I am thinking of rooting my Oneplus 8 Pro but I would like to know if there is currently a ROM that allows me to:
have automatic call recording (maybe even with google dialer or third-party programs)
have the possibility to exploit the "infrared camera" at 100%
have the latest version of android (11) and related security patches
it's possible?
Thanks.
You can enable Call Recording with ADB you don't need root for that.
Code:
Use this code at your ADB shell:
adb shell settings put global op_voice_recording_supported_by_mcc 1
Using infrared camera is also avaliable with ADB
Code:
I think this is the only solution so far. With root you can just use this FactoryTool without pasting command. There is no a quick solution to use it in normal camera app.
adb shell am start -n com.oneplus.factorymode/.camera.manualtest.CameraManualTest
I already using OnePlus's latest OpenBeta's, they have mostly latest security patches. They are coming like 25th day of that month, you are using security patch a bit old but anyway I think it's fine, thats depends on you what you'll do with phone and considering are you really need that security patch that hard. Most of phones are getting them nearly per quarters of year.
And after unlocking bootloader is damn hard to hide from apps in Android 11. I was rooted like a month ago and I just give up. Thats not worth the effort you give. I used with root like a week than I realized I can do most of stuff I'm doing at phone without root/unlocked bootloader but I cannot do banking with root/unlocked bootloader. I think is the best part of rooting is you can backup your persist and modem partition if something goes wrong with your firmware in future you don't needed to deal with OnePlus's ****ty RMA process, they are this close to screw all persist partition.
If you have further questions I'll gladly answer them And If you want to root be sure to NOT use pre-modded boot images, they can broke all you fingerprint, camera, axonometry, gps sensors. Have a great day...
emirefek said:
You can enable Call Recording with ADB you don't need root for that.
Code:
Use this code at your ADB shell:
adb shell settings put global op_voice_recording_supported_by_mcc 1
Using infrared camera is also avaliable with ADB
Code:
I think this is the only solution so far. With root you can just use this FactoryTool without pasting command. There is no a quick solution to use it in normal camera app.
adb shell am start -n com.oneplus.factorymode/.camera.manualtest.CameraManualTest
I already using OnePlus's latest OpenBeta's, they have mostly latest security patches. They are coming like 25th day of that month, you are using security patch a bit old but anyway I think it's fine, thats depends on you what you'll do with phone and considering are you really need that security patch that hard. Most of phones are getting them nearly per quarters of year.
And after unlocking bootloader is damn hard to hide from apps in Android 11. I was rooted like a month ago and I just give up. Thats not worth the effort you give. I used with root like a week than I realized I can do most of stuff I'm doing at phone without root/unlocked bootloader but I cannot do banking with root/unlocked bootloader. I think is the best part of rooting is you can backup your persist and modem partition if something goes wrong with your firmware in future you don't needed to deal with OnePlus's ****ty RMA process, they are this close to screw all persist partition.
If you have further questions I'll gladly answer them And If you want to root be sure to NOT use pre-modded boot images, they can broke all you fingerprint, camera, axonometry, gps sensors. Have a great day...
Click to expand...
Click to collapse
Thank you very much for the reply.
I have the latest version of android 11 released not even a month ago (updated to the latest security patches).
With this version do you think I can unlock registration via ADB with the command you gave me?
As for the infrared camera, using that ADB command would I be able to use it through the official oneplus "camera" app?
I also wouldn't want to root for any problems with banking apps and the like, so if I could fix that it would be better.
Thank you again.
emirefek said:
You can enable Call Recording with ADB you don't need root for that.
Code:
Use this code at your ADB shell:
adb shell settings put global op_voice_recording_supported_by_mcc 1
Using infrared camera is also avaliable with ADB
Code:
I think this is the only solution so far. With root you can just use this FactoryTool without pasting command. There is no a quick solution to use it in normal camera app.
adb shell am start -n com.oneplus.factorymode/.camera.manualtest.CameraManualTest
I already using OnePlus's latest OpenBeta's, they have mostly latest security patches. They are coming like 25th day of that month, you are using security patch a bit old but anyway I think it's fine, thats depends on you what you'll do with phone and considering are you really need that security patch that hard. Most of phones are getting them nearly per quarters of year.
And after unlocking bootloader is damn hard to hide from apps in Android 11. I was rooted like a month ago and I just give up. Thats not worth the effort you give. I used with root like a week than I realized I can do most of stuff I'm doing at phone without root/unlocked bootloader but I cannot do banking with root/unlocked bootloader. I think is the best part of rooting is you can backup your persist and modem partition if something goes wrong with your firmware in future you don't needed to deal with OnePlus's ****ty RMA process, they are this close to screw all persist partition.
If you have further questions I'll gladly answer them And If you want to root be sure to NOT use pre-modded boot images, they can broke all you fingerprint, camera, axonometry, gps sensors. Have a great day...
Click to expand...
Click to collapse
I tried with the two ADB controls for recording and the camera.
The first one enables me the recording menu in the options, but in fact, despite having enabled the automatic recording, it does not record anything, the option appears on the dialer screen.
I think it is blocked for my country (Italy), is there any way to unblock it?
I was able to record the call. Stupidly I hadn't set the oneplus dialer as the default one. Now I wonder if there is a way to record calls with google too?
As for the room, on the other hand, even when photochromic is selected, it simply tells me that I have to be outdoors and in more illuminated environments.
I managed to enable the camera too: D
My only doubt now is if it is possible to make call recording work with the google dialer or, with the google dialer + external programs (like CubeACR).
ChIP_83 said:
I tried with the two ADB controls for recording and the camera.
