How to enable flash player in jellybean dolphin browser

How to enable flash player in jellybean dolphin browser

Adobe has quit developing Flash Player for mobile devices and it’s last update was for Android Ice Cream Sandwich, luckily this version works for Jellybean too but dolphin browser for Android which supported Flash player plugin till ICS has quit the support for the plugin from Jellybean.

I would tell you the work around to enable flash player plugin support in jellybean dolphin browser.

Download the official flash player apk from adobe from the link below,

https://helpx.adobe.com/flash-player/kb/installing-flash-player-android-devices.html

Though there are some developer versions of flash player available for JB, I would recommend you to download the official release for better stability.

Step 1: Install dolphin browser from Google Play to your JB android device.
Step 2: Install flash player downloaded above.
Note : make sure you have enabled unknown source install in the security section of your device.
Step 3: Connect the rooted-Android device to the computer and issue the following commands –
Note : make sure you have installed Android tools in your computer.

adb shell

cd data/data/mobi.mgeek.TunnyBrowser/shared_prefs

rm -rf mobi.mgeek.TunnyBrowser_preferences.xml

The above command will set the Flash player plugin to ‘Always On’ in the dolphin browser.

I have made the video of the steps above for your understanding
Step 4 : Test the flash player in the dolphin browser by clicking the flash player app and opening the link through dolphin browser. If  you see the flash player settings then you are good to go.
Step 5 : Disable the auto-update of dolphin browser in the Google Play, if you wish to update the browser you have to do the above steps again.
Ask your queries to me in the comments or through Facebook/twitter.

Picture curtesy : digital trends

Continue reading “How to enable flash player in jellybean dolphin browser”

Install AOKP Jellybean ROM in Samsung Galaxy Tab2

Install AOKP ROM based on Cyanogenmod on your galaxy tab2

Android Open Kang Project(AOKP) is a custom ROM project based on Cyanogenmod. But unlike CM which offers only nightlies(as of writing), AOKP has released a milestone(stable) version of Jellybean 4.1.2 ROM for Galaxy Tab 2 7.0 P3100. AOKP ROM’s are light weight and have kernels capable of realtime processor speed stepping thereby giving maximum performance at the same time conserving battery charge.

See my AOKP ROM vs Official Jellybean ROM benchmarks for Galaxy Tab 2.0 here –
http://news.indiandragon.in/2012/12/16/aokp-rom-vs-official-jellybean-rom-for-galaxy-tab-2-0/

Samsung has started giving out OTA updates of Jellybean ROM based on 4.1.1 for Tab2 see the guide here to install official jellybean ROM from samsung, but those of you who demand better performance and timings between recharging battery can opt for light weight AOKP ROM. Read on how,

Disclaimer : Flashing ROM’s are risky, void’s warranty and could brick your device if not done properly. I am not held responsible in such cases. This guide is for educational purposes only, to follow this guide is solely under your discretion .

Since it is an aftermarket ROM, you have to download ROM and Google apps package separately.

Download the AOKP Milestone ROM and gapps-jb-20121011-signed from the link below,

[display_adsense ad_type=”300×250″]

Step 1: Install Clockworkmod recovery if you had not done earlier. Follow 1-6 steps from here.
Step 2: Take backup of your current ROM using ROM Manager or Titanium Backup app.
Step 3:  Press power button+volume up to enter into Clockworkmod recovery.
Step 4:  Wipe data/factory reset three times.
Step 5 : Select install update.zip, and select the download AOKP ROM from your internal/external sd-card.
Step 6:  After Install, Wipe cache/dalvik cache three times.
Step 7 : Now select the install update.zip again and install gaaps.zip  in the same way as you install ROM.
Step 8:  Reboot

Hope you like the new AOKP ROM, incase you don’t then install the backed up ROM found in the clockworkmod directory just the way you installed AOKP ROM.

Security Vulnerability in third party IRCTC android applications in Google Play

About security vulnerability in third party IRCTC Android apps on Google Play

Update : If you have come here to download my IRCTC Android application, I am sorry I’ve removed it from google play as there are many IRCTC applications in Google play but with serious security risk.

I had developed an Android application for my personal use to book IRCTC (Indian Railway Catering and Tourism Corporation) railway tickets. I found it useful, So I released it on Google Play for the benefit of the others. Since then there has been an influx of numerous IRCTC apps on the Google play with added features like storing username/password, credit/debit card details, automatic login and session management. Though these features are undoubtedly useful, they pose a serious security risk which could lead to loosing your IRCTC login credentials to loosing your Credit/Debit card credentials thereby loosing your hard earned savings altogether to some malicious hacker/developer !

