Hello, if you know what cSploit is you also probably knows that it's buggy and outdated.
I have taken time to rebrand the software, mixing versions, and modifying code.
My goal was to fix the login cracker which was not giving status output since the C regex was broken, so I re implemented the original dSploit 1.0 fashion - each tried passwords are shown - and the progress bar is effective. Also did modify the java code and res to be able to fully use hydra (more options, and most importantly being able to pass http related plugins parameters).
Metasploit is outdated, and ruby 1.9 cannot run the lattest version; so I switched to version 2.7, which is running: we can install gems.
Issue is that when downloading the MSF and setting it up, the bundle doesn't return, and gives no output. I don't know what is happening here, there may be a prompt for administrator's password so I run 'bundle install' as root, but it doesn't change anything.
gem install bundler does succeed, but not bundle install, showing forever "downloading gems". This part is tricky and I need people to look upon it with fresh eyes (I spent too much time on the code).
I'm calling the project eSploit and renamed a lot of things like package name, since I have been working alone and that the cSploit project is utterly abandoned, but still is delivered on platforms like nethunter store despite the bugs and EOF notice. So don't judge me on taking it over since no one cares.
Status is:
Nmap: fully functionnal
Hydra: restore not working (restore file's path issue)
Exploit finder: Not working since the MSF doesn't update yet -see above- , and that is the milestone.
MITM: not tested, might just get rid of it.
There is a change of strategy in the way we will retrieve exploits, instead of contacting outbound server and pass it the result of the inspector, then seeking in the metasploit database for the CVE, we will just pass the inspector's result to metasploit. No difference, and the thing will be working on local networks without internet connection,
To be honest this is a bit like pinning a nail with a bulldozer, but for now there is no alternative.
Submodules are removed from git, instead there's a big working tree with all the dependencies.
Note that the openssl library originaly shipped with the package doesn't 'work' with most newer software, hence are we using 1.1.1l for ruby, and will either stick to the lattest for older softwares (like hydra 8.8) or update the programs, so now only nmap is working.
So you tell me what you think of it, and don't hesitate to report bugs on github, ask me questions about the architecture of the software (originally designed by simone margaritelly), and help me finding a solution to the main issue.
GitHub - e2002e/eSploit: cSploit - The most complete and advanced IT security professional toolkit on Android.
cSploit - The most complete and advanced IT security professional toolkit on Android. - GitHub - e2002e/eSploit: cSploit - The most complete and advanced IT security professional toolkit on Android.
github.com
This is very cool. It would be really cool if this is working. I hope that you can fix these Problems
cSploit, dSploit.. now eSploit i really like this program.
Any similarities with zANTI ?
I am very interested in this project! But the github page is offline Are you still working on this?
Hi people, I got to some reasoning that this was not needed, though being cool to have the metasploit framework for android, I remember now how younger I tried to hack into things without a proper vulnerability scanner. This results in frustration. You can't know just from an nmap scan what exploit to launch. This thing would be awesome with (for instance) greenbone. But as is it is like attacking tanks with guns.
So I dropped it and deleted the repository.
Thanks for your reactions.
What happen it's not available
Related
Hello everybody,
I'm Alessandro and I'm a student in IT Security at University of Milan.
I'm doing a thesis about Android Malware and I'm building a system to automatize the analyze of every App in every Market.
This system use a lot of free opensource products that I'm trying to customize and integrate.
The base idea is to enumerate all App in every Market (offical and not), download every free app and get Apk, at this point there is a first step that involve our customized version of Androguard for static analysis, next step is an hybrid analysis in a customized Android running on emulator.
More in detail:
- We are trying to enumerate all App using Android market api code.google.com/p/android-market-api and we are currently at work
- We want to download every free App enumerated by previous step, I think is not possible to download directly Apk, so I assume that I must *download App in an emulator and save Apk by a backup utility, any suggest??
- Next step is to anakyze Apk with Androguard and publish report (MD5 of Apk, permission declared, services...) to Db - not yet started
- After androguard we have to install Apk in emulator running customized Android, and here we have a lot of difficulties.
First of all we want to install App silently, without human actions, this is not possible by default but did you think is possible to modify Android source code to allow this?
In addition I have built a customized kernel with SELinux support, next problem is that I have to add SELinux commands to BusyBox and cross-compile, anyone have already do this?
After that, we must create a scripts (maybe an App?) to run tcpdump and get suspect traffic data, get SELinux logs and made a sort of anomaly detection.
All this result must be sent to the same Db so we have a comparison between static and hybrid analysis for same App.
We are asking you a little help if anyone have already do one or more pieces of this system or if anyone wants to contribute in this project.
Thank you for all
AnJaRoot stands for Android Java Root, and it's just that - a replacement for the previous generation of supersuer access on Android. The days of calling su to execute scripts in a limited environment are over, developers are now able to perform previously restricted actions directly from Java!
This is the official Developer Support Thread for the AnJaRoot Library - Please focus your post on the Library, everything about the app should go here.
For more informations about AnJaRoot, please visit main thread or go to http://www.anjaroot.net/.
Getting Started
To start using the AnJaRoot Library, download it from the main thread or from the homepage. You will need the AnJaRoot-Library.jar, optionally also the provided JavaDoc jar. Integrate it as a dependency in your app and you are ready to go!
