Example: Capture FireTV Update Image URL
My Setup
Software:
sloane-5.2.1.1-rooted_r1
Xposed Framework (Xposed-v87-sdk22-arm64)
Xposed Installer 3.1.1
JustTrustMe V.2 (Xposed Module/Disables SSL certificate checking)
Packet Capture 1.2.3
Hardware: FTV2, Mouse+Keyboard
1. Boot into recovery, install Xposed Framework, wipe Cache/Davlik Cache and reboot
2. Sideload Xposed Installer, JustTrustMe and Packet Capture
3. Activate the JustTrustMe Module in xposed and reboot
4. Connect via adb and clear com.amazon.device.software.ota Package cache
Code:
adb shell pm clear com.amazon.device.software.ota
5. Open Packet Capture
6. Skip "SSL Decryption"
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
7. Start Capturing
8. Go to FTV Settings and search for Updates
9. Open Packet Capture and find Outgoing Traffic from package com.amazon.device.software.ota
10 Click "HTTP"
11. Scroll down and Save the Result as Textfile
Profit
Okay, I'll bite. What can you do with that captured information?
Thanks for the guide, I normally use a hotspot with Wireshark sniffing url, but this seems easier. The url is much appreciated for 5.2.4.0 as some devices like mine take a month to get the update
From the screenshot the url was
https://amzdigital-a.akamaihd.net/o...sloane_full_sloane-551203220-to-565189620.bin
Sizzlechest said:
Okay, I'll bite. What can you do with that captured information?
Click to expand...
Click to collapse
You can basically sniff all HTTPS traffic, this is useful in gaining the url of the OTA files, as we can see the firmware image and try to make this in to a TWRP flashable zip.
Additionally, if your on stock recovery, you can directly flash the zip.
Hi there!
somehow this guide does not work for me. Installing the xposed framework sdk22 as arm64 always leads to the error:
-Wrong platform: arm
-this file is for: arm64
I even downgraded to your 5.2.1.1 rom and also tried it with the recent prerooted 5.2.6.3 rom with the same results.
Installing the arm (not arm64) sdk works here. But then the sideloading of XposedInstaller.apk fails. Either way I cannot reproduce your steps and results, unfortunately.
Is there another way? I tried it with wireshark, but wireshark would only display the hostnames, hence the whole download URL is unknown then. Or is there a way to decrypt the wireshark logs further than only showing the hostnames without deeper destination?
Would it be possible to get that to work on fire tv 4k ?
Related
"XPrivacy can prevent applications from leaking privacy sensitive data. XPrivacy can restrict the categories of data an application can access. This is done by feeding an application with no or fake data. There are several data categories which can be restricted, for example contacts or location. For example, if you restrict access to contacts for an application, this will result in sending an empty contact list to the application. Similarly, restricting an application's access to your location will result in a set location being sent to the application."
more info on the original xda thread, or github. The authors describe how it is better than other privacy solutions.
xposed installer is a framework for modules (such as xprivacy). This has the potential to allow tremendous customization of your ROM without having to flash a custom ROM.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Basic Info
1. requires xposed installer (which requires root access) before installing xprivacy (i.e. both files need to be installed)
2. files are designed for Android 4+, but there is a version that works with Gingerbread (android 2+)
3. will work on almost any android ROM. Works on my locked, stock, 2.3.4 sprint ROM.
How to install:
First step for everything you do: Create a nandroid backup and make sure you know how to restore it!
For the framework:
1. Download XposedInstaller.apk (for the corresponding version android ROM you have) and install it
2. Launch the Xposed Installer, go to the "Framework" section and click on "Install/Update"
3. Reboot
4. Done!
For any modules you want to install:
1. Download <module>.apk and install it (get the version for your corresponding android ROM)
2. Launch the Xposed Installer and go to the "Modules" section
3. Enable the module by checking the checkbox (verification stage)
4. Reboot
5. Done!
credit: rovo89, M66B, liudongmiao, et al.
Requires root?
