlocked anyone can view your stuff. And once a malicious app is on your system it can shall read all your data even if you had encrypted it as it's unencrypted when you use it
Click to expand...
Click to collapse
Okay so now I'm trying to post screenshots of when I'm connected to wifi and it's not letting me
Pairwise cyphers and
Group cyphers
Sim_num
?
BLEEDCOLORYOU said:
And alot of the overlay apps n simtoolkit are all questionmarked
Click to expand...
Click to collapse
Tap those with question marks to submit to virustotal for analysis
IronRoo said:
Tap those with question marks to submit to virustotal for analysis
Click to expand...
Click to collapse
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
BLEEDCOLORYOU said:
/sys/fs/selinux/class/appletalk_socket/perms
Not suspious?
Click to expand...
Click to collapse
Now I'm not stupid, this is facts. I just need defined and solution!!!
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
IronRoo said:
No these are normal library files. Stagefright "the malicious exploits" were called this as it was the stagefright framework it exploited. Everyone has these files, here are mine below.
You need to use tools like antivirus to identify bad files but even that is no guarantee as there is the possibility the original malicious file could have self deleted and, for example, just left open ports which would not be found as a "virus" but still allow remote access to your device.
If you cannot identify the actual exploit on your phone then the best solution is probably to just reflash the stock rom as this will wipe & overwrite everything. But if a malicious file is left on your SD card or another networked device you could soon be infected/compromised again. That is why I said before if you can't identify the source of your infection you really need to factory reset or reinstall all OS on all devices affected including your home router etc (or maybe it's your work or public network) and change all passwords.
Click to expand...
Click to collapse
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
BLEEDCOLORYOU said:
Pairwise cyphers and
Group cyphers
Sim_num
?
Click to expand...
Click to collapse
These are for encryption of your connection, not your phone
BLEEDCOLORYOU said:
I'm on a video bridge network I got the direct TV setup with 2 wireless setups. Both secure from what I know.
Click to expand...
Click to collapse
I'm no coding/security guru, but I have worked on telecoms, military electronics, etc but my coding & network security knowledge is limited.
I would run this app Fing to check your local network, are there any unknown devices connected?
https://play.google.com/store/apps/details?id=com.overlook.android.fing
note: this only finds currently connected devices, so you'd want to do this several times & especially when you see suspect behavior.
Also check for open ports, easiest way is probably this site, it will scan the first 1000 ports or so (select all)
https://www.grc.com/
go to shields up
but you really need to scan ALL possible ports with a tool like Zenmap (for PC) if you think you are compromised
https://nmap.org/zenmap/
However it's not clear to me if you ever installed a proper antivirus and whether it found and deleted anything? Virustotal seemed to find some suspect apks, I had a quick look at Trendmicro database but it didn't list details of the one it found in your screenshot, but the fact some of those antivirus companies called the suspect apk names with "joke" in it may suggest it's just a joke app your mate has installed, though probably not a joke app if your other devices are really also compromised, from memory there is also real malware with that name which may be able to infect other devices. Running a proper antivirus should easily find and clean any "joke" app on your phone & hopefully any real malware. If you've done this and still seeing indications you are compromised then do what I suggested above. (Also repeat malware checks on other devices and removable storage media)
You should also log into your router as admin and check settings, are you using a secure router password? Is firmware up to date. Is firewall set up correctly? Also close any open ports that you don't use. Turn off remote admin, if router has it. Etc etc what do your router logs show (turn on more detailed logging if necessary) Factory reset or reinstall firmware if you think changes have been made to your router by someone else.
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Spidder77 said:
Hi I am having same issues. Exact same behaviors regardless of new phones new carrier and all accounts being unconnected in name. Google etc. This is extreme. Its via bluetooth I agree something with esims or virtual sims for use of wifi access and or signal piracy for media. The DOD files are also something I am familier with seeing. Code Aurora was also a govt project way back. Its Interesting thst I have Verizon files loading on at & t phones and sprint loading on Verizon. Whatever this is has managed to infiltrate my computers as well. Its relentless. Its impressive and sophisticated. Please please help.
Click to expand...
Click to collapse
I'm having the same issmy ues. Did anyone ever resolve or figure out what is happening? I think I'm under investigation by the DOD and they own my devices. My uploads/downloads are blocked, internet searches filtered, pics/screenshots of evidence deleted off my phone, etc.
I want to say that thanks to the help from @Nikhil I finally got the Google Play app set installed on my Firefly ITX-3588J ROCKCHIP RK3588 board's Android 12 stock image install. Except now there's one last little problem that's a bit different than everything I'd been having before here, and that's that it says:
This device isn't Play Protect certified.
Your device isn't certified to run Google apps or use Google services. Contact the device manufacturer or retailer and ask for a certified device.
Learn more at g.co/AndroidCertifiedDevice
Click to expand...
Click to collapse
And I can't use the Google Play Store to download the apps that I need that were the whole reason for putting it on in the first place (to get Chrome, ZOOM, and Linux Deploy especially).
What can be done about this? From what I gather, Google maintains a list of "blessed" devices and obviously this board (very new, not from a typical manufacturer, not your typical Android device i.e. a phone or tablet) is not there. Is there any way around this? I saw something about registering it in your Google Developer account (which I have one of), I tried that some time ago when I had a less than working Google Play installation (before the recent one which looks to be "100% proper", that one was crashing in weird ways in addition to giving this error), but it seems not to have taken and/or be remembered. The device is connected to the Internet via Wi-Fi but that's about it.