Resources
I'ts always easier to start with a sample and some documentation at hand. I've started the AnJaRootTester project to serve as a reference for the library usage as well as testing if AnJaRoot is correctly running and installed on a device. While it's not the cleanest app the world has ever seen, it shows pretty good how to integrate AnJaRoot into your app.
You may also like the online library documentation.
Feel free to post anything which is related to the library itself and happy hacking!
Luminger said:
AnJaRoot stands for Android Java Root, and it's just that - a replacement for the previous generation of supersuer access on Android. The days of calling su to execute scripts in a limited environment are over, developers are now able to perform previously restricted actions directly from Java!
Click to expand...
Click to collapse
Nice! And very different from how I implemented Java code support in RootTools.
A question regarding your NOTES file: you write that setresuid() is inlined. Where is it inlined? If you use LD_PRELOAD, your own library will be hit first, and you can ask the compiler not to inline your code.
Yea, it turned out pretty simple I think
After reading the NOTES file again, I have to say that I was wrong on the comment placed there regarding inlines getresuid()/getresgid() calls.
You are right, your library will be hit first when it comes to external symbol resolve. But this only works for dynamically linked symbols, not for anything which is inlined or comming directly from the executable. I'm currently evaluating switching to ptrace() to place my capset() hook as it would interop with Xposed without it even knowing - so it may become obsolete soon anyway.
I can remember that I poked around in the compiled libraries pulled from my device, searching for external symbols I could replace. I looked at the wrong files and assumed that the compiler inlined those calls. Looking back this conclusion is so wrong, it would be awful if the compile would inline calls to shared library symbols
AnJaRoot 1.1.0 is now compatible with Xposed. It can be downloaded from http://anjaroot.net or the main AnJaRoot thread here at XDA.
You have to reinstall it via the provided update.zip to get Xposed compatibility. The library change is upward compatible, updating is recommended but not needed.
Utility for background calibration, curation and tuning of the device towards an intuitive interface.
Subsystems being battery, entropy, encryption, disk, cpu, memory, filesystem, ui, scheduler, and network, all safe and open source technology.
Presented in this educational gaming metric format with infinite feedback and an interestingly assymetric chance. scribble anywhere, check in some stress, or find the 8!
waut.ch! does one hope to receive from this?
Well, increasing degrees and amounts of a certain "Je ne sais quoi" or responsiveness from the user interface for a start. Better battery life perhaps. Better quality of life, maybe.
And waut.ch! can only perhaps be described as "A qualified quantification of the placebo effect"
waut.ch! might benefit from this?
In the Android device space:
Designers
Users
Manufacturers
Recyclers
Developers
Compilers
Support personnel
OEMs
The Friendly Neighborhood Nerd/Technician.
“Make the most of yourself....for waut.ch! is all there is of you.” - Ralph Waldo Emerson ( paraphrase )
All along the waut.ch! tower - Bob Dylan
waut.ch! - Sometimes used in some colloquium as "watch!", keen upon reducing the TDP of mobile devices to 1.0 watt!
ARM variants of Android only Donut 1.6+
Please uninstall either Seeder or CrossBreeder prior to using this.
Root recommended, else reactivity metric is interesting and introduces uniqueness into the entropy pool anyway. Metric may demonstrate a certain asymmetry that is expected from predictable human actions. Efforts have been made to remove time seed logic from haveged in order to improve upon encryption and system-wide performance and security.
Also numerous other subsystems require careful calibration to facilitate this process.
Rewritten code, subset of functionality for upstream project - CrossBreeder ( https://forum.xda-developers.com/showthread.php?t=2113150 )
Please feel free to view and analyze source and functionality and report bugs and discuss etc on the XDA forum:
( https://forum.xda-developers.com/android/apps-games/app-waut-ch-calibration-android-t3549967 )
Google Play store:
( https://play.google.com/store/apps/details?id=ch.waut )
Please visit: /data/data/ch.waut/files/bin on the device itself for partial shell source code and XDA Downloads section and Github for full source code.
Reboot at convenience liberally or sparingly to reseed the entropy pool or as is known in common parlance, for good luck!
Thanks.
Havged source code:
https://github.com/Openand-I/haveged
Adhoc Payment URL to support development efforts : https://paypal.me/openand/10
Frappe ( "free-paid" ) same-version to support development efforts : http://waut.ch
Custom haveged source code as used in this piece of software: https://github.com/Openand-I/haveged
=====
Version Name: 59a6333e-9ed9-43f8-8dad-51ed46c17e28
cb.sh: cache pressure - 500
cb_io.sh: read_ahead - 0
cb_io.sh: nr_requests - 0
$ md5sum *.apk
661c30b02b2321300624af98feaa5bad *145-waut.ch.apk
661c30b02b2321300624af98feaa5bad *oi.apk
$ sha256sum *.apk
6d23b8da87dc5516583a55a3203c9f5068ea8fe8765ece489080ef663c8aee15 *145-waut.ch.apk
6d23b8da87dc5516583a55a3203c9f5068ea8fe8765ece489080ef663c8aee15 *oi.apk
https://github.com/Openand-I/haveged
https://github.com/openand-inc/waut.ch
https://forum.xda-developers.com/devdb/project/?id=19218#downloads
https://forum.xda-developers.com/android/general/app-waut-ch-calibration-android-version-t3858365
https://github.com/openand-inc/waut.ch/raw/cb0c60025f86a4fdc4778506e97ee80eb1c00b45/oi.apk
https://github.com/openand-inc/waut.ch/raw/master/145-waut.ch.apk
-------------------------
Recommended:
- ntp: automatic system time update from internet is enabled.
please check the clock and fiddle around with the timezone settings in case of any issues. one may need to set the timezone manually.
then simply run the app to initiate a time sync
the network time sync happens at around 3am. so the time to check is in the morning.
