Hi everyone,
Google SafetyNet has become a pain in the a** for everyone who want's to play Pokemon GO (fair, no cheating), but can't live without root and Xposed, like me. Bypassing SafetyNet in general is a cat-and-mouse game. Chainfire described the problem very good in his post Hiding root: a losing game.
Well, people look for SafetyNet workarounds for different reasons. Whether it is for Android Pay, Pokemon GO or Snapchat, the approach is always to hide root and Xposed, and let SafetyNet do its job so that it reports back that the device is safe.
I'm thinking about a different approach, (first) only concerning Pokemon GO. What if we could hook the SafetyNet API calls directly in the app using Xposed? This way, SafetyNet's result wouldn't matter, the answer reported back to the app is always set to "everything OK, device is safe" by Xposed.
I know, this is easier said than done. I already took a look at the Pokemon GO source code, but didn't test anything so far. But there's a class called com.nianticlabs.nia.platform.SafetyNetService, containing a method called checkResult, which returns a boolean. Sounds promising (fingerscrossed).
The reason why didn't test anything so far is because I don't know, how SafetyNet works exactly. But could this possibly work? Did someone try out something like this already?
Greetings
I'm hoping for a similar solution. The SnapPrefs Xposed module does something like this I think and works great.
It think, but I may be wrong, that there is some kind of security preventing us from doing that.
PoGo ask to safetyNet if everything is okay, safetyNet responds to the device and sign the response using a private key that will authenticate the response and make sure it has not been modified and is a genuine response.
So without this key, no way to spoof the response.
Again, I may be wrong but I think it works this way.
You might be right. I have never looked at the SnapPrefs*source code so I have no idea how it*works. All I know is that it does a great job of*bypassing SafetyNet...
If*a similar solution could be implemented it would fix a lot of trouble for us players*who just want to keep*root and play the damn game.
Wetzel402 said:
You might be right. I have never looked at the SnapPrefs*source code so I have no idea how it*works. All I know is that it does a great job of*bypassing SafetyNet...
If*a similar solution could be implemented it would fix a lot of trouble for us players*who just want to keep*root and play the damn game.
Click to expand...
Click to collapse
Snapprefs does not bypass safetynet
Sent from my Nexus 6P using XDA Labs
Rakuu said:
Snapprefs does not bypass safetynet
Sent from my Nexus 6P using XDA Labs
Click to expand...
Click to collapse
My rooted phone would not log into SnapChat due to it failing safetynet. After installing the SnapPrefs module and rebooting I was able to log in on the first attempt. I'm not saying it allows safetynet to pass but it is doing something to bypass it. Doing something similar for Pogo may or may not work.
Snapprefs
I now know a bit more about SafetyNet from some very interesting and shocking articles at John Kozyrakis blog [1] [2] [3].
I took a quick look at the Snapprefs source code, but it's very big. I didn't find anything concerning SafetyNet so far.
I don't use Snapchat, so I can't try it out. Wetzel402 says the module works. @Wetzel402, so this means, that Snapchat usually doesn't work with root and Xposed (because of SafetyNet), but with Snapprefs it does?
In theory, my approach from the initial post could work, it depends on the app using SafetyNet. Unfortunately, it most probably won't work for Pokemon GO. The mentioned method checkResult is a pre-step, checking only if SafetyNet communication worked. Evaluation of SafetyNet's result is done in native code, which cannot be hooked by Xposed.
I didn't take a look at Snapchat's source code so far, but if evaluating SafetyNet's result is done in Java, maybe this is hooked by Snapprefs and that's why Snapchat works independent of SafetyNet's result. But this is just an assumption.
I have further ideas. I will try them out and report my results here. Stay tuned.
[1] https://koz.io/inside-safetynet/
[2] https://koz.io/inside-safetynet-2/
[3] https://koz.io/inside-safetynet-3/
Cypher_01 said:
I now know a bit more about SafetyNet from some very interesting and shocking articles at John Kozyrakis blog [1][2][3].
I took a quick look at the Snapprefs source code, but it's very big. I didn't find anything concerning SafetyNet so far.
I don't use Snapchat, so I can't try it out. Wetzel402 says the module works. @Wetzel402, so this means, that Snapchat usually doesn't work with root and Xposed (because of SafetyNet), but with Snapprefs it does?
In theory, my approach from the initial post could work, it depends on the app using SafetyNet. Unfortunately, it most probably won't work for Pokemon GO. The mentioned method checkResult is a pre-step, checking only if SafetyNet communication worked. Evaluation of SafetyNet's result is done in native code, which cannot be hooked by Xposed.
