Author: downthecrop

How To: Install Windows on Raspberry Pi with Linux/macOS/Unix (WoR)

Wondering how to create a Windows 10 on ARM (Windows on Rapsberry Pi) SD Card from a macOS or Linux/Unix computer? Using a free minimal Windows 10 Virtual Machine image and the open source software Virtual Box you can pass your SD Card or USB Drive the Windows on Raspberry (WoR) media creation tool! This easy guide will show you how

Requirements: SD Card Reader/USB Drive, ~20GB Free hard drive space on the host machine to download and Extract the Windows 10 VM and download an ARM64 disk image of Windows 10 for installation.

1. Download and Install Virtual Box

https://www.virtualbox.org/wiki/Downloads

2. Download and Install VirtualBox Host Extension Pack

Host Extensions

https://www.virtualbox.org/wiki/Downloads

3. Download the free MSEdge on Windows 10 Virtual Box Image

MSEdge Virtual Box Image

https://developer.microsoft.com/en-us/microsoft-edge/tools/vms/

4. Extract MSEdge VM .zip, Double click the .ova and Import the VM.

Import Virtual Machine

5. Settings > USB Controller > USB3.0 or USB2.0 depending on your SD Card reader

If you only see USB 1.1 controller download the host virutal box host extensions in step 2.
Settings
USB

6. Start the Windows 10 VM, Use the bottom Toolbar to select your SD Card Reader and pass it to the VM

the password for the VM's user account is: Passw0rd!

  • why Microsoft wanted to have a password on the use account in the first place is beyond human comprehension.

You should see your SD Card in the Virtual Box VM.
Virtual Box USB 3.0

Now you're free to follow the normal Windows on Raspberry (WoR) instructoins on https://www.worproject.ml/downloads

Manually Update Samsung Galaxy S10 To Android 10

After unlocking the bootloader on my S10e I was unable to flash an unofficial Lineage OS 17.1 (Android 10) ROM to my device. I was originally on the stock AT&T ROM which STILL (January 2021) hasn't been updated to Android 10. Most other carriers have released Android 10 for their S10 devices but AT&T not only is shipping devices with fully locked bootloaders but also aren't supporting their customers with updates. With the power of modern technology and a little ingenuity we can right these wrongs.

First you'll need an unlocked bootloader so you can flash your device with Odin. I was able to purchase an unlock for my S10e from SamPWND (read my article here) but if you already have an unlocked bootloader you're ready to flash.

Two tools are required for this update process. Frija for downloading the updated stock Android 10 ROM and Odin3 to flash your device in download mode.

Frija Download: https://forum.xda-developers.com/t/tool-frija-samsung-firmware-downloader-checker.3910594/

Odin3 Download: https://forum.xda-developers.com/t/patched-odin-3-13-1.3762572/

Downloading Stock Android 10

An Android 10 Custom Rom requires your device to already be on Android 10 to flash it successfully. Since AT&T hasn't released a version of Android 10 I used Frija to download a clean ROM. I needed to use the SPR (Sprint) code in CSC which specifies the carrier. Check for updates, then download. Frija will decrypt the update so you can use it with Odin.

Frija Download Tool

Once you've downloaded the update unzip it somewhere. You will have a few files that match the input fields in the Odin3 tool. Put your device into Download Mode and set each of the fields to their matching file from the update. Even the BL field. This will NOT relock your bootloader. You can flash TWRP or a custom recovery after you have verified you can boot into Stock Android 10.

Flash and Wait. Then your device should reboot into Android 10!

Bootloader Unlocking for Samsung Galaxy S10 and S20 Devices

Some said it was impossible. Others dared to try. I dared to spend $100 and download a sketchy USB Redirector software to have someone else run their custom tool remotely to unlock my device. I had the resolve. I dared to swipe my credit card.

SamPWND Bootloader Unlocking for SM-G970U AT&T Model

It's no secret that Samsung devices have shipped with permanently locked bootloaders on most US carriers for many years now. I recently purchased a used S10e SM-G970U ATT and was unfortunately reminded of this. Somehow I had forgotten what a pain it was to unlock these things before my purchase. After some research when I found the OEM unlocking feature in Developer Options was missing in Android. Some more research later I learned that unlocking is in fact possible. Possible if you have the means. A functional exploit for S10, S20, and Fold/Flip devices does in fact exist to unlock the bootloader but it is private and proprietary. I purchased an unlock for $100 flat from https://www.sampwnd.com/ and it worked great. Hopefully this exploit is released to the public in the future but this is out best shot currently.

More information on requirements and supported devices and be found in elliwigy XDA developers post: https://forum.xda-developers.com/t/sampwnd-usa-model-bl-unlock-info-u-u1-w.4201689/

So I provided my DID adb shell getprop ro.boot.em.did and paid my hundred bones. Then I waited for a Discord message. They can either contact you with Telegram or Discord it's up to you. After getting a message to download some software called usbredirector-customer-module.exe I connected to their session with my device in Download Mode and within 10 seconds my device rebooted with an unlocked bootloader.

Was it worth it? I think yes.

OP.GG For Tecent/WeGame and Chinese SuperServer

Alternative Frontend for WeGame Match History and Account Lookups.

Download: https://github.com/downthecrop/wegame-tencent-china-opgg

Provides account lookups, match history, profile multi-search, statistics and more. Like OP.GG or Blitz.gg for the Chinese (CN) League of Legends Servers. Available for all area ID's including the Super Server (Dopa/Apdo plays here) which is Area ID 31.

Pregame lobby Multisearch, Game Details and Profile Statistics from WeGame/Tencent League of Legends LoL API

Instructions

Features:

  • Match History
  • Match Details
  • Multisearch
  • Profile Navigation
  • Profile Statistics
  • Open Source (MIT License)

Support

I will not respond to errors or problems on Twitter but you should still follow me. Report problems here on Github

License

How To: Reverse Engineer Any Private API (iOS/Android and Desktop)

Have you ever wanted to access data from an application that doesn't provide a Public API? Well I've got great news. That application is getting its data from somewhere. You just need to find out how to plug into it! This process is called Reverse Engineering (Or hacking if you want to pretend you're really smart) a Private API. I will document some tips and useful tools that will help you reverse any Private API from any application on any platform.

Reverse Engineer any Private API - Watch the YouTube video here! https://youtu.be/RchCi6E2hVs

Tools

There are a handful of tools that can be used to complete this task. Windows 10 was my platform of choice for working with the data so I'll be sharing what I used on here.

Fiddler: Fiddler is an HTTP/HTTPS Proxy that can be used to intercept and decrypt SSL/HTTPS traffic. This application is also useful for replaying requests, creating custom request, and exporting a request as cURL to be converted into Python 3. Fiddler is free to use, just sign in with your Google Account! Make sure you install the certificate and enable HTTPS mode so you don't miss any requests. https://www.telerik.com/fiddler

MitM Proxy: Man in the Middle Proxy is a great way to read data from Smart Phone Applications. This is what I used to get all the data I needed for my API reversal. Simply download the executable from https://mitmproxy.org/ to start up a server (disable your firewall or open port 8080) and then enter your PC's IP address into the Proxy Server settings of your Phones WiFi settings. After that navigate to http://mitm.it/ on your Phone and install the provided certificate. Follow the provided instructions on http://mitm.it/ and start sniffing!

Tips

Create a text document to save all your finding and especially any useful URL endpoints you find. Having your information organized will help to ensure that you don't waste time on the same thing twice or need to proxy your device over and over again to find what a request should look like.

For more information and an example of the API reversed you can watch my YouTube tutorial here.