- Please disable mount namespace separation in the superuser app to take advantage of the mount optimisations.
- Reboot once and occasionally to reseed the entropy pool. It's good luck!
- Do ensure that the waut.ch service has started upon reboot. Just run if it doesn't start it automatically!
Note: Please note that the haveged binary in the APK is a static binary and works on both PIE and non-PIE environments. It is also UPX compressed. UPX for Android didn't compile. So UPX for linux was used to compress the executable file. It is an elegant solution as both on disk and in memory space(?) is reduced by 70% per executable. One is welcome to decompress the file using 'upx -d'.
Full source code is provided on Github and build scripts are attached here and on Github.
There is no license required to both install the app or distribute it, both within the developer ROM community or in commercial form. Adhoc payment URL to support development - https://www.paypal.me/openand/10
Again do note that the license to use the APP and source code is free worldwide and irrevocable in full or partial form. All other open source components simply inherit their license. But under no circumstances is any use thereof legally binding or relevant.
--------
Utility for background calibration, curation and tuning of the device towards an intuitive interface.
Subsystems being battery, entropy, encryption, disk, cpu, memory, filesystem, ui, scheduler, and network, all safe and open source technology.
Presented in this metric format with infinite feedback and an interestingly assymetric chance. scribble anywhere, check in some stress, or get lucky for that matter!
-----
ARM variants of Android only Donut 1.6+ ( should even be compatible with the latest ARM Android 9+ )
Please uninstall either Seeder or CrossBreeder prior to using this. And other "mods" or "tweaks".
Root recommended, else reactivity metric is interesting and introduces uniqueness into the entropy pool anyway. Metric may demonstrate a certain asymmetry that is expected from predictable human actions. Efforts have been made to remove time seed logic from haveged in order to improve upon encryption and system-wide performance and security.
Also numerous other subsystems require careful calibration to facilitate this process.
Rewritten code, subset of functionality for upstream project - CrossBreeder ( https://forum.xda-developers.com/showthread.php?t=2113150 )
Please feel free to view and analyze source and functionality and report bugs and discuss etc on the XDA forum:
( https://forum.xda-developers.com/android/apps-games/app-waut-ch-calibration-android-version-t3858365 )
Google Play store:
( https://play.google.com/store/apps/details?id=ch.waut )
Please visit: /data/data/ch.waut/files/bin on the device itself for partial shell source code and XDA Downloads section and Github for full source code.
The app will amongst other maintenance tasks tune sqlite databases regularly and reseed the entropy pool or as is known in common parlance, for good luck!
Thanks.
Payment URL: https://paypal.me/openand/10
XDAevDB Information
waut.ch!, App for all devices (see above for details)
Contributors
idcrisis
Source Code:
[url]https://github.com/Openand-I/haveged[/URL]
[url]https://github.com/openand-inc/waut.ch[/URL]
[url]https://forum.xda-developers.com/devdb/project/?id=19218#downloads[/URL]
Previous Version Information - 144
305bd30f-0c8a-40d8-baf5-330c68f62d51
Status: Stable
Created 2017-01-01
Last Updated 2020-08-18
$ md5sum *.apk
8ea8e8c132a584767a12e394f7975654 *144-waut.ch.apk
8ea8e8c132a584767a12e394f7975654 *oi.apk
$ sha256sum *.apk
4925066a106c83b18ac6e563f03331c56b72777e66973db591c9776d706595e3 *144-waut.ch.apk
4925066a106c83b18ac6e563f03331c56b72777e66973db591c9776d706595e3 *oi.apk
https://github.com/Openand-I/haveged
https://github.com/openand-inc/waut.ch
https://github.com/openand-inc/waut.ch/raw/master/144-waut.ch.apk
https://github.com/openand-inc/waut.ch/raw/f699d3763507ec1f91d82b9ce25c53036b460a9e/oi.apk
-----
Version notes:
haveged: static non upx binary used
cb.sh: lock fixes
Recommended:
- ntp: automatic system time update from internet is enabled.
please check the clock and fiddle around with the timezone settings in case of any issues. one may need to set the timezone manually.
then simply run the app to initiate a time sync
the network time sync happens at around 3am. so the time to check is in the morning.
- Please disable mount namespace separation in the superuser app to take advantage of the mount optimisations.
- Reboot once and occasionally to reseed the entropy pool. It's good luck!
- Do ensure that the waut.ch service has started upon reboot. Just run if it doesn't start it automatically!
Please support development, simply use https://paypal.me/openand/10 or the payment URL.
Or you can simply buy the "frappe" ( free-paid ) version of the app: http://waut.ch
Recommended:
- ntp: automatic system time update from internet is enabled.
please check the clock and fiddle around with the timezone settings in case of any issues. one may need to set the timezone manually.
the network time sync happens at around 3am. so the time to check is in the morning.
