Hey everybody, I am posting this here cause I just built a new parental control, remote administration and practical joke app for Android called caesura. Caesura is a remote administration app that allows an Android phone to be controlled via SMS messages, in much the same was as one can post to Facebook via SMS.
By sending the !login command to the phone in question and then texting back the password, you can signal the phone to start listening for commands. These commands include panic (turn up the volume all the way and ring and flash lights to help find lost phone), status (find out how much battery life the phone has left and get other info), contacts (in case you forgot your phone at home, u can still access your address book), block (block all SMS messages from specified number, useful for parental control),.and many more.
Like I said, this is just a beta so I'm open to any suggestions
The app can be downloaded from this page on my website:
http://www.gundersoft.com/pages/downloads/caesura
As of yet this work is beta...it doesn't have decent instructions...these are forth coming. For now, the three commands you need to know are as follows: !login logs in to the remote phone. Help command (replace command with the name of a command you need help with) gives help related to command usage, and exit logs you out of the remote phone. Make sure you always use the exit command when finished! You cannot send any texts to the remote phone from the phone you used to control it while logged in.
for a list of the available commands, use the "login to another phone" button to control the phone instead of SMS. In this console there is a drop down menu containing all of the commands.
Finally, for the sake of research, every copy of this app "calls home" the first time it launches to register the version number so I can keep track of roughly how many of each version of caesura out in the wild lol.
Tell me what you think of all of this!
Sent from my MB860 using XDA App
Need to move this to the apps forum. This is the rom development forum. I will give this a try though, thanks for sharing.
Sent from my MB860 using xda premium
Oops, Sorry
Sent from my MB860 using XDA App
ur android market link is not working
https://market.android.com/developer?pub=Gundersoft+Studios
Related
Lots of praise for this keyboard but it has some crazy persmissions like saving and sending your key strokes.
I really want this keyboard because it is perfect for typing when holding tab with both hands.
THanks
I'm looking through the permissions here and I don't see anything out of the ordinary for a keyboard and nothing about sending and saving keystrokes
Going by some of the reviews on amazon app world, I thought there were more people complaining about access.
http://www.amazon.com/Beansoft-Thum...ageNumber=2&sortBy=bySubmissionDateDescending
Just purchased and when I installed I got a warning popup window saying this app may collect data including credit card info by using it
I guess this is why the negative reviews about permissions.
You get that warning with any keyboard you enable that was downloaded.
Sent from my Nexus S 4G using Tapatalk
The question is does it keep a log and does it transmit data.
HTC ime was guilty of this at some point.
As the developer of thumb keyboard I can assure that no data is collected.
I think the warning is a bit confusing, because no one got a message about the stock keyboards that are installed. So it might seem that only a third party keyboard has a possibility to collect data. Also, why doesn't Android provide a similar warning for any other app. Like for example a browser, in which a user enters passwords and other critical data? It implies that only keyboards can be unsafe. This is definitely not the case.
The permissions can be explained as follows:
* audio recording is for voice input
* access to the contact database is to generate contact name suggestions
* internet access is needed only for downloading themes and downloading dictionaries
I hope some day the Android development team will come up with another permission model. It would be better if permissions were granted for particular functions and not globally for the whole app. (Theoretically this must be possible by assigning permissions to classes)
I'm investigating how I can legally commit myself, so that the user can have more trust.
No.
Sent from my GT-P7510 using XDA Premium App
Ever since I got my Droid 3 I wanted to be able to control games using the keypad, but sadly most games won't support it, so I figured, it would be cool if I could make an app that catches all the keyboard events and triggers fake MotionEvents for preset regions of the touchscreen (kindof how it's done on the iControlPad).
I believe I've found a way to fake the touches, but when searching for a way to read keyboard events when my app doesn't have the focus all lead to dead ends.
Does anybody have a clue how I could do that?
If anyone cares: I not only managed to find a way to read out all the touches and keystrokes that should go to other apps (though some android-coworker said it was impossible), but I can also filter which one of those I let through. I can even block the back- and home-buttons. And it's runnable without any running service or activity, so invisible and unkillable. I don't need most of that for my app, so I won't use what I don't need, I just stumbled across it by accident.
Every threat on this topic ended with "It's impossible to read out keystrokes destined to another app, because it would be too much of a security issue." Well, it is possible.
