Related
I have been reading XDA-Developers for sometime and have marvelled at the ingenuity that many of you demonstrate in solving problems - I have now registered and here is my first post and hope someone can help - Digital Signing for applications we develop for WM5 is a real pain especially if you need privileged access to run as it is up to the carrier or device OEM if they want to grant you use of the certificate. I guess if you were selling software this could mean they could withold permission because they had a competitive application, all smacks of anti-trust...unprivileged access is more straight forward but is no good if you need to access the kernel or other specialist processes. I note from the XDA WM5 part of this forum that someone had changed a rom so that it would not moan at unsigned apps. Does anyone know if this change would allow any unsigned "privileged" application to be used on a JASJAR - if so does any kind person have the ability to create a CAB file that could or program that could enable this condition and another to revert to normal operation. This would make a huge difference for those wanting to develop and test apps on a device instead of just the PC emulator however it would still require signing to get the end result available for others to use on their devices - I guess we would also have to consider if this "modifying" app also needed to be signed to run in the first place - nice one MS :evil: , the user is no longer allowed to decide what he wants to install :roll: .
According to MSDN there is a tool in the WM2005 SDK called createcert.exe that allows you to create certificates for test purposes.
I didn't have much luck with it my self, but I haven't read all the documentation, so I probably screwed up when creating the certificate.
Have you tried it?
If you make it work, could you please give me some advice on it. Thanks!
please help me.
i´m unable to use HTML in my signature
you can see what hapend...
I assume you aren't allowed to use HTML in your signature because you do not have sufficient privileges. Maybe the Senior Member user group doesn't allow it. You can always just use HTML for a PayPal button. There might be a donate link written for BB code, you can always try that.
thank you.
i will test it.
You can't have html in this forum but, you can use BB code.
e.g. [url=https://www.paypal.com/cgi-bin/webscr?cmd=_donations&business=d%2elaska%40yah oo%2ede&no_shipping=0&no_note=1&tax=0& amp;currency_code=EUR&lc=US&bn=PP%2dDonationsBF&charset=UTF%2d8]the text you want[/url]
which would come out as
the text you want
However, I think that link may not work...
hi
good day
my new friend is a developer
he made an app and wants to publish a beta for tests
so is there any idea on how to make a small package for testing like darijoa from badanation.de did it??
http://www.badanation.de/topic.php?t=3966&page=1
P.S: i am not a developer so i'll just deliver data
Thanks in Advance
With bada SDK...
There is an option to make package... so only "Binary" is included instead Source Code.
If no one is faster, I will make an Screenshot... sooon.
Best Regards
What's the problem? You just need to replace the application in the "\App\" folder on his own and edit the "\App\App.cfg". Darijoa installer is just part of the Bada SDK with skillfully written bat-file.
hahahahahaha
Xenon do you expect from me to understand this??
my friend is just a new bada developer who needed some help
he knows C/C++ but didn't study the bada SDK
i didn't believe him when he told me that he wrote an app just 4 days after downloading SDK (thats too fast for me)
anyway i'll tell him what adfree said and what you said too
Thanks for helping guys
XDA rocks
Hi Guys
adfree/Xenon, is there any way to install any app [without having certificate to this application] by Darijoa bat file? If I'm installing original app with cert, for example Voluntas, installation goes well. But I was tryin' something different - I put MyExplorer app in "App" folder, changed strings in config file. When I tried to install this app using this method, my phone says "Error 0108" - no certificate to myExplorer. Is there any way to install ANY application using this method? Is there any option to create certificate to application what I didn't created?
If you don't know what, I wanted to, I thought to create new spoof method for people using JL2 firmware. After this f*****n' Samsung Apps update, only way to run "non-free" games is to reflash their phones [downgrade to JK1 for example]. Not everybody want to do this
Btw, Xenon, good work with sp.so protection
adfree, good job with all U R doing
Best regards,
wxtester
I am sure Adfree has absolutely no interest in supporting a new "****ing" method of spoofing.
Btw, with that **** you are not damaging Samsung, but small developer groups and freelancers like us.
@wxtester
This installation method is only available for applications signed by developers certificate. And so by this way is possible to install only one application. Create a certificate - a task nearly impossible. Possible way to solve - edit apps_сompressed.bin, so I'm hope for success in the holod's QMD packing, this will open a new stage in the creation of custom firmwares.