The first one enables me the recording menu in the options, but in fact, despite having enabled the automatic recording, it does not record anything, the option appears on the dialer screen.
I think it is blocked for my country (Italy), is there any way to unblock it?
I was able to record the call. Stupidly I hadn't set the oneplus dialer as the default one. Now I wonder if there is a way to record calls with google too?
As for the room, on the other hand, even when photochromic is selected, it simply tells me that I have to be outdoors and in more illuminated environments.
I managed to enable the camera too: D
My only doubt now is if it is possible to make call recording work with the google dialer or, with the google dialer + external programs (like CubeACR).
Click to expand...
Click to collapse
You need to do your research yourself about Recording in Google's dialer. I'm not using it actively. I hope you'll find a way. And quick tip. After opening IR camera with ADB try to lock camera app from recently apps menu. With that you can use after a while without re-running command. And don't forget to share HowYouDid after figuring out recording at Google's Dialer. Have a great day!
You can enable Call Recording with ADB you don't need root for that.
Click to expand...
Click to collapse
You can't use call recorder on Android 11 in certain countries - Poland for example. I will try to go back to Android 10 ( Oxygen ).
Only way to get infrared is to roll back to 10.5.9 I think it is, I'm in the UK so that was the last one to work for me.
In regards to the camera on 11 it's quite simple but not the same..
Just obtain factory mode via the above method or several others, then you have two options.
Either use *#808# then go to the camera test page and use the 4th camera, then take screen recordings or screen shots (that's what I use) as it's the quickest way Vs the command to open it each time
Or
Download the app from the play store for the photchrom camera and use that which gives an interface for the same thing but has more options, simply cycle the camera using the flip button (bottom right)
OnePlus 8 Pro Photochrom[ROOT] - Apps on Google Play
OnePlus 8 Pro Photochrom Camera for ROOTED devices & OxygenOS 10.5.11 or 11
play.google.com
Call recording I have this by default.
If you're in a region like Australia then it may be blocked, AFAIK most places allow it.
emirefek said:
You can enable Call Recording with ADB you don't need root for that.
Code:
Use this code at your ADB shell:
adb shell settings put global op_voice_recording_supported_by_mcc 1
Using infrared camera is also avaliable with ADB
Code:
I think this is the only solution so far. With root you can just use this FactoryTool without pasting command. There is no a quick solution to use it in normal camera app.
adb shell am start -n com.oneplus.factorymode/.camera.manualtest.CameraManualTest
I already using OnePlus's latest OpenBeta's, they have mostly latest security patches. They are coming like 25th day of that month, you are using security patch a bit old but anyway I think it's fine, thats depends on you what you'll do with phone and considering are you really need that security patch that hard. Most of phones are getting them nearly per quarters of year.
And after unlocking bootloader is damn hard to hide from apps in Android 11. I was rooted like a month ago and I just give up. Thats not worth the effort you give. I used with root like a week than I realized I can do most of stuff I'm doing at phone without root/unlocked bootloader but I cannot do banking with root/unlocked bootloader. I think is the best part of rooting is you can backup your persist and modem partition if something goes wrong with your firmware in future you don't needed to deal with OnePlus's ****ty RMA process, they are this close to screw all persist partition.
If you have further questions I'll gladly answer them And If you want to root be sure to NOT use pre-modded boot images, they can broke all you fingerprint, camera, axonometry, gps sensors. Have a great day...
Click to expand...
Click to collapse
VERY USEFUL.
Do you know where we could find more "tricks" like those??? They're great!
Donno if anyone chimed in bit I'm using mobile banking with zero issues rooted. If done right it all works proper. The main reasons for me to root are to force chat heads. (Exposed) change the dpi (much more real state ) gravity box(volume skip screen off with no issues ran through exposed) along with a few other things inside gv.
Button mapper for screen on volume skips (usually cannot get it to work right for screen off long press skipping but this with gravity box is a seamless long press setup) titanium backup to freeze a few things.
There's an app for root that allows you to basically shut all sensors and everything per app. Xprivacy or some thing other)
I can't not lol
Related
Is the sideloading wonder machine still working with Atrix? Based on my understanding, that wonder machine needs to work with HTC sync, right?
Can Atrix works with HTC sync?
I just hate AT&T lock the function to install the 3rd party app. It is just non-sense and means we can't play the HD games from Gameloft...just a waste for such a good spec if we can't play high quality games on it.
Wake up! AT&T
May be a stupid question, but why do you need a separate app to install apks? Can't you just copy them to SD and use any explorer like AndroZip to install them? If not, why can't you just use adb that comes with the sdk?
According to Anandtech's review of the phone, installing apks from the sd card is not possible, but you can simply install anything via adb (so no HTC Sync and exploiting needed).
AFIK the Amazing Side Loader Machine just uses adb commands with a friendly gui shell. So since you can use adb commands to install, the side loader machine should work if your adb drivers are properly configured.
Moved to general as not android development
excuse me but how is it possible they reach to block installation of third part apps? In all android phones you can go to setting>applications>manage applications: there is a check box that allow you to load apps from any source. Is it possible to block this feature? I don't think so.
All AT&T Android phones have that option (and checkbox) removed and non-market installs are not possible through the Android OS. Even the Dell Streak was blocked like this and it was 4 months before it ever saw an AT&T retail store.
Apps can only be installed via adb push commands, or through the official Android Market. (or through the Amazing side loader....blah, blah...)
Rooting your phone does NOT fix this.
So yes I do think so, and you are excused.
;-)
mercuryzzz said:
excuse me but how is it possible they reach to block installation of third part apps? In all android phones you can go to setting>applications>manage applications: there is a check box that allow you to load apps from any source. Is it possible to block this feature? I don't think so.