If you have a Sprint stock, locked rom, how were you able to load this program without root access?
armoredsedans said:
If you have a Sprint stock, locked rom, how were you able to load this program without root access?
Click to expand...
Click to collapse
The bootloader is locked, but the ROM is rooted (i.e. has superuser privelages).
There is a new xposed module (backported to gingerbread) that fixes an android "master key" security hole.
Its nice to be able to get security fixes like this since Sprint/Motorola no longer support this device.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Introduction
microG GmsCore is a FLOSS (Free/Libre Open Source Software) framework to allow applications designed for Google Play Services to run on systems, where Play Services is not available. If you use your phone without GAPPS this might become a useful tool for you.
microG GmsCore is one of the two core components of the microG project. His job is to replace the Gapps (you'll continue to use the PlayStore), thus giving you a longer battery life and performance without loss of resources.
This is not software developed by me, I'm just sharing the file.
Note: Only use crDroid/BeanStalk or Xposed (Use this module Fake Gapps and ignore item 3 on guide)
GUIDE – DO NOT INSTALL ANY GAPPS PACKAGE!
1. Install MicroG.zip via TWRP
2. Reboot system
3. (User of BeanStalk ignore this item) Go to Settings:
→ crDroid Settings
→ Miscellaneous
→ Allow signature spoofing (Enable the option) (Look!)
4. Open the microG Settings
→ System grants signature spoofing permission (Enable the option) (Look!)
5. Close the app
6. Open PlayStore and add your account
7. Enjoy
XDA:DevDB Information
microG GmsCore, App for all devices (see above for details)
Thanks: MicroG.org (Official site the MicroG Team)
Version Information
Status: Beta
Version: 0.2.4
So.. this will only work on crDroid?
teckgiik101 said:
So.. this will only work on crDroid?
Click to expand...
Click to collapse
Other ROMs work as well, but Xposed is not compatible with Nougat, so it is impossible to use the module to enable Fake Signature.
Already installed gapps, how to uninstall?
I already have open gapps installed, do I need to uninstall it before flashing this? Or do i have to clean wipe again?
Found the answer (incase others have the same doubt):
You will need to (from Recovery - In the order listed):
Manually wipe (format) your System partition
Flash your ROM
Flash The desired GApps package(microG package)
Wipe Dalvik & cache
Reboot
NOTE: You won't lose any of your data or application settings using this method.
Add this to the OP, just incase!
I can not sync contacts
Hey guys,
I want to enable https on my sm-g900f for my local developer environment, so I created my own self signed root CA certificate. With this cert I sign my local server certificates.
Everything works fine on my desktop devices but not on my android mobile phone.
If I create a rootCA.crt file and convert it to binary .DER type, I'm able to install it on my phone via Settings / Security / Credential storage / Install from storage. HTTPs works now in all browsers and I can see that the cert has been addedd successfully to the Settings > Security > Trusted Credentials > User store. But then I get the "your network may be monitored" warning.
In order to get rid of it I followed the steps described in this thread. The only difference was that my user certs location is /data/misc/user/0/cacerts-added.
After gaining root access and moving the cert via ADB to /system/etc/security/cacerts/ (including chmod and chown) the warning disappeared and I can see that my rootCA is enabled under Trusted Credentials > System*.
As soon as I remove the beforehand added rootCA under Trusted Credentials > User, the warning disappears but https is not working anymore. Chromium gives me this:
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
Anyone know why my phone/android shows this behaviour?
*(for experts only: also wondering why system/etc/security/cacerts are being displayed as plain ascii text with full cert info although android requires binary format for CA cert?)
For those interested I'm sharing the solution:
Here's what I did to solve this:
(1) flashing my sm-g900f with odin v3.12.4-4 and latest twrp 3.3.0-0-klte
(2) backup relevant data, wipe system/cache/... with twrp afterwards
(3) flash 16.0-nightly-klte addonsu-16.0-arm open_gapps-arm-9.0-nano-20190428
(4) install certificate via security settings options. Shown as 'user cert' but no warning message and ssl works now
Thanks to JW09I4 for helping me out and guiding me through the process of updating my phone.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
If you want to use Bank Apps (Like Google Pay, Paytm or Paypal) or Games (like pubg or cod) are Crashing
then this Forum will help you alot.
