Database Develop

Pokemon GO: Bypass SafetyNet directly with Xposed?

Hi everyone,
Google SafetyNet has become a pain in the a** for everyone who want's to play Pokemon GO (fair, no cheating), but can't live without root and Xposed, like me. Bypassing SafetyNet in general is a cat-and-mouse game. Chainfire described the problem very good in his post Hiding root: a losing game.
Well, people look for SafetyNet workarounds for different reasons. Whether it is for Android Pay, Pokemon GO or Snapchat, the approach is always to hide root and Xposed, and let SafetyNet do its job so that it reports back that the device is safe.
I'm thinking about a different approach, (first) only concerning Pokemon GO. What if we could hook the SafetyNet API calls directly in the app using Xposed? This way, SafetyNet's result wouldn't matter, the answer reported back to the app is always set to "everything OK, device is safe" by Xposed.
I know, this is easier said than done. I already took a look at the Pokemon GO source code, but didn't test anything so far. But there's a class called com.nianticlabs.nia.platform.SafetyNetService, containing a method called checkResult, which returns a boolean. Sounds promising (fingerscrossed).
The reason why didn't test anything so far is because I don't know, how SafetyNet works exactly. But could this possibly work? Did someone try out something like this already?
Greetings

I'm hoping for a similar solution. The SnapPrefs Xposed module does something like this I think and works great.

It think, but I may be wrong, that there is some kind of security preventing us from doing that.
PoGo ask to safetyNet if everything is okay, safetyNet responds to the device and sign the response using a private key that will authenticate the response and make sure it has not been modified and is a genuine response.
So without this key, no way to spoof the response.
Again, I may be wrong but I think it works this way.

You might be right. I have never looked at the SnapPrefs*source code so I have no idea how it*works. All I know is that it does a great job of*bypassing SafetyNet...
If*a similar solution could be implemented it would fix a lot of trouble for us players*who just want to keep*root and play the damn game.

Wetzel402 said:
You might be right. I have never looked at the SnapPrefs*source code so I have no idea how it*works. All I know is that it does a great job of*bypassing SafetyNet...
If*a similar solution could be implemented it would fix a lot of trouble for us players*who just want to keep*root and play the damn game.
Click to expand...
Click to collapse
Snapprefs does not bypass safetynet
Sent from my Nexus 6P using XDA Labs

Rakuu said:
Snapprefs does not bypass safetynet
Sent from my Nexus 6P using XDA Labs
Click to expand...
Click to collapse
My rooted phone would not log into SnapChat due to it failing safetynet. After installing the SnapPrefs module and rebooting I was able to log in on the first attempt. I'm not saying it allows safetynet to pass but it is doing something to bypass it. Doing something similar for Pogo may or may not work.

Snapprefs
I now know a bit more about SafetyNet from some very interesting and shocking articles at John Kozyrakis blog [1] [2] [3].
I took a quick look at the Snapprefs source code, but it's very big. I didn't find anything concerning SafetyNet so far.
I don't use Snapchat, so I can't try it out. Wetzel402 says the module works. @Wetzel402, so this means, that Snapchat usually doesn't work with root and Xposed (because of SafetyNet), but with Snapprefs it does?
In theory, my approach from the initial post could work, it depends on the app using SafetyNet. Unfortunately, it most probably won't work for Pokemon GO. The mentioned method checkResult is a pre-step, checking only if SafetyNet communication worked. Evaluation of SafetyNet's result is done in native code, which cannot be hooked by Xposed.
I didn't take a look at Snapchat's source code so far, but if evaluating SafetyNet's result is done in Java, maybe this is hooked by Snapprefs and that's why Snapchat works independent of SafetyNet's result. But this is just an assumption.
I have further ideas. I will try them out and report my results here. Stay tuned.
[1] https://koz.io/inside-safetynet/
[2] https://koz.io/inside-safetynet-2/
[3] https://koz.io/inside-safetynet-3/