Click to expand...
Click to collapse
Thanks. So far, I can use sideloading wonder machine to install 3rd party app into my HTC inspire. Not a problem.
As long as the issue solved, then the Atrix is a must buy.
a042349 said:
All AT&T Android phones have that option (and checkbox) removed and non-market installs are not possible through the Android OS. Even the Dell Streak was blocked like this and it was 4 months before it ever saw an AT&T retail store.
Apps can only be installed via adb push commands, or through the official Android Market. (or through the Amazing side loader....blah, blah...)
Rooting your phone does NOT fix this.
So yes I do think so, and you are excused.
;-)
Click to expand...
Click to collapse
ok so we can use adb or sideloading wonder machine to sideload apps. So this problem is already solved. It remains the problem of locked bootloader: I read zroot could work, we will see. i will buy it from USA (because it's really cheap there considering exchange $ to €) only IF it will be rooted and custom roms will be available.
a042349 said:
All AT&T Android phones have that option (and checkbox) removed and non-market installs are not possible through the Android OS. Even the Dell Streak was blocked like this and it was 4 months before it ever saw an AT&T retail store.
Apps can only be installed via adb push commands, or through the official Android Market. (or through the Amazing side loader....blah, blah...)
Rooting your phone does NOT fix this.
So yes I do think so, and you are excused.
;-)
Click to expand...
Click to collapse
I think you could edit the settings.db to allow it even though the checkbox is removed. It's pretty straightforward once you have root access and can edit that file.
WARNING: I am not responsible for any bricked devices caused by attempting this howto. If you haven't read this how to twice, and fully understand the requirements, then please don't attempt it.
Introduction (not important):
First, this may not be the best way to do this, and if someone knows a better way, I'll be happy to listen.
I kinda stumbled across this solution after trying the many other ways to solve the problem, but all the other ways seemed to have something incomplete with them and ended with no ADS, but no something else, like rotating lock screens or something.
I started with the assumption that the ADS program (dtcp) can be disabled through a flag somewhere on the system, for if you pay the extra $20 you get a kindle with no ADS, but same Android build. After looking through lots of sqlite databases I found it in the com.android.providers.settings/settings.db file.
Prerequisites:
Basic knowledge of databases
SQLite Editor Pro (Free on 1Mobile Market)
DroidWall
Steps:
Open SQLite Editor
Open "Settings Storage" (com.android.providers.settings)
Open settings.db
open "global" table
Highlight entry "IS_DTCP_ENABLED"
Click the Edit Record button at the top
Change the value from a 1 to a 0
Click Save
Go back
Make same change on the "secure" table
Reboot kindle for new options to take effect.
Other Thoughts:
This just changes the value temporarily until the device checks back in with Amazon and then the value will get overridden again with the correct value. To prevent that install DroidWall and whitelist only the applications you need to access the internet. DroidWall requires root, which is why root is in the subject. But you should be doing this anyways to prevent OTA updates.
cool
Does this mean that you will now get the rotating native wallpapers that you would have if you paid for the dismissal of the ads? Currently I use adaway on my s4 hotspot and the only one I blacklist is (spectrum.s3.amazonaws.com) this has blocked updates because I am still on old software with no other blocking in place and I have noticed it also has blocked rotateing ads accept I have the same 1 at all times.
Edit: YAY !!!! and yes I now have rotating native wallpapers
Btw thank you for sharing and it is quite refreshing to see a new member join to share useful information in a well thought out and presented OP and not just join to start a thread with a question that is the heading of so many other threads that has been beat to death already..burying perfectly good information..thank you for joining us at XDA!
Awesome!!!! have been looking for a way to do this without factory reset for a while! You da man! Gonna spam that thanks button for a while lol
Thanks so much, that was easy!
Mind after a few days .2 went straight black lock screen
Anyone know what exactly I need to enable in droidwall to have internet but no ota updates or Amazon changing the lock screen back to ads?
Uhg
This mod works fine. No ads, rotating wallpapers appear every time. No reversion to black screen. No need for Droidwall. Use of Droidwall is impractical for this purpose. Who knows what not to include in some giant white list?
It appears that the wallpapers will continue to appear without reversion if you have blocked updates using the root kit.
earlgrey_44 said:
This mod works fine. No ads, rotating wallpapers appear every time. No reversion to black screen. No need for Droidwall. Use of Droidwall is impractical for this purpose. Who knows what not to include in some giant white list?
It appears that the wallpapers will continue to appear without reversion if you have blocked updates using the root kit.
Click to expand...
Click to collapse
Sorry, what's the root kit?
dras99 said:
Sorry, what's the root kit?
Click to expand...
Click to collapse
First link in this post:
http://forum.xda-developers.com/showpost.php?p=53451623&postcount=3
I assume the block update action from the rootkit is responsible for the lack of reversion to ads since I haven't done anything else except the steps I outlined in the post and the data base tweaks explained above. My kindle has been running for 5 days now without ads and with the startup wallpaper.
earlgrey_44 said:
First link in this post:
http://forum.xda-developers.com/showpost.php?p=53451623&postcount=3
I assume the block update action from the rootkit is responsible for the lack of reversion to ads since I haven't done anything else except the steps I outlined in the post and the data base tweaks explained above. My kindle has been running for 5 days now without ads and with the startup wallpaper.
Click to expand...
Click to collapse
I also blocked updates with the root kit. Then I followed this tutorial and it worked great however it did revert back to adds after a reboot or 2.
conan1600 said:
I also blocked updates with the root kit. Then I followed this tutorial and it worked great however it did revert back to adds after a reboot or 2.