I didn't take a look at Snapchat's source code so far, but if evaluating SafetyNet's result is done in Java, maybe this is hooked by Snapprefs and that's why Snapchat works independent of SafetyNet's result. But this is just an assumption.
I have further ideas. I will try them out and report my results here. Stay tuned.
[1] https://koz.io/inside-safetynet/
[2] https://koz.io/inside-safetynet-2/
[3] https://koz.io/inside-safetynet-3/
Click to expand...
Click to collapse
As far as I know recent Snapchat versions don't check anymore, people have said even with only root they can log in now when they previously couldn't, this may have been what happened.
Sent from my Nexus 6P using XDA Labs
Based on my experience, I have two phones, one rooted and one not. Snapchat*works on*the unrooted one but would fail to log in on the rooted one. After installing*the*SnapPrefs*module I was able to log into Snapchat. I can't confirm if*Snapchat was updated*in the meantime however.
I would*imagine*if*a*future xposed module could spoof the device status to SafetyNet or completely bypass the requesting/response process within PoGo it could be possible.
Wetzel402 said:
Based on my experience, I have two phones, one rooted and one not. Snapchat*works on*the unrooted one but would fail to log in on the rooted one. After installing*the*SnapPrefs*module I was able to log into Snapchat. I can't confirm if*Snapchat was updated*in the meantime however.
I would*imagine*if*a*future xposed module could spoof the device status to SafetyNet or completely bypass the requesting/response process within PoGo it could be possible.
Click to expand...
Click to collapse
Could you do us a favor? Simply deactivate Snapprefs in Xposed installer and reboot. If you can login, Snapchat has been updated to that effect. If you can't login, Snapprefs does the job.
Cypher_01 said:
Could you do us a favor? Simply deactivate Snapprefs in Xposed installer and reboot. If you can login, Snapchat has been updated to that effect. If you can't login, Snapprefs does the job.
Click to expand...
Click to collapse
That seems...too...simple
Alright, I did the following...
Signed out of Snapchat
Disabled Snapprefs
Uninstalled Snapchat
Reboot
Reinstalled Snapchat
Logged in successfully
Enabled Snapprefs
Based on this experiment the Snapchat app was, in fact, updated so that it no longer is checking for root/xposed in the manner it once was...
Wetzel402 said:
That seems...too...simple
Click to expand...
Click to collapse
Wetzel402 said:
Alright, I did the following...
Signed out of Snapchat
Disabled Snapprefs
Uninstalled Snapchat
Reboot
Reinstalled Snapchat
Logged in successfully
Enabled Snapprefs
Based on this experiment the Snapchat app was, in fact, updated so that it no longer is checking for root/xposed in the manner it once was...
Click to expand...
Click to collapse
OK, in a way, that's not good, at least it means that we cannot learn anything from Snapprefs.
Cypher_01 said:
OK, in a way, that's not good, at least it means that we cannot learn anything from Snapprefs.
Click to expand...
Click to collapse
Agreed. This is disappointing because I was hoping we could learn something from the Snapprefs source code.
Related
So I finally bit the bullet to install LineageOS 14.1 on my phone, using Magisk and all that but I have looked quite a bit before posting this, and even in that giant thread for the SafetyNet Fix which appears to be abandoned. Surprised no one forked it to continue.. Anyway...
From my research thus far, I'm seeing some moderate success from modifying the build.prop values to an official source perhaps. If I'd known this, I would of probably attempted to get it from the official ROM before I flashed LineageOS on to try and bypass that check. But so far, a few things I have done just simply won't work which is forcing Google Pay to fail working as well.
My experience with modifying the build.prop is pretty much nill. I'm a novice Linux user, but there are certain things I tend to never touch, even on Android. I've not seen anything that was comprehensive as to what specifically edit, and what to change the values to. (this is largely because its device specific usually) Luckily, both the banking apps I use work fine, its just Google Pay I'm having issues with because of the CTS Profile. Basic Integrity passes, so I at least know Magisk is working to some degree.
In a pinch you can use whatever device fingerprint you can get a hold of.
You've done some research, so you might already have seen this:
https://forum.xda-developers.com/showpost.php?p=75489540&postcount=1636
Follow those instructions and you should be good to go. You can use the provided fingerprint in that post, but like you say, it's good to use one for your device (what is your device, by the way). Ask in your device's forum if someone can provide you with a stock fingerprint.
Technically speaking, I already stated my phone which happens to be in the thread title. But I'll ask over there and hope for the best.
Though yes, I did run into that particular post. No guarantee it'll work, but guess I could try it once I get the line I need.
TwinShadow said:
Technically speaking, I already stated my phone which happens to be in the thread title. But I'll ask over there and hope for the best.
Though yes, I did run into that particular post. No guarantee it'll work, but guess I could try it once I get the line I need.