Follow the Steps Carefully
* I are not responsible for anything that may happen to your phone
* You do it at your own risk and take the responsibility upon yourself and you are not to blame me or XDA
• For basicIntegrity
1) Open Magisk Manager
2) Go to the Settings
3) Enable Magisk Hide and Click on Hide Magisk Manager
4) Type Desired App Name and click on OK
5) Open Magisk Manager again
6) now basicIntegrity: true
• For ctsProfile
1) Open any Root File Manager
2) Now open/edit build.prop (all 3 files)
---- Location : [/system] , [/system/vendor] and [/system/vendor/odm/etc]
3) Replace all dreamlte to greatlte[for note 8]/dream2lte[for S8+]
---- eg: ro.system.build.fingerprint=samsung/greatltexx/dreamlte [replace with greatlte/dream2lte]
4) Save and Reboot the Device
5) Open Magisk Manager
6) now basicIntegrity: true & ctsProfile: true
Now if you want to use Bank Apps or fix Game crash then
1) Open Magisk Manager
2) Go to Magisk Hide and Select/Check the Bank App/Games
3) Make sure to Clear the Cache of the App.
RESERVED for future
There is a magisk module for this.
MagiskHide Props Config.
I don't know exactly but I guess the problem is about note 8 don't get android 10. So if we show our phone like note 9 (is get android 10) problem gone.
Before im try this, im using app and module like riru and hiden core module to fix SafetyNet. But after im install module riru and hiden core my Chrome App doesnt open.
After try this method, im pass the SafetyNet and my Chrome can be opened as normaly
This will not give you the opportunity to make a full backup, but it will partially allow you to get into the cloud and save your data. I was able to create a backup on the Honor 50 and after that I restored it on the Huawei tablet.
{
"lightbox_close": "Close",
"lightbox_next": "Next",
"lightbox_previous": "Previous",
"lightbox_error": "The requested content cannot be loaded. Please try again later.",
"lightbox_start_slideshow": "Start slideshow",
"lightbox_stop_slideshow": "Stop slideshow",
"lightbox_full_screen": "Full screen",
"lightbox_thumbnails": "Thumbnails",
"lightbox_download": "Download",
"lightbox_share": "Share",
"lightbox_zoom": "Zoom",
"lightbox_new_window": "New window",
"lightbox_toggle_sidebar": "Toggle sidebar"
}
1. Naturally, you must have Huawei HMS Core services
2. Perhaps there should be a frame
3. Install this version of the cloud (you can't update, only it works)
4. After installation, immediately open and give all permissions except geolocation (I gave it to it, but it seems to me that it interferes)
5. To log in to the cloud, you have two options
1: Through the button in the curtain
2: Installation Manager tab in AppGallery
6. Two buttons do not work, "Settings" and "Memory Management", you should not touch them - the cloud flies out of control
7. We saw the cloud, but they don't allow us to make a backup, the program writes an error both during recovery and when trying to create a backup, the "System Dispatcher" prevents us from doing this.
8. In developers, we set to allow debugging and debugging only when charging. Install ADB AppControl on the PC, connect the phone through it and remove the ADB "System Dispatcher".
9. After the backup, the dispatcher must be returned, without it we lose battery control, etc.
The data is saved only partially: contacts, messages, photos, videos and some programs. I can't save the settings because the dispatcher is turned off. I'm sorry, I'm writing through a translator, I hope it's clear.
Hey there I'm trying to install the cloud app into my honor 50 but I'm always getting this error. Do you have any idea what is the conflicting app? is a while that I am trying to figure it out but I am unable. T
hank you
synescu said:
the conflicting app?
Click to expand...
Click to collapse
I had a conflict if I tried to install "Files" from Huawei first. If you did not install this, then try to install from a third-party file manager, I put all of the X-plore.