Fallout Shelter Synchronisation an Android ? There is an app for that

Good news fellow Administrator ! You can now manage your Vault on multiple devices easily on the go using nothing more than your Google Drive Account !

Redirect to the http://fallout.codlab.eu/ webpage and download the Android Apk

Looking for the Source Code ? It is right on the webpage too !

This message was provided by your beloved Vault Tec Company

See you underground and remember, stay safe, away from the radiation 😉

hacker

Hack your way into the Misfit

Looking into the messy and promising world of IoT

And of course, all the other wearable devices (well, I won’t explain for them right here but the list is very long and not limited to : the Vivofit, Vivofit 2, your educational radar (yeah those one telling you in RED that you are currently over-speeding the 50Km/h limit BY 1Km/h !), etc…

But Here we are… I was given a Misfit Flash device few weeks ago and after some research on Google (I really like the filters 😉 inurl, etc…), I finally grabbed a SDK – the first one I found was limited – in parallel, I also checked on the website how could I grab the official SDK since I really wanted to work on my own app to perform those actions :

  • Grab my sleepin’ information
  • Show me how well I worked out during the day B° (you know, sitting down, getting up to grab my food when I am working in from of my Desktop :p)

Making your way into the hood

Well, I found some interesting information when compiling the example app given with the zipped archive I found.

First of all, launching the app, it was not anymore possible to use the app :( the SDK seemed to limit the app usability to :

  • having your Android devices connected to Internet
  • having the “network time” inferior to a timestamp based barrier !

” Dam**** ” – I first thought but hey, I am “security researcher” – so grabbed the misfit-sdk-android.jar file and exploded it \o/

mkdir tmp ; cd tmp ; unzip ../misfit-sdk-android.jar

^ I am a rockstar

What tools did I used then ? * JD-GUI * JBE

JD-GUI : used to reverse engineered quick enough the library and look into the hood JBE : Well, rewrite the class to later simply do this (i.e.)

jar ufv ../misfit-sdk-android.jar com/misftiwearables/..../SDKSetting.class

Those two part were really funny to perform

Rewrite the world to conquer the universe

My way into the library was really informative. I found some fuc***** newbies errors in it. First, they assumed that everything was “proguarded” well enough (seriously dudes…). Secondly, “shut your a**** !?”, 0_0, you put hardcoded non-possible proguardable values into the code to check the current timestamp to this long value. Yikes!! And terrible to show self confid… – Hum not sure about this one

Those type of coding issue were present in few place in the library – very easy to find, easy to circumvent and easy to reinsert (go to jar uf)

Please note that I found a day later, a complete SDK without those coding garbages in it :p – this library was the one I will use for now !

Betrayed by the company

I looked into the Documentation and the SDK, ** I DID NOT FIND ANY INFORMATION ABOUT THE SLEEP INFORMATION /!\ **. Maybe it was beacause the SDK found was too old, I then checked on Internet and I was completely surprised to see THAT ALL SDK lacks of those information. Seriously Misfit ? You keep those lines for you.

I reversed engineered the app to look for those lines – B)

adb pull /data/app/com.misfitwearables.prometheus....
mkdir misfit_tmp ; misfit_tmp ; unzip ../com.misf.....apk 
dex2jar classes.dex
open classes_dex2jar.jar -a JD-GUI # look into the source
mkdir ../misfit_decompiled ; cd ../misfit_decompiled ; unzip ../misfit_tmp/classes_dex2jar.jar

I then cross checked the two jars. I saw that the proguard feature was not used the same way (some classes were not proguarded in the app)

I finally erased all the non useful packages from the misfit_decompiled folder (the open sourced libraries, sdks etc…)

and applied the magic formula

jar uf path_to_misfit.jar com

AND TADAAA !

I now have a completely useful SDK (well, after copied the libstlport_shared.so and libSleepAlgorithm.so libs to the libs/armeabi folders

Final thing, I kept the Version file from the archive I found … but replaced the content to 1.x-codlab

Tidy things up

All this is not cleaned as for now. So what is currently needed to do :

  • rewrite the current SDK Documentation provided by Misfit since even for the current SDK, the documentation pdf is outdated or wrong (wrong class names, missings methods, members) (1)
  • add the whole Sleep information capability into the new documentation
  • create a proper gradle implementation – 2015… Eclipse is at its Sunset in the Android Development branch regarding IntelliJ and Android Studio
  • Create a github project
  • bring the whole project into our real world
  • rewrite internal classes for more clarity and efficiencies