Click to expand...
Click to collapse
Strange! What's different about my install I wonder?
earlgrey_44 said:
Strange! What's different about my install I wonder?
Click to expand...
Click to collapse
I'm left scratching my head over that as well. Tomorrow I will re run the ota block script as I'm now concerned that it perhaps did not do something correctly. I did check for updates and it says last update failed but better safe than sorry. I DO NOT want to end up getting updated again. I finally have this tablet running rather nicely and am quite satisfied with most aspects. Still need much more customization options but it's serviceable now. And this tablet has always had the best touch input response of any I've ever used. I'd hate to have to throw it back in the closet.
I am getting now BLACK SCREENS. Any way to change this?
Script
For anyone who wants to run this from command line (e.g. on reboot or network change event) you can create a script like below and use SManager to run it periodically. You will first need to install sqlite3 binary (google "SQLite Installer for Root").
Here is the script that needs to be executed as root:
Code:
#!/system/bin/sh
sqlite3 -batch /data/data/com.android.providers.settings/databases/settings.db "update global SET value='0' where name='IS_DTCP_ENABLED'";
sqlite3 -batch /data/data/com.android.providers.settings/databases/settings.db "update secure SET value='0' where name='IS_DTCP_ENABLED'";
Edit: I DID IT! DRM is fixed...
Here we go: https://forum.xda-developers.com/xz...hack-mod-sony-xperia-xz-premium-twrp-t3695171
Hello forum community,
Hello developer,
Maybe you've read the last few weeks already that I am currently looking for a solution for the limitations after an unlocked bootloader. Previous solutions (DRM recovery by Tobias Waldvogel and others) unfortunately do not work, since various libraries and other system data have changed. Also in the TrustZone there are various changes, which lead to the fact that previous solutions no longer work.
For some time, I'm busy with the Sony system protection. Although I am very experienced in the field of reverse engineering, but unfortunately I have little experience with the procedure with Android systems, especially with Sony.
I would like to take the opportunity in this thread to exchange ideas with other users about the possible solutions. In order to better understand the connections and thus possibly find a gap in the system, it would be good if we share our knowledge about Sony DRM. What files might be patched, what dependencies exist, ...
It would be great if we could work together and maybe get a DRM fix for the XZ Premium.
Cheers!
To the moderators: I hope the thread is okay. If not, please just lightly hit the back of the head. Thank you!
Thanks for creating a thread for this. I have an interesting question. You may have looked a while back at the one thread with a working Google Camera build. Is there any idea as to why it worked? Maybe instead of fixing DRM, we can work around it.
cdnutter said:
Thanks for creating a thread for this. I have an interesting question. You may have looked a while back at the one thread with a working Google Camera build. Is there any idea as to why it worked? Maybe instead of fixing DRM, we can work around it.
Click to expand...
Click to collapse
Yepp, it's my own thread. The working Google camera is just a compensation for unlocked/rooted users. Because after you unlock/root your XZP, the camera doesn't work (green pictures). It's not working with full supported "specials" from Sony. The resolution of the images is smaller, too. The 3rd-party camera apps are using their own image processing and/or the API to the system camera. So with Google camera or other Apps, we can take pictures, but in relatively bad quality because the resolution for 3rd-party apps is locked by Sony. Other apps are using the system camera with a "light mode" of it. So they take pictures without special effects, but with the stock camera, so you have a green pic after your shot.
So... The big problem is: Without hacking/patching/fixing the Sony device security (DRM/TrustZone) we can not use the full features of the camera. I don't understand why Sony is so bad to their customers, because their "special camera algos" are absolutely not interesting to me. But it's really bad to lock down the whole camera (green pictures). If they would only lock their own algos, it would be absolutely okay (because otherwise other vendors could copie them). But Sony... No... That's not the way to hold customers at a company. If I unlock/root my phone, I want to use the hardware like i want to. And if I install my own camera app with own functions, I don't need the Sony algos. The pictures would be nice, too. I think that's the reason why Sony did that on XZP...
My idea a few days ago was that we could try to port other camera to the stock XZP firmware. Something like Snapdragon Camera (used in AndroPlus AICP for XZP). But my knowledge about that is to bad. I did a few things to test something like that, but everything I tried crashed. I think we would need to patch the driver, libraries, cameraserver and other binary to get a full unlocked camera, that works without Sony. I am a freak on Windows systems, web applications and PC software. But on Android I must pass if it goes to "hacks" like these... sorry.
But... okay... let's find a way to "crack" that security (that's my passion on win/web)... anyway.
What I have been asking myself for some time is why Sony should make so many changes to the system on a single device. Other devices that have also been introduced to the market in this vehicle can be patched with the Tobias solution. If, therefore, Sony had made fundamental changes to the security of the devices, then theoretically all new devices would be affected.
I have compared the XZ Premium with the XZ and the XZs. I had to realize that different libraries and applications have changed. And that's the reason why the DRM fix doesn't work in it's form.
The binary file:
/system/bin/secd
The libraries in /system/lib/ :
- libcredential-manager-service.so
- libdevice_security.so
- libsuntory.so
The libraries in /system/lib64/ :
- libcredential-manager-service.so
- libdevice_security.so
- libsuntory.so
These are high relevant files for the device security in relation to Sony DRM. The "secd" uses "libsuntory" and checks if the keys are stored, active and legit.
The main differences I found, were...
- The secd was merged with other binaries. The old size was ~150 KB and in XZ Premium it's ~1130 KB. I think they merged other functions from old libraries to the file, because they did that to other files, too.
- The old secd uses libtee.so and the new one uses libQSEEComAPI.so. And that's the big problem I think.