Click to expand...
Click to collapse
Oh yeah... I missed the title, didn't I? :laugh:
If you can pass basic integrity but not the cts profile, most of the times it simply is a matter of using a certified fingerprint. On every single ROM with uncertified fingerprints I've tested, this has been the case. But of course, YMMV...
Kernel Z5c support to safetynet
https://androidfilehost.com/?fid=889764386195916464
Just as the title says, the new natwest app update (2018 June) refuses to work when Xposed Framework is enabled, but runs find when the framework is disabled. I am interested to know how it detects when the framework is operational, and how can I fool the app into running while Xposed framework is running.
Here is my system:
Samsung Galaxy S5
running Lineage OS 14.1, rooted
Xposed framework version 89
I have tried a number of methods to hide the running framework with no success
Tried DotMod to hide xposed --> not working
Tried XprivacyLua, denying all sorts of permissions such as view activity and running apps --> not working
Only works when i disable the framework and restart the phone. But that is ofcourse tiresome, cos no one wants to restart their entire phone just to check their bank app.
Current solution is to revert to previous versions of natwest bank app, but again that is trivial, as sooner or later they will refuse to work on outdated apps and force update.
Talking to the dev team, the only clue they mention is their new app checks the memory for running malicious apps, and if it detects anything it refuses to run. So it is not safetynet (infact safetynet fails, but the app runs)
Fair enough, but ive tried denying it literally all permissions, both from Privacy guard of lineage os 14.1 and XprivacyLua, and nothing works. Either the app is using some clever method to bypass these, or they dont do their work properly.
I miss old xprivacy, where you had a billion more options within permissions, with info of when and what did each app accessed.
I need xposed in order to disable my proximity sensor which is broken, and constantly thinks the value is zero, hence blacking out my screen during calls
Any help or advice will be much appreciated.
I believe it was with the 2016 November security update that Google changed something that forced an update to Xposed that made it practically impossible to hide. Xposed is easily detectable in the running zygote (something you can't hide), and the only solution is the one you've already found; disable and reboot.
i keep reading many times now "the only solution is reboot" - that is not a solution, we need to find a way to better hide xposed. Perhaps I need to research a bit more on zygote and find out and how it works exactly, and see if there is a way to mask it. Honestly all these android updates are pissing me off, its getting harder and harder to mod your phone, and I dont get why they struggle so hard to make it difficult for us modders.
I will attempt to flash back to kitkat and try, I would not be suprised if it ends up working.
In the windows enviroment you can always do wtv ur heart desires, and if that means destroying your PC so be it. But in android enviroment is so damn hard, and no devs want to share how they implement things in fear of someone hacking them or wtv. But all this is doing is hurting modders, making us hate some apps with harsh rules and moving away, doesnt do any good for anyone!!
It's perfectly possible to hide Xposed if you downgrade to a security patch prior to November -16. You're likely gonna have to dig around a bit for the proper files and versions though.
And believe me, there have been some pretty brilliant minds that have tried to find a way to hide Xposed and found it not to be possible. Of course, "nothing's impossible" and maybe someone with a brilliant idea finds a miraculous way. You never know...
Extremely sorry if I am spamming the forum with this thread, but thought of starting this discussion to see if the geeks can help with sharing the knowledge.
I don't think I have to emphasize on why Magisk over Xposed (The Magisk Forum has a lot of articles on why.), but I am surprised to realize that Magisk is still the so called "new guy" even after these many years of launch..
All I get for a sample search "best modules Magisk" is a bunch of tweaking modules which say they can alter your ART mechanism or save your battery, I mean, who cares for the performance in 2019!!! we have got beastly phones and just want magik to happen on them. Magisk is still the same serious experimental mod that lets you root and hide it from banking/work apps but not yet cool.
For example, every time I installed Xposed on a new phone, I would go look for the famous "Gravity Box" just to enable the status bar brightness control gesture.
And the "X-insta" that lets me download media from Instagram . (Of course this module seems to be dead for a few months).
And a bunch of adblockers.
And a hell lot mods that I don't remember from the top of my head, but it was really magic.. And it is slowing down (I feel so..)
Well, someone might say that we can install Xposed itself as a module, but that just crashes the "SafetyNet" which is very annoying, it makes the phone useless without being able to open GooglePay and other banking apps.
I know I might be wrong but I am posting just to see if people use any equivalent "cool" modules in Magisk that are not easily seen in the Magisk Modules repo or if someone has found a way to pass the "SafetyNet" with Xposed+Magisk to make Android awesome again!!:good:
sagar2208 said:
Extremely sorry if I am spamming the forum with this thread, but thought of starting this discussion to see if the geeks can help with sharing the knowledge.