Conclusion

To all companies out there – When you have successful products, open them, open the way for people to contribute, it is worth the risk – does your competitor did things like me before me, YES, did they will continue, YES. I consider opening a SDK is the minimum thing to do in 2015. Any script kiddies can achieve what I just did during those few days

Note : I will never mention here how I completely reversed the current firmwares in the archive and that I am currently able to change the way the Misfit behaves (seems that I can’t do anything but 80% is the current limit, I think)

Nota bene

People, CEO, CTO, I don’t care – please… MAKE SOMETHING ABOUT THE SECURITY OF YOUR DEVICES ! I can sniff around in the bus/trains/… and dump every non-synchronized data from your devices to your smartphone without having any user behing aware that I am doing this !!!

Turn your PC/Linux or Mac into a BLE peripheral

Quite a nice library found on github :)

The bleno library is quite a node library for anyone who intends to make his PC/Linux (laptop, desktop … nano computer!) into a BLE ready peripheral device.

The project on github is quite self explanatory about the pre-requisites and the installation. The examples provided only needs few modification, first valid UUID, not the one provided (at least on my Mac, i needed to change them…)

I did not found how to implement event based ble (from peripheral to the listener) for now, but the R/W features rocks

The link : https://github.com/sandeepmistry/bleno

In the next posts, few example of what can be done (and maybe the stream/event mode :) ) with Android / iOS

Gradle :: make your builds be part of your commits

Gradle, great product used in the new build system of the Android projects can be a real power tool to maintain your projects.

Why? First of all, one of the greatest challenge in the tests, debugs and release package is to keep an eye on to what version of the source code the crash corresponds. For the main part, this can be achieved by manually updating the code version and code name to be correct source code… If for simple projects this can be ok for short term ; in the long term or in most of “industrial” sized projects, this can be really a pain in the byte…

So what? First of all, in the projects, you should keep for each package, a commit, to make a backup of the source code and the information about what changes have been made in the package.

But now, how can you insert easily the information into the package information?

Here comes the following snippets to help you. The idea behing them are simple, the first one returns directly the current timestamp of the package build and the second one, the most important snippet here, simply takes the latest commit name of the current path and returns it.


def getVersionCode = {
  def code = Math.round(new Date().getTime()/1000).toInteger()
  return code
}


def getDefinedVersionName() {
  def stdout = new ByteArrayOutputStream()
  exec {
    commandLine 'git', 'log', '-n', '1', '--pretty=format:"%H"'
    standardOutput = stdout
  }
  return stdout.toString().trim().replace("\"","")
}

It is now easy to add the two or only the git into your gradle build structure. It is recommended to add the function into the root build.gradle in order to propagate the snippets usability.

The final part is to call the required function, I prefer using the commit one since you have the most relevant information (you can concat the two output to make much more powerful results)

For instance you could have :

android {
  ...
  defaultConfig {
    versionName getDefinedVersionName()
  }
  ...
}

And voila, it is now installed and every AndroidManifest.xml in the outputs build will be merged with the latest commit version.

Ajouter “Ok google” sous Android KitKat Francais

Voici comment ajouter facilement Ok Google sous Android Kitkat (4.4) en version francaise avec un appareil rooté :

tout d’abord avoir un terminal (applications disponibles sur le market 😉 )

puis simplement de taper ces commandes:

su
mount -o rw,remount /system
cd /system/usr/srec
mkdir fr-FR
cp en-US/* fr-FR/
chmod 755 fr-FR
cd fr-FR
chmod 644 *
mount -o ro,remount /system
reboot

Et voila votre téléphne/tablette vous proposera ok google dans la barre de recherche intégrée

No news for …. what? a while

Hey everyone,

Yes yes, i agree, i did not gave a sign for a while. But You know, i had a lot of things to do 😉

I will post new articles soon. I must finish the one about the Google Cloud Messaging service (I need to create some images).

