I hereby claim:
- I am scottyab on github.
- I am scottyab (https://keybase.io/scottyab) on keybase.
- I have a public key whose fingerprint is 88AE 289F 03AE 3684 94BA B89F A056 9F94 AD10 76CD
To claim this, I am signing this object:
Scott Alexander-Bown scottyab
scottyab
/ SaferWebViewClient.java
Created
May 14, 2014 15:36
Make Webview safer - some of the code based on recommendations in article https://labs.mwrinfosecurity.com/blog/2012/04/23/adventures-with-android-webviews/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| /** | |
| * Implements whitelisting on host name | |
| */ | |
| public class SaferWebViewClient extends WebViewClient { | |
| private String[] hostsWhitelist; | |
| public SaferWebViewClient(String hostsWhitelsit){ | |
| super(); | |
| this.hostsWhitelist = hostsWhitelist; |
scottyab
/ Installation.java
Last active
August 29, 2015 14:01
Code from http://android-developers.blogspot.co.uk/2011/03/identifying-app-installations.html -- For the vast majority of applications, the requirement is to identify a particular installation, not a physical device. Fortunately, doing so is straightforward. There are many good reasons for avoiding the attempt to identify a particular device. Fo…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.vf.tools | |
| import java.io.File; | |
| import java.io.FileOutputStream; | |
| import java.io.IOException; | |
| import java.io.RandomAccessFile; | |
| import java.util.UUID; | |
| import android.content.Context; |
scottyab
/ keybase.md
Created
April 11, 2014 16:02
scottyab
/ QuickInstallScript.sh
Last active
August 29, 2015 13:58
From article http://www.vkalchev.co.uk/content/quickinstallapk/ Spoke to Val and he clarified the Licensed under the Apache License, Version 2.0
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| #Licensed under the Apache License, Version 2.0 (the "License"); | |
| #you may not use this file except in compliance with the License. | |
| #You may obtain a copy of the License at http://www.apache.org/licenses/LICENSE-2.0 | |
| #Copyright 2013 Valentin Kalchev | |
| #Date: 26/02/2013 | |
| #Target: Mac OS X Terminal + Android ADB + AAPT | |
| sharePackageName="" |
scottyab
/ become-spongy.sh
Created
December 17, 2013 12:01
Script to rename bouncycastle files to be spongycastle. From https://github.com/rtyley/spongycastle/
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #!/bin/bash | |
| # no further use for remaining crypto stuff | |
| rm -Rf crypto | |
| # Package rename org.bouncycastle to org.spongycastle | |
| find -name bouncycastle | xargs rename s/bouncycastle/spongycastle/ | |
| find bc* -type f | xargs sed -i s/bouncycastle/spongycastle/g |
scottyab
/ Repository.java
Created
November 7, 2013 09:29
— forked from kdehairy/Repository.java
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class Repository extends SQLiteOpenHelper { | |
| private static final int VERSION = 1; | |
| private static final String DATABASE_NAME = "data.sqlite"; | |
| private static File DATABASE_FILE; | |
| // This is an indicator if we need to copy the | |
| // database file. | |
| private boolean mInvalidDatabaseFile = false; | |
| private boolean mIsUpgraded = false; | |
| private Context mContext; |
scottyab
/ PRNGFixes.java
Last active
February 6, 2017 02:58
Enforce correct initialisation of Random numbers - call this from Application.onCreate(). Basically copy of the code from the Some SecureRandom Thoughts blog post http://android- * developers.blogspot.co.uk/2013/08/some-securerandom-thoughts.html
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| package com.scottyab.encryption; | |
| /* | |
| * This software is provided 'as-is', without any express or implied | |
| * warranty. In no event will Google be held liable for any damages | |
| * arising from the use of this software. | |
| * | |
| * Permission is granted to anyone to use this software for any purpose, | |
| * including commercial applications, and to alter it and redistribute it | |
| * freely, as long as the origin is not misrepresented. |
scottyab
/ SignatureCheck.java
Last active
January 30, 2024 15:22
Simple Android signature check. Please note: This was created in 2013, not actively maintained and may not be compatible with the latest Android versions. It's not particularly difficult for an attacker to decompile an .apk, find this tamper check, replace the APP_SIGNATURE with theirs and rebuild (or use method hooking to return true from `vali…
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| import android.content.Context; | |
| import android.content.pm.PackageInfo; | |
| import android.content.pm.PackageManager; | |
| import android.content.pm.PackageManager.NameNotFoundException; | |
| import android.content.pm.Signature; | |
| public class TamperCheck { | |
| //we store the hash of the signture for a little more protection | |
| private static final String APP_SIGNATURE = "1038C0E34658923C4192E61B16846"; |
scottyab
/ proguard-project.txt
Created
August 23, 2013 13:02
Android Proguard config to remove all logging. Remember to enabled the -optimize progaurd config
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| #Remove Android logging code | |
| -assumenosideeffects class android.util.Log { | |
| public static boolean isLoggable(java.lang.String, int); | |
| public static int v(...); | |
| public static int i(...); | |
| public static int w(...); | |
| public static int d(...); | |
| public static int e(...); | |
| public static java.lang.String getStackTraceString(java.lang.Throwable); | |
| } |
scottyab
/ MyXofYPagerAdapter.java
Created
April 16, 2013 19:59
PagerAdapter X of Y. When using a view pager you can simply override the getPageTitle to create a page x of y text as seen in apps like gmail. This was used in a app to swipe through the RSS stories with android.support.v4.app.FragmentPagerAdapter. Alternatively you could use something like https://github.com/ManuelPeinado/NumericPageIndicator
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| public class MyXofYPagerAdapter extends FragmentPagerAdapter { | |
| private final ArrayList<RssItem> items; | |
| public MyXofYPagerAdapter(FragmentManager fm, | |
| ArrayList<RssItem> items) { | |
| super(fm); | |
| this.items = items; | |
| } | |
| @Override |