Is there any fix? I seem to be soooooo close now to finally having coaxed a usable system out of this board!
Look inside here:
Fix issues with your Play Protect certification status - Android Help
If your device isn't Play Protect certified, Google doesn’t have a record of the Android compatibility test results. Keep in mind that: Devices that aren't Play Protect certified may
support.google.com
xXx yYy said:
Look inside here:
Fix issues with your Play Protect certification status - Android Help
If your device isn't Play Protect certified, Google doesn’t have a record of the Android compatibility test results. Keep in mind that: Devices that aren't Play Protect certified may
support.google.com
Click to expand...
Click to collapse
Yeah. It's not on the list of certified devices - which is hardly surprising to me given what it is.
ADD: I decided to try registering as a custom ROM.
ADD 2: I finished the custom ROM registration. The device is no longer giving pop up notifications that it is "not Play Protect certified", but Google Play still goes to - and now goes immediately (no log in prompt) to - its "This device is not Play Protect certified" error screen. What's going on?
ADD 3: I managed to get it to work. The trick was to go to System > Apps and clear cache and user data for both Google Play and Google Play services. That reset everything and now it goes! Thanks for your help.
I am thinking of purchasing one. Where are you at with yours @Shimmy99 ?
Have you been able to download everything you wanted? Are you using a touchscreen?
Thanks ahead of time.
mebalzer said:
I am thinking of purchasing one. Where are you at with yours @Shimmy99 ?
Have you been able to download everything you wanted? Are you using a touchscreen?
Thanks ahead of time.
Click to expand...
Click to collapse
Works great as an Android 12 machine. Ubuntu is proving much less trivial to get working, however, chiefly due to graphics support issues (also not gotten GRUB to work yet, either) - I even installed a GPU card, but it is not fully working because it appears something is funny with the driver code and the way Rockchip's PCI Express controller work together and it looks like a real kernel development problem (kinda reminiscent of issues with the Raspberry Pi and GPUs, but different ones). The real trick to getting a smooth GApps installation was to pack a custom ROM with a suitably loaded "product" partition/directory with the apps from a package like NikGApps. Can/will provide more details later/if you want them. No, I use keyboard and mouse. Android, though, is kinda quirky with them.
Thanks for the detailed response. I am thinking of getting the Firefly variant with 4GB/32GB. You mentioned you were trying to add a GPU? It seems the main reason for getting this is due to the Mali GPU. What I am trying to do is create a system with enough "kick" to compete with the Steamdeck but with a 10" screen. Frankly, I just wanted something a little better than my current solution based on a 2019 Shield TV (Tube) but with twice the performance. The Shield TV has been a fun project since I doing a lot of SMD soldering and working in small spaces. I plan to talk about it more on my YouTube channel 'All THings 3D' in a week or two. At $400 for a 10" variant (full BOM) using the Firefly makes it a hard sell for anyone except the tinkerer. If I stick with the Shield TV, it competes niceley with the new Logitech 7" cloud game pad.
Anyway I will message you since I have another project I am working on that may interest you.
mebalzer said:
Thanks for the detailed response. I am thinking of getting the Firefly variant with 4GB/32GB. You mentioned you were trying to add a GPU? It seems the main reason for getting this is due to the Mali GPU. What I am trying to do is create a system with enough "kick" to compete with the Steamdeck but with a 10" screen. Frankly, I just wanted something a little better than my current solution based on a 2019 Shield TV (Tube) but with twice the performance. The Shield TV has been a fun project since I doing a lot of SMD soldering and working in small spaces. I plan to talk about it more on my YouTube channel 'All THings 3D' in a week or two. At $400 for a 10" variant (full BOM) using the Firefly makes it a hard sell for anyone except the tinkerer. If I stick with the Shield TV, it competes niceley with the new Logitech 7" cloud game pad.
Anyway I will message you since I have another project I am working on that may interest you.
Click to expand...
Click to collapse
You trying to make a handheld with this? This board, I don't think, is compact/cool (as in temperature - it has a fan!) enough for that purpose. It's really more like a mini desktop computer board, or at best a laptop - it'd be an awfully thick "handheld" to accommodate the ventilation... Yes, you're right about the Mali GPU - no Ubuntu support (but OK with Android 12). There are other and smaller RK3588 boards, but the heat dissipation of this processor looks, given the presence of a fan, to likely be a liability for handheld use I'd think.
Shimmy99 said:
You trying to make a handheld with this? This board, I don't think, is compact/cool (as in temperature - it has a fan!) enough for that purpose. It's really more like a mini desktop computer board, or at best a laptop - it'd be an awfully thick "handheld" to accommodate the ventilation... Yes, you're right about the Mali GPU - no Ubuntu support (but OK with Android 12). There are other and smaller RK3588 boards, but the heat dissipation of this processor looks, given the presence of a fan, to likely be a liability for handheld use I'd think.
Click to expand...
Click to collapse
I received the Orange Pi 5 yesterday and was able to get very good 3DMark (4454) rating with small heatsink on top of the RK-3588 without a fan. My case already has a couple low profile 40mm fans in the back of the case for the 10" 1080P screen that currently houses customized Shield TV board. This will work much better and with much better rating. The only problem is no WiFi or BT on the board and I am already using the M.2 slot for a NVME and none of my USB WIFI dongles work which means I will have to find a Android 12 build that someone has already included the drivers for USB device, or do it myself. Or, maybe Orange Pi themselves have USB driver built in that haven't disclosed which one yet. In any case $84 for the board with 8GB which is less than half of the price of any other RK3588 boards out there.
More to come...