I will also integrate Aquinum in Bordeaux (i hope to work on those topics : security, domotics, etc… In fact everything i’m used to work with :) )

Don’t forget to follow me on twitter : twitter.com/codlab

Android : Widgets et Services, un zouli mélange

Maintenant que vous savez que vous devez rester dans les clous avec les widgets, on va commencer Ă  pouvoir y aller Ă  la pelle et voir qu’on peut quand mĂȘme faire du bon gros quick’n’dirty ; bon ok… on va pas aller jusque lĂ  mais vous saurez que vous pouvez faire plus que ce qui vous pensiez pouvoir faire depuis le prĂ©cĂ©dent article. hĂ©hĂ©

 

Rien de miraculeux, il faut garder Ă  l’esprit toutes les diffĂ©rentes remarques pour cet article qui se propose de mettre les mains dans le code au travers d’un exemple simple et de faire dĂ©couvrir un aspect des widgets et du dĂ©veloppement sous android.

Commençons

Pour cet exemple, créons un simple projet. Chargez votre IDE favori et créez le projet. Peu importe le package de base que vous utiliserez, souvenez-vous simplement que des éléments du Manifest et des déclarations de xml auront besoin du package exact de vos classes pour instanciations/permissions.

 

Classes de base

Faisons simple. Si vous avez lu l’article prĂ©cĂ©dent, vous aurez besoin d’un AppWidgetProvider pour le widget, et d’un Service.

Nous les appellerons simplement MyAppWidgetProvider et MyService (pourquoi faire compliquĂ©). Dans la classe MyAppWidgetProvider, nous allons surcharger la mĂ©thode onUpdate puis dans Service, la mĂ©thode onStartCommand (pour l’exemple)

public class MyAppWidgetProvider extends AppWidgetProvider {
@Override
public void onUpdate(Context context, AppWidgetManager appWidgetManager, int []appWidgetId) {
}
}
public class InspectService extends Service {
@Override
public int onStartCommand(Intent intent, int flags, int e){
return START_STICKY;
}
}

La base est donnée, nous pouvons continuer. Nous allons créer un simple layout affichant du texte. Créez donc un nouveau layout dans le dossier res/layout en lui donnant un nom que vous souhaitez puis ajoutez dedans :

 

<LinearLayout xmlns:android="http://schemas.android.com/apk/res/android"
android:layout_width="match_parent"
android:layout_height="match_parent"
android:gravity="center_horizontal|center_vertical"
android:orientation="vertical" >

<TextView

android:id="@+widget/text"
android:layout_width="fill_parent"
android:layout_height="wrap_content"
android:gravity="center_horizontal"
android:text="@string/start" />
</LinearLayout>

Ajoutons maintenant deux valeurs strings dans les ressources

<string android:name="start">Start the service</string>
<string android:name="stop">Stop the service</string>

Qui servirons Ă  lancer/stopper le service exemple

 

Manifestons !

Maintenant que la vue pour le widget existe, que les classes sont déclarées, modifions le manifest.

Ouvrez le manifest et au sein de la balise application, indiquez que l’application utilisera un service et un receiver avec un intent-filter

<service android:name="your.package.is.here.MyService" />

<receiver
android:name="your.package.here.MyAppWidgetProvider">
<intent-filter>
<action android:name="android.appwidget.action.APPWIDGET_UPDATE" />
</intent-filter>

<meta-data
android:name="android.appwidget.provider"
android:resource="@xml/widget_service" />
</receiver>

Vous avez vu le meta-data? Au niveau de android:resource? Nous allons voir dans l’Ă©tape suivante quoi faire

Au bout du tunnel… du widget

Bon ok, on va voir quoi faire mais attention, il faudra un autre article pour vous montrer dans le détail toutes les possibilités qui vous sont offertes !

Donc crĂ©ez un simple fichier xml dans res/xml. D’aprĂšs l’Ă©tape prĂ©cĂ©dente, j’appelle donc le mien widget_service.xml. Ouvrez le et mettez :

<?xml version="1.0" encoding="utf-8"?>
<appwidget-provider xmlns:android="http://schemas.android.com/apk/res/android"
android:minWidth="40dip"
android:minHeight="40dip"
android:minResizeWidth="40dip"
android:minResizeHeight="40dip"
android:updatePeriodMillis="0"
android:previewImage="@drawable/uneresourcegraphiqueexemple"
android:initialLayout="@layout/lelayoutcreeavant"
/>

Ce qu’il faut remarquer ici (outre les informations de taille, que vous pouvez changer…) : vous pouvez gĂ©rer une image de prĂ©sentation qui apparaitra dans la liste des Widgets. et un layout par dĂ©faut, celui qui est chargĂ© par le widget, dont le nom est Ă  changer en fonction du layout que avez crĂ©Ă© prĂ©cĂ©demment. DerniĂšre petite info, en mettant 0 dans updatePeriodMillis, on indique que le widget sera mis Ă  jour “manuellement” par l’application et non par le systĂšme qui aurait pu le faire Ă  intervalle rĂ©gulier.