I will try to patch the relevant files and test if it works. With modified libsuntory I was able zu manipulate the blob status from "generic error" to "blobs not found". So maybe there is a way to fix this.
Hahaha...
Nice job Sony! I patched the whole libsuntory.so to get "all fine here" everywhere (~300 patches in ONE f*** library!). On the half way it's working and I was really happy to be on the right way - I can manipulate the status of CKB. Buuuuuuuuuuut....
If I am right in my thinking, then Sony uses backup tests and checks if there is some "huj huj huj" (you would laugh... that's really literally there in the functions) ongoing on the phone. So there (maybe) are backup tests in the TrustZone and in other system files, too. And the annoying part is, that if the system recognizes manipulations in relation to the security, some things will be dropped in hidden zones. After that the HUK is f*** up and the camera shows the typical "camera is used by another application" error. Funny is: Also the Google camera doesn't work anymore (green pics... hahaha). The only way to fix it, is flashing the system partition. Simply restore the original files doesn't work.
But... okay... That would have been tooooo easy. So let's check some other files, too. It's almost weekend and I think there will be a bit more time for some crazy things like this.
Why are you all so quiet?
Well, I've wanted to reply but didn't wanna clutter the thread since I can't help. Just know that you're amazing for putting your time on this and I love reading what you post.
You can absolutely count on me to donate if that's any motivation .
I'm not a dev so I have nothing useful to add, but I'm keeping my eye on this thread. Great work so far!
Whats required is someone to take lead and to distribute work. Create a list of possible avenues or things to look in to and let folk who have the ability to see whats going on then use that list to support the project.
sToRm// said:
Maybe you've read the last few weeks already that I am currently looking for a solution for the limitations after an unlocked bootloader. Previous solutions (DRM recovery by Tobias Waldvogel and others) unfortunately do not work, since various libraries and other system data have changed.
Click to expand...
Click to collapse
You might want to check the actual more recent one tbh.
You still need a root exploit for TA backup in the first place (and the lesser kernel being 4.4.21, it's not exactly a cakewalk), but still
mirhl said:
You might want to check the actual more recent one tbh.
You still need a root exploit for TA backup in the first place (and the lesser kernel being 4.4.21, it's not exactly a cakewalk), but still
Click to expand...
Click to collapse
My goal is to find a solution for already unlocked/rooted users (like me). A backup of the TA is useless, if the BL was unlocked before. So we have to find a way to simulate the key(s) or to crack the device security and gain uncontrolled access to functions in the TZ. Would be really nice if we could find a way to get temp root on unlocked devices, to dump the TA and get the original keys to mount them later. But there are a lot of users that have already unlocked.
Oh I see what you mean here. A noCD instead of emulating protection.
I hope you'll release as much info as possible ?
sToRm// said:
A backup of the TA is useless, if the BL was unlocked before.
Click to expand...
Click to collapse
Wait, why useless? All pre xzp devices was able to restore device to the lock state the same one like it was never unlocked. But xzp have that thing diferent?
munjeni said:
Wait, why useless? All pre xzp devices was able to restore device to the lock state the same one like it was never unlocked. But xzp have that thing diferent?
Click to expand...
Click to collapse
He said, if the bootloader has been unlocked already there's no point in backing up TA as the keys are already gone.
FartyParty said:
He said, if the bootloader has been unlocked already there's no point in backing up TA as the keys are already gone.
Click to expand...
Click to collapse
Yeeeeepp... So, why should I backup the TA and mount it if the key is already gone? If the key would be stored on a place somewhere and unlocking the bootloader would only effect that this place is inaccessable, then a relock, export and mount of the TA would be interesting for already rooted users. But if there is no key in the backed TA, mount it is useless. That's what I mean. I want to find a way to get the device thinking there is a valid key in the TA. Maybe it's possible with patching some system files.
@all
Is there somebody with a locked XZ Premium?
I would need a /system/build.prop file from an untouched phone. with working keys.
A friend wants to buy the XZP, too. Maybe I can get her phone to do some research on a unlocked system. I only have to persuade her :laugh:
This is from G8141_Customized CE1_1308-5321_45.0.A.1.229_R6A -> https://pastebin.com/J2qCCmpM I don't think there is something changed in case lock <-> unlock because of the dmverity!
The device key is used to decrypt credentials for various Sony apps. On older Sony phones (e.g. Z3C), there is over 200 credentials. While the device key is device specific, these credentials are not. The drm fix works by hardcoding these credentials and hooking the function to return them when they are requested. The original function would fail to get the credentials because the device key is missing.
Maybe Sony changed these credentials / added additional ones and that's why the drm fix is not working anymore.
Hi, I have a locked, untouched phone, happy to help, can I get the build.prop file?
https://drive.google.com/uc?id=0BzEmiGcuf7IiRnVURVoxaFQyaUk&export=download
This one is from an unlocked G8141 running 45.0.A.7.120 (in the case, there might be any differences to munjeni's version).
The reason why I asked for the build.prop is, that there are some properties which are checked in the secd. When I change them, the FIDO_KEY and ATTEST_KEY change from "Not provisioned" to "Provisioned" in the service menu.
Changed:
Code:
# FIDO key provision state and version
persist.keyprovd.fido.prov=false
persist.keyprovd.fido.version=0
# Attestation Key provision state and version
persist.keyprovd.attest.prov=false
persist.keyprovd.attest.version=0
# Suntory BLOBs have been processing state
persist.keyprovd.suntory.prov=false
to:
Code:
# FIDO key provision state and version
persist.keyprovd.fido.prov=1
persist.keyprovd.fido.version=0
# Attestation Key provision state and version
persist.keyprovd.attest.prov=1
persist.keyprovd.attest.version=0
# Suntory BLOBs have been processing state
persist.keyprovd.suntory.prov=1
Strange...
