mirrors/PlayIntegrityFix
1
0
Fork 0
mirror of https://github.com/chiteroman/PlayIntegrityFix.git synced 2025-01-18 19:12:38 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity

Update + fix compile

Browse Source 
Get scripts from PIFork by @osm0sis

Co-authored-by: Chris Renshaw <osm0sis@outlook.com>
This commit is contained in:
chiteroman 2024-09-04 12:12:52 +02:00
parent d3c6e36063
commit bf00dbf143
No known key found for this signature in database
9 changed files with 429 additions and 128 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
app/build.gradle.kts
View File

@ -16,9 +16,6 @@ android {
resources {
excludes += "**"
}
jniLibs {
excludes += "**/libdobby.so"
}
}
defaultConfig {
@ -26,7 +23,7 @@ android {
minSdk = 26
targetSdk = 35
versionCode = 17300
versionName = "v17.3"
versionName = "v17.4-TEST"
multiDexEnabled = false
externalNativeBuild {
@ -43,13 +40,13 @@ android {
)
cFlags(
"-std=c23",
"-std=gnu23",
"-fvisibility=hidden",
"-fvisibility-inlines-hidden"
)
cppFlags(
"-std=c++23",
"-std=gnu++26",
"-fno-exceptions",
"-fno-rtti",
"-fvisibility=hidden",

2
app/src/main/cpp/CMakeLists.txt
View File

@ -25,7 +25,7 @@ add_library(${CMAKE_PROJECT_NAME} SHARED
target_include_directories(${CMAKE_PROJECT_NAME} PRIVATE
cJSON
shadowhook/shadowhook/src/main/cpp
shadowhook/.
shadowhook/arch/${ARCH}
shadowhook/include
shadowhook/common

133
app/src/main/cpp/main.cpp
View File

@ -1,10 +1,11 @@
#include <android/log.h>
#include <sys/system_properties.h>
#include <unistd.h>
#include <dirent.h>
#include <string>
#include <vector>
#include <filesystem>
#include "zygisk.hpp"
#include "dobby.h"
#include "shadowhook.h"
#include "cJSON.h"
#define LOGD(...) __android_log_print(ANDROID_LOG_DEBUG, "PIF", __VA_ARGS__)
@ -18,30 +19,35 @@
#define TS_PATH "/data/adb/modules/tricky_store"
static ssize_t xread(int fd, void *buffer, size_t count) {
ssize_t total = 0;
char *buf = (char *) buffer;
while (count > 0) {
ssize_t ret = read(fd, buf, count);
if (ret < 0) return -1;
buf += ret;
total += ret;
count -= ret;
static size_t xread(int fd, uint8_t *data, size_t size) {
size_t remaining = size;
while (remaining > 0) {
ssize_t n = TEMP_FAILURE_RETRY(read(fd, data, remaining));
if (n <= 0) {
return size - remaining;
}
data += n;
remaining -= n;
}
return total;
return size;
}
static ssize_t xwrite(int fd, void *buffer, size_t count) {
ssize_t total = 0;
char *buf = (char *) buffer;
while (count > 0) {
ssize_t ret = write(fd, buf, count);
if (ret < 0) return -1;
buf += ret;
total += ret;
count -= ret;
static size_t xwrite(int fd, uint8_t *data, size_t size) {
size_t remaining = size;
while (remaining > 0) {
ssize_t n = TEMP_FAILURE_RETRY(write(fd, data, remaining));
if (n < 0) {
LOGE("write failed: %s", strerror(errno));
return size - remaining;
}
data += n;
remaining -= n;
}
return total;
if (TEMP_FAILURE_RETRY(fsync(fd)) == -1) {
LOGE("fsync failed: %s", strerror(errno));
return -1;
}
return size;
}
static std::string DEVICE_INITIAL_SDK_INT;
@ -93,18 +99,28 @@ my_system_property_read_callback(const prop_info *pi, T_Callback callback, void
return o_system_property_read_callback(pi, modify_callback, cookie);
}
static void doHook() {
void *handle = DobbySymbolResolver(nullptr, "__system_property_read_callback");
if (!handle) {
LOGE("error resolving __system_property_read_callback symbol!");
return;
static bool doHook() {
shadowhook_init(SHADOWHOOK_MODE_UNIQUE, false);
{
auto libc_handle = shadowhook_dlopen("libc.so");
if (!libc_handle) {
LOGE("error loading libc.so library!");
goto exit;
}
auto handle = shadowhook_dlsym(libc_handle, "__system_property_read_callback");
if (!handle) {
LOGE("error resolving __system_property_read_callback symbol!");
goto exit;
}
if (shadowhook_hook_sym_addr(handle, (void *) my_system_property_read_callback,
(void **) &o_system_property_read_callback)) {
LOGD("hook __system_property_read_callback success at %p", handle);
return true;
}
}
if (DobbyHook(handle, (void *) my_system_property_read_callback,
(void **) &o_system_property_read_callback)) {
LOGE("hook __system_property_read_callback failed!");
return;
}
LOGD("hook __system_property_read_callback success at %p", handle);
exit:
LOGE("hook __system_property_read_callback failed!");
return false;
}
class PlayIntegrityFix : public zygisk::ModuleBase {
@ -160,8 +176,8 @@ public:
int dexSize = 0, jsonSize = 0;
std::vector<uint8_t> jsonVector;
xread(fd, &dexSize, sizeof(int));
xread(fd, &jsonSize, sizeof(int));
xread(fd, (uint8_t *) &dexSize, sizeof(int));
xread(fd, (uint8_t *) &jsonSize, sizeof(int));
if (dexSize > 0) {
dexVector.resize(dexSize);
@ -176,7 +192,7 @@ public:
}
bool trickyStore = false;
xread(fd, &trickyStore, sizeof(trickyStore));
xread(fd, (uint8_t *) &trickyStore, sizeof(trickyStore));
close(fd);
@ -186,7 +202,7 @@ public:
parseJSON();
if (trickyStore) {
LOGD("TrickyStore module installed and enabled, disabling spoofProps and spoofProvider");
LOGD("TrickyStore module installed, disabling spoofProps and spoofProvider");
spoofProps = false;
spoofProvider = false;
}
@ -197,8 +213,9 @@ public:
UpdateBuildFields();
if (spoofProps) doHook();
else api->setOption(zygisk::DLCLOSE_MODULE_LIBRARY);
if (spoofProps)
if (!doHook())
api->setOption(zygisk::DLCLOSE_MODULE_LIBRARY);
if (spoofProvider || spoofSignature) injectDex();
else
@ -218,8 +235,8 @@ private:
JNIEnv *env = nullptr;
std::vector<uint8_t> dexVector;
cJSON *json = nullptr;
bool spoofProps = true;
bool spoofProvider = true;
bool spoofProps = false;
bool spoofProvider = false;
bool spoofSignature = false;
void parseJSON() {
@ -305,7 +322,7 @@ private:
jclass buildClass = env->FindClass("android/os/Build");
jclass versionClass = env->FindClass("android/os/Build$VERSION");
cJSON *currentElement = nullptr;
cJSON *currentElement;
cJSON_ArrayForEach(currentElement, json) {
const char *key = currentElement->string;
@ -345,7 +362,9 @@ static std::vector<uint8_t> readFile(const char *path) {
if (!file) return {};
auto size = std::filesystem::file_size(path);
fseek(file, 0, SEEK_END);
auto size = ftell(file);
fseek(file, 0, SEEK_SET);
std::vector<uint8_t> vector(size);
@ -360,21 +379,16 @@ static void companion(int fd) {
std::vector<uint8_t> dex, json;
if (std::filesystem::exists(DEX_PATH)) {
dex = readFile(DEX_PATH);
}
dex = readFile(DEX_PATH);
if (std::filesystem::exists(PIF_JSON)) {
json = readFile(PIF_JSON);
} else if (std::filesystem::exists(PIF_JSON_DEFAULT)) {
json = readFile(PIF_JSON_DEFAULT);
}
json = readFile(PIF_JSON);
if (json.empty()) json = readFile(PIF_JSON_DEFAULT);
int dexSize = static_cast<int>(dex.size());
int jsonSize = static_cast<int>(json.size());
xwrite(fd, &dexSize, sizeof(int));
xwrite(fd, &jsonSize, sizeof(int));
xwrite(fd, (uint8_t *) &dexSize, sizeof(int));
xwrite(fd, (uint8_t *) &jsonSize, sizeof(int));
if (dexSize > 0) {
xwrite(fd, dex.data(), dexSize * sizeof(uint8_t));
@ -384,9 +398,16 @@ static void companion(int fd) {
xwrite(fd, json.data(), jsonSize * sizeof(uint8_t));
}
bool trickyStore = std::filesystem::exists(TS_PATH) &&
!std::filesystem::exists(std::string(TS_PATH) + "/disable");
xwrite(fd, &trickyStore, sizeof(trickyStore));
bool trickyStore = false;
DIR *dir = opendir(TS_PATH);
if (dir) {
trickyStore = true;
closedir(dir);
}
xwrite(fd, (uint8_t *) &trickyStore, sizeof(trickyStore));
}
REGISTER_ZYGISK_MODULE(PlayIntegrityFix)