The result of probably more than 100 hours of solo hackery: a working COM DLL for allowing any application to elevate itself to SYSTEM (root) permissions.
What you need:
An interop-unlocked HTC phone. Sorry second-gen and Arrive users.
A working HtcUtility driver. It's possible some HTC update at some point crippled this. It works for me; if it doesn't work for you let me know what updates you have.
What it does:
Allows changing the security token of any application to give that app unrestricted permissions. At this point, you can call any user-mode API, perform any operation, with full access.
It also allows you to read or write any value from memory, even kernel memory (this is how it modifes the security token).
What it can be used for:
Darn near anything. If it can be done while the phone is booted, you can do it.
What it can't be used for:
Modifying the ROM - the R and O stand for "read only" and they mean it.
Interop-unlocking a phone - it requires interop-unlock to get root in the first place.
How to use it:
In your app, include the HtcRoot.dll library.
Include the code from DriverAccessTest.cs in the test app (defines the COM API and enables using it).
Call the OpenHtcUtility function (will throw an exception if your device is incompatible).
Call the MakeMeRoot function (can also throw exceptions).
(OPTIONAL) Call the ReturnZeroIfRoot function to make sure your app is elevated (does not throw exceptions, will return an error code if you get one).
Do stuff with SYSTEM permissions (probably using another COM DLL, such as for registry or filesystem access).
Call the RestoreToken function (failure to do this *might* cause a kernel memory leak).
Call the CloseHtcUtility function (OS will probably handle this if program just exits).
What you can do right now:
Try the test app. It should pop up a series of messge boxes. Hopefully none of them say anything like "FAILURE".
Report any bugs or failures you discover.
Build things with this library, and publish them!
Breakdown of the download:
There are two folders in the ZIP, one for the Visual Studio 2010 C#/Silverlight XAP project, and one for the Visual Studio 2008 C++/COM DLL project.
The test XAP is in the HtcUtilityTest\bin\Debug folder.
The native (COM) DLL is also available in that folder, or under its own project.
If you want to mess with this, I'm going to assume you are already familiar with hybrid native/managed development for WP7. If not, Heathcliff74 has posted an excellent tutorial on this forum.
Special thanks to:
Heathcliff74 for the hybrid app tutorial and interop unlock info.
Paul_Hammons for the links and info about HtcUtility, the driver that makes this possible. Thread: http://forum.xda-developers.com/showthread.php?t=1434793
Supported devices / firmware versions / ROMs
All HTC devices (if interop-unlocked and with the right firmware numbers) should be compatible.
Some custom ROMs work, some do not. This will depend on the version of the firmware that the ROM's HtcUtility driver is taken from.
I believe I compiled the test app as Mango-only, but the native library doesn't care at all.
Compatible:
Stock ROMs with compatible firmware for HD7, Trophy, Mozart
HD2 (BttF [XBmod-Yuki] v2 SP1)
Not compatible:
Firmware version 2250.21.51004.401 or newer
Verizon Trophy firmware version 2305.13.20104.605 or newer
DFT ROM with build 8107, Firmware 5.10.401
Arrive (except on pre-Mango), Titan, Radar, Titan 2 (no interop-unlock)
Others are untested or results are incomplete.
Goals and future work:
Support more devices:
* Try and add support for newer firmware.
* Help ROM cookers ensure the library is supported.
* Look for similar openings in other OEM libraries.
Future-proofing:
* Allow installation of a mod to support this capability after known updates.
* Resilience against possible future updates.
* Allow users with incompatible devices to downgrade (possibly to NoDo), install the mod, and be able to use the phone after upgrading.
Improve the library:
* Fix some memory leaks.
* Clean up the code - remove dead code and improve comments.
* Allow reading/writing more than 4 bytes at a time from managed code.
* Add APIs to elevate other processes (by name or ID) to SYSTEM.
Develop homebrew around the library:
* Support accessing common APIs (filesystem, etc.).
* Resurrect the Advanced Explorer app, perhaps (registry and filesystem).
* Support native app launching on stock ROMs.
Also reserved
Reserved for OP #2
It does not work on HTC 7 Mozart (HTC Europe):
Error to Write the value 1337 to test address - System.Runtime.InteropServices.COMException (0x8007001F): A device attached to the system is not functioning
Click to expand...