I don't think I have to emphasize on why Magisk over Xposed (The Magisk Forum has a lot of articles on why.), but I am surprised to realize that Magisk is still the so called "new guy" even after these many years of launch..
All I get for a sample search "best modules Magisk" is a bunch of tweaking modules which say they can alter your ART mechanism or save your battery, I mean, who cares for the performance in 2019!!! we have got beastly phones and just want magik to happen on them. Magisk is still the same serious experimental mod that lets you root and hide it from banking/work apps but not yet cool.
For example, every time I installed Xposed on a new phone, I would go look for the famous "Gravity Box" just to enable the status bar brightness control gesture.
And the "X-insta" that lets me download media from Instagram . (Of course this module seems to be dead for a few months).
And a bunch of adblockers.
And a hell lot mods that I don't remember from the top of my head, but it was really magic.. And it is slowing down (I feel so..)
Well, someone might say that we can install Xposed itself as a module, but that just crashes the "SafetyNet" which is very annoying, it makes the phone useless without being able to open GooglePay and other banking apps.
I know I might be wrong but I am posting just to see if people use any equivalent "cool" modules in Magisk that are not easily seen in the Magisk Modules repo or if someone has found a way to pass the "SafetyNet" with Xposed+Magisk to make Android awesome again!!:good:
Click to expand...
Click to collapse
Magisk doesn't work the same way as Xposed,one mounts and modifies files and the other hooks and modifies app code at runtime,and yes there is a way to use Xposed and pass safetynet if you are either on Oreo or Pie,it's called Edxposed
Edxposed is an open source Xposed alternative released early this year that uses a different method to hook into the system which allows it to pass safetynet and it allows you to blacklist apps in which you don't to load Xposed into,and if you are in pie there is already a beta of gravitybox that fully supports Pie (it's not yet in the Xposed repo because it's not fully stable yet)
Here are some pictures showing edxposed passing safetynet and me using the event lock module on Android pie,incase you are interested here are the links to edxposed https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513 it works on both Oreo and Pie (ignore the last step and just use edxposed installer) it's the last link and the first post,if you have any doubts feel free to ask there
DanGLES3 said:
Here are some pictures showing edxposed passing safetynet and me using the event lock module on Android pie,incase you are interested here are the links to edxposed https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513 it works on both Oreo and Pie (ignore the last step and just use edxposed installer) it's the last link and the first post,if you have any doubts feel free to ask there
Click to expand...
Click to collapse
A Hope!!
Thank you very much for the info, will try and post an update..
Even after these many years of launch people seems to not understand Magisk purpose, features and way of work. Same for Xposed.
Does Magisk has "modules" ? Yes! Does Xposed has "modules" ? Yes! But that's it. The name. The only thing in common between Magisk and Xposed is _the name, the word, "module" _ for their respective plug-ins, addons. Nothing more. Period.
Magisk attachs to Android, works completely different from the way Xposed does. What they do and what they can do are different. They are not even closer to be an alternative of one to another.
Having that said, do not expect that modules of one can deliver similar features of a module of another. If this somehow someday for an specific pair of modules happen be sure they are accomplishing that but doing in complete different ways behind the scenes.
About Xposed not breaking SafetyNet, we have now for Android O+ the alternatives EdXposed (open source) and Tai Chi (closed source). They do not break it because the way they're implemented is different from original Xposed by Rovo. They are different approachs, new code with new ways of work, but that delivers same entrance points, same nomenclature, as original Xposed itself. Thus being (generally speaking) compatible with modules originally built to original Xposed.
Both EdXposed and Tai Chi are experimental yet, although working fine at least on Android P. If they show themselves as solid solutions then probably we will see new Xposed like modules appearing out there. I do hope so.
wilsonhlacerda said:
Even after these many years of launch people seems to not understand Magisk purpose, features and way of work. Same for Xposed.
Does Magisk has "modules" ? Yes! Does Xposed has "modules" ? Yes! But that's it. The name. The only thing in common between Magisk and Xposed is _the name, the word, "module" _ for their respective plug-ins, addons. Nothing more. Period.
Magisk attachs to Android, works completely different from the way Xposed does. What they do and what they can do are different. They are not even closer to be an alternative of one to another.
Having that said, do not expect that modules of one can deliver similar features of a module of another. If this somehow someday for an specific pair of modules happen be sure they are accomplishing that but doing in complete different ways behind the scenes.
About Xposed not breaking SafetyNet, we have now for Android O+ the alternatives EdXposed (open source) and Tai Chi (closed source). They do not break it because the way they're implemented is different from original Xposed by Rovo. They are different approachs, new code with new ways of work, but that delivers same entrance points, same nomenclature, as original Xposed itself. Thus being (generally speaking) compatible with modules originally built to original Xposed.