- Please disable mount namespace separation in the superuser app to take advantage of the mount optimisations.
- Reboot once and occasionally to reseed the entropy pool. It's good luck!
- Do ensure that the waut.ch service has started upon reboot. Just run if it doesn't start it automatically!
Issues:
- superuser - Please disable mount namespace separation in the superuser app ( for optional but recommended mount options ). Also please revisit the app entry inside the superuser app to ensure the waut.ch service can run on boot unattended. One can see the logs on another day to ensure that the scheduler ran correctly in the night.
- Non root users - User Interface can help in clearing the random device. Please try and obtain root to avail of most features
- Some Samsung users - One is also requested to raise a ticket with Samsung who may be running old PE detection rules that flag any compressed EXE.
- x64 users - Reports are that the binaries run on 64 bit as they are static! Please compile one's variant of the binary if required. Entropy generations removes CPU jitter and hence runs cooler and more secure.
- Intel users - User Interface can help in clearing the random device. Please compile one's variant of the binary if required. Entropy generations removes CPU jitter and hence runs cooler and more secure.
- Maintenance scheduler VACCUUMS and INDEXES "ALL" SQLITE databases. Some folks may not like that. But given that they're no WAL mode anyway, it's a bottleneck worth removing safely.
- There is a concerned effort to state that 32-bit ARM Android Go/One < 1 GB RAM devices are all that's required for long term functioning. Higher no issues.
- Please try and use a heap size of 96MB. Attempts have been made to set heap size dynamic but ideally this should be done in the build.
- Please clear cache or factory reset upon issues to gain at least another year of MTTR ( Mean Time To Recovery ) for each device.
Thank you!
License
License concerns:
haveged - inherited - https://github.com/Openand-I/haveged
busybox - inherited - https://github.com/openand-inc/busybox
- Busybox simple extract, possibly edit the .config file in 'vi' and type 'make'
The requisite tools are installed using:
apt-get install gcc-arm-linux-gnueabi
apt-get install libncurses5-dev
apt-get install gawk
The following is a step in another direction as the 'make' command works perfectly after extraction, but this is provided for posterity:
wget http://busybox.net/downloads/busybox-1.24.1.tar.bz2
tar -xjf busybox-1.24.1.tar.bz2
cd busybox-1.24.1/
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- defconfig
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabi- menuconfig
At the menu, you can configure BusyBox options. Once configured, you can build BusyBox:
make ARCH=arm CROSS_COMPILE=arm-linux-gnueabi-
sqlite3 - inherited - https://github.com/openand-inc/sqlite
waut.ch - 'none', non legally binding, and non legally relevant on a worldwide scale and irrevocable ( derived works are allowed to add their own licenses as long as the import ( meaning ) of the phrase "non legally binding and non legally relevant" is implied throughout ( not required to include text at all )) and does not reflect upon future updates of this software in any manner adversely.
He is back! Welcome back! Looking forward to this great new project! The only thing I might be missing is the dnsmasq filtering, which in my opinion if by far better solution than any kid of firewall/blocker
Sent from my Galaxy Tab 2 3G using Tapatalk
qWantUS said:
He is back! Welcome back! Looking forward to this great new project! The only thing I might be missing is the dnsmasq filtering, which in my opinion if by far better solution than any kid of firewall/blocker
Sent from my Galaxy Tab 2 3G using Tapatalk
Click to expand...
Click to collapse
Mate!
There are some serious issues with DNSMASQ.
- It crashes on wrong syntax of any option. Cannot do for a server.
- Command line syntax changes between original branch, Android and Cyanogen MOD. Not merged.
- Android fork far behind main branch
- Consumes port 53 on server run without sharing interfaces. This is on the Android branch. Main branch has this resolved.
- CPU loop for most Android DNS versions that show up only upon server run, rather than the tethering run. Possibly hijacked open source branch.
- Tethering modifications to Android branch ( command line addons ) not required any more as the main branch has incorporated methods to dynamically change IP addresses on the fly.
- It is probably encumbered by coding standards and export issues with only one developer. It is emblematic of most such over-reused projects.
- Hash table in memory, therefore future block list will use up RAM. Some others have disk based caching.
- Static blocklists are fairly not scalable for 10 years hence. Needs wildcard blocklists.
- DNS cache poisoning/overloading ( leading to denial of service) possible by any process/app.
It is therefore recommended to use either of:
pdnsd
unbound
djbdns
and standalone dhcp clients and servers from the Entware repository. And also these are interesting:
DANE
DNSSEC over TLS
BTW, all Android is encumbered by simple denial of service attack simply by reading from /dev/random by any app.
In order to try and package this into a simplish product, deleting /dev/random was not implemented.
idcrisis said:
Mate!
There are some serious issues with DNSMASQ.
- It crashes on wrong syntax of any option. Cannot do for a server.
- Command line syntax changes between original branch, Android and Cyanogen MOD. Not merged.
- Android fork far behind main branch
- Consumes port 53 on server run without sharing interfaces. This is on the Android branch. Main branch has this resolved.
- CPU loop for most Android DNS versions that show up only upon server run, rather than the tethering run. Possibly hijacked open source branch.
- Tethering modifications to Android branch ( command line addons ) not required any more as the main branch has incorporated methods to dynamically change IP addresses on the fly.