Cypher_01 said:
I now know a bit more about SafetyNet from some very interesting and shocking articles at John Kozyrakis blog [1][2][3].
I took a quick look at the Snapprefs source code, but it's very big. I didn't find anything concerning SafetyNet so far.
I don't use Snapchat, so I can't try it out. Wetzel402 says the module works. @Wetzel402, so this means, that Snapchat usually doesn't work with root and Xposed (because of SafetyNet), but with Snapprefs it does?
In theory, my approach from the initial post could work, it depends on the app using SafetyNet. Unfortunately, it most probably won't work for Pokemon GO. The mentioned method checkResult is a pre-step, checking only if SafetyNet communication worked. Evaluation of SafetyNet's result is done in native code, which cannot be hooked by Xposed.
I didn't take a look at Snapchat's source code so far, but if evaluating SafetyNet's result is done in Java, maybe this is hooked by Snapprefs and that's why Snapchat works independent of SafetyNet's result. But this is just an assumption.
I have further ideas. I will try them out and report my results here. Stay tuned.
[1] https://koz.io/inside-safetynet/
[2] https://koz.io/inside-safetynet-2/
[3] https://koz.io/inside-safetynet-3/
Click to expand...
Click to collapse
As far as I know recent Snapchat versions don't check anymore, people have said even with only root they can log in now when they previously couldn't, this may have been what happened.
Sent from my Nexus 6P using XDA Labs

Based on my experience, I have two phones, one rooted and one not. Snapchat*works on*the unrooted one but would fail to log in on the rooted one. After installing*the*SnapPrefs*module I was able to log into Snapchat. I can't confirm if*Snapchat was updated*in the meantime however.
I would*imagine*if*a*future xposed module could spoof the device status to SafetyNet or completely bypass the requesting/response process within PoGo it could be possible.

Wetzel402 said:
Based on my experience, I have two phones, one rooted and one not. Snapchat*works on*the unrooted one but would fail to log in on the rooted one. After installing*the*SnapPrefs*module I was able to log into Snapchat. I can't confirm if*Snapchat was updated*in the meantime however.
I would*imagine*if*a*future xposed module could spoof the device status to SafetyNet or completely bypass the requesting/response process within PoGo it could be possible.
Click to expand...
Click to collapse
Could you do us a favor? Simply deactivate Snapprefs in Xposed installer and reboot. If you can login, Snapchat has been updated to that effect. If you can't login, Snapprefs does the job.

Cypher_01 said:
Could you do us a favor? Simply deactivate Snapprefs in Xposed installer and reboot. If you can login, Snapchat has been updated to that effect. If you can't login, Snapprefs does the job.
Click to expand...
Click to collapse
That seems...too...simple
Alright, I did the following...
Signed out of Snapchat
Disabled Snapprefs
Uninstalled Snapchat
Reboot
Reinstalled Snapchat
Logged in successfully
Enabled Snapprefs
Based on this experiment the Snapchat app was, in fact, updated so that it no longer is checking for root/xposed in the manner it once was...

Wetzel402 said:
That seems...too...simple
Click to expand...
Click to collapse
Wetzel402 said:
Alright, I did the following...
Signed out of Snapchat
Disabled Snapprefs
Uninstalled Snapchat
Reboot
Reinstalled Snapchat
Logged in successfully
Enabled Snapprefs
Based on this experiment the Snapchat app was, in fact, updated so that it no longer is checking for root/xposed in the manner it once was...
Click to expand...
Click to collapse
OK, in a way, that's not good, at least it means that we cannot learn anything from Snapprefs.

Cypher_01 said:
OK, in a way, that's not good, at least it means that we cannot learn anything from Snapprefs.
Click to expand...
Click to collapse
Agreed. This is disappointing because I was hoping we could learn something from the Snapprefs source code.

[Q] Why aren't there any cool modules for Magisk? (compared to modules for Xposed)

Extremely sorry if I am spamming the forum with this thread, but thought of starting this discussion to see if the geeks can help with sharing the knowledge.
I don't think I have to emphasize on why Magisk over Xposed (The Magisk Forum has a lot of articles on why.), but I am surprised to realize that Magisk is still the so called "new guy" even after these many years of launch..
All I get for a sample search "best modules Magisk" is a bunch of tweaking modules which say they can alter your ART mechanism or save your battery, I mean, who cares for the performance in 2019!!! we have got beastly phones and just want magik to happen on them. Magisk is still the same serious experimental mod that lets you root and hide it from banking/work apps but not yet cool.
For example, every time I installed Xposed on a new phone, I would go look for the famous "Gravity Box" just to enable the status bar brightness control gesture.
And the "X-insta" that lets me download media from Instagram . (Of course this module seems to be dead for a few months).
And a bunch of adblockers.
And a hell lot mods that I don't remember from the top of my head, but it was really magic.. And it is slowing down (I feel so..)
Well, someone might say that we can install Xposed itself as a module, but that just crashes the "SafetyNet" which is very annoying, it makes the phone useless without being able to open GooglePay and other banking apps.
I know I might be wrong but I am posting just to see if people use any equivalent "cool" modules in Magisk that are not easily seen in the Magisk Modules repo or if someone has found a way to pass the "SafetyNet" with Xposed+Magisk to make Android awesome again!!:good:

