Test

Powered by Blogger.

Tuesday 11 November 2014

Interception of HTTPS Traffic between Android Device and External Server

Sometimes it's interesting to see what different Android applications exchange through HTTP and HTTPS protocols. Sometimes, when developing one's own SW it's convenient to see the whole traffic in real time. To solve these tasks many different and good applications have been developed, e.g. Charles or Fiddler2. In fact, they are more numerous, but only the two mentioned allow seeing not only HTTP but also HTTPS.

Troubles appear in the interception of traffic between an Android device and an external server. With encoded (HTTP) traffic all is rather obvious (here's a guide) — external links are allowed with Fiddler2, in Android the address of our machine with Fiddler2 is set as a server — and voila, all is up and running. But it took me a bit longer to set up HTTPS traffic interception.

Theory

So, what's the trouble? The trouble is that using HTTPS the client verifies by default whether the server it connects to is the right one. For this purpose certificates are used. So, the real server has, of course, a real certificate that matches the open URL, while our proxy does not have one. To deal with the problem in desktop OS, Fiddler2 offers a possibility to generate a fake certificate and import it to the trusted ones — now the client will always believe that connection to Fiddler2 is quite safe. Unfortunately, mobile devices did not buy this dummy.

Primarily, it is impossible to import certificates in Androids older than v.4.0. There are some doubtful options with routed devices but they don't suit us. Secondly, it is impossible to import a Fiddler2 certificate even in Android 4.0. The thing is the certificate generated by default fails to meet some security criteria of Android and can't be installed. It should be generated in a special way. Finally, we can't take it for granted that all applications will trust a fake certificate. There are some niceties.

Usage

  1. Take an Android 4.0 or higher device. No, a 2.3 device won't suit. Yes, a 4.0 emulator will suit.
  2. Install the latest version of Fiddler2 on your PC.
  3. Install special libraries to generate Android-compatible safety certificates (here).
  4. Export the security certificate from Fiddler2 («Tools > Fiddler Options > HTTPS > Export root certificate to Desktop»). Save it on your flash drive, into the root directory (or in your emulator, if you're using one).
  5. Add the security certificate to the trusted ones in Android («Settings > Security > Install from SD card»)

  6. Start Fiddler2, allow remote connections in Options.

  7. Enter the address of the PC with Fiddler2 as the proxy in network settings of Android.

  8. Open browser on Android, enter google.com and observe the request and response in the Fiddler2 window.

So, it worked with the browser, but, unfortunately, not all applications are as trustful as the browser. E.g. my soft, where I use Apache HTTP Client, didn't buy it the Apache client couldn't care less about the OS trusted certificates. In this case I had to disable this verification manually as follows:

Protocol.registerProtocol("https", new Protocol("https", new EasySSLProtocolSocketFactory(), 443));  

where EasySSLProtocolSocketFactory comes from here and allows trusting any certificates

Registry tweak for changing logon on windowd

Registry tweak

The process begins with a very minor Registry tweak. Even for those who would not normally feel comfortable editing the Registry, this one's a piece of cake. To begin, click the Start button and type Regedit in the Search box. Then, select the appropriate result and press [Enter]. When you do, you'll see the User Account Control, shown inFigure A, and will need to click the Yes button.Note: Editing the Windows Registry file is not without its risks, so be sure you have a verified backup before making any changes.

Figure A

You will encounter a UAC when you launch the Registry Editor.

Once the Registry Editor launches, locate and right-click on HKEY_LOCAL_MACHINE key and select the Find command. When you see the Find dialog box, type OEMBackground in the text box and make sure that only the Values check box is selected, as shown in Figure B.

Figure B

Type OEMBackground in the Find dialog box.

When the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background key opens, locate and double-click the OEMBackground value. When you see the Edit DWORD dialog box, change the value data from 0 to 1, as shown in Figure C. (If the OEMBackground value doesn't exist in the Background key, you'll need to pull down the Edit menu from that key and select New | DWORD (32-bit) Value).

Figure C

Change the value data from 0 to 1.

To complete this part of the operation, click OK to close the Edit DWORD dialog box and then close the Registry Editor.

Creating folders

In the second part of the operation, you'll need to create a couple of folders. To begin, launch Windows Explorer. Then navigate to the C:\Windows\System32\Oobe folder. Once you access the Oobe folder, click the New Folder button in the Windows Explorer toolbar. You'll see a confirmation dialog box, like the one shown inFigure D. When you click Continue, the new folder will be created and you can name it info.

Figure D

When you click the New Folder button, you'll encounter a confirmation dialog box.

Then, open the info folder, click the New Folder button again, work through the confirmation dialog box, and then name the second new folderbackgrounds.

Configuring the wallpaper

You can use any image that you want for your new Logon screen wallpaper. However, the image has to be in JPG format and you need to name it backgroundDefault.jpg. When you copy your file to the Windows\System32\Oobe\info\backgrounds folder, you'll encounter and will need to work through a confirmation dialog box similar to the one shown in Figure D.