53
module/common_func.sh Normal file
View File

@ -0,0 +1,53 @@
RESETPROP="resetprop -n"
[ -n "$MAGISK_VER_CODE" ] && [ "$MAGISK_VER_CODE" -lt "27003" ] && RESETPROP=resetprop_hexpatch
# resetprop_hexpatch [-f|--force] <prop name> <new value>
resetprop_hexpatch() {
case "$1" in
-f|--force) local FORCE=1; shift;;
esac
local NAME="$1"
local NEWVALUE="$2"
local CURVALUE="$(resetprop "$NAME")"
[ ! "$NEWVALUE" -o ! "$CURVALUE" ] && return 1
[ "$NEWVALUE" = "$CURVALUE" -a ! "$FORCE" ] && return 2
local NEWLEN=${#NEWVALUE}
if [ -f /dev/__properties__ ]; then
local PROPFILE=/dev/__properties__
else
local PROPFILE="/dev/__properties__/$(resetprop -Z "$NAME")"
fi
[ ! -f "$PROPFILE" ] && return 3
local NAMEOFFSET=$(echo $(strings -t d "$PROPFILE" | grep "$NAME") | cut -d ' ' -f 1)
#<hex 2-byte change counter><flags byte><hex length of prop value><prop value + nul padding to 92 bytes><prop name>
local NEWHEX="$(printf '%02x' "$NEWLEN")$(printf "$NEWVALUE" | od -A n -t x1 -v | tr -d ' \n')$(printf "%$((92-NEWLEN))s" | sed 's/ /00/g')"
printf "Patch '$NAME' to '$NEWVALUE' in '$PROPFILE' @ 0x%08x -> \n[0000??$NEWHEX]\n" $((NAMEOFFSET-96))
echo -ne "\x00\x00" \
| dd obs=1 count=2 seek=$((NAMEOFFSET-96)) conv=notrunc of="$PROPFILE"
echo -ne "$(printf "$NEWHEX" | sed -e 's/.\{2\}/&\\x/g' -e 's/^/\\x/' -e 's/\\x$//')" \
| dd obs=1 count=93 seek=$((NAMEOFFSET-93)) conv=notrunc of="$PROPFILE"
}
# resetprop_if_diff <prop name> <expected value>
resetprop_if_diff() {
local NAME="$1"
local EXPECTED="$2"
local CURRENT="$(resetprop "$NAME")"
[ -z "$CURRENT" ] || [ "$CURRENT" = "$EXPECTED" ] || $RESETPROP "$NAME" "$EXPECTED"
}
# resetprop_if_match <prop name> <value match string> <new value>
resetprop_if_match() {
local NAME="$1"
local CONTAINS="$2"
local VALUE="$3"
[[ "$(resetprop "$NAME")" = *"$CONTAINS"* ]] && $RESETPROP "$NAME" "$VALUE"
}