Sent from my XT860 using xda app-developers app
Dakkaron said:
If anyone cares: I not only managed to find a way to read out all the touches and keystrokes that should go to other apps (though some android-coworker said it was impossible), but I can also filter which one of those I let through. I can even block the back- and home-buttons. And it's runnable without any running service or activity, so invisible and unkillable. I don't need most of that for my app, so I won't use what I don't need, I just stumbled across it by accident.
Every threat on this topic ended with "It's impossible to read out keystrokes destined to another app, because it would be too much of a security issue." Well, it is possible.
Sent from my XT860 using xda app-developers app
Click to expand...
Click to collapse
I do care! I would appriciate to hear how this works, because I would need it for my ongoing development.
Besides Camara button, which is of cause easy due to the broadcast event, and the volume keys (which are more tricky, since you have to inject an own BroadcastReceiver to the AudioManager), how do you handle other keys?
Ok, it's been a while since I did this, and I had a lot of work on other projects in between so, I hope I get everything right.
To do the whole trick you need root access.
1) Get the android.permission.SYSTEM_ALERT_WINDOW permission
2) Open up a system alert window with no content. There is a setting somewhere that lets you catch all keystrokes and touches. This blocks them all from going through
3) This one is tricky. I had to analyse nonsense for days to get it right, and I fear it's still not very good. Go to /dev/input on your phone. There are files named event1, event2, ...
Each of those correspond to one input device, so one is your touchscreen, one is the keyboard and so on. What you do now is you perform the action you want to recreate on the phone (e.g. press a key) and monitor the event files through adb (there is a linux command, that I forgot, that lets you view a file in real time. Also you can copy that real time view to your harddrive by typing "adb shell [command] > record.txt").
Once you know every event that you want to recreate, you can go to the next step.
4) This is what your app has to do to let a keystroke through: The user presses a key, your app catches it. Then it changes it's mode (see 2) ) to not catch any keystrokes at all, posts the corresponding event for that key in the fitting /dev/input/eventX-file, and sets itself to catch keystrokes again.
Before the whole thing make sure, your /dev/input/eventX-file has a chmod of 666 or therelike, since you can't write into it from your app. You only need root for that, after that you don't need root. The OS resets the chmod on each reboot.
It is a hell of a lot of work. Calculate about a week or more for just that (at least that was what it took me to figure it all out). Good luck
PS: If you get your app system privileges, there is also the android.permission.INJECT_EVENTS, which allows you to inject key- and touch-events to another app using a simple function (can't remember it, but Google does). For your app to be able to get system privileges you need to copy it to /system/app, which requires root and a mounted /system. Catching the keystrokes still works the same way as above.
Dakkaron said:
Ok, it's been a while since I did this, and I had a lot of work on other projects in between so, I hope I get everything right.
To do the whole trick you need root access.
1) Get the android.permission.SYSTEM_ALERT_WINDOW permission
2) Open up a system alert window with no content. There is a setting somewhere that lets you catch all keystrokes and touches. This blocks them all from going through
3) This one is tricky. I had to analyse nonsense for days to get it right, and I fear it's still not very good. Go to /dev/input on your phone. There are files named event1, event2, ...
Each of those correspond to one input device, so one is your touchscreen, one is the keyboard and so on. What you do now is you perform the action you want to recreate on the phone (e.g. press a key) and monitor the event files through adb (there is a linux command, that I forgot, that lets you view a file in real time. Also you can copy that real time view to your harddrive by typing "adb shell [command] > record.txt").
Once you know every event that you want to recreate, you can go to the next step.
4) This is what your app has to do to let a keystroke through: The user presses a key, your app catches it. Then it changes it's mode (see 2) ) to not catch any keystrokes at all, posts the corresponding event for that key in the fitting /dev/input/eventX-file, and sets itself to catch keystrokes again.
Before the whole thing make sure, your /dev/input/eventX-file has a chmod of 666 or therelike, since you can't write into it from your app. You only need root for that, after that you don't need root. The OS resets the chmod on each reboot.
It is a hell of a lot of work. Calculate about a week or more for just that (at least that was what it took me to figure it all out). Good luck
PS: If you get your app system privileges, there is also the android.permission.INJECT_EVENTS, which allows you to inject key- and touch-events to another app using a simple function (can't remember it, but Google does). For your app to be able to get system privileges you need to copy it to /system/app, which requires root and a mounted /system. Catching the keystrokes still works the same way as above.
Click to expand...