Both EdXposed and Tai Chi are experimental yet, although working fine at least on Android P. If they show themselves as solid solutions then probably we will see new Xposed like modules appearing out there. I do hope so.
Click to expand...
Click to collapse
Couldn't have said it better (my previous texts were written at 3am so pardon for any mistake I did XD)
H! So I am actually unsure where to post this..
Here's hoping you can figure something out and not be mad at me if this is the wrong place to post this.
Initially, i was going to post this as a Bug report on Github. However, I figured this was not correct.
Technically speaking this also isn't really an issue with magisk itself, more that adobe might have found a way to circumvent magisk anti detection methods.
In short: The App "Adobe Account Access" (com.adobe.ims.accountaccess on the play store: https://play.google.com/store/apps/details?id=com.adobe.ims.accountaccess) seems to have found a way to detect magisk and/or root, even though root detection is hidden in magisk.
The App just displays a prompt, saying "Device not supported. Sorry, your phone is not supported for Adobe Account Access.", even though the device used should be supported.
I checked with adobe community support on whether my Phone is supported or not and according to them, it should indeed be supported: https://community.adobe.com/t5/acco...-access-app-device-not-supported/m-p/11696613
I suspect they have found a way to get around all magisk anti detection methods and i would be grateful if someone would be kind enough to check if there is a workaround or if magisk's detection prevention needs an update.
Unfortunately, i don't have much more to say other than that..
There aren't any magisk log entries that would indicate something went wrong (only entries mentioning the app are"i" loglevel, one coming from hide_list_add and one coming from proc_monitor).
I could not find anything out of the ordinary in the logcat, although i suppose i could be more thorough with my search.
My technical/general info would be:
Magisk Version used: 22.0 (22000) (18)
SafetyNet integrity: Both basicIntegrity AND ctsProfile = pass; evalType = BASIC
ROM used: OxygenOS 10.0.11.GM21BA
Android version: 10
Device name: OnePlus 7 Pro
"Adobe Account Access" App version: 1.6
+++ Please feel free to ask for any additional info in case I missed it +++
Thanks in advance for any productive suggestion!
When does it display this "device not supported" message? I tested just now and could log in and set everything up without even adding the app to the Hide list, and with the Magisk app unhidden.
Didgeridoohan said:
When does it display this "device not supported" message? I tested just now and could log in and set everything up without even adding the app to the Hide list.
Click to expand...
Click to collapse
Oh? That is peculiar.. Damn, that implies an issue somewhere else i reckon ://
It displays it immediately after launching the app. The very first screen..
What phone and which OS (/ROM) are you using? Might just be that my phone is genuinely not supported and the folks over at the adobe community forum lied when saying my phone should be compatible..
Also, which android version are you on if you don't mind me asking?
You don't have any modules installed? No edxposed or lsposed, or magisk modules?
Have you tried root detection apps like Root Beer Fresh to see if indeed the app is unable to detect root? If you try any such app, remember to add it to the Magisk Hide list beforehand, otherwise the app will clearly detect root.
It's a OnePlus 3T with Android 9 ArrowOS. As stated above, it could very well be a module, like EdXposed. Or a root app, or a file or folder on your device, or something completely different.
It's not detecting Magisk at least, that's for sure...
General root hiding tips:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps
@Barrel Titor
Samsung Galaxy S7 Custom 9.0 Pie, Magisk 22 root with random name, application without hiding works fine.
Hi all!
First of all: Apologies! I meant to respond sooner to this, but work has kept me occupied and the one time I actually was available, XDA Forums went down into maintenance mode..
Secondly: Sorry for maybe jumping the gun here a bit!
It does look like I should have tested this issue a bit more! I am definitely going to keep on trying to fix this on my own using the resources and methods you have suggested!
I have tested com.adobe.ims.accountaccess on my sisters unrooted OnePlus Nord.. It works fine there, which is really confusing. None of the other apps I am using show this sort of issue :c Not even my banking app!
@mario0318 Thanks for your suggestion! I know it is good practice to remove/disable all your modules. However, none of the modules I have currently installed are particularly large and they certainly do not modify much compared to what is possible. I am going to attach a list to this response, however I am also going to try disabling them one by one and see if I can find the culprit! Unfortunately, I will not be able to disable the "Google Dialer Framework" module, since it causes the device to bootloop if the google dialer app is still present.
Here is a list of all the modules I have installed and enabled at the moment:
Spoiler
App Systemizer (Terminal Emulator)
Busybox for Android NDK
Google Dialer Framework
Looki75 Product Sans font
Systemless Hosts
ViPER4ANDROID FX
Honourable mentions (these modules are completely DISABLED):
Spoiler
Riru
Riru - EdXposed
However, please note again that SafetyNet seems to be INTACT, with "basicIntegrity" and "ctsProfile" still passing and "evalType" being "BASIC".
