Xposed for Xposed. Hacking Xposed. [new module request] - Xposed General

Thanks to @rovo89, we got an amazing framework. Although intended for security, the need for restart to activate a new module can be pretty inconvenient at times. It'll be nice if somebody can make a xposed module to tweak this, so that we could activate the module with the single tap of a button (an option to add an activate/deactivate button near the module will be nice). Since the framework is open source, I believe it would be easy for you guys to figure out a way to do it.
If such a module already exist, please share the link. If there is no such module, maybe this will motivate you to create one. If it's impossible (duh... nothing's impossible for you guys)
Thanks.

It's impossible. The reboots are not simply done for security reasons. Xposed makes changes to core system files when you install (and sometimes configure) modules, and those files (and all the files dependent on them; basically the entire system) must be reloaded (using a reboot) before those changes become effective.
Trust me, just about every developer knows that the reboots are obnoxious, and do everything they can to make their modules work without a reboot. If they can avoid a reboot they will, but a lot of the time they can't.

Related

Xposed - Legacy thread. Don't panic, Xposed is still here.

General information on Xposed has been moved to this thread: http://forum.xda-developers.com/xposed/xposed-installer-versions-changelog-t2714053
The FAQ has been moved to this thread: http://forum.xda-developers.com/xposed/-t2735540
Questions, suggestions, bug reports and so on can be posted in the Xposed General forum (for the installer/framework/development only) and in the Xposed Framework modules forum (for anything module-related).
Sounds interesting.I hope that you make a apk that simplifies things for simple user like rom control in AOKP
Keep up the good work my friend
That's great, decompiling/compiling apks is not really my cup of tea lol thanks rovo89
May be useful for my themes, keep working on it
Very interesting... Will try soon.
This looks like a really great idea and could help reduce the need for dev's being pestered by users for mod's every time a new rom is leaked/released, well done sir, hope to see this take off
I will definitely have a swing at this over the next few days. This looks like fun!
**This message will self-destruct**
Thanks for the "thanks" everyone. I decided to create an installer first before looking into the other things. This way, I hope a few people can test whether it works on their device (see first post for the APK).
Some notes about this:
The installer holds the app_process executable and the XposedBridge.jar as assets and can install it to the correct locations (root permissions required!).
It will automatically create a backup of /system/bin/app_process at /system/bin/app_process.orig, which can be restored either via the app or via shell (e.g. adb, works in recovery as well).
I have only tested it on ICS (LPQ Stock). Honestly, I do not have the time to test it with anything below that. If somebody wants to do this, I can help you to get started with the code. app_process was not changed very often, so chances are rather good that it will work with only few changes.
The installer requires SDK15 (4.0.3) for the same reason.
Improvements for any part of the code are welcome! It should be easy to use for both users and developers.
(Un-)Installing the installer app alone does not change anything (at least not now). Please use the buttons inside the app.
The next step should now really be to load modules dynamically, I hope I can use standard installable APKs for that (although the framework will probably request enabling confirmation for technical and security reasons).
siberian tiger said:
I hope that you make a apk that simplifies things for simple user like rom control in AOKP
Click to expand...
Click to collapse
From what I read, Rom Control seems to be something like the Settings app for ROM-specific stuff? I am not so sure yet whether I want to implement generic settings in the framework.
Having a standard interface for setting loading/saving (like or using Android's Shared Preferences) would probably make sense. But the settings themself can be very different from module to module, so I would rather let those bring their own settings menus.
What I did though was to implement an installer. My idea how it should ideally work for end users:
Install the Xposed Installer
Click the "Install/Update" button in the installer
Install one or more modules
Configure the modules (if necessary)
Have fun!
Where "install" would mean that you can download the app from the Play Store or a website and install it with the usual package manager. At least for steps 1 and 2, this is working already. For the others, I have to see.
Dynamic module loading is implemented now as well. Modules are normal apps with a special metadata tag and an asset describing which classes to load. You can look at my modifications for examples how this works. I think it is quite simple to develop and use.
I feel that Xposed is quite stable right now. It should be very easy to install both the framework and the modules without any knowledge about modding.
Also for developers, creating a new module is not too complicated. If anyone wants to give it a try, I'm happy to help you getting started. I'm convinced that Xposed is great alternative to APK modifying, but it will not work without developers creating modules for it.
Speaking of modules, I have published one for the famous CRT off effect: http://forum.xda-developers.com/showthread.php?t=1583963
The source code is also available at Github. See how it has less than 40 lines (and only about 10 LOC)? I think that this is awesome!
I was not able to install it as normal app hence pushed them to system/app using root explorer.
It works perfectly on XXLPS SENSATION ROM ICS V 3.2
Sent from my GT-I9100 using Tapatalk
OK you got me interested
What is currently holding me back is a lack of "documentation" about how to go about doing things...
Is there any reference info (even source code comments) that I should have a read of?
Or perhaps a little worked-through guide as to how you made the screen-off or red-clock one, complete with the "thinking" behind it all, just to learn the thought process.
This seems potentially hugely useful for me, just need to know what it can do!
Diliban said:
I was not able to install it as normal app hence pushed them to system/app using root explorer.
Click to expand...
Click to collapse
Really? Oh. Did you get any error message? I assume you have allowed installation of non-market apps?
@pulser_g2: Feedback taken! Until now, I focused on bringing Xposed to a level where it is actually doing something useful for end-users.