Click to collapse
Thank you for your innovative solution
I do not understand two points:
1. How does your app will stay on top and its windows receives events, when the user opens another app, a game for example.
2. How does the background app, the game, keep running? Isn't the game onPause() when you are running your app in front?
Thanks you.
Dakkaron said:
2) Open up a system alert window with no content. There is a setting somewhere that lets you catch all keystrokes and touches. This blocks them all from going through
Click to expand...
Click to collapse
Can you please try to remember and elaborate " a setting somewhere" part?
I have just recently started using Tasker for some simple tasks like turning on/off GPS or WiFi, silencing my phone, etc... And I am trying to figure out how to set up a task to sign in to secured WiFi SSIDs. My work and school both require you to "sign in" before you can use their WiFi, so my phone tells my whenever it connects, to "Sign into Wi-Fi Network". Both of them are different however. My work is a simple checkbox to "agree" to the store's conditions My school, I actually have to type in my student information.
What I would like to do is make a task to automate that signing in process as soon as my phone connects to the WiFi. Has anyone done anything like this or have any suggestions how to go about it?
Tasker is a very powerful app whose full capabilities I personally haven't even started to scratch...play around especially with creating variables under the NET > Wifi Connected/Near task or profile and I think you'll be able to write a simple profile to do this for you. Best way to do this is when you're actually on/near that network so you can automatically pull in the details of the Mac address or SSID...
You can start by looking here to see if you can "kang" one profile/task or so
http://tasker.wikidot.com/profile-index
Under Advanced category on this wiki look to see how you can modify the Wifi Auto Start/Stop profile...
I tried to do something like this a long time ago but figured it.
Hope some one can help out
Sent from my GT-N8013
Moe5508 said:
Tasker is a very powerful app whose full capabilities I personally haven't even started to scratch...play around especially with creating variables under the NET > Wifi Connected/Near task or profile and I think you'll be able to write a simple profile to do this for you. Best way to do this is when you're actually on/near that network so you can automatically pull in the details of the Mac address or SSID...
You can start by looking here to see if you can "kang" one profile/task or so
http://tasker.wikidot.com/profile-index
Under Advanced category on this wiki look to see how you can modify the Wifi Auto Start/Stop profile...
Click to expand...
Click to collapse
I'm afraid I may have to write some sort of script to handle the authentication. I can make it check to see if I'm connected, and I should be able to see if I have connectivity or not, but I don't know where to go from there.
EDIT: On further examination, I don't see a way to check WiFi connectivity or speeds.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
There is the newbie tut thread... and a Google group
Sent from my Vivid 4G using Tapatalk 2
rignfool said:
There is the newbie tut thread... and a Google group
Sent from my Vivid 4G using Tapatalk 2
Click to expand...
Click to collapse
And this is not a newbie tut issue. It looks like people all over the internet have been trying to do it, and there hasn't been much progress.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
I've tried to do something similar some time ago to login to fon networks, with no luck I'm afraid
My best guess was trying to use "http post" plugin
https://play.google.com/store/apps/details?id=com.steelgirder.LocaleSendEmailPlugin
But still the lack of knowledge took ahead of me, maybe you can have a look at it
wish you better luck than mine :thumbup:
Sent from my Nexus 7 using Tapatalk HD
I solved one of them!!! I was able to get it (I think, haven't field tested yet) to work with my work WiFi Here's my setup:
State: Wifi Connected Guest,*,* (Name of SSID is Guest)
1. Browse URL *the URL for the login page*
2. Run Shell [Command: sleep 0.1; input tap 50 715; sleep 0.025; input tap 620 800 Timeout: 0 Use Root: Yes]
The coordinates in the "input tap" sections are the coordinates for the "agree" checkbox, and the "agree" button, respectively This seems to work awesome, but I have to try it when I'm there. I'm now going to try and figure out how to make it do it while the phone is asleep
BTW, an easy way to get those coordinates is to turn on "Show Pointer Location" in Developer Settings.
@Drinfernoo
I am going to tedt this out on Monday at work
Sent from my GT-N7000 using Tapatalk 2
I use a great app called WiFi Web Login. It's pretty cheap in the play store. Logs into my school WiFi flawlessly every time.
Sent from my SPH-L710 using xda app-developers app
ooonimrodooo said:
I use a great app called WiFi Web Login. It's pretty cheap in the play store. Logs into my school WiFi flawlessly every time.