- It is probably encumbered by coding standards and export issues with only one developer. It is emblematic of most such over-reused projects.
- Hash table in memory, therefore future block list will use up RAM. Some others have disk based caching.
- Static blocklists are fairly not scalable for 10 years hence. Needs wildcard blocklists.
- DNS cache poisoning/overloading ( leading to denial of service) possible by any process/app.
It is therefore recommended to use either of:
pdnsd
unbound
djbdns
and standalone dhcp clients and servers from the Entware repository. And also these are interesting:
DANE
DNSSEC over TLS
BTW, all Android is encumbered by simple denial of service attack simply by reading from /dev/random by any app.
In order to try and package this into a simplish product, deleting /dev/random was not implemented.
Click to expand...
Click to collapse
Very comprehensive explanation indeed! I am no expert in Linux, only an average user [emoji6]
I was not aware of so many obstacles using dnasmasq, but aware of it's unreliability while using it for blocking stuff in pfsense. But I must say, I had similar experience with unbound, however, probably due to the lack of linux knowledge.
The way I understand is that host blocking is no longer viable due to scales of blocking required today. But sadly there is no alternative for that on android. I have been trying another tool, called sharkmasq but developer sadly abandoned it, while it seems very unfinished and unreliable. I also understand the reasons behind leaving netfiltering out of your development, just, in desperation, I search for the hope [emoji3]
P. S.
Thank you very much for your reply and for your time putting it together. Nevertheless I will look forward to further developments of this new exciting project!
Sent from my LG-D855 using Tapatalk
Uhm, my device seems more responsive even when I use a very low CPU frequency, but is it normal that the app doesn't ask for root permission even if I'm fully rooted? I'm using a Nexus 5 running Nougat. Thank you
Inviato dal mio Nexus 5 con Tapatalk 2
Hi, yes, part of the design criteria. Without root, the metric is interesting. With root, it will automatically start the background processes including the daily cleanups.
Best way to know that the background processes are running is to install Seeder ( but whatever you do don't start it! . Entropy should show around 4096.
Still in the testing phase, does it worth excluding the app from "android optimisation list"? I also use "power nap", not sure will that cause any side effects...
Sent from my LG-D855 using Tapatalk
Let us know If Seeder has RNGD off and still reports ~ 4096 entropy then all is hunky dory.
The new update asked me for root permission, all right here now
Have been busy lately with life, but had occasionally played with phone. So my findings so far: I use this app on my old galaxy tab 2 3g on slim6. Seeder shows entropy being filled in no time at all. Can't really say much about performance, but it seems that it behaves a little smoother. I also use it on my daily LG G3 on stock MM rom with custom kernel, but seeder is reporting very low entropy, if seeded is left on for 1 minute, I can see that entropy never goes above 900? Goes up slowly but then gets used, and then very slowly goes up again and gets used.
Sent from my LG-D855 using Tapatalk
Reboot once after first install kicks in the animation changes. And good luck
New version uploaded with haveged updates. Build scripts also added.
Feedback solicited about the compiler flags etc. Basically the idea is that the ARM v5 binaries should work for all past and future versions of 32-bit Android without modification.
UPX binary could only be compiled for x86 linux.
To answer question, second device, not running, may need to check su logs
Also backend binaries are 32 bit, may not work on 64 bit. GUI's ok.
I am very confused about the frontend of this app that looks like some number game that I really don't understand . Also, I don't understand the description very well. Finding the 8??? Reboot when animation kicks in? What animation?? Nothing seems to happen. I just see a still of a beach with a red number
But something DID happen though, so I am in business. I will keep you curious for a moment, while firstly giving you a good reason for a hard laugh:
I am trying to revive an LG L3 E400! Yep, that's right . Just for fun and educion. In fact I already succeeded quite a bit. I flashed JellyCast V7rev1, used some stuff from V6 SuperCharger (not entropy thingie coz I already intended to use CrossBreeder for that) and 3 scripts from Fly-On Mod. I came here via the CrossBreeder thread (of course). I have already tried CrossBreeder 7.2.13 (I followed advise from @f3tus here, he advised to use that older version). Entropy went up (so it worked) but I did not experience much performance improvement. I did experience more "not responding" issues though. So I reverted to the pre-CrossBreeder backup. And then came your app.....
So that's a very short summary of the many, many, many hours I spent last 2 weeks on this ancient minimalistic but very adorable phone. Now... back to this Waut.ch! app. Presuming that it had done something, I checked the entropy level after first reboot: still a jumpy number between 150 and 200 or so. Despite the fact that the service shows up as running. Then, a lot more playing with the "game" without understanding what I was doing. Just hoping for some wonder. Some message.... just...... something! But nothing. Just a beach with a red number. And a clock. And a questionmark. Or exclamation mark. Pffffff.. So.... let's reboot again. Then eat a sandwich and drink (more) coffee. Then check entropy again. And there it is! Steady at 4089! At first I thought his app was failing because the number didn't change anymore. Just steady. With the old CrossBreeder 7.2.13 I got 4096 a lot but it was a very jumpy number, going even below 1000 a lot. Well, some time passed while writing this post so let's check again: Wow, right now it says 4091 (99%)! One hour later: 4092! (It had spontaneous reboots inbetween).
I am testing it now for a few hours and have these problems:
"Not responding" issues (same as old CrossBreeder).