Click to collapse
OS: 7.10.7740.16
Firmware: 2250.21.51101.401
Radio: 5.71.09.02a_22.51.50.21U
Boot: 5.11.2250.1(133487)
Please include the full error message or a description of what went wrong.
Failure on fully updated devices is unfortunately possible - my phone is (intentionally) a few updates behind. I'm looking into ways to make it work anyhow (either sending an older CAB update to roll back, or using the root acess to create an unlocker/root-enabler that survives subsequent updates). I'm going to look into how the full-unlock ROMs differ from standard ROMs, and see if I can do the same thing in running software.
Does it works with custom roms?
If the custom ROM has a working HtcUtility driver, then yes. My goal is to unlock the kind of capabilities normally restricted to custom ROMs on stock firmware, though.
@bleh815: Thanks for the report. That's frustrating; it looks like it is capable of doing read but not write. Write might just be restricted in what addresses is allowed, or it might be disabled entirely (the driver gives the same error code for every problem that I've encountered so far). Time to figure out
A) what update causes the problem (I'm on 2250.21.30102.531, HD7, stock ROM)
B) what restrictions that update introduces
C) how to work around those resrtictions (possibly by downgrading and then using root access to add something that will still work after upgrade).
GoodDayToDie said:
A) what update causes the problem (I'm on 2250.21.30102.531, HD7, stock ROM)
Click to expand...
Click to collapse
I've just downgraded a mozart of mine back to stock NoDo (TMOB-DE) to find out which OEM update breaks (actually fixes) it.
Cool, thanks! It's one of the post-Mango HTC updates; a Microsoft update wouldn't have modified an HTC driver, and my phone has all the pre-Mango HTC updates but it still works.
.
..........
Hi, at first it says "SUCCESS!", then it says "Trying to open a file gives error 1260" and then it says "Now opening a file gives error 0" and finally "Finally, opening a file gives error 1260".
System informations:
OS=7.10.7720.68
Firmwareversion=2250.21.12200.162
Radio=5.68.09.05a_22.50.50.21U
Bootloader=4.6.2250.0(129185)
HTC 7 Trophy.
That is *exactly* the sequence of messages it is supposed to give!!
In particular, the messages I need to see are the "SUCCESS" (the rest is potentially interesting info, but not very important) and then the "Now opening a file gives error 0".
The "SUCCESS" means that a sequence of read/write tests succeeded.
The "Now... error 0" means that the process has been elevated to full permissions.
The "Finally... error 1260" means that the security token was successfully restored at the end, so it was unable to open the file again. This is the expected and correct behavior.
I don't recognize your Firmware Version number; I'm guessing it's specific to your phone. What method did you use to upgrade to Mango?
how do i install it?
Tried on interop-unlocked HTC Surround, not working Tested any call in VS debug mode - no luck at all.
I can confirm that it works with any OS version, from 7004 to 8107.79
On a HTC 7 Mozart (TMOB-DE) it works with firmware 2250.21.13201.111 (Stock NoDo ROM) but the hole gets fixed with 2250.21.51101.111 (1st Post-Mango HTC Update).
You guys are gods taking programming to a hole new level!
I wish to see ms take you all more serious and not let wp7 fail like minmo6.5 did!
I wish I could get on your level!
I realy need some help lerning basic silverlight my self!
But I have read how hybrid working ant this is just fantastic!
conradulations on all your developments so far you guys are truly amazing!
Oh, that code, beautiful reading that!
Thanks for sharing this learnfull code!
I'd like to try it on my Verizon HTC Trophy, I would love to get file access back....
I downloaded the package and I even have VS 2010 installed but beyond that I have no idea as I am not a programmer.
Can someone post a compiled XAP for us to try to see if our phone works with it or not ?
Or some step by step VS 201 directions to try would also be helpful.
@Ttblondey: *FACEPALM* The path to the test XAP is given in the opening post. You install the XAP on your phone using any XAP deployment tool. It requires that your phone be interop-unlocked; Heathcliff74 has a nice long thread about that. The app is called called HtcUtilityTest. Run it, and report the results. If you want to actually *use* the DLL, the instructions for doing that are given too but you need to write some code.
@sensboston: PLEASE give a more complete report! Success and error messages, at the least. Also, your phone version info. Thanks!