The reasons below states why it is not advisable to store user credentials on webview applications which make use of third party websites. Webview is the mecahnism by which android applications can make use of websites to provide a mobile application and it is the widely used method for number of IRCTC applications found on Google Play. You can check out the IRCTC applications from Google Play from the link below,

For this demo I am choosing IRCTC Pro app Shahul3D, it is the most well built IRCTC app  from the Google Play but is prone to following vulnerability in rooted Android devices,

                        

As you can see from the images above (if not click the image to enlarge), the application takes in user credentials like username, passwords to credit/debit card details even with the pin !! and what does it do with it ?

Stores it in a plain xml format in the android preferences
Google implemented the preferences as a simple database mechanism to store in user preferences in an application like dates,settings and it was never meant to store credit card details like the above application. unfortunately many developers still use preferences to store in sensitive information which in turn gets saved as an un-encrypted plain xml.
How to retrieve user data stored from android application stored in preferences,
 
Above screen capture of my terminal shows the basic set of commands I used to navigate into an rooted android file system to access the sensitive information stored in the above android application.
I made a video of the same for your understanding !
Any newbie could code an android application to parse the above xml data and take it to his home server. Even better he could target users of an particular application like the one shown above using similar package signatures and steal the user data.
Update : As few few visitors like Ajay (see comment section below) doesn’t like me being subtle about the scope of the vulnerability mentioned above, I would like to clarify it further.
1. shared_preferences by design cannot be accessed by another app in a non-rooted Android device,
Unless !
The developer has put in a android:sharedUserId with the hope of sharing is own preferences with his future apps. You can create same application context used in the target app using the UserId and access the shared_preferences.
And you know how to access the UserId, right ? See my Ultimate Android Decompilation Guide.
2. In rooted android devices, you can just build an app which would parse through the .xml in the /data and display the shared_preferences of other app or just mail it to your server !
So for the developers it is foolish to store sensitive data in preferences, unless if you want to steal the user data some how ! and for the users it is foolish to install any app you see on the Google Play without looking through it . Think well, when you see an app asking for your user credentials and take some time to contact the developer to know how your data is being stored and for what it is used for.
There are other risks involved in web view applications using third party websites by exploiting the javascript exploits, I will keep it for the next session. Take care.
Thanks to AndrewChamp for the great Evil Android picture !

Continue reading “Security Vulnerability in third party IRCTC android applications in Google Play”

How to root Galaxy Tab 2 Jelly Bean, ICS

I would explain here the methodology for rooting Galaxy Tab 2 P3100.

Rooting is a process which allows the user to gain root access to the linux in Android OS. It can be useful if you run applications such as firewall, which requires root access to the Android.
This guide is just for rooting Galaxy Tab2 P3100, for other Android devices Type ‘ Model number of your Phone/Tablet rooting’ in the above search box.

This Guide is applicable for  Galaxy Tab 2 P3100 running Jelly Bean 4.1.1 or Ice Cream Sandwich 4.0.4

Disclaimer : Rooting ROM’s are risky, void’s warranty and could brick your device if not done properly. I am not held responsible in such cases. This guide is for educational purposes only, to follow this guide is solely under your discretion .

Prerequisites :

1.Download the GalaxyTab2 Root from the below link.
http://downloads.indiandragon.in/Downloads/GalaxyTab2_Root.html
[display_adsense ad_type=”300×250″]
2.Backup your ROM using Clock work mod – ROM Manager.

Procedure :

1. Drop the update.zip to the internal sd or external sd card of your Tab2.

2. Power off the tab, press volume down + power button to go into download mode.


3. Connect the data cable to the Tab and to the computer. 
Note : If your Tab is not getting detected in windows, make sure you have 
a.samsung USB drivers installed.
b. Kies not running (kill from task manager ).
c. Connect the USB cable directly to the computer and not via an extension cable.

4. Open Odin in the Windows, You’ll notice the port is highlighted when the tab is detected.


5. Select Auto Restart & PDA and Uncheck everything else.

6. Select the GT-P3100_ClockworkMod-Recovery_5.5.0.4 through the PDA, make sure the options are selected as said and click Start.

7. After the Clock work Mod Recovery has been flashed press Volume up + power UP to enter into CWM recovery boot loader.
a.  Select install zip option and select update.zip from the internal/external sd.
b. Wait till the installation completes and select reboot system option.
Testing root,
In the Android Terminal Emulator type su, super user app will ask for giving providing super user permissions to the Terminal Emulator and you will receive superuser permissions. Type an linux command and check further.
Enjoy your rooted Galaxy tab2 !

