Jump to content


  • Content Count

  • Joined

  • Last visited

  • Days Won


Everything posted by chrisevilgenius

  1. That is actually beyond my current knowledge, I literally took on this problem on the 3rd with no knowledge about how android works, so I'm not sure if you can make images with user data let alone how to do it, without the potential of really killing the device. What the hudl 1 needs is an image creating with a replacement for the hudl.ota, as it is never going to get a new image by calling home and maybe the Tesco stuff like the app updater removing replacing but I'm not sure I know how to do that either. Although the reason for working on the problem was to help out another SEN parent, they have taken this as an option to move on, so I might look at it more now I have not worries about bricking it completely.
  2. It should be as simple as restarting the site if their technical people know what they are doing, but the way these thing go they might not have anybody around that can do it, although as it seams like it all started when the azure location went down MS might be able to assist is the restart. The hudl 1 fix I have got requires rooting it, installing the CA into they system CAs via the adb shell and editing a config file for the ota, the appupdater response required is: {"mandatory": false,"apps":[]} The appupdater was required to get the hudl 1 working, this is not a simple solution. Edit the file /data/user/0/hudl.ota/shared_prefs/OTA_CLIENT.xml replace the value of the line <string name="last_known_version_number">20140424.153851</string> i.e. change it to <string name="last_known_version_number">20140424.153850</string>  rather oddly the app the check for the first update skips the update check. I copied the file off the device editied with notepad++ the copied it back, keeping a backup locally. Use the details here https://stackoverflow.com/questions/44942851/install-user-certificate-via-adb to install the CA to allow the appupdater to work, no idea why I could install a user CA beyond the fact is was not setup. Once setup you need to delete the CA out of the system store as you can imagine it is massive security risk as your system will trust any site using a certificate signed with it, the real ones are heavily protected. Sorry my solution is a little technical and I'm not great at writing it up, I've been running BIND on my home network for years so tweaking it was trivial, and installing a basic web server and configuring it are again simple enough but I can't tell you to run "emerge lighttpd" as unless you run gentoo it's not going to do much.
  3. I've now solved the hudl 1, but you need to root the device as I could not get the fake CA onto it via the normal method. Even when it was added as a system cert, it didn't work so I had to look for anther solution, the ota can be tricked by a config file update, then the system added fake CA lets you passed the app updater if your web host response with the right json file.
  4. And the hudl 1 is solved Okay the other response you will need to appupdater is {"mandatory": false,"apps":[]} Getting the CA on the device I used this information https://stackoverflow.com/questions/44942851/install-user-certificate-via-adb
  5. First it uses https so you need to be running a site that use https with a certificate that is signed by a CA the device accepts as valid, second the fist thing you have to get past is the hudl.oat package. As for the request and payload do know what it is someting like /ota/20140424.153851 {"status":"OK", "update": null} see my solution for the hudl 2, doesn't work on the hudl 1 even if I add my fake CA to the system CA's via root, the hudl.ota is using something else. Part of the solution for the hudl 1 is to edit /data/user/0/hudl.ota/shared_prefs/OTA_CLIENT.xml via a rooted system just change the value (i.e. to 20140424.153850) of the last_known_version_number <?xml version='1.0' encoding='utf-8' standalone='yes' ?> <map> <null name="shared_location_update" /> <boolean name="shared_active_new_download_notification" value="false" /> <int name="ota_status_update" value="1" /> <string name="last_known_version_number">20140424.153851</string> <null name="shared_info_update" /> <long name="shared_download_id" value="-1" /> </map> Then if goes on to update the apps that just goes around and around, that talks to my site via the fake CA after a response to /appupdater.