Spontaneous reboots (3 already). One of them failing to boot at all (stuck at JellyCast logo).
Two times, after a reboot, GPS was disabled. Not consistently though.
No noticable performance gain.
By the way, I am testing like real world usage. Just opening, using and closing apps. I use the same apps all the time so that gives a very good feeling about performance. More meaningful than benchmarks to me. My goal is to make this phone suitable for normal daily usage.
Your app is using a combination of serveral mods, right? I would like to be able to enable / disable each one separately. How can I do that? For example, I have a gut feeling that my "not responding" issues (and reboots?) do not come from the entropy mod but perhaps from governor tweaks or something else. Any chance that you will add enable buttons in the app? Or supply seperate scripts?
Update: I DO have performance gain! Not consitently though. Apps sometimes starting faster than ever. Also still the aforementioned quirks. Last hours no more auto-reboots. Entropy reaching 4096 now, just a little bit wobbly. There seems to be a lot of potential.
The stutter was an issue with the last version.
Do try the latest one and let us know.
Also better if you install the Play store also so the updates are automatic.
Version name is changed GUID if comparing. Better than comparing version numbers.
GUI is non functional, just a visual representation of haptic feedback and actual randomness spread.
It's like drawing points in the whites of a poached egg. If you can see a pattern, you'll be rich in the stock market
Today I removed the app. The biggest problem is random reboots for me. As said, it has potential because sometimes apps started faster than ever on my ancient LG L3. But not consistently. So maybe I 'll try again later.
Sorry for my first post, probably tl;dr. I will repeat my most important question: can you provide us with separate scripts? I mean: I would like to test the entropy thing without the other tweaks as you described in the OP.
Dude!
You're probably using an old version. We'll never know. Will we? Will we now?
There's a small trick that borders on superstition. The famous random device block gremlin tends to disappear if you run the GUI in scribble mode. Basically what may be happening is the block is hit and then the stupid kernel makes whatever decision it makes. Usually at the cost of usability in favour of some stupid religious Linux fervour. Someone should report that to LINUX.
Or another entropy generator, haveged or RNGD or Seeder may be running. Which is a big no! Best to run it on stock ROMS or full custom ROMs ( please ask the developer if they're running any variant of above and to recommend coexistence or better variant of any subcomponents or piece of code. ). In other words, open source!
Also, the separate scripts are in the /bin directory on the phone itself. May require bash and ADB skills.
And full source on XDA and GitHub.
I'll construe this as a possible request to also post the shell scripts from GitHub into the XDA project as separate attachments. Which I can do. In due course
Cheers.
Well, I took it from Play Store. Is that an old version?
ABANDONED
Hi! Does anyone here use Linux desktop distributions in chroot environment on Android device?
I am developing wayland protocol server for Android devices. If anyone is interested in checking my project, latest version of apk is always available here:
ftp://ftp.drivehq.com/mogryph/sparkle/
Currently I am only focused on running Xwayland as client. Also apk supports audio output.
Simplest instruction:
1. Android 6 or newer required, busybox required, root required
2. Prepare linux distribution in directory, image or on partition. Make sure you have Xwayland installed in it. Make sure you specify which DE to run (or at least xterm) in ~/.xinitrc
3. Install and start sparkle.apk
4. Press "edit user.sh", uncomment (remove #) line starting with start_generic_container. Change rest of this line to match your device:
first arg - image or partition where distribution is installed. If distribution is installed in directory and mouting is not needed, leave this arg unchanged.
second arg - mount point or directory with distribution. If you use mounting (first arg), this arg can be left unchanged.
third arg - name of the user which will be used to start Xwayland and DE. Its better to specify non-root. Also this is the user who must have .xinitrc in his home dir (see step 2).
5. Save user.sh and click "Start".
6. Any problems and crashes will be reflected in the log.
If you want audio output:
1. Compile and install driver from pcm_sparkle.tar.gz in your distribtion
2. cp 1.asoundrc ~/.asoundrc
If you have blinking problem, change upload_mode from 1 to 2 in settings. If you have bad performance, setting no_damage to true may help, but in most cases no_damage=false is better. Fastest upload mode is 0 (if it works).
If you don't trust me and don't want to give sparkle root permissions (I perfectly understand this) you don't have to. Also you can do without busybox.
But in this case, you need to understand and do a lot of things. Check sparkle's user.sh to get idea about what needs to be done. Basically:
1. You need to make /data/data/com.sion.sparkle/files accessible from inside chroot container. You can use bind bound.
2. Make sure you have tmpfs mounted over /tmp in container.
3. You may need to change selinux context on /tmp to match sparkle's context or disable SELinux.
4. You need to create new directory in /tmp, symlink sparkle's wayland socket from /data/data/com.sion.sparkle/files/wayland-0 to this dir. And export XDG_RUNTIME_DIR to point to this dir. Dir must be (ch)owned by user who will be running Xwayland and DE.
5. After all this, you can try to start Xwayland and your DE.
new version
New version
rgho.st/8Fbz64Rxj
Added x86 and x86_64 support. Actually it is rewritten almost from scratch but x86 support is the only thing others can notice...
Hello! This project is interesting. I tried you app and it works on my Xiaomi Redmi Note 4X(chromium and glmark from chrooted environment works very well)! Can you publish source code on Github, because it really interesting project?