sagar2208 said:
Extremely sorry if I am spamming the forum with this thread, but thought of starting this discussion to see if the geeks can help with sharing the knowledge.
I don't think I have to emphasize on why Magisk over Xposed (The Magisk Forum has a lot of articles on why.), but I am surprised to realize that Magisk is still the so called "new guy" even after these many years of launch..
All I get for a sample search "best modules Magisk" is a bunch of tweaking modules which say they can alter your ART mechanism or save your battery, I mean, who cares for the performance in 2019!!! we have got beastly phones and just want magik to happen on them. Magisk is still the same serious experimental mod that lets you root and hide it from banking/work apps but not yet cool.
For example, every time I installed Xposed on a new phone, I would go look for the famous "Gravity Box" just to enable the status bar brightness control gesture.
And the "X-insta" that lets me download media from Instagram . (Of course this module seems to be dead for a few months).
And a bunch of adblockers.
And a hell lot mods that I don't remember from the top of my head, but it was really magic.. And it is slowing down (I feel so..)
Well, someone might say that we can install Xposed itself as a module, but that just crashes the "SafetyNet" which is very annoying, it makes the phone useless without being able to open GooglePay and other banking apps.
I know I might be wrong but I am posting just to see if people use any equivalent "cool" modules in Magisk that are not easily seen in the Magisk Modules repo or if someone has found a way to pass the "SafetyNet" with Xposed+Magisk to make Android awesome again!!:good:
Click to expand...
Click to collapse
Magisk doesn't work the same way as Xposed,one mounts and modifies files and the other hooks and modifies app code at runtime,and yes there is a way to use Xposed and pass safetynet if you are either on Oreo or Pie,it's called Edxposed
Edxposed is an open source Xposed alternative released early this year that uses a different method to hook into the system which allows it to pass safetynet and it allows you to blacklist apps in which you don't to load Xposed into,and if you are in pie there is already a beta of gravitybox that fully supports Pie (it's not yet in the Xposed repo because it's not fully stable yet)

Here are some pictures showing edxposed passing safetynet and me using the event lock module on Android pie,incase you are interested here are the links to edxposed https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513 it works on both Oreo and Pie (ignore the last step and just use edxposed installer) it's the last link and the first post,if you have any doubts feel free to ask there

DanGLES3 said:
Here are some pictures showing edxposed passing safetynet and me using the event lock module on Android pie,incase you are interested here are the links to edxposed https://forum.xda-developers.com/xposed/android-9-0-xposed-solutions-t3889513 it works on both Oreo and Pie (ignore the last step and just use edxposed installer) it's the last link and the first post,if you have any doubts feel free to ask there
Click to expand...
Click to collapse
A Hope!!
Thank you very much for the info, will try and post an update..

Even after these many years of launch people seems to not understand Magisk purpose, features and way of work. Same for Xposed.
Does Magisk has "modules" ? Yes! Does Xposed has "modules" ? Yes! But that's it. The name. The only thing in common between Magisk and Xposed is _the name, the word, "module" _ for their respective plug-ins, addons. Nothing more. Period.
Magisk attachs to Android, works completely different from the way Xposed does. What they do and what they can do are different. They are not even closer to be an alternative of one to another.
Having that said, do not expect that modules of one can deliver similar features of a module of another. If this somehow someday for an specific pair of modules happen be sure they are accomplishing that but doing in complete different ways behind the scenes.
About Xposed not breaking SafetyNet, we have now for Android O+ the alternatives EdXposed (open source) and Tai Chi (closed source). They do not break it because the way they're implemented is different from original Xposed by Rovo. They are different approachs, new code with new ways of work, but that delivers same entrance points, same nomenclature, as original Xposed itself. Thus being (generally speaking) compatible with modules originally built to original Xposed.
Both EdXposed and Tai Chi are experimental yet, although working fine at least on Android P. If they show themselves as solid solutions then probably we will see new Xposed like modules appearing out there. I do hope so.