Sent from my SPH-L710 using xda app-developers app
Click to expand...
Click to collapse
Definitely worth a shot Thank you.
Sent from my SAMSUNG-SGH-I747 using xda app-developers app
Of course! You won't be disappointed.
Sent from my SPH-L710 using xda app-developers app
I just purchased the app. Works well on both secured wireless network login page and guess wifi at my school.
Interpreting the pointer position
drinfernoo said:
I solved one of them!!! I was able to get it (I think, haven't field tested yet) to work with my work WiFi Here's my setup:
State: Wifi Connected Guest,*,* (Name of SSID is Guest)
1. Browse URL *the URL for the login page*
2. Run Shell [Command: sleep 0.1; input tap 50 715; sleep 0.025; input tap 620 800 Timeout: 0 Use Root: Yes]
The coordinates in the "input tap" sections are the coordinates for the "agree" checkbox, and the "agree" button, respectively This seems to work awesome, but I have to try it when I'm there. I'm now going to try and figure out how to make it do it while the phone is asleep
BTW, an easy way to get those coordinates is to turn on "Show Pointer Location" in Developer Settings.
Click to expand...
Click to collapse
Can you explain how to interpret the coordinate figures from using the "show pointer location"
Mine are P: 0/1
dx:1.5
dy:-1.5
Xv:0.0
Yv:0.045
prs: 0.58
Size: 0.27
Which ones are relevant to the command line? Can you provide a relevant command line for those readings. It is just one ok button that needs to be pressed.
Thanks in advance!
Okay so I just used an app called Wifi Web Login.
tab through links and then press enter when the button is highlighted using keyevent
drinfernoo said:
I solved one of them!!! I was able to get it (I think, haven't field tested yet) to work with my work WiFi Here's my setup:
State: Wifi Connected Guest,*,* (Name of SSID is Guest)
1. Browse URL *the URL for the login page*
2. Run Shell [Command: sleep 0.1; input tap 50 715; sleep 0.025; input tap 620 800 Timeout: 0 Use Root: Yes]
The coordinates in the "input tap" sections are the coordinates for the "agree" checkbox, and the "agree" button, respectively This seems to work awesome, but I have to try it when I'm there. I'm now going to try and figure out how to make it do it while the phone is asleep
BTW, an easy way to get those coordinates is to turn on "Show Pointer Location" in Developer Settings.
Click to expand...
Click to collapse
Thanks so much for posting this! I had a similar problem where my Wifi at work requires users to accept the TOS every time they login. For me I just have to click on a log in button. The tap command would have been too complicated because there was a lot of scrolling to get to the accept button at the bottom of the page. My solution was very similar and uses the input keyevent shell command which simulates key presses on the keyboard. You could probably use this method to input your login information by using the right sequence of simulated keyboard presses. For my situation the pertinent key presses are keyevent 61 which is Tab, to highlight and advance through elements on the page, and keyevent 66 which is enter, to "click" on the accept button. I found a complete list of keyevent codes on the android developers website by goggling "input keyevent android"
1. Browse URL (login page link) - This opens it in my default browser which is chrome.
2. Run Shell (input keyevent 61; input keyevent 61; input keyevent 61; input keyevent 61; input keyevent 61; input keyevent 61; input keyevent 61; input keyevent 61; input keyevent 66) - This will tab through the links on the login page until the accept button is highlighted and then the enter key will be pressed.
I'm kind of a newb and this is my first post so if anyone has any tips for shortening my shell command please let me know. I was trying to figure out how to press Shift and Tab simultaneously to take me directly to the last element on the page (which is the accept button) but couldn't figure it out. I would be super grateful if anyone could share how to do this.
I am trying something similar. My problem is that the login "page" is a notification based Android System popup. If I could get tasker to load the notification I can use intents to fill out the fields. Any ideas?
For any future people, this is not hard to accomplish through direct and "proper" means.
Create a profile that detects when you connect to a network, and in tasker, check through Java code whether you're connected or not, and if not, connect by having tasker POST the data
Easy, fast, direct, and no need to do anything like simulating key presses
To get the URL and data fields you need for POST , you'll need to do a little dev debugging to figure it out. (Check the HTML)
Find the Java code in the first answer, isWalledGardenConnection()
https://stackoverflow.com/questions...cted-internet-access-captive-portal-detection
Working great for me, check my screenshot
P.S. You can see my tasker profile and task scripts for an example
Can you expand on this and post login for Starbucks,
Wendy's etc?
