So, i am testing my app, it saves data of accounts to a server, and i am wondering if it is possible to get server ip by just having app instaled.
Is there some methods?
Of course. You can get the IP just by checking the router and seeing where requests were made to, you don't even need to run the app- just someone on the network needs to. IP addresses aren't secret.
Related
I made an application which connects to SQL Server and write/read data and it works only on my IP address. I could can allow every IP address, is this risky or is there no way someone can see my database log in data?
It is 100% dangerous.
According to tags, I guess you are connecting to a SQL Server via an Android app. If that's the case, there are TONS of ways to find the credentials. For example, one can intercept the requests, decompile your code, or...
Even if you hadn't an Android app published, your server will be under heavy brute-force attacks on the Internet.
At least, you need a webserver to handle authentication, on your web server and then the web server connects to your database in a very limited and safe way.
Let me explain the situation:
I am using my android phone as WiFi hotspot that gives a code (that user can reedem on my shop) when he has completed a registration.
I need to use my phone because I do this on the beach and the only way to to this is having something portable.
Okay, so:
I have used this tecnique so far and everithing gone well, i have set up a webserver on my phone and using some iptables i redirected all the traffic to my captive portal when a user tries to surf the net.
It worked like this:
USER asked my phone: "Hey what's the IP for google.com?"
MY PHONE connected to DNS and received the correct IP.
IPTABLES manipulated this IP to send to USER the local ip of my captive portal.
But there's a big problem: i need mobile data on!! And on the beach many times i do not have signal and when a user connect to my hotspot, it gives DNS error instead of my captive portal.
The only solution is to run an offline DNS server that doesn't require internet to hijack all the request to the captive portal.
I use BitWebServer as ligthhttpd server and i looked for DNS Server to run my DNS offline but i am really confused and i don't know where to start.
Someone of you have and idea? I just need to redirect all the request that comes from USER connected to my hotspot to the captive portal WITHOUT using internet.
Thanks in advice, regards
Giorgio
In back-end side we have REST APIs, I want to connect to server from my android app. which one is better to use, Domain name or IP address?
Considering the fact that changing or even upgrading your server in the future (which can happen due to many reasons), may result in an IP change. Using the Domain Name is a better option.
I am using JuiceSSH for making SSH connections to my RaspberryPi whenever I want. What I need to do is swap the IP address value into the JuiceSSH configuration file with the IP address that will be sent by RaspberryPi in case of IP address change. I am thinking about using a google apps script in which I can get the new IP address value from the e-mail. But I don't know where the JuiceSSH app holds the configurations. And I do not also know whether I can manipulate any file into an android phone using a google apps script.
Google Apps Script cannot directly access any files except those in your Google Drive.
You may be able to empower a script to indirectly change the JuiseSSH config - if you can...
Figure out where it is.
Set up a web server on your phone to accept incoming POST operations.
See this LifeHacker blog.
When a valid POST is received, decode the payload and use it to update the local file.
There will be security issues with this!
Write your Google Apps Script
Monitor your email for a message about a change in your Raspberry PI's IP address.
Figure out how to track the phone's IP address!
POST the update to your phone.
retry periodically until the POST is successful (since the phone's connection is not reliable)
Another approach would be to have a Google Apps Script WebService serve up the current address of the device; then a program on the phone could periodically reach out to the service to find out the address, and update the file.
Of course, if you connected to your Raspberry PI using a name instead of an IP address, you wouldn't have to worry about any of this.
I am building an Android application to go with my company's server.
The server is for the enterprise and resides in the customer internal network.
Each customer has obviously a different IP address assigned to the server.
This is an off the shelf product, meaning we don't build it per customer.
The client need the server IP in order to connect and start working.
Currently the client ask the user for the server IP, but the users usually don't know it.
I am looking for an easy way to be able to configure the client with a different server IP address per costumer.
We are deploying the client from the costumer internal web server (no market).
Is there a way for the client to know where was it downloaded from? than i can use this IP?
Is there a way for the client to know the apk name that was used to start the installation process? than i can rename the apk name to include the server IP.
Any other suggestions?
From your question, it seems that the customers will always be using the app on their local network. Off the top of my head, you could:
Use mDNS to find your server.
Require your customer to add a DNS entry, so that yourappname.customer.com resolves to the right address. With domain-lookup from DHCP, you should be able to resolve yourappname and have the right domain appended.
Require your customer to add a field to their DHCP response (probably more work than the customer would want).
Hit your website, have it look at the IP address it came from and work out which customer it was -- this requires you to know your customers' servers' IP addresses.