As there are some steps that can not be documented easily in the source code (e.g. how you mark an app as Xposed module), I will recreate a tutorial how you can create the clock example. I will try to give many details not only what to do, but also how you can know that you need to do this.
TUTORIAL - How to create an Xposed module
The tutorial has been moved to https://github.com/rovo89/XposedBridge/wiki/Development-tutorial
this is one of the most amazing projects made lately.
You are unleashed the best way to handle mods and possible some hacks.
very great work, robo89
Great concepts mate. Very powerful.
Wouldnt this also expose a device to malicious coders?
If a device has this implemented then is it possible that a simple theme could contain something nasty.
Not trying to stop progress of this project just throwing this out there for consideration.
----------------------
GTI9100 KK5
aceofclubs said:
Wouldnt this also expose a device to malicious coders?
If a device has this implemented then is it possible that a simple theme could contain something nasty.
Not trying to stop progress of this project just throwing this out there for consideration.
Click to expand...
Click to collapse
This is an absolutely valid thought.
In a way: Yes, it is easier to do something malicious with this. With great power comes great risk. The thing is: How would you prevent that? I couldn't think of any way once a module has been loaded, because a) how do you identify something malicious and b) how can you block it when it could just circumvent the security measure taken?
So what I did was to require that you enable a newly installed module in the installer. This at least avoids that you install any normal app and it contains a hidden Xposed module.
And not trying to play this question down, but you could insert malicous code in a theme also when you post a new framework.jar or SystemUI.apk. You could just change the smali code, compile it and you have similar power. For example, modifiying the constructor of the Activity class would also get you into any app and you could as well do whatever you want. You wouldn't even find these modifications because of the hundreds of classes in the Android framework. In this point, Xposed modules are easier to check, because they will usually contain just one class with very few and short methods.
Or take Superuser. Yes, it is asking you every time whether you want to execute this command. But the command can as well be a script that could replace files as the root user. Same for the kernel. In any case, when you modify anything in your phone, there is a risk that it is malicous.
As I said, I'm not denying that there could be a misuse of this project. But I do not see a chance to prevent it without blocking even simple real-life modifications. If anybody has ideas, please let me know.
rovo89 said:
This is an absolutely valid thought.
In a way: Yes, it is easier to do something malicious with this. With great power comes great risk. The thing is: How would you prevent that? I couldn't think of any way once a module has been loaded, because a) how do you identify something malicious and b) how can you block it when it could just circumvent the security measure taken?
So what I did was to require that you enable a newly installed module in the installer. This at least avoids that you install any normal app and it contains a hidden Xposed module.
And not trying to play this question down, but you could insert malicous code in a theme also when you post a new framework.jar or SystemUI.apk. You could just change the smali code, compile it and you have similar power. For example, modifiying the constructor of the Activity class would also get you into any app and you could as well do whatever you want. You wouldn't even find these modifications because of the hundreds of classes in the Android framework. In this point, Xposed modules are easier to check, because they will usually contain just one class with very few and short methods.
Or take Superuser. Yes, it is asking you every time whether you want to execute this command. But the command can as well be a script that could replace files as the root user. Same for the kernel. In any case, when you modify anything in your phone, there is a risk that it is malicous.
As I said, I'm not denying that there could be a misuse of this project. But I do not see a chance to prevent it without blocking even simple real-life modifications. If anybody has ideas, please let me know.
Click to expand...
Click to collapse
It is so refreshing to see someone take such a mature approach as this.
I greatly appreciate your time on that tutorial, and I will take a proper read through it while working it out myself later... (on vacation right now, this seems like a good thing to try if it rains )
Regarding security, I guess you could add a way to protect WHAT was being edited... Such that your package needed to declare edit access to package X and Y, and if it doesn't have permission, it can't do it... This way, if I want to interfere in Gmail, the user must agree, and he/she will say "well... Why is my no battery sound tweak touching gmail?" But this obviously doesn't help for frameworks and services where they are all in the one file... :/
pulser_g2 said:
Regarding security, I guess you could add a way to protect WHAT was being edited... Such that your package needed to declare edit access to package X and Y, and if it doesn't have permission, it can't do it... This way, if I want to interfere in Gmail, the user must agree, and he/she will say "well... Why is my no battery sound tweak touching gmail?" But this obviously doesn't help for frameworks and services where they are all in the one file... :/
Click to expand...
Click to collapse
Maybe.. I could rather easily implement something in hookMethod that checks the method to be hooked against a whitelist defined in an asset in the module (which could of course contain wildcards). Then when you enable a module, I could display this whitelist, with a warning if it includes some very central classes/packages/methods (but how to create such a list?).
However, this cannot control the following:
What you do inside the handling method. If you change anything in SystemUI (and that might be only the battery icon or the clock color), this method will be executed in the context of the SystemUI, which has a large set of Android standard permissions.
Calling any methods of the framework and modifying any available variables, as this can be done via standard reflection.
Basically anything that is not handled through XposedBridge, but using standard techniques.
Wanted to install the framework, but i am getting:
sh: /data/data/de.robv.android.xposed.installer/cache/install.sh: no such file or directory
What am i doing wrong ?