Ultimate Android reverse engineering/decompiling guide – Part 1 (Softwares and Procedure)

Ultimate Android reverse engineering/decompiling guide – Softwares and Procedure

If  you  are searching on decompiling Android .apk for reverse engineering to study it’s code for security research or to regain your lost code or just for the sake of curiosity you would have come across number of guides on methods and tools on how to achieve it.
So I am writing this guide to show you on how to use the readily available tools to decompile an Android application and compare the Pro’s and Con’s of such tools.

Note : This guide is intended to enable you access the complete source code of an application for analysis rather than just changing the application’s icon or minor functionalities for hacking purposes.
So if you are looking for such minor hacks, you refer a number of guides on that on Xda forums.

[box type=”warning”] Disclaimer : This guide is for educational purposes only. Copying/Reusing the decompiled code without the author’s permission is illegal. If you wish to use the content from this post kindly acknowledge with me and link to the original source article here. Remember decompilation of any application does not guarantee to give you 100% error-free source code which you can right away convert to an working application. You should have the programming knowledge used in building the application, in order to analyse and fix the decompiled source code.[/box]

 

Following are the methods which can be used to Reverse Engineer/decompile an Android application :

Obtaining the .apk from your Android Mobile :

The .apk file of the Android application you wish to decompile would be found either in /data/apps or in /system/apps in your smartphone. You can use file explorer on the rooted Android smart phone or  adb shell from your computer to obtain the .apk file to your computer.

Java :
All the below methods assume you have set your java installed and environment set properly.

Method 1 : Dare + JD Decompiler +Cavaj (or) DJ Decompiler

Tools required :
For Retargeting :
Dare : http://siis.cse.psu.edu/dare/installation.html
Platform : Linux (Recommended)

For Decompiling :
JD Decompiler : http://java.decompiler.free.fr/?q=jdgui
Platform : OSX/Linux/Windows
Cavaj : http://en.kioskea.net/download/start/download-1635-cavaj-java-decompiler
Platform : Windows
(or)
Dj Decompiler : http://www.neshkov.com/
Platform : Windows

Procedure : 
Download Dare from Psu(Pennsylvania State University) website to your Linux machine or a Linux VM.

1) copy the .apk to the the dare directory eg: test.apk .
2) create an output folder e.g: out inside the dare directory.
3) Open Terminal cd to the dare directory.
4) ./dex-preopt –bootstrap
5) ./dare -c -e -p -d out test.apk

You can find the .class files in the out directory along with the decompiled source code. If you feel that the decompiled source could be improved, you can decompile the .class files with JD-Decompiler and Cavan (or) DJ decompiler.
For further information on the usage of the Dare options refer their website and post your queries regarding your Dare usage in their mail forum here .

Pros :
Once again projects by students and researcher’s triumph over commercial softwares. Soot is an java optimisation framework by McGill University, using it for optimising and decompiling using built in dava decompiler is a step ahead of other decompilers out there.

Cons :
Nothing to mention specifically other than natural difficulties faced by decompilers and retargeting algorithm.

Method 2 : dex2jar + JD Decompiler + Cavaj (or) DJ Decompiler

Tools required :
For dex translation :
dex2jar : http://code.google.com/p/dex2jar/downloads/list
Platform :  OSX/Linux/Windows

For Decompiling :
JD Decompiler : http://java.decompiler.free.fr/?q=jdgui
Platform : OSX/Linux/Windows
Cavaj : http://en.kioskea.net/download/start/download-1635-cavaj-java-decompiler
Platform : Windows
(or)
Dj Decompiler : http://www.neshkov.com/
Platform : Windows

Procedure :
Download dex2jar from the above link.
1) Open the .apk with any zip unarchiver like unzip/winzip/winRAR,7zip and obtain the classes.dex file.
2) Drop the classes.dex into the dex2jar folder.
2) cd to the dex2jar-0.0.9.10 folder
3) ./dex2jar.sh classes.dex

Inside the dex2jar folder you can find classes_dex2jar.jar which you can decompile using JD-Decompiler or DJ-Decompiler/Cavaj Decompiler to obtain the source code. You can build latest version of dex2jar easily in your computer using maven as shown here.

Pros :
Easy and fast to use. Multiple platforms support. Updated regularly by Xiaobo Pan.

Cons :
Nothing in particular other than the difficulties faced by the decompilers.

Method 3 : AndroChef  Java Decompiler

Tools Required :
AndroChef java Decompiler : http://www.neshkov.com/ac_decompiler.html
Platform : Windows

Procedure :
Download the AndroChef Java Decompiler from the neshkov’s website.

1. Select the .dex/.jar/.apk file.
2. Select the output directory.
3. Select the options (For first time I recommend you to unselect all the options).
4. Click Decompile button.