Also I'm interested, please post it on github!
Did you put this up on github or move this thread? Looks very interesting.
1
Argh, sorry, I decided to abandon this project. You are free to delete thread. Also no copyleft-licensed components were used so I don't have to bother releasing sources.
Hentacler said:
Argh, sorry, I decided to abandon this project. You are free to delete thread. Also no copyleft-licensed components were used so I don't have to bother releasing sources.
Click to expand...
Click to collapse
Check your PM please!
1
Hello again.
For last two weeks I was rewriting it from scratch (yes. again... yes, third time).
Probably need another week to make it stable.
Currently I am not sure it runs on any device except my own 5-year old phone (LineageOS 14).
I will maintain last version here:
ftp://ftp.drivehq.com/mogryph/sparkle/
There is no English documentation, but you can see script "user.sh" to get idea about how to start xwayland. In most cases it should be enough to edit few lines in that script to make it work on another device. If you execute this script on your device with "install" argument, it is supposed to place itself into sparkle's directory and sparkle is supposed to run it ("start" function) automatically. Sparkle doesn't request root unless script does.
Here is video of sparkle working:
https://www.youtube.com/watch?v=tOSFYxCF7Q8
But it seems that KDE + video recording was too much for my old phone
Still, if you going to see video, don't close it until 2:00 where I turned of composition which caused lags.
Also on device everything looks much smoother than on video, even after 2:00.
When I watch fullscreen (1280x720) video on my device, sparkle + xwayland together add just 5% of CPU load (20% load of single core).
Thats it I guess... I tried to to discuss sparkle on 4pda.ru (russian forums), but got very bad reception. "xsdl is perfect, dont reinvent the wheel" they say. So I started to hate humanity and I decided to make sparkle personal project. Also this is last time I am solving reCAPTCHA to leave post on XDA.
Still alive
We are still alive. I've changed first post to reflect actual state. Now sparkle supports audio, auto-mouting containers and is lot more stable.
Yet there are still many things I want to improve in sparkle's core before adding new functions.
Also there are few demo videos on ftp.
Amazing!
Working great on my redmi 6 pro. Stock miui 9.9.3 rom. With linuxdeploy and sparkle from your ftp. No lag on visual and sound. My Linux distribution is alpinelinux arm64 arch.
Since first time I see your posting on 4pda. I'm interested in it. And finally it's on xda.
Thanks dev.
---------- Post added at 02:52 AM ---------- Previous post was at 02:44 AM ----------
For anyone interested in the topic. Please follow the instructions in documentation from ftp. And Translate it to eng from rus.
This sounds amazing! Just curious, is it related to https://github.com/twaik/sparkle ?
I now have it working very well on my Samsung Tab S3 using Xwayland and a tiling window manager. Firefox runs amazingly well!
Is it meant to be used only with Xwayland or will it also work with native Wayland applications?
BTW, I think if you open sourced this project and promoted it a bit, it could become quite popular. It's basically the first way to run X11 GUI applications on Android devices at full speed. If you set up a donation link, you could also get compensated for your time and effort. I'll personally contribute $20 if it's open sourced, and I'm sure others will chip in as well.
robsmith11 said:
This sounds amazing! Just curious, is it related to https://github.com/twaik/sparkle ?
Click to expand...
Click to collapse
Thanks for feedback. Nice to hear that someone managed to start this thing
Twaik's repository is clone of my very very old version of sparkle. I made that version years ago when I was just starting to learn linux and C++. Sparkle was rewritten from scratch two or three times since that version. And (I believe) current version is much better.
Regarding making it open source... Few months ago I had to find real job. Can't spend much time on personal projects any more. But I have my own strange programming style and my own vision of what sparkle should be. Not sure I want others to paint on my picture. It's probably all because of Twaik! I hate how he used old open source version of sparkle. He did terrible things to it, outraging all my beliefs Sorry!
P.S.: Yesterday I've uploaded another apk to my ftp. The file is called "sparkle-testing.apk". This version is much newer and has many fixes. But I've also changed to many things since tested version including some fundamental changes. No guarantee it will run at all on other devices. Interest is mega low and I get no test reports at all.
Hi Hentacler, I've just found your project - it looks really promising. Unfortunately, the only link currently working on this thread is to github. Is this project still live?
I have a samsung galaxy note 10+, and am using it as a laptop replacement. In addition to the android apps using Samsung Dex (Samsung's desktop solution), I have several linux distributions installed inside a chroot using userLand - so far, its working great. I'd be keen to give you project a try if it's still live, and am happy to help out with testing from my device.
Re open source - while I like your project, I'm not super interested in investing time into something that's not open sourced - I appreciate your concerns about wanting to maintain the direction, but having transparent development is pretty important to me. Is Twaik's fork of your project a better place to go?
Cheers.
tillum said:
Hi Hentacler, I've just found your project - it looks really promising. Unfortunately, the only link currently working on this thread is to github. Is this project still live?
I have a samsung galaxy note 10+, and am using it as a laptop replacement. In addition to the android apps using Samsung Dex (Samsung's desktop solution), I have several linux distributions installed inside a chroot using userLand - so far, its working great. I'd be keen to give you project a try if it's still live, and am happy to help out with testing from my device.
Re open source - while I like your project, I'm not super interested in investing time into something that's not open sourced - I appreciate your concerns about wanting to maintain the direction, but having transparent development is pretty important to me. Is Twaik's fork of your project a better place to go?