[REQUEST] PBMC for Magisk

If you all remember an xposed module "Physical Button Music Control - PBMC" developed by @Xspeed. I am basically looking for that module to be part of Magisk.
Is there anyone that could port it? It's a humble request from the great developers of this community.
ABOUT THE MODULE:
It basically allows u to have various control options for music, system shortcuts, keyboard presses, application launch etc by using volume buttons of ur phone as well as other buttons regardless of whether the screen is on or not. (You can set the actions to only occur if screen is on or off).
My main concern is that the function should would with screen off.
TahirZX said:
If you all remember an xposed module "Physical Button Music Control - PBMC" developed by @Xspeed. I am basically looking for that module to be part of Magisk.
Is there anyone that could port it? It's a humble request from the great developers of this community.
ABOUT THE MODULE:
It basically allows u to have various control options for music, system shortcuts, keyboard presses, application launch etc by using volume buttons of ur phone as well as other buttons regardless of whether the screen is on or not. (You can set the actions to only occur if screen is on or off).
My main concern is that the function should would with screen off.
Click to expand...
Click to collapse
Hello,
i am looking also from 1 or 2 months on that but it's REALLY difficult because Magisk is really different from XPosed, so i search a framework that i could "import" on Nougat.
The difficuty is in fact that i search an android Framework library that is must up to date (or its me that will must make it up to date), find a way to implement it with Magisk and debug all the stuff..
For me, it's purelly impossible to implement theses features on Android stock without any dedicated framework.
XPosed is an hooking method to implement an art framework, by this fact you can use this framework implementation to declare several extra functions on Android.
Magisk is an system-less implementation system that allow u to use "mororring" Linux fonctions to avoid system partition modifications.
I'm familiar with the difference between magisk and xposed but can't all these functions work say in like a custom kernel? Like how the holding power button turns on flash?
TahirZX said:
I'm familiar with the difference between magisk and xposed but can't all these functions work say in like a custom kernel? Like how the holding power button turns on flash?
Click to expand...
Click to collapse
No, because has my answer on the original thread was confirmed by the dev, more than most of the commands used in the code of PBMC aren't recognized by default in android and so require an external framework like XPosed.
It's the same fact for others apps too certains options in Greenify (as an exemple).
Customs kernels could define differents hardware-software values from stock bases, but they don't add really completly massive codes in android frameworks.
Alright then well have u found any Alternative or would we just have to wait for stable xposed on nougat?
Back in the day before the creation of Xposed people used framework patchers to add volume button track skip feature for example. But this was usable only to ROM developers on custom ROMs.
While it MAY be possible to create a patcher to use with Magisk, it's purely theoretical and would have a lot of flaws in practice (one example would be multiple developers trying to patch one file and users ending up bricking their devices in worst case scenario). Other issue would be time: Java development took me a whole year to make PBMC, and making a patcher would take twice as much time. Not really a good idea, I guess Xposed for Nougat will come earlier than that
Xspeed said:
Back in the day before the creation of Xposed people used framework patchers to add volume button track skip feature for example. But this was usable only to ROM developers on custom ROMs.
While it MAY be possible to create a patcher to use with Magisk, it's purely theoretical and would have a lot of flaws in practice (one example would be multiple developers trying to patch one file and users ending up bricking their devices in worst case scenario). Other issue would be time: Java development took me a whole year to make PBMC, and making a patcher would take twice as much time. Not really a good idea, I guess Xposed for Nougat will come earlier than that
Click to expand...
Click to collapse
Then we shall all wait patiently for u to port it to nougat when xposed on nougat is stable. ?
TahirZX said:
Then we shall all wait patiently for u to port it to nougat when xposed on nougat is stable.
Click to expand...
Click to collapse
As far as I remember I made it compatible and I've seen people saying it works on that unstable version of Xposed for Nougat.
Actually it does work on Nougat, the problem is that Xposed for Magisk breaks the SafetyNet.
I'm looking for something like this as well...
Not looking for anything fancy. I just want to be able to long press volume up or down to skip music tracks while screen is off. Im on stock OOS rooted and TWRP on OnePlus 6.