 

RĂ©capitulons rapidement, nous avons :

  1. une classe de widget et un service,
  2. déclaré un layout pour le widget
  3. dĂ©clarĂ© un xml de dĂ©claration d’informations sur le widget
  4. modifiĂ© le manifest pour dĂ©crire l’utilisation du service et du widget

Agrémentons tous cela maintenant.

 

Du Widget au Service

Rajoutons de l’activitĂ© dans le Widget. Ouvrez votre classe du widget, et mettez ce code dans la mĂ©thode onUpdate:

// Preparation des vues
RemoteViews views = new RemoteViews(context.getPackageName(), R.layout.widget_service);

//petite disjonction sur l'état d'activité du service, que nous implémenterons aprÚs

//change le texte en fonction de l'Ă©tat
if(MyService.getState() == MyService.RUNNING){
views.setTextViewText(R.widget.text, context.getString(R.string.stop));
}else{
views.setTextViewText(R.widget.text, context.getString(R.string.start));
}

// préparation d'un intent à déclencher au clic sur le widget
Intent serviceIntent = new Intent(context, MyService.class);
serviceIntent.putExtra("state", 2);

PendingIntent pendingIntent = PendingIntent.getService(context, 1, serviceIntent, PendingIntent.FLAG_UPDATE_CURRENT);
views.setOnClickPendingIntent(R.widget.text, pendingIntent);

//on envoie sur toutes les instances du widget présentes sur le launcher
for(int i=0;appWidgetId != null && i<appWidgetId.length;i++)
appWidgetManager.updateAppWidget(appWidgetId[i], views);

Cela aura pour effet d’instancier le widget et de le prĂ©parer pour l’espace utilisateur. N’oubliez pas qu’il faille en faire un minimum pour permettre de ne pas dĂ©passer le temps critique autorisĂ© et Ă©viter des ANR potentielles (d’aprĂšs certains tests, 5sec entrainent des messages de warning dans les logs selon les versions du systĂšme)

… et du Service, chargeons le Widget

DerniĂšre Ă©tape ! Mais pas la plus dure, vous allez voir.

Tout Ă  l’heure, j’ai utilisĂ© une mĂ©thode static getState() dans onUpdate. Nous crĂ©ons donc cela dans le service :

public final static int RUNNING = 1;
public final static int STOPPED = 2;
private static int _state;

public static int getState(){
return _state;
}

Nous avançons ; mettons en place la mise à jour simple des widgets dans une méthode updateWidgets()

private void updateWidgets(){

//récupération du manager général
AppWidgetManager appWidgetManager = AppWidgetManager.getInstance(this.getApplicationContext());

//récupération d'un ComponentName de notre provider
ComponentName widgetComponentName = new ComponentName(getApplicationContext(), MyAppWidgetProvider.class);

//récupération des widgets possible de l'application
int[] widgetIds = appWidgetManager.getAppWidgetIds(widgetComponentName);

for (int widgetId : widgetIds) {

//pour chaque type, rĂ©cupĂ©ration des vues "distantes" (nous sortons de l'application, d'oĂč notamment les restrictions sur les variables vues dans le prĂ©cĂ©dent article)
RemoteViews remoteViews = new RemoteViews(this
.getApplicationContext().getPackageName(),
R.layout.widget_service);

//changeons le texte en fonction de l'Ă©tat
if(getState() == RUNNING){
remoteViews.setTextViewText(R.widget.text,getString(R.string.stop));

}else{
remoteViews.setTextViewText(R.widget.text,getString(R.string.start));
}

//et on envoie la mise à jour - ici on peut dépasser les 5sec etc... mais attention, en parallÚle d'interfactions utilisateurs !
appWidgetManager.updateAppWidget(widgetId, remoteViews);

}
}

 

Et la gestion du cycle du service dans tout cela? Elle vient juste aprĂšs ; nous avons donc besoin de pouvoir savoir quand le service dĂ©marre, “gĂšre” et quitte :

@Override public void onCreate() {
super.onCreate();

updateWidgets();