15
module/customize.sh
View File

@ -1,6 +1,11 @@
# Module requires Zygisk to work
if [ "$ZYGISK_ENABLED" != "1" ] && [ ! -d "/data/adb/modules/zygisksu" ]; then
abort "! Zygisk is not enabled. Please, enable Zygisk in Magisk Settings or install the ZygiskNext or ReZygisk module."
fi
# Error on < Android 8
if [ "$API" -lt 26 ]; then
abort "- !!! You can't use this module on Android < 8.0"
abort "! You can't use this module on Android < 8.0"
fi
# safetynet-fix module is obsolete and it's incompatible with PIF
@ -20,16 +25,8 @@ if [ -d "/data/adb/modules/MagiskHidePropsConf" ]; then
ui_print "! WARNING, MagiskHidePropsConf module may cause issues with PIF."
fi
# If TrickyStore module is installed, PIF won't spoof Provider
if [ -d "/data/adb/modules/tricky_store" ]; then
ui_print "- TrickyStore module detected!"
ui_print "- PIF will disable Provider spoofing."
fi
# Check custom fingerprint
if [ -f "/data/adb/pif.json" ]; then
mv -f "/data/adb/pif.json" "/data/adb/pif.json.old"
ui_print "- Backup custom pif.json"
fi
rm -rf "$MODPATH"/system