  6. While it might not be their doing, they should have build their site as a load balanced in multiple locations so one zone going down does not kill the site, standard cloud based site development. Alternatively if they are just being cheap as they stopped selling the devices got it moved to another location after this length of time. I also can't believe MS has left their azure platform dead in one location for nearly a month and Tesco has not got anything done about it in this length of time. Even though they are not selling the devices it still reflects badly on them. As for azure they are up according to MS https://azure.microsoft.com/en-gb/status/ I have solved this on the Hudl 2 by the way, still stuck on the Hudl 1, I havn't given up.
  7. Once setup you can revert to talking to the Tesco server by dropping the DNS RPZ, but as it is down it is not going to do anything, but the hudl.ota app can be manually trigger to pull updates if there are going to be any. The two devices I have one is on firmware with a date of 2015 09 17 and the other is 2015 11 02 so I doubt there is anything much newer. However I suspect you are talking about app updates and those mostly come from the google play store that will work anyway, any Tesco apps may or may not be in the google store so might not work but then do you use them. I did my second hudl 2 tonight it didn't play ball initial but then oddly the first one let me through even those the web server returned 404 (Not Found), I ended up using debug mode and pulling the apps and framework to see what the changes in the apps was over the hudl 1 turns out nothing really. Anyway this was the actual requests it makes: "GET /ota/rel.android-build.20151102.170607 HTTP/1.1" 200 32 "-" "Dalvik/1.6.0 (Linux; U; Android 4.4.2; Hudl 2 HTF8A4 Build/KOT49H)" "GET /appupdater HTTP/1.1" 404 341 "-" "-" "GET /config/ota-client/ HTTP/1.1" 404 341 "-" "Dalvik/1.6.0 (Linux; U; Android 4.4.2; Hudl 2 HTF8A4 Build/KOT49H)" "GET /hudl_connection/hudl_connection HTTP/1.1" 404 341 "-" "Dalvik/1.6.0 (Linux; U; Android 4.4.2; Hudl 2 Build/KOT49H)" "GET /config/device-monitoring HTTP/1.1" 404 341 "-" "Dalvik/1.6.0 (Linux; U; Android 4.4.2; Hudl 2 Build/KOT49H)" The only one that it cares about is the first one, the second it tries a number of times before it gives up suspect that is another app I've not looked at, the next reading the app code is setting the update check frequency, and has a fall back to once a day so not an issue. As for the other two again these are in another app not looked at. You could probably do it all with a raspberry pi and this as a starting point https://raspberrypihq.com/how-to-turn-a-raspberry-pi-into-a-wifi-router/
  8. Okay I have a solution (no rooting required) for the hudl 2 that started as my attempt on the hudl 1 (can get the CA installed). I'm not going to be able to write all the steps up here, but the general concept is a "Man in the Middle" attack. Requirements BIND 9 (DNS server for you network with RPZ https://en.wikipedia.org/wiki/Response_policy_zone) lighttpd (or any other web server) openssl and SD card First create a root CA https://aboutssl.org/how-to-create-and-import-self-signed-certificate-to-android-device/ Next create a web cert signed with the CA pem and key file above (skip creating the CA) https://gist.github.com/fntlnz/cf14feb5a46b2eda428e000157447309 The important bit is the CN but have fun "C=GB/ST=Hertfordshire/L=Cheshunt/O=Tesco PLC/OU=Tesco.com/CN=device.mobile.tesco.com" Put the CA created int he first step onto the SD card and put the SD card into the device. Use the wifi keyboard trick to get into setting can go into security. Change the screen lock setting to a PIN, Pattern, etc (Required to install the cert only) Then still in security Install form SD card (VPN and app) Sorry I can real document this bit I'll just have to assume you can manage your network at this level. Add a CNAME to the RPZ zone for device.mobile.tesco.com to the server you are going to use for the web server. Configure the webserver to return the json below for any request to https://device.mobile.tesco.com/ota/ or below i.e. https://device.mobile.tesco.com/ota/rel.android-build.20150917.142239 {"status":"OK", "update": null} Now setup you hudl 2 it will call home to your server and you're in. device.mobile.tesco.com - [07/Feb/2019:23:07:07 +0000] "GET /ota/rel.android-build.20150917.142239 HTTP/1.1" 404 341 "-" "Dalvik/1.6.0 (Linux; U; Android 5.1; Hudl 2 HTF8A4 Build/LMY47I)" device.mobile.tesco.com - [07/Feb/2019:23:07:07 +0000] "GET /config/ota-client/ HTTP/1.1" 404 341 "-" "Dalvik/1.6.0 (Linux; U; Android 5.1; Hudl 2 HTF8A4 Build/LMY47I)" P.S. no idea what the config request is for but it doesn't seam to stop the setup. Now I need to solve it on the hudl 1, for an autistic child who is an attachment to the hudl 1, but theirs broke, the parent got a second hand one found it would not setup. We offered ours for free not knowing about the issue I reset it as well.
  • Create New...

Important Information

By using this site, you agree to our Terms of Use.