New Natwest app (June 2018) Refuses to work when Xposed Running

Just as the title says, the new natwest app update (2018 June) refuses to work when Xposed Framework is enabled, but runs find when the framework is disabled. I am interested to know how it detects when the framework is operational, and how can I fool the app into running while Xposed framework is running.
Here is my system:
Samsung Galaxy S5
running Lineage OS 14.1, rooted
Xposed framework version 89
I have tried a number of methods to hide the running framework with no success
Tried DotMod to hide xposed --> not working
Tried XprivacyLua, denying all sorts of permissions such as view activity and running apps --> not working
Only works when i disable the framework and restart the phone. But that is ofcourse tiresome, cos no one wants to restart their entire phone just to check their bank app.
Current solution is to revert to previous versions of natwest bank app, but again that is trivial, as sooner or later they will refuse to work on outdated apps and force update.
Talking to the dev team, the only clue they mention is their new app checks the memory for running malicious apps, and if it detects anything it refuses to run. So it is not safetynet (infact safetynet fails, but the app runs)
Fair enough, but ive tried denying it literally all permissions, both from Privacy guard of lineage os 14.1 and XprivacyLua, and nothing works. Either the app is using some clever method to bypass these, or they dont do their work properly.
I miss old xprivacy, where you had a billion more options within permissions, with info of when and what did each app accessed.
I need xposed in order to disable my proximity sensor which is broken, and constantly thinks the value is zero, hence blacking out my screen during calls
Any help or advice will be much appreciated.
I believe it was with the 2016 November security update that Google changed something that forced an update to Xposed that made it practically impossible to hide. Xposed is easily detectable in the running zygote (something you can't hide), and the only solution is the one you've already found; disable and reboot.
i keep reading many times now "the only solution is reboot" - that is not a solution, we need to find a way to better hide xposed. Perhaps I need to research a bit more on zygote and find out and how it works exactly, and see if there is a way to mask it. Honestly all these android updates are pissing me off, its getting harder and harder to mod your phone, and I dont get why they struggle so hard to make it difficult for us modders.
I will attempt to flash back to kitkat and try, I would not be suprised if it ends up working.
In the windows enviroment you can always do wtv ur heart desires, and if that means destroying your PC so be it. But in android enviroment is so damn hard, and no devs want to share how they implement things in fear of someone hacking them or wtv. But all this is doing is hurting modders, making us hate some apps with harsh rules and moving away, doesnt do any good for anyone!!
It's perfectly possible to hide Xposed if you downgrade to a security patch prior to November -16. You're likely gonna have to dig around a bit for the proper files and versions though.
And believe me, there have been some pretty brilliant minds that have tried to find a way to hide Xposed and found it not to be possible. Of course, "nothing's impossible" and maybe someone with a brilliant idea finds a miraculous way. You never know...