Hook the send function in credmgr and log the calls which have the first int of the buffer as 1. That's how the cred request worked in earlier versions. Would be interesting to see what's sent back.
Many of us don't have root and many of us also uninstalled may system apps, including Fire Launcher. That left us with some annoyances. One major annoyance was being kicked to the lock screen whenever we swiped away apps from the recent apps menu. Some people saw annoying flashes. Well this isn't quite a fix, but it pretty much takes care of the problem. You can now remove your lock screen completely and replace it at will and you do NOT need root access.
***WARNING: Touching any other settings on your tablet during this guide can cause a brick!!!***
1. Download and install Settings Database Editor.
2. Plug your tablet into your PC and open an ADB window. Enter the following:
Code:
adb shell pm grant by4a.setedit22 android.permission.WRITE_SECURE_SETTINGS
Step number 2 MUST be done in order for this to work.
3. Open Settings Database Editor and tap on the 'secure' tab at the top.
4. These settings are in alphabetical order. Scroll until you see:
Code:
"lockscreen_disabled" "0"
5. Change the 0 to a 1. DO NOT CHANGE ANYTHING ELSE
6. Close Settings Database Editor
Now turn off your screen. Now turn it back on. You are welcome! I have a few more tricks coming. Watch for some later!
IF THE ABOVE DOESN'T WORK, TO DISABLE LOCK SCREEN:
Code:
adb shell settings put secure lockscreen_disabled 1
ENABLE LOCK SCREEN:
Code:
adb shell settings put secure lockscreen_disabled 0
Both methods don´t work on my Fire HD10 2017.
tommes-d said:
Both methods don´t work on my Fire HD10 2017.
Click to expand...
Click to collapse
It worked almost instantly for me. Maybe wait a bit? Did you reboot? It won't work on every device. Doesn't work on my Galaxy S7.
Not working for me too (Fire HD 8 2016). Also, you've made a mistake: original setting name is "lockscreen.disabled" (dot, not an underscore).
sensboston said:
Not working for me too (Fire HD 8 2016). Also, you've made a mistake: original setting name is "lockscreen.disabled" (dot, not an underscore).
Click to expand...
Click to collapse
Disappointing. Today I got a good one though. I can't wait to get home and post a thread.
I know this isn't the correct forum for this but I tried this on a Fire 7 (2017) and it also does not seem to work.
is there an updated way to do this?
is there an updated way to do this?
edit: kindle fire 8 7th gen, confirmed not working.
Doesn't work on my Fire HD8. But while browsing through Settings Database Editor I have found something useful.
In the "Global Table" tab there's a setting called LOCKSCREEN_AD_ENABLED. Change the value from 1 to 0, save. Turn off screen, turn it on again --> ads are gone!
At least for a while...
Seems to be working on KFAUWI (Fire 7 7th Gen) on 5.4.0.0.
EDIT: Maybe it doesn't work with 5.4.0.1 and later?
It would be useful for those reporting success/failure to include not just device model, but fw version as well.
EDIT1: After some time playing around the system I have found out that by default it actually does not work, but if Global Table->"device_provisioned" = 0 then lock screen gets disabled, but serial number gets greyed out and developer options get disabled, while adb remains functional.
On 5.6.0.0 even change to "device_provisioned" did not disable the lock screen.
gabosius said:
Seems to be working on KFAUWI (Fire 7 7th Gen) on 5.4.0.0.
EDIT: Maybe it doesn't work with 5.4.0.1 and later?
It would be useful for those reporting success/failure to include not just device model, but fw version as well.
Click to expand...
Click to collapse
There are settings in the "private" class that override some of these lower ones, usually in favor their using their own software. I think most device stock settings are hidden for the purpose of favoring their own software. Though with Amazon, I scratch my head. Why spend the large amount of money, to install a high tech, customizable GPS system on devices, only to spend more money carelessly blocking your Access?
Sent from my Samsung Galaxy S4 using XDA Labs
DragonFire1024 said:
There are settings in the "private" class that override some of these lower ones, usually in favor their using their own software. I think most device stock settings are hidden for the purpose of favoring their own software. Though with Amazon, I scratch my head. Why spend the large amount of money, to install a high tech, customizable GPS system on devices, only to spend more money carelessly blocking your Access?
Sent from my Samsung Galaxy S4 using XDA Labs
Click to expand...
Click to collapse
That's fairly simple, the same goes for one of the iPhones (don't recall which gen exactly) which had two different models of radio chips, one of which did support LTE, but Apple decided to disable LTE support for that gen of the phone altogether.
Now more on the topic, checked the specs of all 7th gen tablets, indeed none of them seem to support GPS officially (for some reason I thought that HD8/HD10 might have it), but if they have the hw, it could be for testing purposes to test proprietary GPS related sw on development devices before introducing it in the next gen? Or simply they decided to drop it somewhere along the way but left the hardware (as we still have Serial/UART on some production devices nowadays, which are used only for debugging in the development stage).
On the other hand, where did you get the info that it actually has GPS related hardware? Because while exploring my device settings I only found a hint on A-GPS support (which is not proven).
gabosius said:
That's fairly simple, the same goes for one of the iPhones (don't recall which gen exactly) which had two different models of radio chips, one of which did support LTE, but Apple decided to disable LTE support for that gen of the phone altogether.