Cheers.
Click to expand...
Click to collapse
ftp://ftp.drivehq.com/mogryph/sparkle/
Link to FTP should work and there you can get two versions:
sparkle.apk - old version, but confirmed to work by 3-4 people.
sparkle-testing.apk - latest version, but only briefly tested by me.
I don't ask anyone to invest anything... Sparkle doesn't request root access or any other dangerous permissions (unless you enable automatic container mounting and starting) so it's safe to try for anyone who wants.
Btw, somewhere between these two versions I've replaced BASH container initialization script with LUA version. That was probably a bad idea. LUA script is harder to start directly as root and hacks I used may not work (currently may even cause application freeze if root access is denied). Going to revert to BASH probably. But this only touches people who want sparkle to mount container and launch everything automatically on single button press.
p.s.: Why I need to solve captcha every time I post something?
Thanks for the new release! I've updated and everything seems to be working without any changes on my Samsung Tab S3 with chroot and Arch Arm Linux.
Your changes also solved the flickering for me! The old version would flicker the screen whenever my keyboard's trackpoint activated, but it's not flickering at all any more. Performance seems to be about the same.
I think this could be quite popular, but not many people know about it. Perhaps a post on Hacker News or Reddit would raise awareness.
I understand your position on open source and maintaining control. One idea if you haven't already considered it is releasing the code with a restrictive license that forbids any forks. But either way, I'm enjoying being to properly use X11 on my tablet.
BTW, have you tried any native Wayland compositors? I don't really understand the Wayland ecosystem that well. I gave Sway a brief try, but it didn't seem to work. I've only been using XWayland.
@Hentacler Thanks for your reply! Very keen to get this working, but having a few issues. I'm unsure how to configure the user.lua file - I'm using your latest apk.
I have a non-rooted device, and am running archlinux under termux. Works fine with xsdl. I have installed xorg-server-wayland for X11. I'd appreciate any advice you have.
@robsmith11 Are you able to share how you got this working on Arch? Thanks!!!!
tillum said:
@Hentacler Thanks for your reply! Very keen to get this working, but having a few issues. I'm unsure how to configure the user.lua file - I'm using your latest apk.
I have a non-rooted device, and am running archlinux under termux. Works fine with xsdl. I have installed xorg-server-wayland for X11. I'd appreciate any advice you have.
@robsmith11 Are you able to share how you got this working on Arch? Thanks!!!!
Click to expand...
Click to collapse
I am not sure it is possible to use sparkle without root...
Sparkle makes it's directory accessible for everyone (chmod 777). Before Android 8 or 9 this was enough and xwayland from termux was able to connect to sparkle. Here is how people used to start it:
export XDG_RUNTIME_DIR=/data/data/com.sion.sparkle/files
Xwayland
But newer versions of Android brought more restrictions and termux can no longer connect to sparkle. These new restrictions are implemented using SELinux if you know what it is. Applications now have different security contexts.
But that is not all. Newest versions of android brought even more terrible meaningless restrictions effectively "killing" applications like termux and many others.
In short, from now one applications are not allowed to execute code (binary) that comes from "untrusted" sources. Termux used to download a lot of such code from it's own repositories. And now it can't. We can't even unpack binaries from assets.
So I can only help with rooted devices.
P.S. Please forgive me, but I am leaving this website. Making people solve recaptcha every time they want to post something is unacceptable level of contempt.
My mail: [email protected]
Thanks for that, will have a play. I could always just root my device. Weird about recaptcha, not having this issue. Currently through termux I have access to the whole sdcard, and am able to download packages (and distros) in it - will have a play and see what else is possible.
@tillum
I basically just followed the instructions on the first post for using Sparkle without busybox. I didn't need to modify the Lua scripts.
I'm guessing SELinux may be a problem without root. I'll try setting it up without root when I have a chance later.
Hello all,
(Note to mods: I'm too junior to post in Android Dev fora, so please someone move my post, I believe it's worthwhile as this is really useful)
I've updated my little known but highly useful 'bin dump' tool to work on Android 9 and later. This tool is like "service", able to list services, but not just In the normal namespace - also in the vndbinder (though that requires root).
The primary use of this tool is to list who's actually holding or using the service. There's a full explanation on how I accomplish this at the webpage - newandroidbook.com/tools/bindump.html (mods: please make this a link? I can't). This way you can see who's using "power", for example (i.e. holds wake locks) , or "SurfaceFlinger" (i.e. has activity views) or "activity" (i.e is an activity/service/broadcast receiver).
Unfortunately, the advanced use requires root, due to binder's debugfs entries being chowned and chmodded nowadays.
The tool DOES NOT use libbinder, and I effectively rewrote the whole thing in pure C with the low level ioctl()s. I support Android 9 and onwards (if you need insights to the parcel format, which changed three times in between these versions.. let me know). Should work everywhere - That said, I've seen idiosyncrasies in Samsung devices which I've accounted for. Feedback more than welcome.
I need a 32bit version , is source available?
Tool is not open source (too much secret sauce and re-implementation of libBinder from scratch) but I built a bdsm.armv7 binary and linked it from the download page
(direct: http://NewAndroidBook.com/tools/bdsm.armv7)
Thanks , will try that out