223
module/keybox.xml Normal file
View File

@ -0,0 +1,223 @@
<?xml version="1.0"?>
<AndroidAttestation>
<NumberOfKeyboxes>1</NumberOfKeyboxes>
<Keybox DeviceID="0">
<Key algorithm="ecdsa">
<PrivateKey format="pem">-----BEGIN EC PRIVATE KEY-----
MHcCAQEEIGQ+NF83whDMnVFvZqS7k5JeUGVdrT8W5mpNGdnjjDF5oAoGCCqGSM49
AwEHoUQDQgAEKVCTV5RrPpZBQ7TtYYWWH6Z4yHZHYUC7uAL3QR4bANkVLRSRl8IM
Haftwd9bpx8BbYjZ06tfNAgKOvf7XG99qA==
-----END EC PRIVATE KEY-----
</PrivateKey>
<CertificateChain>
<NumberOfCertificates>3</NumberOfCertificates>
<Certificate format="pem">-----BEGIN CERTIFICATE-----
MIIB8jCCAXmgAwIBAgIQKwoJppxZtILduKIXhv3UOTAKBggqhkjOPQQDAjA5MQww
CgYDVQQMDANURUUxKTAnBgNVBAUTIDFlMDE2NzUzMzA4YTAxYzAzNjA3MGI5OTE2
Mjk2YTI3MB4XDTIyMDkxNzE3MTQwNVoXDTMyMDkxNDE3MTQwNVowOTEMMAoGA1UE
DAwDVEVFMSkwJwYDVQQFEyAwYzg2ODRjNjZkNWMzZjYzYzJkMjQ5NGI3MmI4MmQ1
MDBZMBMGByqGSM49AgEGCCqGSM49AwEHA0IABClQk1eUaz6WQUO07WGFlh+meMh2
R2FAu7gC90EeGwDZFS0UkZfCDB2n7cHfW6cfAW2I2dOrXzQICjr3+1xvfaijYzBh
MB0GA1UdDgQWBBT8eC55sS2oWckA4/jGdnp0YyS0WDAfBgNVHSMEGDAWgBRdhLpD
LqBcYlbgdmid7HLDFF5bCzAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIC
BDAKBggqhkjOPQQDAgNnADBkAjEAtHZAFIYynmEGbvR9I2fFo3h5HJUERDqSc4z7
I3vfkfFMwYGA56EcBxk1qxWmwBliAi9gH5fYU6TaZaD51bBSghTdDkhC6dU8mBxo
BYwKc5RYL9UHitlJXn7k5pEY2Lhn/A==
-----END CERTIFICATE-----
</Certificate>
<Certificate format="pem">-----BEGIN CERTIFICATE-----
MIIDlDCCAXygAwIBAgIRANinq/UsMAzvigSUsi3p4fYwDQYJKoZIhvcNAQELBQAw
GzEZMBcGA1UEBRMQZjkyMDA5ZTg1M2I2YjA0NTAeFw0yMjA5MTcxNzEyNDFaFw0z
MjA5MTQxNzEyNDFaMDkxDDAKBgNVBAwMA1RFRTEpMCcGA1UEBRMgMWUwMTY3NTMz
MDhhMDFjMDM2MDcwYjk5MTYyOTZhMjcwdjAQBgcqhkjOPQIBBgUrgQQAIgNiAAQf
Jkk4hCJ3MNB12tmt0DrQDjn9uwBF89CoJ/LU0kuj13hqfLIsHl3th9DkJArDpTsi
Ax6d71ar28LENHmgdvKnszyjAvMgXSp6Fpg0ALJ6KQHMS8PCIsjXv0YDEtUzFdSj
YzBhMB0GA1UdDgQWBBRdhLpDLqBcYlbgdmid7HLDFF5bCzAfBgNVHSMEGDAWgBQ2
YeEAfIgFCVGLRGxH/xpMyepPEjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQE
AwICBDANBgkqhkiG9w0BAQsFAAOCAgEAHQ0wJzHWVWAjPH+m98e2RXvO4bCZDihX
DWc5qItz/Q1xIhjkmUI8Ftoka7ha2TJBxSvuPzLi50HaKXVw1cPXaOU2erovMzqi
oMkNg0Ga0m0xwf814RoHe6f75nOoEEpgVzUf1ghkqqhVuIcoNq8SJ/hsHIBeF8LA
Rh5+8/9Ig4sR4hcSunRuV3lYbgTuxbiM7w1RsoIJsM7/SaWI/nYsdWh2TTgCuyqC
t/epgp2lZAdGdNNGsCnUxoflZ/tdB+dMzptbqaRza27h5dODyaZRrJ6HTaL4uhZI
d5otPVbyhqG5RjY3oMK8m3GuMRq/ne8+6sV7JmXWfDHYdjJyyOLYgVlTnm62LSpq
1KGeZqL0L8hlXeyOFxXvc/QrQ0Bt6YOgv6B4R+TAd1g7VrEeh1VJosXJFWrgrVHC
pg00zqPGZUplUScP3E5YkCNqz87FfFmge0bYMIoOxAGa3PcyxokI7s73Bou2gtz8
WFEVbkaVtvn/8kA+5zbROxZg2piaJdQkMROJ9LfH49saN5VdRn1qESh4QkA78/nV
zHQBWvBMM7LbiXFKbWzXidBCB7O0K9tgqJZhgWCtvTPGrQLGNOYRs2fwN3BaaA11
TcCLimFESMIh724v0Zc9DgTh3p4EA/X0loJnNrfUBON9UkNsrh8KWvJZ+bFn50eV
DpEmzUJZXhI=
-----END CERTIFICATE-----
</Certificate>
<Certificate format="pem">-----BEGIN CERTIFICATE-----
MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
BAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgw
NzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdS
Sxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7
tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggj
nar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGq
C4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQ
oVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+O
JtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/Eg
sTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRi
igHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+M
RPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9E
aDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5Um
AGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1Ud
IwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYD
VR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7
174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGIC
W/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2G
tkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkx
oSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG
1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mF
mr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPz
lHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVw
n6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1Eu
zbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHo
vaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHn
w1IdYIg2Wxg7yHcQZemFQg==
-----END CERTIFICATE-----
</Certificate>
</CertificateChain>
</Key>
<Key algorithm="rsa">
<PrivateKey format="pem">-----BEGIN RSA PRIVATE KEY-----
MIIG4wIBAAKCAYEAo5DAL9BwnJ3C47bwLXPgkuVsvwR/DEuZzq+wsDPu+qPO37+9
d9t52aASg42/VSKzSYqxN4vg6IFL3EhtKB0NJ5a2GJnA+HdGXvUhjZHod8TQ4FCi
lGtJJqAm2wkxakM9RYjZ0Tkbv4zL8IlTuJp5iwThh3yu3SCeJveOTYw/wb9RfH+k
S8ziaQrkHjmG57qfmmCkKODw9YOHLRokmj2rc7nHXxtkPh25Jp4m2pfvgjHaVRvw
0X3h2eUcfVtm+PvhW6zEr/0UdMJIaNO80VahPXWeqIlCu3jZoMH6aNzitUWFCuTj
6fE7dBc++FhSKiY24mNFYExWb6giKyInl1lyJlkym1AUi+dH3Y70e671G+HdNWQy
pRmtwVycUWhpLRcXrwIe2++td1Mvedww4F3flzuHNyRsxnB9pfoe5qYQdvkc6pyy
T83xw9yMEwSzYCB9cwmxmUJ4XuJN1BjsXCECTs2fimgP7iJew03Vd6W/1A+b9yih
rlqPVvPLF/jmIKDbAgMBAAECggGAealSen41NRlXfB93mKdndHw4HgEPKysUlZsy
9m06pa2wU9d/66YRhWE+RCHsHjw4VUxXMvTVbru1nH02zC6HuVmtyrCay3WUn08A
DRhpbKS1pRP1SiZe+98F58h3vA2VhqIbOjebPyhQDXNoFZi5LUGNK0T/oDUBzgQ3
EdFvHwLabptWrpcQFYfnU+AAS18SFjcqA8oFEOkrY83dSejzHZojBMgQEO/05xed
2NxIZ3QDbWjiAED8/CEhxtB00GAw+KBVz5BAzXqM59O713mptO1A9u6YQs/wqYeS
opoDqtRbj+dKNZxIRCfB3FacGztKVnL8Pdj66f9o99KCyMH9Pd5fmmZhSn0Tcz9a
hRnQzQK8np/R0669wR83uJryPdbcIs0plxt2GPgnz8dUuJDhx0EmvE1JJ75D9IgW
tFBwpa8Zli82VXOJPVIh+GITstbQRb8qHLL+NKemlwHDjh0H7vDQyegAScUs3Vzu
qRmmCNLapZz8pd3y+iJ+TA4RPTEpAoHBAM1MsmbIoJhm0lLsyCPSVWRwv+VQsKo8
OyDSAc8j4YjNazs7cM25WDJh2H2V3VMikCqsji//aP6vGFPSDTxtymwBb+LBz8j+
wW45rUm44zI43114truDDEhnL7ky9N8NErHEwEda8WHq65JAwRHUMaslD+M5McAb
q7HUSEWqqBb/iVSc/BpvW9TdEp7SHaYozIHi7nvdp9Bn8PoL0SsuO4XHSsW18EJU
xMYSlikKETDo58IwRa5Bc5Tr92kcX+VzXwKBwQDL9ZELY04z8mqpTQW/6m8NKDws
AjHG6j7GulCIThCSffBFBTMpddS/23a/nb13FhuOhLjP8rjQqR1MCwaAr55sPNqr
X9Hct8/C6H9hM/CM2da04lP/Y9x26SQ6dtJkyzc2S/48/+yUdppw5i4i0VHp0x6d
hR8HPNZvNAQ4nbwrOqcplJ5Ir4EIb0zy90HOZMLc32dy4lbLcHpXYP9mfZo5vGqM
V4hSL/NDfmTp5CdTxLzuwLumDQkqs/5FTAe2oAUCgcEAhZq2N0G1kbjIg4LotLc7
L0RY/clHT2InMLK6zq0RJ1BXypJiVN+b0B3xH7mZ8XJ60+q8FexnzebxNAts5bil
lShSQgXTTYDNLQiIB4Q1BwgQBOp8MQeVxMCyRBovVcFSOzJJ16YNlKWnbOSLQSkQ
scpKzpr4D4dycyYtanknLuBZ5SDMx/9UifDdH1KqTOocPSMMBLw5a91Y68Eo/Kr3
vZX2yTggBWrZK/YIluigS24m9S8pCcA6kd4GgvceSVqNAoHAEda0jO5ulJSLR6t4