@bleh815: THANK YOU! I mean, it's a little annoying to know how far back this was fixed ("First post-Mango HTC update" means the one that was included *with* Mango for most people, or the one after that?) but good to know. Now, to look at exactly what they changed...
@jackrabbit72380: Thanks man! As for working with it yourself, like I mention below, I'm planning to provide a universal homebrew library that people can easily use to do whatever they want.
@fiinix: You're welcome! Honestly, I didn't expect anybody to call my mess of debug-commented and mildly hacky C++ "beautiful" but that hack itself *is* pretty awesome. My only concern with using it is the risk of a context switch causing the wrong app's token to get overwritten, and I should probably look into that, but I think it's OK for the moment. There are bigger fish to fry.
In the meantime, it should open up a huge list of capabilities for tools like your DllImport project. I'm currently considering reviving Advanced Explorer (like TouchXplorer + Registry Editor, but open source; was never ported to Mango though) using the root access instead of using ComFileRW and the provxml driver. Let me know what you want to do with it!
One other thing I'd like to add is the ability to easily elevate *another* process; it's not hard to do but I haven't written it yet. This could be handy for apps where we don't have the source code (for example, elevate Schaps registry editor, which uses low-privilege native code for browsing, so it can read *all* registry locations instead of just some of them).
@DavidinCT: Well, running the test app is easy, just install the XAP. It just runs a battery of tests though, it doesn't actually *do* anything useful. To get filesystem access, you'll need to write some native code (which means using Visual Studio 2008 and the CE/Smart Device plug-in, see Heathcliff74's toturial on the subject). Basically, you would first use this DLL (accessed via COM, you can look at my own C# code for how to do that) to opent he driver handle and elevate the process to root. You could then write your own COM DLL that uses the standard Win32 filesystem APIs (CreateFile, etc. - all are documented on MSDN) and exposes those APIs, or the results of them, to managed code via COM. Then, back in your phone app (the one that called into my HtcRoot DLL) you can call into your own DLL to access the file system.
If that's too big a leap, don't worry. I plan to release a general-purpose high-privilege homebrew DLL that exposes some of the most-used functionality (filesystem, registry, provxml, and other things by request), is easily extensible (possibly using something like the DllImport project, where you just specify the function you want to call and the DLL it's located in right from C#), and that will be a lot easier to hack with. You'll still need to know C# and basic Silverlight, but it'll be a lot easier (and hopefully useful without knowing any C++ or COM).
GoodDayToDie, you are amazing, always keeping me interested!
When starting the test xap, I get the below, it then goes into the "Page Name" and that's it.
Device Info here, running a FullUnlock DFT Rom by a Chinese dev from the DFT Forum.
Nonetheless, top work on getting this started and can't wait to keep reading about the progress!
XeKToReX
still wondering how to jailbreak rt 8.1,seems that cdb no more works..
A jailbreak for 8.1 isn't possible yet.
Sent from my SCH-I535 using xda app-developers app that has now replied to millions of stupid questions
hjc4869 said:
still wondering how to jailbreak rt 8.1,seems that cdb no more works..
Click to expand...
Click to collapse
*sigh*. Use search, or even just open your eyes and read through the development and hacking section which is basically full of this single statement: "8.1 does not have a jailbreak yet"
SixSixSevenSeven said:
*sigh*. Use search, or even just open your eyes and read through the development and hacking section which is basically full of this single statement: "8.1 does not have a jailbreak yet"
Click to expand...
Click to collapse
Making a jailbreak is a complicated task. I'm working on it...
Melissa
surface rt 8.1 jailbreak
Myriachan said:
Making a jailbreak is a complicated task. I'm working on it...
Melissa
Click to expand...
Click to collapse
hello my name is mike clery I was wondering any info on a 8.1 jailbreak I really want to install legacy apps on my surface rt so if you can tell me anything its December 26 and still no info on it
Dude. Don't pester the devs. Don't post questions that have already been asked and answered over and over again. Don't, ever, ask for ETAs or similar concerning hacks like this. Leaving aside the simple fact that it's impossible to predict anything of that nature (and thus asking is simply useless and annoying spam), people on here are volunteers doing this stuff in our own time. You are not our boss, to ask for regular status reports or some such thing. It'll be posted when it's ready. No point asking for anything else.