Now more on the topic, checked the specs of all 7th gen tablets, indeed none of them seem to support GPS officially (for some reason I thought that HD8/HD10 might have it), but if they have the hw, it could be for testing purposes to test proprietary GPS related sw on development devices before introducing it in the next gen? Or simply they decided to drop it somewhere along the way but left the hardware (as we still have Serial/UART on some production devices nowadays, which are used only for debugging in the development stage).
On the other hand, where did you get the info that it actually has GPS related hardware? Because while exploring my device settings I only found a hint on A-GPS support (which is not proven).
Click to expand...
Click to collapse
Add a few .xml configuration files to start and there is configuration settings in the framework. Look for an app on the tablet with HERE in all caps in the title. That's the APK module making it possible. And yes I figured out a way to modify framework settings
DragonFire1024 said:
Add a few .xml configuration files to start and there is configuration settings in the framework. Look for an app on the tablet with HERE in all caps in the title. That's the APK module making it possible. And yes I figured out a way to modify framework settings
Click to expand...
Click to collapse
I see, just checked MT8127 specs, and indeed there seems to be integrated support for GPS with GLONASS, that may be something interesting to play with.
EDIT: HD8/HD10 even have broader support of GPS related technologies according to their SoC specs.
Yeah, I was following root progress thread, even tried Blueborne exploit (the one published by Armis labs on github) on KFAUWI without much success as there is no access to /proc/<pid>/maps. And framework-res.apk mod looks promising only for devices having root, as getting required permissions outside /system is rather problematic.
Yet I was surprised that WRITE_SECURE_SETTINGS can be assigned outside /system. As I was poking around com.amazon.dcp.permission.DISPLAY_DEBUG_UI for quite some time.
gabosius said:
Yet I was surprised that WRITE_SECURE_SETTINGS can be assigned outside /system. As I was poking around com.amazon.dcp.permission.DISPLAY_DEBUG_UI for quite some time.
Click to expand...
Click to collapse
Do you have any idea if you can grant something like Activity Launcher the DISPLAY_DEBUG_UI permission? Some of the activities gave me errors when I tried to open them, saying they require com.amazon.dcp.permission.DISPLAY_DEBUG_UI.
The thing is, this appears to be a custom permission added by Amazon, not available in the official Android documentation.
Would Activity Launcher even be capable of launching certain "hidden" activities with this permission granted? Presumably you would grant permission over ADB the same way as WRITE_SECURE_SETTINGS?
Any ideas would be great.
lakitu47 said:
Do you have any idea if you can grant something like Activity Launcher the DISPLAY_DEBUG_UI permission? Some of the activities gave me errors when I tried to open them, saying they require com.amazon.dcp.permission.DISPLAY_DEBUG_UI.
The thing is, this appears to be a custom permission added by Amazon, not available in the official Android documentation.
Would Activity Launcher even be capable of launching certain "hidden" activities with this permission granted? Presumably you would grant permission over ADB the same way as WRITE_SECURE_SETTINGS?
Any ideas would be great.
Click to expand...
Click to collapse
Tried granting it to other apps and it resulted in "com.amazon.dcp.permission.DISPLAY_DEBUG_UI is not a changeable type" the command I used was pm grant com.amazon.dcp com.amazon.dcp.permission.DISPLAY_DEBUG_UI so yes, the syntax is the same with custom amazon permissions. Also execution of dumpsys package com.amazon.dcp shows that app already has DISPLAY_DEBUG_UI permission.
My guess is that it requires root, as even when I am launching activity from adb shell (not in context of activity manager) I get the same error that it requires the permission, and the same goes for some other hidden amazon applications.
EDIT: you can get list of device permissions by executing "pm list permissions" without quotes from adb shell, there are at least a few interesting ones.
lakitu47 said:
Do you have any idea if you can grant something like Activity Launcher the DISPLAY_DEBUG_UI permission? Some of the activities gave me errors when I tried to open them, saying they require com.amazon.dcp.permission.DISPLAY_DEBUG_UI.
The thing is, this appears to be a custom permission added by Amazon, not available in the official Android documentation.
Would Activity Launcher even be capable of launching certain "hidden" activities with this permission granted? Presumably you would grant permission over ADB the same way as WRITE_SECURE_SETTINGS?
Any ideas would be great.
Click to expand...
Click to collapse
That's a great question and one that hasn't been asked before. I can tell you I've been able to, in some apps, modify the manifest permissions. For example, I can use an app to edit the manifest of Jack Pals terminal emulator to add the secure settings permission and have it successfully install etc. I never thought of doing the same with activity launcher and if successful, seeing what happens. This could be very interesting. If you give me a few copies of some of the manifests permissions, I can see if a recompile and install will hold.
DragonFire1024 said:
That's a great question and one that hasn't been asked before. I can tell you I've been able to, in some apps, modify the manifest permissions. For example, I can use an app to edit the manifest of Jack Pals terminal emulator to add the secure settings permission and have it successfully install etc. I never thought of doing the same with activity launcher and if successful, seeing what happens. This could be very interesting. If you give me a few copies of some of the manifests permissions, I can see if a recompile and install will hold.
Click to expand...
Click to collapse
I attached a text document with ALL of the permissions listed by "pm list permissions" since it was too long to put here.
lakitu47 said:
I attached a text document with ALL of the permissions listed by "pm list permissions" since it was too long to put here.
Click to expand...
Click to collapse
Give me a few hours to see if I can modify the app. If I can, I'll upload a. APK
Sent from my Samsung Galaxy S4 using XDA Labs
DragonFire1024 said:
Give me a few hours to see if I can modify the app. If I can, I'll upload a. APK
Sent from my Samsung Galaxy S4 using XDA Labs
Click to expand...
Click to collapse
Questionable whether anything would change, as I don't see where activity launcher would need write secure settings permission.