In any case. Thanks to everyone for their contribution! I really appreciate any suggestion!
Edit: @mario0318 right after I posted this message, I went ahead and gave "RootbeerFresh" a shot. It does not detect root when it is hidden from it. This makes my leading theory to be that the app truly does not support OnePlus 7 Pro devices. Wouldn't know why it doesn't support this model in particular though. Until I either unroot or find someone with the same device, willing to install Adobe Account Access, i can't say for sure though.
Barrel Titor said:
Hi all!
First of all: Apologies! I meant to respond sooner to this, but work has kept me occupied and the one time I actually was available, XDA Forums went down into maintenance mode..
Secondly: Sorry for maybe jumping the gun here a bit!
It does look like I should have tested this issue a bit more! I am definitely going to keep on trying to fix this on my own using the resources and methods you have suggested!
I have tested com.adobe.ims.accountaccess on my sisters unrooted OnePlus Nord.. It works fine there, which is really confusing. None of the other apps I am using show this sort of issue :c Not even my banking app!
@mario0318 Thanks for your suggestion! I know it is good practice to remove/disable all your modules. However, none of the modules I have currently installed are particularly large and they certainly do not modify much compared to what is possible. I am going to attach a list to this response, however I am also going to try disabling them one by one and see if I can find the culprit! Unfortunately, I will not be able to disable the "Google Dialer Framework" module, since it causes the device to bootloop if the google dialer app is still present.
Here is a list of all the modules I have installed and enabled at the moment:
Spoiler
App Systemizer (Terminal Emulator)
Busybox for Android NDK
Google Dialer Framework
Looki75 Product Sans font
Systemless Hosts
ViPER4ANDROID FX
Honourable mentions (these modules are completely DISABLED):
Spoiler
Riru
Riru - EdXposed
However, please note again that SafetyNet seems to be INTACT, with "basicIntegrity" and "ctsProfile" still passing and "evalType" being "BASIC".
In any case. Thanks to everyone for their contribution! I really appreciate any suggestion!
Edit: @mario0318 right after I posted this message, I went ahead and gave "RootbeerFresh" a shot. It does not detect root when it is hidden from it. This makes my leading theory to be that the app truly does not support OnePlus 7 Pro devices. Wouldn't know why it doesn't support this model in particular though. Until I either unroot or find someone with the same device, willing to install Adobe Account Access, i can't say for sure though.
Click to expand...
Click to collapse
So upon Google searching "oneplus 7 pro adobe account access" it appears to be a common problem.
mario0318 said:
So upon Google searching "oneplus 7 pro adobe account access" it appears to be a common problem.
Click to expand...
Click to collapse
I cannot find any results using this search term on google other than my own post on the adobe community forums.. This one: https://community.adobe.com/t5/acco...access-app-device-not-supported/td-p/11695914
@mario0318 do you happen to know a way to somehow "pretend" to the app that i am in fact using a different phone? Something that would allow me to make the app believe it is running on a different device?
Barrel Titor said:
@mario0318 do you happen to know a way to somehow "pretend" to the app that i am in fact using a different phone? Something that would allow me to make the app believe it is running on a different device?
Click to expand...
Click to collapse
Well, the well known magisk module MHPC or Magisk Hide Props Config comes to mind. You can change device fingerprints and maybe also give the Device Simulation feature a go, or custom edit any range of configurable props.
You could do so without the module editing the build.props yourself. Or if you stick with edxposed and deal with not having magisk manager's hide enabled, perhaps any of the device spoofers on the xposed repo could fool the app. Or Sudohide if you set Adobe app to hide from any and all apps that are root relevant. May also consider removing directories in your internal and removable storage for things like TWRP or PBRP, Titanium Backup, xposes, etc, you know, things that a simple media scan looking for any sign of root apps might pick up.
But for now, I'd give MHPC a try and change device fingerprint and maybe enable device simulation if simple fingerprint change doesn't work.
I'm having the same issue on a rooted OnePlus 8T
Same for me on op7 pro. Hiding with somiko but Adobe still not working. Nor could I bypass square, it notes root when it pairs Bluetooth
I'm not clear on the differences between them, and it seems that there are even more alternatives.
Is one better than another?
I just got an Android 10 phone, was previously on 7 for a short time, but was otherwise still on 5 and 6.
AllanonMage said:
I'm not clear on the differences between them, and it seems that there are even more alternatives.
Is one better than another?
I just got an Android 10 phone, was previously on 7 for a short time, but was otherwise still on 5 and 6.
