nmmp-vm.zip
18.4 MB
How to use nmmp-vm
Repository:
https://github.com/maoabc/nmmp.git
What's New:
The built NDK will be detected automatically. Now, you can also run it in Termux and the Terminal of AIDE Pro.
1. Download nmmp-vm and Extract it into your path.
2. Go to '
3. Change your target app with SafeCheck.
4. Set your rules.
π Setting Rules in convertRules.txt File
https://t.me/TDOhex_Discussion/51386
5. Open the terminal and enter these commands.
π How to configured NDK + CMake in Termux
https://t.me/AbhiTheM0dder/1100
π How to Install and Set Up AIDE Pro
https://t.me/TDOhex_Discussion/50390
π To fix "Failed to extract native libraries, res=-2"
https://t.me/TDOhex_Discussion/50730
Note: If you face permission issues then extract nmm
βββββββββββββββββββ
π£ Main Channel: @TDOhex
π±Second Channel: @Android_Patches
π¬ Discussion Group: @TDOhex_Discussion
βββββββββββββββββββ
Repository:
https://github.com/maoabc/nmmp.git
What's New:
The built NDK will be detected automatically. Now, you can also run it in Termux and the Terminal of AIDE Pro.
1. Download nmmp-vm and Extract it into your path.
2. Go to '
/path/to/nmmp-vm'3. Change your target app with SafeCheck.
4. Set your rules.
π Setting Rules in convertRules.txt File
https://t.me/TDOhex_Discussion/51386
5. Open the terminal and enter these commands.
cd /path/to/nmmp-vm
# Termux
bash start-vm.sh
# Terminal of AIDE Pro
sh start-vm.sh
π How to configured NDK + CMake in Termux
https://t.me/AbhiTheM0dder/1100
π How to Install and Set Up AIDE Pro
https://t.me/TDOhex_Discussion/50390
π To fix "Failed to extract native libraries, res=-2"
https://t.me/TDOhex_Discussion/50730
Note: If you face permission issues then extract nmm
p-vm into '/data/data/pkg_name/files/'βββββββββββββββββββ
π£ Main Channel: @TDOhex
π±Second Channel: @Android_Patches
π¬ Discussion Group: @TDOhex_Discussion
βββββββββββββββββββ
β€1
Table of Contents:
π Index for Starting Lib Patching with radare2
https://t.me/TDOhex/453
π Index for In-Depth Smali Analysis
https://t.me/TDOhex/452
π Index for Flutter Reverse Engineering
https://t.me/TDOhex/451
π Index for Reverse Engineering of Hermes bytecode (HBC)
https://t.me/TDOhex/450
π Index for Useful Patches, Tutorials and Guidelines
https://t.me/TDOhex/449
--Share with Your Friends--
π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯
π£ Main Channel: @TDOhex
π±Second Channel: @Android_Patches
π¬ Discussion Group: @TDOhex_Discussion
π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯
π Index for Starting Lib Patching with radare2
https://t.me/TDOhex/453
π Index for In-Depth Smali Analysis
https://t.me/TDOhex/452
π Index for Flutter Reverse Engineering
https://t.me/TDOhex/451
π Index for Reverse Engineering of Hermes bytecode (HBC)
https://t.me/TDOhex/450
π Index for Useful Patches, Tutorials and Guidelines
https://t.me/TDOhex/449
--Share with Your Friends--
π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯
π£ Main Channel: @TDOhex
π±Second Channel: @Android_Patches
π¬ Discussion Group: @TDOhex_Discussion
π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯π₯
Android 16 (beta 2)
UltraHDR image
Adds support for UltraHDR images in the HEIC file format. These images will get
Page Size
If Android detects that your app has 4KB aligned memory pages, it will automatically use compatibility mode and display a notification dialog to the user(image above). Setting the
Key sharing API
Android 16 adds APIs that support sharing access to Android Keystore keys with other apps. The new KeyStoreManager class supports granting and revoking access to keys by app uid, and includes an API for apps to access shared keys.