Two other things to keep in mind: First, the actual file size of backgroundDefault.jpg cannot exceed 256 KB. Second, you'll want to use an image whose dimensions match the screen resolution that you are using. If you use a file whose dimensions are smaller, the image will be stretched and may appear distorted.

Rooting micromax in 3 Steps

How To Root Micromax Unite 2 A106 Without PC [With KingRoot App]

Get KingRoot application fromDev Host.Install KingRoot application like a normal application.Open the application and on the main UI, tap on the big green circle with a circle of lock in which you can read some Chinese text withRoot button.
Tap on the big button to root next to the arrow.

It will take some time to root the phone.As soon as you see a tick mark in the circle which means your phone has successfully rooted, you can tap the blue button below which will appear after the rooting has been done.
Tap on the button next to the arrow.

Reboot your phone!

The application will install KingUser application which is better than SuperSU and works perfect with MTK devices especially with Micromax Unite 2. In case if you want to install SuperSU, just install SuperSU from Google Play Store and update the binaries using normal way.

Rooting With Baidu Root App [May Not Work With All The Phones]

Open Settings and then move to Security and enableUnknown Sources. Just tick unkown sources and accept the warning.Get Baidu Rooting Application from it's official website: Clickhere to visit Baidu Root. Don't open the website from Google Chrome (using a phone), because it appeared wired there. Try opening it with Opera Mini.
Download Baidu App to Root MT6582 on KitKat/Micromax Unite 2

You will see a blue box with Chinese language written in it. I haven't translated it so I don't know what's written there. Just click on this and you will be prompted to downloadBaiduRoot_2001.apk. SelectSave and download the application.Open any File Explorer application if you have and open SDCard>Download.Now tap on BaiduRoot_2001.apk and select on Install to install this application in your phone.Open the application from app drawer.Now select Root button with some words written in Chinese language. Wait for some minutes and let the application download some binaries required to root the phone.You will see a popup. Press back to close the popup.Finally you will have a rooted phone. Now reboot for changes to take effect.Now you can uninstall this application.Further more you can installSuperSU application after rooting your phone and can uninstall Kinguser application if you want, but uninstall only if you have alternative Superuser application, else your phone will not have root access.

RSS

Categories

Followers

Blog Archive

rTechIndia

RtechIndia->technology ahead

rtech

rtechindia

RtechIndia

Go rtechindia

Go rtechindia

RtechIndia

Tuesday 11 November 2014

Interception of HTTPS Traffic between Android Device and External Server

Sometimes it's interesting to see what different Android applications exchange through HTTP and HTTPS protocols. Sometimes, when developing one's own SW it's convenient to see the whole traffic in real time. To solve these tasks many different and good applications have been developed, e.g. Charles or Fiddler2. In fact, they are more numerous, but only the two mentioned allow seeing not only HTTP but also HTTPS.

Troubles appear in the interception of traffic between an Android device and an external server. With encoded (HTTP) traffic all is rather obvious (here's a guide) — external links are allowed with Fiddler2, in Android the address of our machine with Fiddler2 is set as a server — and voila, all is up and running. But it took me a bit longer to set up HTTPS traffic interception.

Theory

So, what's the trouble? The trouble is that using HTTPS the client verifies by default whether the server it connects to is the right one. For this purpose certificates are used. So, the real server has, of course, a real certificate that matches the open URL, while our proxy does not have one. To deal with the problem in desktop OS, Fiddler2 offers a possibility to generate a fake certificate and import it to the trusted ones — now the client will always believe that connection to Fiddler2 is quite safe. Unfortunately, mobile devices did not buy this dummy.

Primarily, it is impossible to import certificates in Androids older than v.4.0. There are some doubtful options with routed devices but they don't suit us. Secondly, it is impossible to import a Fiddler2 certificate even in Android 4.0. The thing is the certificate generated by default fails to meet some security criteria of Android and can't be installed. It should be generated in a special way. Finally, we can't take it for granted that all applications will trust a fake certificate. There are some niceties.