You will find the decompiled application in jar format in the output directory you specified, remember the classes in the jar are already decompiled so you don’t have to use another decompiler like JD-Decompiler for reading it. Just unzip the jar and find the source code files inside.

Pros :
1. Complete Android Decompilation suite, very easy to use.
2. Exception statements are handled correctly.

Cons :
1. Not free, expensive.
2. Did not handle String builders properly in my use. If it comes across errors in decompiler, it omits the entire method without decompiling and gives you //Comment saying it cannot be decompiled.

Obtaining the resources and other files from the Android app :

Tools Required :
Apk Tool : http://forum.xda-developers.com/showthread.php?t=1755243
[display_adsense ad_type=”300×250″]
aapt : http://forum.xda-developers.com/showthread.php?t=1755243
Framework files (For System app) : http://code.google.com/p/android-apktool/wiki/FrameworkFiles
Procedure :
1. Download apktool to a folder with the .apk .
2. java -jar apktool_1.5.0.jar d test.apk

If you get any error you have to use the framework files, see the above link for more information on that. Your disassembled files should be in the same folder with the source folders arranged in the recursively according to the package. Your source files should be in the .smali language the intermediate dalvik language code. I would talk more about the small in my next post on the topic.

Advanced Tricks:
Selective Decompilation :

Tools Required : 
Smali – http://code.google.com/p/smali/downloads/list
Backsmali – http://code.google.com/p/smali/downloads/list

Procedure :
Now that you’ve learnt that .dex files get decompiled by the tools mentioned in the above methods, if you want to decompile just few source files instead of all the files in the classes.dex it can be done as follows,

1. Unzip the .apk and place the classes.dex in the same folder as Smali/Baksmali .

java -jar baksmali-1.4.0.jar classes.dex

You will find the out folder in your current directory. The out folder will have the small files of your source. You can keep the small files you want the source in the folder and move other smali files to some other directory.

java -jar smali-1.4.0.jar out

Where out is the directory with the small files. This will produce a out.dex in the current directory.

Now you can use the dex2jar method above to decompile the out.dex to readable source files.

Decompiling System applications :

Most system applications are accompanied by an .odex file with the same name as the .apk . You have to deodex the application before decompiling.

For deodexing an application read deodex instructions for smali page here .

A word on the Decompilers :

JD-GUI : Fast and efficient decompiler. Try catch exceptions are not handled properly some times. else() condition replaced with While(true) and for() conditions with infinite loop like for(;;) in some cases. So look out for logic carefully and implement the proper conditional statements.

JD-eclipse : An eclipse plugin of the same JD-GUI decompiler with some 3rd party additions like Realign plugin from Mchr3k . See more information about it here .

DJ Decompiler / Cavaj : Both using famous but extinct JAD decompiler former being paid and the latter free. Amazingly you can still use these decompilers for decompiling the Android source files from the .class files. But beware that the conditions are arranged in labels and break statements. So you have to follow each labels and break statement to construct your own conditional statements. Try catch exceptions are not handled so you are on your own on that.

JADeclipse : This is a plugin for eclipse using JAD mentioned above.
1. Download JAD for your platform from here. Download JAD eclipse plugin from here.
2. Put the JAD binary in your HDD partition.
3. Configure the path to the Jad executable in eclipse under eclipse > Preferences… > Java > JadClipse > Path to Decompiler.
4. Go to eclipse > Preferences… > General > Editors > File Associations and make sure that the JadClipse Class File Viewer has the default file association for *.class  files.
5. import class files as .jar (zip the folder containing .class files as .jar) open it with JADeclipse to see the decompiled source.

AndroChef : The decompiler used in the AndroChef suite handles the conditional statements and Try catch exceptions perfectly. But incase of any errors it would omit the entire method from decompilation. Some say it has to do with null exceptions.

Setting up the project in Eclipse :

1. Considering you have set up an android application development  in eclipse with Android sdk, you can use the folder structure you obtained from Apk tool and replace the .smali files with the decompiled source files from any of the above methods.
2. Import the project as Android project with source in the eclipse.
3. Fix the errors, use the multiple decompilation methods above to compare the source files and fix the errors.

What’s Next ?

That’s all you need to start reverse engineering/decompiling android applications. If you get struck at a point, make sure you read my guide again to see if you have missed any step.

If you have doubt’s, post your query in the comment, you can contact me through twitter, facebook or google plus.

Please note that I will not decompile your .smali code or partially decompiled source code, so don’t post them here. I can only help you with the queries on what I have shown in the guide above so don’t expect me to do the same for you.

Make sure you follow me for the next guide on Advanced decompilation/ reverse engineering techniques on object level .smali language .

Thanks to ~thefjk of  deviant art for the awesome Android Hungry image .