}

@Override
public int onStartCommand(Intent intent, int flags, int e){
if(intent != null && intent.hasExtra("state")){
int state = intent.getIntExtra("state", 0);
if(state == 2){
_state = (this.getState() == RUNNING) ? STOPPED : RUNNING;
}

if(_state == STOPPED){
stopSelf();
}else if(_state == RUNNING){
}
updateWidgets();
}
return START_STICKY;
}

@Override
public void onDestroy() {
super.onDestroy();

_state = STOPPED;

updateWidgets();
}

Vous voyez ce que cela fait? Au dĂ©marrage du service, les widgets sont mis Ă  jour pour indiquer qu’il est possible de quitter le service. Puis Ă  l’extinction du service, ils le sont en leur indiquant que le service peut ĂȘtre lancĂ©

 

Conclusion

VoilĂ , vous avez pu voir la crĂ©ation d’un trĂšs trĂšs simple widget qu’on aurait pu appeller le tout-pas-beau ainsi qu’un moyen de les mettre Ă  jour par l’utilisation d’un service. Vous pouvez bien Ă©videmment aussi utiliser les receiver pour rĂ©cupĂ©rer des Ă©tats bien spĂ©cifiques, des url, des tags NFC (quoique je n’ai pas essayĂ© celui-lĂ ). A vous donc de gravir le reste de la montagne mais n’oubliez pas : le launcher, ce n’est pas un emplacement sur lequel utiliser tout l’espace, il faut penser Ă  l’expĂ©rience utilisateur avant tout

New Contactless payment solution

I am currently finishing a whole news payment solution for every NFC compatible devices.

Easy to use, easy to implement, the solution is simply based on having connectivity between the seller device (or pc with NFC ready peripheral : acrxxx, etc… ) and the buyer.

The buyer sync with a server, the buyer receive the push from the buyer and sync with the server etc… and tada

The solution currently work with paypal and let you having payment solution better than the one you can see in the apple stores B) hey, it is great to say to a customer “you have nfc on your smartphones? you can buy our product directly with your paypal account”

I am open to implement any other solutions, if you are a company and want it, you can contact me per mail to discuss about the condition and to link your project/solution with it (for instance if you don’t want paypal but your own servers, etc…)

Android : compatibility between ViewPager and SlidingMenu

You already may have encountered “bug” by using a Viewpager and a SlidingMenu at the same time :

this bug is simply while sliding viewpager… the sliding menu “takes” the event.

 

How to fix it?

In fact, it is very simple. First of all, make an object (your fragment, activity…), create a method which will take one integer (native one, not the Object ;p )

In it, you can simply check if the index is equal to 0 (or the maximum if you were using a right menu >> according to your code, but here, I will only make it compatible with left. Add now a simple if else statement. If the index is 0 then enable the menu, otherwise disable it.

For example:


public class SlidingViewPagerFragmentActivity extends SlidingFragmentActivity{
  public void setViewPagerSelected(int index){
    //in this example, I also check for the screen
    //which is currently selected
    if(index == 0 && this.findViewById(R.id.mobile) != null){
      this.getSlidingMenu().setSlidingEnabled(true);
    }else{
      this.getSlidingMenu().setSlidingEnabled(false);
    }
  }
}

Now that we have a perfectly working checking method, you can now implements a OnPageChangeListener in your activity/fragment/whatever… (from the …view.ViewPager package)

Once done, you will have to override the onPageSelected(int index) method. In this one, call your Object which manage the SlidingMenu (in my own code, I made an object override SherlockFragmentActivity, implements the first method in it and then, my activities simply override my Activity with this method. And to finish (last little thing), register your Object in the :
yourpager.setOnPageChangeListener()
//note that if you use the ViewPagerIndicator, you will have to register your Object
//in the indicator ;)

For instance (in a SherlockFragment):


public class FragmentExample extends SherlockFragment{
  @Override
  public void onPageSelected(int index) {
    if(getSherlockActivity() instanceof SlidingViewPagerFragmentActivity){
      ((SlidingViewPagerFragmentActivity)getSherlockActivity()).setViewPagerSelected(index);
    }
  }
}

And voila 😉

BAUG – Bordeaux Android User Group – first session

pfffioooouuuu posted a (unsigned) long long time ago but there it is : a new post !

Today, i’ll write about the BAUG (yep, in Bordeaux, France), it was the first session about two topics : Android / UI Guidelines and finally, Market Shares / Evolution.

It was really interesting with those two conferences and after, chat with every one in the conference room.

Happy to take part in this adventure =)

Projects, Software, glitchs, security and much more !