Click to expand...
Click to collapse
The main difference is that in LSPosed you have to whitelist apps to be hooked instead of blacklist. The second one is that EdXposed seems to break SafetyNet in latest version. And it seems that it's not that actively developed as LSPosed
They both have whitelist and on LSPosed it set in default. But only EdXposed have blacklist. I saw some comment like "have too much modules and too much apps to hook, how painful to check everything by manually".
Yes, Edxposed still break SafetyNet.
Yes, now Edxposed is not that actively update than LSPosed.
Something about LSPosed
If you can read Chinese, maybe you can read these below: https://www.bilibili.com/read/cv9603603/ https://www.bilibili.com/read/cv9603669/ https://www.zhihu.com/question/442534533 https://www.zhihu.com/question/442531709 I am very troubled by...
forum.xda-developers.com
I personally tried both. Not that much difference. Yeah, because basically LSPosed just forked Edxposed and did a little improvement.
In the end I choose Edxposed rather than LSPosed. Because I can't trust one dev who made a prank about "rm -rf" and the rest dev have no objection to this and even help him to hide it. And those personal attack with filthy language of course.
Arakawa. said:
They both have whitelist and on LSPosed it set in default. But only EdXposed have blacklist. I saw some comment like "have too much modules and too much apps to hook, how painful to check everything by manually".
Yes, Edxposed still break SafetyNet.
Yes, now Edxposed is not that actively update than LSPosed.
Something about LSPosed
If you can read Chinese, maybe you can read these below: https://www.bilibili.com/read/cv9603603/ https://www.bilibili.com/read/cv9603669/ https://www.zhihu.com/question/442534533 https://www.zhihu.com/question/442531709 I am very troubled by...
forum.xda-developers.com
I personally tried both. Not that much difference. Yeah, because basically LSPosed just forked Edxposed and did a little improvement.
In the end I choose Edxposed rather than LSPosed. Because I can't trust one dev who made a prank about "rm -rf" and the rest dev have no objection to this and even help him to hide it. And those personal attack with filthy language of course.
Click to expand...
Click to collapse
The developer you mentioned has left the development group long ago
All I wanna know is which one passes safetytest. Installed edxposed for the first time in 2 years only to discover that safetytest is completely fubar'd. And all the tutorials I've found are old and seemingly obsolete.
This moment, LSPosed is alot better than EdXposed.
Simple that.
I say many thanks to EdXposed, but LSPosed is the future.
We Love EdXposed
We Love LSPosed
We Love Better Future
More than 100 commits less than 20 days
Commits ยท LSPosed/LSPosed
LSPosed Framework. Contribute to LSPosed/LSPosed development by creating an account on GitHub.
github.com
Arakawa. said:
who made a prank about "rm -rf"
Click to expand...
Click to collapse
Which prank? Will you share the source of the prank? Plz let us know.
Edit: Sorry, haven't noticed the quoted post, got it.
cracky.ice said:
The developer you mentioned has left the development group long ago
Click to expand...
Click to collapse
The man left temporarily, but what he had done was still there. And the rest of the developers don't think rm -rf is wrong. The whole development team had problems, they even excused the malicious code. Communities should not forgive this.
LSPosed is not a good choice for Xposed: from the software itself, module scopes and Xposed Hide (White) were designed as advanced features for advanced users only, and forcing them to be enabled is abusive and will increase the learning cost for users, increase the cost for module developers, break the functionality of global modules, and make modules much less compatible. On the developer level, the LSPosed development team has been suppressing and abusing other Xposed implementations and their developers since the project's inception, attacking third-party ROM developers with web violence, and committing community divisive acts like this; one of the development team members submitted rm -rf /* malicious code to EdXposed, which was responsible for emptying CI user data. The culprit has no credibility.
mlgmxyysd said:
The man left temporarily, but what he had done was still there. And the rest of the developers don't think rm -rf is wrong. The whole development team had problems, they even excused the malicious code. Communities should not forgive this.
Click to expand...
Click to collapse
We will never forgive.
But it is past.
We just need MORE attention before to accept any commit.
We will have bad people everywhere.
Nothing more.
mlgmxyysd said:
LSPosed is not a good choice for Xposed: from the software itself, module scopes and Xposed Hide (White) were designed as advanced features for advanced users only, and forcing them to be enabled is abusive and will increase the learning cost for users, increase the cost for module developers, break the functionality of global modules, and make modules much less compatible. On the developer level, the LSPosed development team has been suppressing and abusing other Xposed implementations and their developers since the project's inception, attacking third-party ROM developers with web violence, and committing community divisive acts like this; one of the development team members submitted rm -rf /* malicious code to EdXposed, which was responsible for emptying CI user data. The culprit has no credibility.