6UQz2k6+lIrMl709KFx7VrCdOnLRZPgDdYjcxrsHM9M0EwpX9qsdDvMHvxhLe68r
Lm4tyQG5jmufC1L4VO/I1FOaoncbFE8HUbsGOVBC3uotlKtBdPpIjkVEB+gnseAw
ANOV+oGAl/5grF1h0/AUvm7tWkqS/EwHXAwdmQNDE60UkFy3vmG7xoyNUtXPnXza
Wbh6mLomB4hQX//ZovmXEe3mkqkObUNmJivVtWpwvtbbhdmRAoHAB9TO2pdbcaaZ
nZ9xwzQlJqVYaXyib22XYrZ4DsCzLyBxZHEgCO0IeeGNR/nSD4NCsIReJgFLTdqW
mN9LO9EQdq9EW8KfoBOWqkHrva+C/ZLVowHOGuiGn4ojI7bcNS8mXLEp75+09e7I
72qfMPjxnKPP1ZHuXlvzPh2Xnq15lo7A6Ux163ILuZ0UGzW9Pl2g3/FTw3yUMHcf
SiiCSyGbmiX2XCx+ypjp+IxCuY3qKY9fzVWqpts/TTMElxrIFOwy
-----END RSA PRIVATE KEY-----
</PrivateKey>
<CertificateChain>
<NumberOfCertificates>3</NumberOfCertificates>
<Certificate format="pem">-----BEGIN CERTIFICATE-----
MIIE4DCCAsigAwIBAgIRANEddk05W1jqsOQlSRGYH2wwDQYJKoZIhvcNAQELBQAw
OTEMMAoGA1UEDAwDVEVFMSkwJwYDVQQFEyAxZTAxNjc1MzMwOGEwMWMwMzYwNzBi
OTkxNjI5NmEyNzAeFw0yMjA5MTcxNzE0MDVaFw0zMjA5MTQxNzE0MDVaMDkxDDAK
BgNVBAwMA1RFRTEpMCcGA1UEBRMgMGM4Njg0YzY2ZDVjM2Y2M2MyZDI0OTRiNzJi
ODJkNTAwggGiMA0GCSqGSIb3DQEBAQUAA4IBjwAwggGKAoIBgQCjkMAv0HCcncLj
tvAtc+CS5Wy/BH8MS5nOr7CwM+76o87fv71323nZoBKDjb9VIrNJirE3i+DogUvc
SG0oHQ0nlrYYmcD4d0Ze9SGNkeh3xNDgUKKUa0kmoCbbCTFqQz1FiNnRORu/jMvw
iVO4mnmLBOGHfK7dIJ4m945NjD/Bv1F8f6RLzOJpCuQeOYbnup+aYKQo4PD1g4ct
GiSaPatzucdfG2Q+Hbkmnibal++CMdpVG/DRfeHZ5Rx9W2b4++FbrMSv/RR0wkho
07zRVqE9dZ6oiUK7eNmgwfpo3OK1RYUK5OPp8Tt0Fz74WFIqJjbiY0VgTFZvqCIr
IieXWXImWTKbUBSL50fdjvR7rvUb4d01ZDKlGa3BXJxRaGktFxevAh7b7613Uy95
3DDgXd+XO4c3JGzGcH2l+h7mphB2+RzqnLJPzfHD3IwTBLNgIH1zCbGZQnhe4k3U
GOxcIQJOzZ+KaA/uIl7DTdV3pb/UD5v3KKGuWo9W88sX+OYgoNsCAwEAAaNjMGEw
HQYDVR0OBBYEFMJS2luT0WMslf/fwYc3xGvW8z0qMB8GA1UdIwQYMBaAFNplJLLk
hPHv/IrpvTUvfFjRarMGMA8GA1UdEwEB/wQFMAMBAf8wDgYDVR0PAQH/BAQDAgIE
MA0GCSqGSIb3DQEBCwUAA4ICAQBolN+VgyoV8hTOQdtzLuOvLuYLfYNZGcpQ4GtC
PjWUUa3YXTJTrYfTpT3nP5Yr4JhVurCK8toGVvEHWdGi8Zxsjw9z/tlpqLKguoPc
ulD28OhjZBZbOZ5X9QH/NKi9H/KyRB/m0kv53/gw0p2GZrqhXkAklxuhvsY3bhch
p2I6rz/ie2CZQedp4A3jX6C6pS5HMbQi9Y2m8kNp0/DQy8oJa7uiom07iL/X7KWZ
TY1sbZi3g99qLZJEYzd6B8PufR3dR5TFNx75+uBacyOUdzhuWGk+XPjhrSvACpk9
my3CcO8phWfrKDKTmISoZQzEY4UFN8VclU5cX5QmJKNvIZ9mPJ2yzwzEVsBjv2qu
146iLuCgz64hqeXlS7++Qfs1YWgIhVS/r8Og1p2HgnbRt1lm1x6iqIF0pcQOnPqb
DAMeuTHnwoiBJlPTwf8ix3Yy9w0/UTVqO3LjK+ALdy6CS3agpUmVLkxUhIxlb8QG
J3GmG1eHQn/SHyXpxIwKCKIKMOCo85WssJv80YGQI5rpKrjQ8Yzhlc8wq3PClkY6
sYPMIbgqoymYET56VLoRryiLIAnpUsezMLulTE8Wu6csUd4DqbzK2W+ZVN9eXDun
LQzwi2jmdxLyN5DtpobDEaXo7B1yhO64Mg1nxAF4Wc3rF0QnkJUbuG2Fp6N2fnxA
0foYLw==
-----END CERTIFICATE-----
</Certificate>
<Certificate format="pem">-----BEGIN CERTIFICATE-----
MIIFQTCCAymgAwIBAgIQBCM0AVWvUSM8Njd0xc/g5zANBgkqhkiG9w0BAQsFADAb
MRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MB4XDTIyMDkxNzE3MTIyM1oXDTMy
MDkxNDE3MTIyM1owOTEMMAoGA1UEDAwDVEVFMSkwJwYDVQQFEyAxZTAxNjc1MzMw
OGEwMWMwMzYwNzBiOTkxNjI5NmEyNzCCAiIwDQYJKoZIhvcNAQEBBQADggIPADCC
AgoCggIBALBW8YfWz8PlqzhJdISHAq10CI1pBVnTACtmuOogoWrLSfxuPtMBkW0b
k5u+ger0ZPO5qlXzWjHTP6dpg12DxU7MA8CBvcgWZ5yGP4yYdpQTcWcOpxQIKD7C
YOemGQUKAXWO5oVn1lkqIYPcXgsDB30tgmNT+lvT0OZhRnv3t3I9E2L852cMEWIZ
nYHNbwUdRIMf5ZAkspFatzwskGOKutknX4FTGHhIikzB0xdWbCoZYxczL9u6RkLy
/RytmfWmWSpUz1E+HsvZzdjnSZ1u6ouU2hmNisOwGxKJZed4OmKcqifd087sy12s
LpPN6/khSkWbp3Pk45lg2kXoovieH01P4I8NEYhgLOToEJY93TtBhp9eATrfTpj5