#android
UltraHDR image
Adds support for UltraHDR images in the HEIC file format. These images will get
ImageFormat type HEIC_ULTRAHDR and will contain an embedded gainmap similar to the existing UltraHDR JPEG format. AVIF Support for UltraHDR is also planned.Page Size
If Android detects that your app has 4KB aligned memory pages, it will automatically use compatibility mode and display a notification dialog to the user(image above). Setting the
android:pageSizeCompat property in the AndroidManifest.xml to enable the backwards compatibility mode will prevent the display of the dialog when your app launches.Key sharing API
Android 16 adds APIs that support sharing access to Android Keystore keys with other apps. The new KeyStoreManager class supports granting and revoking access to keys by app uid, and includes an API for apps to access shared keys.
#android
Edge to edge opt-out going away
Android 15 enforced edge-to-edge for apps targeting Android 15 (SDK 35), but your app could opt-out by setting R.attr#windowOptOutEdgeToEdgeEnforcement to
#android
Android 15 enforced edge-to-edge for apps targeting Android 15 (SDK 35), but your app could opt-out by setting R.attr#windowOptOutEdgeToEdgeEnforcement to
true. Once your app targets Android 16 (Baklava), R.attr#windowOptOutEdgeToEdgeEnforcement is deprecated and disabled and your app cannot opt-out of going edge-to-edge. To be compatible with Android 16 Beta 2, ensure your app supports edge-to-edge and remove any use of R.attr#windowOptOutEdgeToEdgeEnforcement.#android
Android Developers
Behavior changes: Apps targeting Android 15 or higher | Android Developers
Learn about changes in Android 15 that will affect apps when they target Android 15 or higher.
β€1
Mozilla deletes promise to never sell Firefox data
https://twitter.com/LundukeJournal/status/1895249805338886591
Mozilla owns "information you input through Firefox"
https://connect.mozilla.org/t5/discussions/information-about-the-new-terms-of-use-and-updated-privacy/m-p/87735#M33600
"You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
https://twitter.com/LundukeJournal/status/1895249805338886591
Mozilla owns "information you input through Firefox"
https://connect.mozilla.org/t5/discussions/information-about-the-new-terms-of-use-and-updated-privacy/m-p/87735#M33600
"You give Mozilla all rights necessary to operate Firefox, including processing data as we describe in the Firefox Privacy Notice, as well as acting on your behalf to help you navigate the internet. When you upload or input information through Firefox, you hereby grant us a nonexclusive, royalty-free, worldwide license to use that information to help you navigate, experience, and interact with online content as you indicate with your use of Firefox."
X (formerly Twitter)
The Lunduke Journal (@LundukeJournal) on X
Mozilla has just deleted the following:
βDoes Firefox sell your personal data?β
βNope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. Thatβs a promise. "
https://t.co/OVAJnuHp7x
βDoes Firefox sell your personal data?β
βNope. Never have, never will. And we protect you from many of the advertisers who do. Firefox products are designed to protect your privacy. Thatβs a promise. "
https://t.co/OVAJnuHp7x
π3β€1
I think Durov is manipulating the TON market, and the Telegram platformβs useless stickers and gifts. He is overhyping these virtual items, which could be illegal according to some countriesβ rules and regulations.
This is basically my own observation
This post may lead to ban of this channel or something but i don't care.. I'm just asking
This is basically my own observation
π₯3
I understand they have to make premium items in telegram for increasing there funding/reputation but doing this might be not good at all .. not sure if it's actually happening or not but i just observed it and shared it ..
There is no intention to harm telegram reputation
There is no intention to harm telegram reputation
π―3
Today, I logged into my Telegram account on my mom's phone. Within two days, I saw that three friends from my contact list had been hacked. The hacker even sent me a malicious link in an attempt to hack my own Telegram account.