[Q] Why aren't there any cool modules for Magisk? (compared to modules for Xposed)

Extremely sorry if I am spamming the forum with this thread, but thought of starting this discussion to see if the geeks can help with sharing the knowledge.
I don't think I have to emphasize on why Magisk over Xposed (The Magisk Forum has a lot of articles on why.), but I am surprised to realize that Magisk is still the so called "new guy" even after these many years of launch..
All I get for a sample search "best modules Magisk" is a bunch of tweaking modules which say they can alter your ART mechanism or save your battery, I mean, who cares for the performance in 2019!!! we have got beastly phones and just want magik to happen on them. Magisk is still the same serious experimental mod that lets you root and hide it from banking/work apps but not yet cool.
For example, every time I installed Xposed on a new phone, I would go look for the famous "Gravity Box" just to enable the status bar brightness control gesture.
And the "X-insta" that lets me download media from Instagram . (Of course this module seems to be dead for a few months).
And a bunch of adblockers.
And a hell lot mods that I don't remember from the top of my head, but it was really magic.. And it is slowing down (I feel so..)
Well, someone might say that we can install Xposed itself as a module, but that just crashes the "SafetyNet" which is very annoying, it makes the phone useless without being able to open GooglePay and other banking apps.
I know I might be wrong but I am posting just to see if people use any equivalent "cool" modules in Magisk that are not easily seen in the Magisk Modules repo or if someone has found a way to pass the "SafetyNet" with Xposed+Magisk to make Android awesome again!!:good:
sagar2208 said:
Extremely sorry if I am spamming the forum with this thread, but thought of starting this discussion to see if the geeks can help with sharing the knowledge.
I don't think I have to emphasize on why Magisk over Xposed (The Magisk Forum has a lot of articles on why.), but I am surprised to realize that Magisk is still the so called "new guy" even after these many years of launch..
All I get for a sample search "best modules Magisk" is a bunch of tweaking modules which say they can alter your ART mechanism or save your battery, I mean, who cares for the performance in 2019!!! we have got beastly phones and just want magik to happen on them. Magisk is still the same serious experimental mod that lets you root and hide it from banking/work apps but not yet cool.
For example, every time I installed Xposed on a new phone, I would go look for the famous "Gravity Box" just to enable the status bar brightness control gesture.
And the "X-insta" that lets me download media from Instagram . (Of course this module seems to be dead for a few months).
And a bunch of adblockers.
And a hell lot mods that I don't remember from the top of my head, but it was really magic.. And it is slowing down (I feel so..)
Well, someone might say that we can install Xposed itself as a module, but that just crashes the "SafetyNet" which is very annoying, it makes the phone useless without being able to open GooglePay and other banking apps.
I know I might be wrong but I am posting just to see if people use any equivalent "cool" modules in Magisk that are not easily seen in the Magisk Modules repo or if someone has found a way to pass the "SafetyNet" with Xposed+Magisk to make Android awesome again!!:good:
Click to expand...
Click to collapse
Magisk doesn't work the same way as Xposed,one mounts and modifies files and the other hooks and modifies app code at runtime,and yes there is a way to use Xposed and pass safetynet if you are either on Oreo or Pie,it's called Edxposed
Edxposed is an open source Xposed alternative released early this year that uses a different method to hook into the system which allows it to pass safetynet and it allows you to blacklist apps in which you don't to load Xposed into,and if you are in pie there is already a beta of gravitybox that fully supports Pie (it's not yet in the Xposed repo because it's not fully stable yet)
Here are some pictures showing edxposed passing safetynet and me using the event lock module on Android pie,incase you are interested here are the links to edxposed https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513 it works on both Oreo and Pie (ignore the last step and just use edxposed installer) it's the last link and the first post,if you have any doubts feel free to ask there
DanGLES3 said:
Here are some pictures showing edxposed passing safetynet and me using the event lock module on Android pie,incase you are interested here are the links to edxposed https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513 it works on both Oreo and Pie (ignore the last step and just use edxposed installer) it's the last link and the first post,if you have any doubts feel free to ask there