X+lWEu4vu1X7kw6XL6cMwlHIy0jrL8++2pUXircsnuYZwUNlG6umjFCIUSiTl9iZ
JqwjYy1SDrfggcSX6Dm+lurYMdSbo5UN30zsaharGVyUf99nqe5a6eEHtliiPdl+
WtS/P08wfF2Rm0NBqJUR8cbe/vaFxqZyZ2Y/upY7LzTBQNftMiPoxrQPiLfCB4lr
PlNUH+7bKjziL7mnREQq18SHU5Gt5nlQtJIotFMUE3rFjTXtOMfwyQ4PSG6WMQ4X
ycOYwj9N74LqNC5MVmv2pYuWYw33dl620BgrZZrsVk9XwTJqf7PpAgMBAAGjYzBh
MB0GA1UdDgQWBBTaZSSy5ITx7/yK6b01L3xY0WqzBjAfBgNVHSMEGDAWgBQ2YeEA
fIgFCVGLRGxH/xpMyepPEjAPBgNVHRMBAf8EBTADAQH/MA4GA1UdDwEB/wQEAwIC
BDANBgkqhkiG9w0BAQsFAAOCAgEAV+9eU49qaS+KJfynRtZWFtHLuGSTzh+L+QE+
5U9QY6NFB0HHhEP9HUGmCt02biK6couBP2XsisNtcRqpM3SxyunTztZjP8U+ucBa
onxhxOViS6J9Zxg6n54lLSataraLE800jyi83iPar6kU3EUJkagEGc54t1b7E/UZ
WaEtKZ/uaOSkhd7SCGOsmduTaecjshTxqV8Qwj/c+DNGMqu2HhQnpxs7krcdDNOx
xXP6E0xY2/iIUqEcf5ON24S9qYD8ZJWt46TLrTO4PJPOmj7WwX5jA4qbkzmugP+v
6EJls6gflk2hynAXm4lAI8xFdO7YFCZ8L0SDSVw8SK9cEyYhZhXiZ7MBvSJ9ak5X
vuMYTaEXFS5QhqD9+ObEBKG68n7s5ySPfz44QP+8iftWAYMMwD4cYxJElYHTYp91
zlN3kJDbwnLoDLS7PZVqBkJkSvnAEM5ejRiaKCK7tB3WkYX6YRxUQ0lsaEGXy4/1
83sYrKTCmXeU1ccWH8liMb8n81hmQSN9YQtnQVNKcHCkfKt++GFKNlkl43gdUUcL
J73zNrAJnV36TuF1HMtFWrNOAzT53qfvHY8gBD5OJrA+ZxdX4n9g52iWWYxJEIXm
Lg4caIuz028KlGHpFCT9RIeNaEsEWS03yQF7ekotjqfumdY8B9W53sKqiPRsY3js
ljrXiC4=
-----END CERTIFICATE-----
</Certificate>
<Certificate format="pem">-----BEGIN CERTIFICATE-----
MIIFHDCCAwSgAwIBAgIJAPHBcqaZ6vUdMA0GCSqGSIb3DQEBCwUAMBsxGTAXBgNV
BAUTEGY5MjAwOWU4NTNiNmIwNDUwHhcNMjIwMzIwMTgwNzQ4WhcNNDIwMzE1MTgw
NzQ4WjAbMRkwFwYDVQQFExBmOTIwMDllODUzYjZiMDQ1MIICIjANBgkqhkiG9w0B
AQEFAAOCAg8AMIICCgKCAgEAr7bHgiuxpwHsK7Qui8xUFmOr75gvMsd/dTEDDJdS
Sxtf6An7xyqpRR90PL2abxM1dEqlXnf2tqw1Ne4Xwl5jlRfdnJLmN0pTy/4lj4/7
tv0Sk3iiKkypnEUtR6WfMgH0QZfKHM1+di+y9TFRtv6y//0rb+T+W8a9nsNL/ggj
nar86461qO0rOs2cXjp3kOG1FEJ5MVmFmBGtnrKpa73XpXyTqRxB/M0n1n/W9nGq
C4FSYa04T6N5RIZGBN2z2MT5IKGbFlbC8UrW0DxW7AYImQQcHtGl/m00QLVWutHQ
oVJYnFPlXTcHYvASLu+RhhsbDmxMgJJ0mcDpvsC4PjvB+TxywElgS70vE0XmLD+O
JtvsBslHZvPBKCOdT0MS+tgSOIfga+z1Z1g7+DVagf7quvmag8jfPioyKvxnK/Eg
sTUVi2ghzq8wm27ud/mIM7AY2qEORR8Go3TVB4HzWQgpZrt3i5MIlCaY504LzSRi
igHCzAPlHws+W0rB5N+er5/2pJKnfBSDiCiFAVtCLOZ7gLiMm0jhO2B6tUXHI/+M
RPjy02i59lINMRRev56GKtcd9qO/0kUJWdZTdA2XoS82ixPvZtXQpUpuL12ab+9E
aDK8Z4RHJYYfCT3Q5vNAXaiWQ+8PTWm2QgBR/bkwSWc+NpUFgNPN9PvQi8WEg5Um
AGMCAwEAAaNjMGEwHQYDVR0OBBYEFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMB8GA1Ud
IwQYMBaAFDZh4QB8iAUJUYtEbEf/GkzJ6k8SMA8GA1UdEwEB/wQFMAMBAf8wDgYD
VR0PAQH/BAQDAgIEMA0GCSqGSIb3DQEBCwUAA4ICAQB8cMqTllHc8U+qCrOlg3H7
174lmaCsbo/bJ0C17JEgMLb4kvrqsXZs01U3mB/qABg/1t5Pd5AORHARs1hhqGIC
W/nKMav574f9rZN4PC2ZlufGXb7sIdJpGiO9ctRhiLuYuly10JccUZGEHpHSYM2G
tkgYbZba6lsCPYAAP83cyDV+1aOkTf1RCp/lM0PKvmxYN10RYsK631jrleGdcdkx
oSK//mSQbgcWnmAEZrzHoF1/0gso1HZgIn0YLzVhLSA/iXCX4QT2h3J5z3znluKG
1nv8NQdxei2DIIhASWfu804CA96cQKTTlaae2fweqXjdN1/v2nqOhngNyz1361mF
mr4XmaKH/ItTwOe72NI9ZcwS1lVaCvsIkTDCEXdm9rCNPAY10iTunIHFXRh+7KPz
lHGewCq/8TOohBRn0/NNfh7uRslOSZ/xKbN9tMBtw37Z8d2vvnXq/YWdsm1+JLVw
n6yYD/yacNJBlwpddla8eaVMjsF6nBnIgQOf9zKSe06nSTqvgwUHosgOECZJZ1Eu
zbH4yswbt02tKtKEFhx+v+OTge/06V+jGsqTWLsfrOCNLuA8H++z+pUENmpqnnHo
vaI47gC+TNpkgYGkkBT6B/m/U01BuOBBTzhIlMEZq9qkDWuM2cA5kW5V3FJUcfHn
w1IdYIg2Wxg7yHcQZemFQg==
-----END CERTIFICATE-----
</Certificate>
</CertificateChain>
</Key>
</Keybox>
</AndroidAttestation>