Click to expand...
Click to collapse
YES.
Xposed is for ADVANCED USERS only !!!!
Xposed is not a play for kids.
I agree with you about the difficulty for developers, but well, the future is here.
And we will not accept to remain in the past.
Long Life to LSPosed
But, we love EdXposed too
VD171 said:
YES.
Xposed is for ADVANCED USERS only !!!!
Xposed is not a play for kids.
I agree with you about the difficulty for developers, but well, the future is here.
And we will not accept to remain in the past.
Long Life to LSPosed
But, we love EdXposed too
Click to expand...
Click to collapse
Put away your false future, Xposed (even ROMs) will die because of LSPosed Developers. You don't know what disgusting things LSPosed Developers are doing behind the scenes.
mlgmxyysd said:
Put away your false future, Xposed (even ROMs) will die because of LSPosed Developers. You don't know what disgusting things LSPosed Developers are doing behind the scenes.
Click to expand...
Click to collapse
The point is we need xposed for Android 9, Android 10, Android 11, Android 12, Android 13, Android 14...
We currently have no choices.
Or do you have any?
VD171 said:
The point is we need xposed for Android 9, Android 10, Android 11, Android 12, Android 13, Android 14...
We currently have no choices.
Or do you have any?
Click to expand...
Click to collapse
There will be, just need to wait.
mlgmxyysd said:
There will be, just need to wait.
Click to expand...
Click to collapse
I can't wait.
I have a solution, so I will use it.
But, I'm totally open for new XPOSED alternatives.
Let's keep watching
I did a test with the old original Xprivacy app. Oreo 8.1, Magisk v23, Riru v 25.4.4
With EdXposed: it works, but whole phone is slowed down. Every app is checked and Xprivacy popup asks you how to proceed (accept or deny internet/load/whatever request). It works how it should but sadly phone is slowed down and wallpaper doesn't load after phone bootup
With LSposed: it doesn't work, because: Every app just bypasses most Xprivacy functions, you only get a meaningless Binder Xprivacy popup. Xprivacy has no control over what apps do. Apps do what they want and don't ask for your permission
With Xposed Installer: it runs perfectly, flawlessly. Using the good old "Xposed Installer" with Xposed Framework version 90-beta3, the original. You know every url and request every app does, if they scan your nearby wifi, if or when they use record in cam or audio, scan your contacts, request some device identifiers, you can whitelist the urls, internet requests and loads you want. All app requests logged, apps can't do nothing without your permission. Very useful because you can use (whitelist) the functions in any app that you use and want, and dismiss the rest that's bundled within the app (ad networks, telemetry requests, proprietary functions. resource-hungry unnecessary actions). In the new XprivacyLua these features and logs and this sort of control is not possible. This is why the old original Xprivacy is superior.
jason382 said:
I did a test with the old original Xprivacy app. Oreo 8.1, Magisk v23, Riru v 25.4.4
With EdXposed: it works, but whole phone is slowed down. Every app is checked and Xprivacy popup asks you how to proceed (accept or deny internet/load/whatever request). It works how it should but sadly phone is slowed down and wallpaper doesn't load after phone bootup
With LSposed: it doesn't work, because: Every app just bypasses most Xprivacy functions, you only get a meaningless Binder Xprivacy popup. Xprivacy has no control over what apps do. Apps do what they want and don't ask for your permission
With Xposed Installer: it runs perfectly, flawlessly. Using the good old "Xposed Installer" with Xposed Framework version 90-beta3, the original. You know every url and request every app does, if they scan your nearby wifi, if or when they use record in cam or audio, scan your contacts, request some device identifiers, you can whitelist the urls, internet requests and loads you want. All app requests logged, apps can't do nothing without your permission. Very useful because you can use (whitelist) the functions in any app that you use and want, and dismiss the rest that's bundled within the app (ad networks, telemetry requests, proprietary functions. resource-hungry unnecessary actions). In the new XprivacyLua these features and logs and this sort of control is not possible. This is why the old original Xprivacy is superior.
Click to expand...
Click to collapse
No. Xprivacy is NOT superior.
Xprivacy is totally deprecated and uses old methods and old functions.
XPRIVACYLUA is totally better, superior and CUSTOMIZABLE.
XprivacyLua WORKS PERFECTLY WITH LSPOSED, because I am using it on my main phone.
I LOVE XPRIVACYLUA.
I CAN'T LIVE WITHOUT ROOT, XPOSED AND XPRIVACYLUA !!!!
I LOVE YOU @M66B
LSPosed is the future and as of this date clearly the winner as Edxposed development has halted, it's incompatible with the latest Riru and breaks Safetynet.