Usage

  1. Take an Android 4.0 or higher device. No, a 2.3 device won't suit. Yes, a 4.0 emulator will suit.
  2. Install the latest version of Fiddler2 on your PC.
  3. Install special libraries to generate Android-compatible safety certificates (here).
  4. Export the security certificate from Fiddler2 («Tools > Fiddler Options > HTTPS > Export root certificate to Desktop»). Save it on your flash drive, into the root directory (or in your emulator, if you're using one).
  5. Add the security certificate to the trusted ones in Android («Settings > Security > Install from SD card»)

  6. Start Fiddler2, allow remote connections in Options.

  7. Enter the address of the PC with Fiddler2 as the proxy in network settings of Android.

  8. Open browser on Android, enter google.com and observe the request and response in the Fiddler2 window.

So, it worked with the browser, but, unfortunately, not all applications are as trustful as the browser. E.g. my soft, where I use Apache HTTP Client, didn't buy it the Apache client couldn't care less about the OS trusted certificates. In this case I had to disable this verification manually as follows:

Protocol.registerProtocol("https", new Protocol("https", new EasySSLProtocolSocketFactory(), 443));  

where EasySSLProtocolSocketFactory comes from here and allows trusting any certificates

Registry tweak for changing logon on windowd

Registry tweak

The process begins with a very minor Registry tweak. Even for those who would not normally feel comfortable editing the Registry, this one's a piece of cake. To begin, click the Start button and type Regedit in the Search box. Then, select the appropriate result and press [Enter]. When you do, you'll see the User Account Control, shown inFigure A, and will need to click the Yes button.Note: Editing the Windows Registry file is not without its risks, so be sure you have a verified backup before making any changes.

Figure A

You will encounter a UAC when you launch the Registry Editor.

Once the Registry Editor launches, locate and right-click on HKEY_LOCAL_MACHINE key and select the Find command. When you see the Find dialog box, type OEMBackground in the text box and make sure that only the Values check box is selected, as shown in Figure B.

Figure B

Type OEMBackground in the Find dialog box.

When the HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\LogonUI\Background key opens, locate and double-click the OEMBackground value. When you see the Edit DWORD dialog box, change the value data from 0 to 1, as shown in Figure C. (If the OEMBackground value doesn't exist in the Background key, you'll need to pull down the Edit menu from that key and select New | DWORD (32-bit) Value).

Figure C

Change the value data from 0 to 1.

To complete this part of the operation, click OK to close the Edit DWORD dialog box and then close the Registry Editor.

Creating folders

In the second part of the operation, you'll need to create a couple of folders. To begin, launch Windows Explorer. Then navigate to the C:\Windows\System32\Oobe folder. Once you access the Oobe folder, click the New Folder button in the Windows Explorer toolbar. You'll see a confirmation dialog box, like the one shown inFigure D. When you click Continue, the new folder will be created and you can name it info.

Figure D

When you click the New Folder button, you'll encounter a confirmation dialog box.

Then, open the info folder, click the New Folder button again, work through the confirmation dialog box, and then name the second new folderbackgrounds.

Configuring the wallpaper

You can use any image that you want for your new Logon screen wallpaper. However, the image has to be in JPG format and you need to name it backgroundDefault.jpg. When you copy your file to the Windows\System32\Oobe\info\backgrounds folder, you'll encounter and will need to work through a confirmation dialog box similar to the one shown in Figure D.

Two other things to keep in mind: First, the actual file size of backgroundDefault.jpg cannot exceed 256 KB. Second, you'll want to use an image whose dimensions match the screen resolution that you are using. If you use a file whose dimensions are smaller, the image will be stretched and may appear distorted.

Rooting micromax in 3 Steps

How To Root Micromax Unite 2 A106 Without PC [With KingRoot App]

Get KingRoot application fromDev Host.Install KingRoot application like a normal application.Open the application and on the main UI, tap on the big green circle with a circle of lock in which you can read some Chinese text withRoot button.
Tap on the big button to root next to the arrow.

It will take some time to root the phone.As soon as you see a tick mark in the circle which means your phone has successfully rooted, you can tap the blue button below which will appear after the rooting has been done.
Tap on the button next to the arrow.

Reboot your phone!

The application will install KingUser application which is better than SuperSU and works perfect with MTK devices especially with Micromax Unite 2. In case if you want to install SuperSU, just install SuperSU from Google Play Store and update the binaries using normal way.

Rooting With Baidu Root App [May Not Work With All The Phones]

Open Settings and then move to Security and enableUnknown Sources. Just tick unkown sources and accept the warning.Get Baidu Rooting Application from it's official website: Clickhere to visit Baidu Root. Don't open the website from Google Chrome (using a phone), because it appeared wired there. Try opening it with Opera Mini.
Download Baidu App to Root MT6582 on KitKat/Micromax Unite 2

You will see a blue box with Chinese language written in it. I haven't translated it so I don't know what's written there. Just click on this and you will be prompted to downloadBaiduRoot_2001.apk. SelectSave and download the application.Open any File Explorer application if you have and open SDCard>Download.Now tap on BaiduRoot_2001.apk and select on Install to install this application in your phone.Open the application from app drawer.Now select Root button with some words written in Chinese language. Wait for some minutes and let the application download some binaries required to root the phone.You will see a popup. Press back to close the popup.Finally you will have a rooted phone. Now reboot for changes to take effect.Now you can uninstall this application.Further more you can installSuperSU application after rooting your phone and can uninstall Kinguser application if you want, but uninstall only if you have alternative Superuser application, else your phone will not have root access.