On the other hand I did some digging on the "not a changeable permission type" message, and this provides some answer on what it might be expecting in order to activate?/assign the permission.
gabosius said:
Questionable whether anything would change, as I don't see where activity launcher would need write secure settings permission.
On the other hand I did some digging on the "not a changeable permission type" message, and this provides some answer on what it might be expecting in order to activate?/assign the permission.
Click to expand...
Click to collapse
Interesting. So each permission has a certain "protection" level?
After playing around with AR for all trying to get AR+ on Pokemon go and eventually giving up I'm curious on what this app is on my phone? Couldn't find a answer from a quick Google so I guess here is the next best thing.
Kinda of scared to give it root permissions as it's name doesn't sound familiar to any app I have installed. Any advice?
It's a system app that is present on many Android devices, including our Axon 7. You will find it in pretty much any ROM you flash, stock or custom. I don't know what it is or what it does, but it's not dangerous, don't mess with it. It shouldn't be asking for root permissions, that does sound a bit fishy. You may have recently installed an app that is masquerading under this name and now wants root access. Don't grant it. I would look more deeply into what you've installed to see if any of it might be malicious.
dalebaxter01 said:
After playing around with AR for all trying to get AR+ on Pokemon go and eventually giving up I'm curious on what this app is on my phone? Couldn't find a answer from a quick Google so I guess here is the next best thing.
Kinda of scared to give it root permissions as it's name doesn't sound familiar to any app I have installed. Any advice?
Click to expand...
Click to collapse
I agree with the user above. Its weird that it even has the possibility to be granted root permission. If its a system process, it should already have all the necessary permissions it needs.
Oh btw. I think for AR+ in pogo you need ARCore by google. Our device is not officially supported yet. But since there is cam2 api in oreo, that might change in the future and google could very well add it to the list of supported devices.
dalebaxter01 said:
After playing around with AR for all trying to get AR+ on Pokemon go and eventually giving up I'm curious on what this app is on my phone? Couldn't find a answer from a quick Google so I guess here is the next best thing.
Kinda of scared to give it root permissions as it's name doesn't sound familiar to any app I have installed. Any advice?
Click to expand...
Click to collapse
look. Download MagiskHide props config module, change the fingerprint to Pixel 2 XL, then download ARCore from apkmirror. It'll work, I just don't know if it works with pokemon go.
I used Measure and Lens (don't know if lens needs it tho)
Choose an username... said:
look. Download MagiskHide props config module, change the fingerprint to Pixel 2 XL, then download ARCore from apkmirror. It'll work, I just don't know if it works with pokemon go.
I used Measure and Lens (don't know if lens needs it tho)
Click to expand...
Click to collapse
Thanks man, at first safety net was being hit but a quick reboot later and now everything is working fine. I'm going to do more research into what this is. As I'm sure I haven't downloaded any suspicious apps.
dalebaxter01 said:
Thanks man, at first safety net was being hit but a quick reboot later and now everything is working fine. I'm going to do more research into what this is. As I'm sure I haven't downloaded any suspicious apps.
Click to expand...
Click to collapse
Edit: Never mind, I thought you were talking about the stuff i suggested lmao
Choose an username... said:
Edit: Never mind, I thought you were talking about the stuff i suggested lmao
Click to expand...
Click to collapse
Ok so after some testing it seems like AR Core 1.5 works but is unstable asf, and ARcore 1.4(latest) does not work as the app must be using 1.5 only, it comes up with the "This device is not supported" but seeing that safety is working fine, i assume its looking at the ARCore and seeing its not running on a "supported device" although it does work on 1.5 (sometimes, if im not taken straight to "Not Supported"). Not too sure about this magisk module tho as some reboots come up with a negative safety net
Found on internets:
"The CTS (Compatibility Test Suite) shim is a package that resides on a device's /system partition in order to verify certain upgrade scenarios. This is intended to facilitate the compatibility test that vendors run to ensure their hardware will be compatible with the Android OS. "
@evilKabab: if what you're saying is true, then I'm considering deleting this app from my phone. I generally don't use GApps, and don't care about SafetyNet. Thanks for the info.
its a shimmy hackers tool.
used to encrouch in space.
my ex and his circle are remotely damaging all aspects of my life personal and professional family and financial.
they have pop ups stating i cant use messages internet apps socialmedia or ANY thing that uses data or space urging me to delete files or apps as soon as i do, it encrouches and takes up that space.
ive got an s10 started with 13 pages of apps 1500 svreenshots and 900 photos and crap tons of vids
after a couple months of this i am left with 3 pages of apps (mostly factory apps) and no space for photos
and it still urges me to delete.
this is because i have evidence of too much on my phone
com.android.cts.priv.ctsshim | How to set up devices for CTS
What is com.android.cts.priv.ctsshim? How to set up the environment, desktop and android device for CTS? Is com.android.cts.ctsshim a Virus?
gossipfunda.com
hackedbymyexboyfriend said:
its a shimmy hackers tool.
used to encrouch in space.
my ex and his circle are remotely damaging all aspects of my life personal and professional family and financial.
they have pop ups stating i cant use messages internet apps socialmedia or ANY thing that uses data or space urging me to delete files or apps as soon as i do, it encrouches and takes up that space.
ive got an s10 started with 13 pages of apps 1500 svreenshots and 900 photos and crap tons of vids
after a couple months of this i am left with 3 pages of apps (mostly factory apps) and no space for photos
and it still urges me to delete.
this is because i have evidence of too much on my phone
Click to expand...
Click to collapse
Same here I have 1000s of files and screen shots an pencil an paper notes