Hi i like to track all the get requests of a website i browse.
lets assume im using an app in that app there is a WebView that leads to a website.
the website is doing get requests.
the website has SSL pinning.
i like to know what are those get requests that the website is doing.
During a google research I found that Frida help me bypass the SSL pinning However, Frida must be used on Rooted devices. I need for not rooted devices.
It comes to my attention that Frida-Gadget can do that for me.
is there any explicit guide to do so?
my goal is simple to go to a SSL website using my phone and track all the "get" request that the website is doing.
Thank you !
Related
I am currently developing Java web services that run on WebLogic on a server. There is a requirement that I need to send push notifications to mobile devices running on iOS. I do know what is required for developing GCM/FCM for sending notifications to Andriod devices. For iOS, I know there is APNS, but what Java library can I use to send the notifications?
Also, what are the required things (registration ID, etc) needed in order to send via APNS?
Any example codes?
I have googled and found out about java-apns and javapns, but I am not even sure if they are obsolete already.
Thanks in advance.
I can help you with what all are the things which are must to implement APNS. Please note that with the introduction of new HTTP/2.0 APNS API, a lot of things have changed which used to be before. (Good news is : Things have really become easy & simple now)
Would advise you to go through the below link:
https://developer.apple.com/library/ios/documentation/NetworkingInternet/Conceptual/RemoteNotificationsPG/Chapters/Introduction.html
APNS Prerequisites:
1) APNS SSL Certificate, Key (Same for sandbox & production now, previously used to be different for production/development/voip etc. This is the most important step, as most of the issues related to APNS are due to the wrong certificate generation)
2) device token (specific to per iOS app running on an iOS device, your iOS client app needs to register with APNS to get this device token. Also device token is normally different for development & production environments. So please make sure your using the right token)
Once you have above mentioned certificate,key & device token for your iOS App, you can send APNS notifications from your application provider using APNS interface.
Please note that, device token can change anytime (normally during iOS software upgrade), so its always advisable to obtain fresh device token every time your app is launched.
On your query related to java library for apns, please note new APNS interface has a dependency on HTTP/2.0 . Both open source as well as enterprise versions (like AWS, Urban airship etc) are available which you can select based on your needs. Not sure if AWS supports new HTTP/2.0 interface. However its always advisable to use the latest APNS interface as per Apple guidelines.
Optionally, you can also use GCM as well to implement APNS.
https://developers.google.com/cloud-messaging/ios/start
However, your iOS app may need to register to GCM as well for the same. Basically the iOS device token will be mapped to GCM device token. However, you would still need to generate certificate,key as well as device token as I have mentioned.
I hope it answers your query.
_Ayush
I have created and published on Google Play an Android app that communicates with my server. I want to check that my server (Java Servlet) only accepts requests from this Android app, so that if someone clones my code and creates a new app, when it tries to communicate with the server, the requests are rejected.
Is there a way to do that? Perhaps with domain names, or signed apps,...? This is to prevent phishing attacks.
You can get your app's signing key and check it on your server, but someone can get this information. If you use https for your connection, and use proguard, I think it's disincentive enough.
This is my letter of hope. I'm using android 4.* to create a l2tp connection to the server. The problem is in authorization. I have a server key , user login and password. I search any solution along the internet, not for android only but for java at all, and didnt find any code sample for start. I have no idea how I can authorize on server. ToyVpn in android samples didnt help, its just sample of regular connection(without any authorization). Please, somebody, help! I'll be grateful for for any useful information in this question.
I am developing a context aware mobile application. I need to have information about the capabilities of terminal devices and network characteristics such as current bandwidth. My question is, are there APIs in android to access this information?
Thanks.
The better question is, are there APIs for these terminal devices to access the information from outside. Of course you can get the bandwidth of your phone to the provider, but to get that info of the terminal device, you need to access their data.
I would suggest a three-way request for that. At first there is a webservice, in your language of choice, e.x. PHP, which has to get access to the terminal device. That device has to publish their data somehow, so thats the first point you need to know.
Then this webservice cleans the data like you need it and publish it as xml or json or whatever.
Then your App in Android acceess the service to get the info and parse it into your app.
There are alot posts here to find out, how to get a HTTP Request Result. For parsing XML you can find something here:
http://www.ibm.com/developerworks/opensource/library/x-android/index.html
For accessing a network device with a specific port an such stuff, you can use PHP with the function fsockopen()
I have a website where users can send personal messages between them, now I want them to recieve the messages also on their mobile phone but without having to send them a SMS.
I am thinking about providing them with a mobile phone with internet access over GPRS or 3G, then develop a Java application that will connect to the website and retrieve the messages.
On the website I am thinking to make a webservice where the phone will login, get new messages, and also be able to answer back to messages.
Does anyone know any mobile application tutorial that will do that? Or do you recommend me where to start? I never done a java mobile application before, I only work with websites and PHP.
I also tried to use ICQ, the client is already done for java and for iphone, and I've also found a script that will send ICQ messages from PHP, but ICQ server bans you for 20 minutes when you do many reconnections, so I have to develop some kind of ICQ bot always online that will check for new messages to send from the mySQL database and then send them, one per 2-3 seconds, so the server won't ban me for flooding.
Well any advice or recommendation is welcome about how to have users connected to the website messaging system from their phones.
Thank you!
Instead of a Java Application, I would do a mobile HTML web page for the mobile devices because it will be simpler to deploy. I know Java is supposed to be WRITE ONCE RUN ANYWHERE, but with JavaME is not that simple. You will have to create special deployments for different phones, and there are phones that do not support JavaME (iPhone) at all.
With a mobile WEB SITE, the only thing your mobile phone needs is a browser. Pretty much every feature/smart phone have a browser these days.
If you insist on developing a JavaME application, you are on the right track. You can publish some WebServices on your WebSite and consume them from JavaME. Here is a tutorial on how to do that.