2
module/module.prop
View File

@ -1,6 +1,6 @@
id=playintegrityfix
name=Play Integrity Fix
version=v17.3
version=v17.4-TEST
versionCode=17300
author=chiteroman
description=Universal modular fix for Play Integrity (and SafetyNet) on devices running Android 8-15

42
module/post-fs-data.sh
View File

@ -1,18 +1,12 @@
# Remove Play Services from the Magisk Denylist when set to enforcing.
MODPATH="${0%/*}"
. $MODPATH/common_func.sh
# Remove Play Services from Magisk DenyList when set to Enforce in normal mode
if magisk --denylist status; then
magisk --denylist rm com.google.android.gms
fi
resetprop_if_diff() {
local NAME="$1"
local EXPECTED="$2"
local CURRENT="$(resetprop "$NAME")"
[ -z "$CURRENT" ] || [ "$CURRENT" = "$EXPECTED" ] || resetprop -n "$NAME" "$EXPECTED"
}
# RootBeer, Microsoft
resetprop_if_diff ro.build.tags release-keys
# Conditional early sensitive properties
# Samsung
resetprop_if_diff ro.boot.warranty_bit 0
@ -20,10 +14,34 @@ resetprop_if_diff ro.vendor.boot.warranty_bit 0
resetprop_if_diff ro.vendor.warranty_bit 0
resetprop_if_diff ro.warranty_bit 0
# Realme
resetprop_if_diff ro.boot.realmebootstate green
# OnePlus
resetprop_if_diff ro.is_ever_orange 0
# Microsoft
for PROP in $(resetprop | grep -oE 'ro.*.build.tags'); do
resetprop_if_diff $PROP release-keys
done
# Other
resetprop_if_diff ro.build.type user
for PROP in $(resetprop | grep -oE 'ro.*.build.type'); do
resetprop_if_diff $PROP user
done
resetprop_if_diff ro.adb.secure 1
resetprop_if_diff ro.debuggable 0
resetprop_if_diff ro.force.debuggable 0
resetprop_if_diff ro.secure 1
# Work around AOSPA PropImitationHooks conflict when their persist props don't exist
if [ -n "$(resetprop ro.aospa.version)" ]; then
for PROP in persist.sys.pihooks.first_api_level persist.sys.pihooks.security_patch; do
resetprop | grep -q "\[$PROP\]" || resetprop -n -p "$PROP" ""
done
fi
# Work around supported custom ROM PixelPropsUtils conflict when spoofProvider is disabled
if [ -n "$(resetprop persist.sys.pixelprops.pi)" ]; then
resetprop -n -p persist.sys.pixelprops.pi false
fi

74
module/service.sh
View File

@ -1,58 +1,50 @@
# Sensitive properties
MODPATH="${0%/*}"
. $MODPATH/common_func.sh
resetprop_if_diff() {
local NAME="$1"
local EXPECTED="$2"
local CURRENT="$(resetprop "$NAME")"
if [ -d "/data/adb/modules/tricky_store" ]; then
mv /data/adb/tricky_store/keybox.xml /data/adb/tricky_store/keybox.xml.orig
cp "$MODPATH"/keybox.xml /data/adb/tricky_store/keybox.xml
fi
[ -z "$CURRENT" ] || [ "$CURRENT" = "$EXPECTED" ] || resetprop -n "$NAME" "$EXPECTED"
}
# Conditional sensitive properties
resetprop_if_match() {
local NAME="$1"
local CONTAINS="$2"
local VALUE="$3"
[[ "$(resetprop "$NAME")" = *"$CONTAINS"* ]] && resetprop -n "$NAME" "$VALUE"
}
# Magisk recovery mode
resetprop_if_match ro.bootmode recovery unknown
# Magisk Recovery Mode
resetprop_if_match ro.boot.mode recovery unknown
resetprop_if_match ro.bootmode recovery unknown
resetprop_if_match vendor.boot.mode recovery unknown
# Hiding SELinux | Permissive status
# SELinux
resetprop_if_diff ro.boot.selinux enforcing
# use delete since it can be 0 or 1 for enforcing depending on OEM
if [ -n "$(resetprop ro.build.selinux)" ]; then
resetprop --delete ro.build.selinux
fi
# Hiding SELinux | Use toybox to protect *stat* access time reading
if [[ "$(toybox cat /sys/fs/selinux/enforce)" == "0" ]]; then
# use toybox to protect stat access time reading
if [ "$(toybox cat /sys/fs/selinux/enforce)" = "0" ]; then
chmod 640 /sys/fs/selinux/enforce
chmod 440 /sys/fs/selinux/policy
fi
# Late props which must be set after boot_completed
{
until [[ "$(getprop sys.boot_completed)" == "1" ]]; do
sleep 1
done
# Conditional late sensitive properties
# SafetyNet/Play Integrity | Avoid breaking Realme fingerprint scanners
resetprop_if_diff ro.boot.flash.locked 1
until [ "$(getprop sys.boot_completed)" = "1" ]; do
sleep 1
done
# SafetyNet/Play Integrity | Avoid breaking Oppo fingerprint scanners
resetprop_if_diff ro.boot.vbmeta.device_state locked
# SafetyNet/Play Integrity + OEM
# avoid bootloop on some Xiaomi devices
resetprop_if_diff ro.secureboot.lockstate locked
# avoid breaking Realme fingerprint scanners
resetprop_if_diff ro.boot.flash.locked 1
resetprop_if_diff ro.boot.realme.lockstate 1
# avoid breaking Oppo fingerprint scanners
resetprop_if_diff ro.boot.vbmeta.device_state locked
# avoid breaking OnePlus display modes/fingerprint scanners
resetprop_if_diff vendor.boot.verifiedbootstate green
# avoid breaking OnePlus/Oppo fingerprint scanners on OOS/ColorOS 12+
resetprop_if_diff ro.boot.verifiedbootstate green
resetprop_if_diff ro.boot.veritymode enforcing
resetprop_if_diff vendor.boot.vbmeta.device_state locked
# SafetyNet/Play Integrity | Avoid breaking OnePlus display modes/fingerprint scanners
resetprop_if_diff vendor.boot.verifiedbootstate green
# SafetyNet/Play Integrity | Avoid breaking OnePlus display modes/fingerprint scanners on OOS 12
resetprop_if_diff ro.boot.verifiedbootstate green
resetprop_if_diff ro.boot.veritymode enforcing
resetprop_if_diff vendor.boot.vbmeta.device_state locked
# Custom ROMs support
resetprop_if_diff persist.sys.pixelprops.pi false
}&
# Other
resetprop_if_diff sys.oem_unlock_allowed 0