I’ve recently read an article (actually a script) about modifying android system image HERE. Based on the script, I’ve write a new one at my GitHub in a repository named AndroidSystemModification.
Continue reading Android System Image ModificationOnion Tunnel: Proxy Every TOR Hidden Service on localhost
Onion Tunnel
Onion Tunnel is a simple tunnel app for tunneling every connection through TOR network. It is in my GitHub repository named OnionTunnel: https://github.com/mirsamantajbakhsh/OnionTunnel.
The idea of Onion Tunnel is taken from I2P. It opens a port on localhost for each Hidden Service but TOR does not have such thing. Instead, it opens a SOCKS5 Proxy to tunnel every connection through TOR.
This idea is great but it has a problem:
What if the application that wants to get traffic from TOR, does not support SOCKS5 proxy?
Continue reading Onion Tunnel: Proxy Every TOR Hidden Service on localhostObfuscapk: Obfuscate your APKs
Hi.
Recently, I was checking Obfuscation techniques in Android for one of my courses. I found out an academic repository on GitHub named Obfuscapk which is for obfuscating Android APKs. This is the paper of their work which you can study if you like.
Continue reading Obfuscapk: Obfuscate your APKsNMAP in Android
In this post, I’m going to talk about my new library for using NMAP in any Android project. I’ve released the library in my GitHub and Bintray. Using the library, you can use NMAP on non rooted Android device.
Continue reading NMAP in AndroidTOR Android Library
In previous post, I’ve talked about compiling TOR from source in Android and added some helper libraries for starting and configuring TOR. In this post, I’ve created a library based on Tor Binary (version 0.4.4.0) and published in GitHub, JFrog and JitPack.
Continue reading TOR Android LibraryBroadcast Yourself Through Android
I previously created a “HiddenLiveCamera” library for Android. In Github, I’ve received an issue by geminird indicating that phone no responded. I described the reason and geminird asked for live audio stream.
In another post, I’ve wrote about broadcasting media files (such as mp3) using Mixxx and IceCast. In this post, I’ve write about my library and how to use it in Android projects in order to publish stream from Android. The code of the library is grabbed from CoolMic.
Continue reading Broadcast Yourself Through AndroidAndroid Spy Camera
I was researching about Android Malware and their features, compare them. I’ve found that most of them (actually all) do not support live video stream from Android camera, aka Spy Camera, and one that supports live camera, needs an activity. Therefore, I’ve started a hidden spy camera project to live stream video from Android camera to an Rtmp server without activity, named Live Hidden Camera.

Connecting to Hidden Mail Server using Android
My Contribution in K9 Android Mail Client
K-9 is an attractive, open-source email client for Android with support of IMAP, POP3, SMTP, and exchange protocols. Hence, this client does not support proxy feature. This problem is referenced in #704 #980 #2619. In this post I will talk about my contribution in K-9 project by adding SOCKs proxy feature, which can be used for connecting hidden mail services.
In previous post, I described about connecting Thunderbird, an open source email client for PC, to a hidden mail service. In this post I will talk about modifying K-9 mail and connecting Android client to the hidden mail service.
Continue reading Connecting to Hidden Mail Server using AndroidIlam CTF: Android Reverse WriteUp
Ilam CTF has been hold on 23rd Nov 2018. Unfortunately I’ve planned other things for 22-23 Nov 2018 and because of the delay in holding the CTF, I couldn’t attend this CTF.
However, I could download the Android Reverse question for future analysis. And the flag is here:
ilam_ctf_0a095194dbcf4f798751aaafdfb_1db6b2ed339f4698b6b38b5e7ae
But the WriteUP!
T-REX: Playing with Dino!
I hardly play the dino game which is created by Google and is available in Chrome browser for playing while there is no Internet connection. But the game itself is popular and can be found in different platforms. Recently I’ve changed two of them and now cacti and birds are ineffective.
Simple JavaScript Running T-Rex Version
There are lots of free versions of the game. Take Running T-Rex for example. The java script code is pretty formatted and ready to be deactivated!
Medium Android Running T-Rex Version
I’ve faced with an Android version of the game. So started to find where the game finishes. Based on JADX decompiler, the following code was the main part of detecting game over.
Based on Smali Code Injection techniques, I’ve deactivated the functions. Now the Dino can run freely both in JavaScript and Android!
Dino JavaScript (Click to see the animated GIF version):
Dino Android (Click to see the animated GIF version):