There has been plenty of discussion regarding an 8.1 jailbreak. I get that you're new, but time was, new members of a community had the courtesy to observe, and emulate, the behavior of the older members of the community. At a minimum, check the forum rules... the very first of which is: Search before posting!
cameyo ? work with jailbreakoen surface rt ????
Have you guys heard about cameyo ?????
Its pre pacakge apps taht dont need to be installed to run.
download them and run them, wonder if we be able to use those apps after the RT is jailbroken? any idea ?
search for online . cameyo . com / public - (no spaces)
here is the link to hugh list of apps that can be downloaded as n exe file and run on any PC, offcourse not on rt . i tried. Anyone with a 8.0 surface RT jailbroken devce, wanna try and let us know if they are working ?
MrAsimOnline said:
Have you guys heard about cameyo ?????
Its pre pacakge apps taht dont need to be installed to run.
download them and run them, wonder if we be able to use those apps after the RT is jailbroken? any idea ?
search for online . cameyo . com / public - (no spaces)
here is the link to hugh list of apps that can be downloaded as n exe file and run on any PC, offcourse not on rt . i tried. Anyone with a 8.0 surface RT jailbroken devce, wanna try and let us know if they are working ?
Click to expand...
Click to collapse
Nope. Cameyo is for x86 not ARM and would need porting, as it is not open source that is not possible.
Possible alternitve?
Is is possible to just get a developer license on an rt device and then use your own signing certificate to sign some application (like audacity) then import the certificate into the trusted root authority list using certmgr.msc? If that worked then we could get something going that would work with few risk of problems. Also for anyone else who might find this useful, you can download a windows rt debugger and it has a built In kernel debugger (maybe could be used to jailbreak???).
... And we come full circle. @johndc7, thanks for your suggestion but did you really think that wasn't among the very first things we tried?
The requirement isn't that the binaries are signed. It's that they're signed by Microsoft. Your suggestion does actually work if the tablet is in Testsigning mode - which means, basically, treat any trusted signature as if it's a MS signature - but putting the tablet in Testsigning mode requires editing the BCD (Boot Configuration Database) and the SecureBoot feature prevents any modification to the SecureBoot flag in the BCD. We even have tried complex steps like exporting the BCD, enabling Testsigning on it, marking it read-only, and re-importing it. No dice. Feel free to experiment more yourself, though...
Oh, and as for kernel debug, that's definitely another way to disable the signature enforcement... and it's just as unusable as your last suggestion. Secure Boot blocks the Debug flags in the BCD. You don't need any special software to perform kernel debugging of RT - any build of kdb or windbg from the last few years can do it - but you do need to be able to put the tablet in debug mode to begin with. Again, if you find a way to do *that*, then that would be very valuable.
Another idea........
Hopefully this is something that is actually somewhat realistic..... I have been wanting to run audacity (mainly) on windows rt. Does anyone know if it would be possible to recompile it to run full screen in metro? Even though this method isn't really ideal, it would be something to temporally use instead of having nothing until somebody finds a better way of doing it. I understand that it probably wouldn't be able to be released to the windows store but a developer license could be installed to run it.
Well, at a bare minimum, you would need to re-write the entire UI. Metro apps don't (can't) use the standard Windows GUI frameworks, so any graphical app that isn't completely DirectX-based (which is to say, pretty much anything except games and command-line apps) will need to have their interface re-written.
Then there's the issue of things like getting it to work within the sandbox (you can largely work around the API restrictions, but the privileges issue is a problem) and, unless it is already possible to compile it under modern versions of Visual Studio (a lot of open-source software isn't), you would need to fix it for MSVC compatibility too.
Short version: Not practically.
Possible Alternative
I did find a folder on my RT device called "CodeIntegrity". The path is "C:/Windows/System32/CodeIntegrity". It contains drivers and stl files that I assume prevent the use of unsigned exes. Permissions that are not normally granted on the Surface are needed to disable the files, but if we could somehow do it maybe it would solve the problem?
GoodDayToDie said:
The requirement isn't that the binaries are signed. It's that they're signed by Microsoft.
Click to expand...
Click to collapse
Not exactly. They can be signed by any certificate listed in the kek or db and not listed in the dbx. So microsoft (though there are different signatures in rt 8.0 and rt 8.1) and the OEM, and any third party that made drivers that are used on the platform (at least in general). But those are just technical details and don't help find a solution all that much.