I had always thought that only the databases of older Telegram users (from around 2022) were leaked which you guys even know, but I was wrong. It appears that even accounts registered recently, or in recent years, are vulnerable. Even if you don't grant permission to read your telegram logged phone number ,- which is typically requested by special bots , suspicious Telegram bots might still detect your phone number, possibly by checking your account ID or bypassing some Telegram loopholes(but i am fully sure about this)
To protect yourself, you should avoid running unknown bots. Before that, however, you should enable two-step verification in Telegram's settings. Be aware that hackers (mean the fake site) may even ask for your verification code + the two step verification security code (set by you), written sometimes in Russian or Chinese , never share it. If you accidentally make a mistake, don't panic. Just go to the "Devices" section and terminate any older or suspicious sessions.
A best practice is to avoid using your personal phone number for registration. If you've already registered with your own number, consider deleting the account and signing up again with a virtual phone number. Alternatively, you could buy a new SIM card specifically for such purposes, - one that isn't linked to your bank account or other private information.
I had always thought that only the databases of older Telegram users (from around 2022) were leaked which you guys even know, but I was wrong. It appears that even accounts registered recently, or in recent years, are vulnerable. Even if you don't grant permission to read your telegram logged phone number ,- which is typically requested by special bots , suspicious Telegram bots might still detect your phone number, possibly by checking your account ID or bypassing some Telegram loopholes(but i am fully sure about this)
To protect yourself, you should avoid running unknown bots. Before that, however, you should enable two-step verification in Telegram's settings. Be aware that hackers (mean the fake site) may even ask for your verification code + the two step verification security code (set by you), written sometimes in Russian or Chinese , never share it. If you accidentally make a mistake, don't panic. Just go to the "Devices" section and terminate any older or suspicious sessions.
A best practice is to avoid using your personal phone number for registration. If you've already registered with your own number, consider deleting the account and signing up again with a virtual phone number. Alternatively, you could buy a new SIM card specifically for such purposes, - one that isn't linked to your bank account or other private information.
Telegram is just good for large work but not for private works It is better to use WhatsApp (i know about recent news) or Arattai
β€7π2π1
Iβve discovered a major concern regarding how Android/Google Passkeys handle security across multiple devices.
The Problem:
Passkeys are marketed as "2-Step Verification," but because Google syncs them to the cloud (Google Password Manager), the "physical device" security layer is weakened.
How the Loophole Works:
Local, Not Global Biometrics: If I create a passkey on Phone A using my thumbprint, it syncs to Phone B. On Phone B, I can unlock that same passkey using any fingerprint registered on that deviceβeven if itβs a different finger or a different personβs print.
The Hacker Risk: If a hacker logined my account in any way, then they can log into a new device, "sync" my passkeys from the cloud, and then use their own fingerprint on their own phone to access my GitHub, bank, or private accounts that protected with 2 step verification using pass key ..
The Conclusion:
Google is not storing our actual fingerprints; they are storing a digital "key" that can be moved. If the "sync" feature is on, the fingerprint isn't a true biometric lockβit's just a local trigger. If a hacker gets your PIN, they get your Passkeys.
I think the Google pass key (as 2 step verification) is nothing but a trash feature (If you know you know)
The Problem:
Passkeys are marketed as "2-Step Verification," but because Google syncs them to the cloud (Google Password Manager), the "physical device" security layer is weakened.
How the Loophole Works:
Local, Not Global Biometrics: If I create a passkey on Phone A using my thumbprint, it syncs to Phone B. On Phone B, I can unlock that same passkey using any fingerprint registered on that deviceβeven if itβs a different finger or a different personβs print.
The Hacker Risk: If a hacker logined my account in any way, then they can log into a new device, "sync" my passkeys from the cloud, and then use their own fingerprint on their own phone to access my GitHub, bank, or private accounts that protected with 2 step verification using pass key ..
The Conclusion:
Google is not storing our actual fingerprints; they are storing a digital "key" that can be moved. If the "sync" feature is on, the fingerprint isn't a true biometric lockβit's just a local trigger. If a hacker gets your PIN, they get your Passkeys.
I started this arguement with Gemini and i feel it still hiding something from us.. Because i used the same pass key for 2 step verification login in github account for both of my android, then the question is how and why it should possible , and whats the the meaning of two factor auth if once we loss our Gmail mean we are loosing everything
So its better use Phone auth as Two factor auth
β€3π2