BBRecon said:
For any future people, this is not hard to accomplish through direct and "proper" means.
Create a profile that detects when you connect to a network, and in tasker, check through Java code whether you're connected or not, and if not, connect by having tasker POST the data
Easy, fast, direct, and no need to do anything like simulating key presses
To get the URL and data fields you need for POST , you'll need to do a little dev debugging to figure it out. (Check the HTML)
Find the Java code in the first answer, isWalledGardenConnection()
https://stackoverflow.com/questions...cted-internet-access-captive-portal-detection
Working great for me, check my screenshot
P.S. You can see my tasker profile and task scripts for an example
Click to expand...
Click to collapse
edmondt said:
Can you expand on this and post login for Starbucks,
Wendy's etc?
Click to expand...
Click to collapse
Here is more example. No guarantee it works for you, it's highly specific to my device probably
BBRecon said:
Here is more example. No guarantee it works for you, it's highly specific to my device probably
Click to expand...
Click to collapse
That Looks amazing!! Gonna play with it and try Mc Donnalds etc..
Hi!
Here is a quick tutorial on how to hijack account. NOTE THAT IT'S FOR EDUCATIONAL PURPOSES AND IILLEGAL
What this requires
Your android phone must be rooted/unlocked.
You must be on the same network as the person you want to hack into.
The person must be currently using Facebook on the computer
Note*: It won’t work if the person is using https security option in Facebook.
Step By Step tutorial
1. Once you have unlocked/rooted phone, you need to download the .apk file from here
Moderator edit: link removed as we do not do illegal stuff here
. It’s free for the first three accounts you get into.*Note*: If you want to get the unlocked version of the app then you'll have to pay to Unlock it, or you can google search for cracked version.
2. Once the app is downloaded, install it and then connect the Wi-Fi of your victim.
3. Open the app and press the start button on the top. If it ask you to allow permission for the app, do so.
4. It will now be monitoring activity. Anyone who uses Facebook/ YouTube/twitter/amazon on the network you are connected *to will show up on your phone. Simply click on them and you will be logged in into their account. Note : It might take 2-3 minutes to load up the screen. So have patience.
5. If nothing is showing up, try using stealth method in app. Some rooters prevent these kinds of hacks; stealth method will attempt to bypass this.
That's All! Enjoy!
Sent from my Nexus 7 using XDA Premium 4 mobile app
Thread closed ... We simply do not do this stuff here.
Hello!
Is there any free app which records recieved/sent text messages (default app/hangouts/whatsapp) aswell internet activity. Also it must be able to send e-mails or access it online so the teenager doesnt know of such app.
Theres teenage kid whos not getting her phone useless I can get some kind of app on her phone...
I tried KidLogger, but it doesnt support text messages in free version.
Stiflerlv said:
Hello!
Is there any free app which records recieved/sent text messages (default app/hangouts/whatsapp) aswell internet activity. Also it must be able to send e-mails or access it online so the teenager doesnt know of such app.
Theres teenage kid whos not getting her phone useless I can get some kind of app on her phone...
I tried KidLogger, but it doesnt support text messages in free version.
Click to expand...
Click to collapse
There are many security apps for android that do just what you want that people put on their own phones to find it when it has become lost or stolen. The best options may likely be paid apps but you definitely get what you pay for.
The most secure versions that I have seen are installed on a "rooted" phone where they can be installed to the system partition of the Android OS and remain hidden and unaccessible to the user. When installed this way I think that even a factory reset will not remove them where as all apps added normally will be wiped out.
Sent from my Galaxy Nexus using Tapatalk
Keylogger/Parental control
Stiflerlv said:
Hello!
Is there any free app which records recieved/sent text messages (default app/hangouts/whatsapp) aswell internet activity. Also it must be able to send e-mails or access it online so the teenager doesnt know of such app.
Theres teenage kid whos not getting her phone useless I can get some kind of app on her phone...
I tried KidLogger, but it doesnt support text messages in free version.
Click to expand...
Click to collapse
Many parental control tools can be used by you such as iKeMonitor. This software can record text messages, phone calls WhatApp and websites visited and it runs in total stealth mode. You don’t have to worry you kid will detect because it’s hard to find out. You can have a free trail.
Key loggers are against the law in many places and as such against the rules. Thread closed