Click to expand...
Click to collapse
A Hope!!
Thank you very much for the info, will try and post an update..
Even after these many years of launch people seems to not understand Magisk purpose, features and way of work. Same for Xposed.
Does Magisk has "modules" ? Yes! Does Xposed has "modules" ? Yes! But that's it. The name. The only thing in common between Magisk and Xposed is _the name, the word, "module" _ for their respective plug-ins, addons. Nothing more. Period.
Magisk attachs to Android, works completely different from the way Xposed does. What they do and what they can do are different. They are not even closer to be an alternative of one to another.
Having that said, do not expect that modules of one can deliver similar features of a module of another. If this somehow someday for an specific pair of modules happen be sure they are accomplishing that but doing in complete different ways behind the scenes.
About Xposed not breaking SafetyNet, we have now for Android O+ the alternatives EdXposed (open source) and Tai Chi (closed source). They do not break it because the way they're implemented is different from original Xposed by Rovo. They are different approachs, new code with new ways of work, but that delivers same entrance points, same nomenclature, as original Xposed itself. Thus being (generally speaking) compatible with modules originally built to original Xposed.
Both EdXposed and Tai Chi are experimental yet, although working fine at least on Android P. If they show themselves as solid solutions then probably we will see new Xposed like modules appearing out there. I do hope so.
wilsonhlacerda said:
Even after these many years of launch people seems to not understand Magisk purpose, features and way of work. Same for Xposed.
Does Magisk has "modules" ? Yes! Does Xposed has "modules" ? Yes! But that's it. The name. The only thing in common between Magisk and Xposed is _the name, the word, "module" _ for their respective plug-ins, addons. Nothing more. Period.
Magisk attachs to Android, works completely different from the way Xposed does. What they do and what they can do are different. They are not even closer to be an alternative of one to another.
Having that said, do not expect that modules of one can deliver similar features of a module of another. If this somehow someday for an specific pair of modules happen be sure they are accomplishing that but doing in complete different ways behind the scenes.
About Xposed not breaking SafetyNet, we have now for Android O+ the alternatives EdXposed (open source) and Tai Chi (closed source). They do not break it because the way they're implemented is different from original Xposed by Rovo. They are different approachs, new code with new ways of work, but that delivers same entrance points, same nomenclature, as original Xposed itself. Thus being (generally speaking) compatible with modules originally built to original Xposed.
Both EdXposed and Tai Chi are experimental yet, although working fine at least on Android P. If they show themselves as solid solutions then probably we will see new Xposed like modules appearing out there. I do hope so.
Click to expand...
Click to collapse
Couldn't have said it better (my previous texts were written at 3am so pardon for any mistake I did XD)

No core only mode in Magisk 21.1?

I specifically recall this being present in 20.4. But ever since I have updated to 21.1, there is no core only mode option in the manager. Has it been removed? If not, how to enable it? And if it's been removed then...WHY?! I find it very useful for troubleshooting/diagnostics.
It has indeed been removed, in favour of Safe Mode, a much more reliable way for users to disable their modules in case of not being able to boot.
As to why it was removed, you'd have to ask John. But if I would have to guess: to remove some complexity in a very complex system.
@Didgeridoohan: If @topjohnwu really wants to reduce complexity, then I'd suggest that he release a separate "Magisk Lite" that is su only. No modules support, hiding, core only, SafetyNet testing, bind mounting, script execution, etc. *JUST ROOT*. He could just make it a separate branch that only receives occasional updates, when they're necessary. I honestly use very little of Magisk's functionality with the exception of root. I'd donate a decent amount of money for a Magisk that is root only without all the extra fluff. Simply by virtue of being a systemless module framework, he has already made it extremely complex with that alone.
If you have ideas for features you can always post those on GitHub.

Categories

Resources