wilsonhlacerda said:
Even after these many years of launch people seems to not understand Magisk purpose, features and way of work. Same for Xposed.
Does Magisk has "modules" ? Yes! Does Xposed has "modules" ? Yes! But that's it. The name. The only thing in common between Magisk and Xposed is _the name, the word, "module" _ for their respective plug-ins, addons. Nothing more. Period.
Magisk attachs to Android, works completely different from the way Xposed does. What they do and what they can do are different. They are not even closer to be an alternative of one to another.
Having that said, do not expect that modules of one can deliver similar features of a module of another. If this somehow someday for an specific pair of modules happen be sure they are accomplishing that but doing in complete different ways behind the scenes.
About Xposed not breaking SafetyNet, we have now for Android O+ the alternatives EdXposed (open source) and Tai Chi (closed source). They do not break it because the way they're implemented is different from original Xposed by Rovo. They are different approachs, new code with new ways of work, but that delivers same entrance points, same nomenclature, as original Xposed itself. Thus being (generally speaking) compatible with modules originally built to original Xposed.
Both EdXposed and Tai Chi are experimental yet, although working fine at least on Android P. If they show themselves as solid solutions then probably we will see new Xposed like modules appearing out there. I do hope so.
Click to expand...
Click to collapse
Couldn't have said it better (my previous texts were written at 3am so pardon for any mistake I did XD)

com.adobe.ims.accountaccess (Adobe Account Access) seems to detect Magisk, even while hidden.

H! So I am actually unsure where to post this..
Here's hoping you can figure something out and not be mad at me if this is the wrong place to post this.
Initially, i was going to post this as a Bug report on Github. However, I figured this was not correct.
Technically speaking this also isn't really an issue with magisk itself, more that adobe might have found a way to circumvent magisk anti detection methods.
In short: The App "Adobe Account Access" (com.adobe.ims.accountaccess on the play store: https://play.google.com/store/apps/details?id=com.adobe.ims.accountaccess) seems to have found a way to detect magisk and/or root, even though root detection is hidden in magisk.
The App just displays a prompt, saying "Device not supported. Sorry, your phone is not supported for Adobe Account Access.", even though the device used should be supported.
I checked with adobe community support on whether my Phone is supported or not and according to them, it should indeed be supported: https://community.adobe.com/t5/acco...-access-app-device-not-supported/m-p/11696613
I suspect they have found a way to get around all magisk anti detection methods and i would be grateful if someone would be kind enough to check if there is a workaround or if magisk's detection prevention needs an update.
Unfortunately, i don't have much more to say other than that..
There aren't any magisk log entries that would indicate something went wrong (only entries mentioning the app are"i" loglevel, one coming from hide_list_add and one coming from proc_monitor).
I could not find anything out of the ordinary in the logcat, although i suppose i could be more thorough with my search.
My technical/general info would be:
Magisk Version used: 22.0 (22000) (18)
SafetyNet integrity: Both basicIntegrity AND ctsProfile = pass; evalType = BASIC
ROM used: OxygenOS 10.0.11.GM21BA
Android version: 10
Device name: OnePlus 7 Pro
"Adobe Account Access" App version: 1.6
+++ Please feel free to ask for any additional info in case I missed it +++
Thanks in advance for any productive suggestion!

When does it display this "device not supported" message? I tested just now and could log in and set everything up without even adding the app to the Hide list, and with the Magisk app unhidden.

Didgeridoohan said:
When does it display this "device not supported" message? I tested just now and could log in and set everything up without even adding the app to the Hide list.
Click to expand...
Click to collapse
Oh? That is peculiar.. Damn, that implies an issue somewhere else i reckon ://
It displays it immediately after launching the app. The very first screen..
What phone and which OS (/ROM) are you using? Might just be that my phone is genuinely not supported and the folks over at the adobe community forum lied when saying my phone should be compatible..
Also, which android version are you on if you don't mind me asking?

You don't have any modules installed? No edxposed or lsposed, or magisk modules?
Have you tried root detection apps like Root Beer Fresh to see if indeed the app is unable to detect root? If you try any such app, remember to add it to the Magisk Hide list beforehand, otherwise the app will clearly detect root.

It's a OnePlus 3T with Android 9 ArrowOS. As stated above, it could very well be a module, like EdXposed. Or a root app, or a file or folder on your device, or something completely different.
It's not detecting Magisk at least, that's for sure...
General root hiding tips:
https://www.didgeridoohan.com/magisk/MagiskHide#hn_Hiding_root_from_apps

@Barrel Titor
Samsung Galaxy S7 Custom 9.0 Pie, Magisk 22 root with random name, application without hiding works fine.

Hi all!
First of all: Apologies! I meant to respond sooner to this, but work has kept me occupied and the one time I actually was available, XDA Forums went down into maintenance mode..
Secondly: Sorry for maybe jumping the gun here a bit!
It does look like I should have tested this issue a bit more! I am definitely going to keep on trying to fix this on my own using the resources and methods you have suggested!
I have tested com.adobe.ims.accountaccess on my sisters unrooted OnePlus Nord.. It works fine there, which is really confusing. None of the other apps I am using show this sort of issue :c Not even my banking app!
@mario0318 Thanks for your suggestion! I know it is good practice to remove/disable all your modules. However, none of the modules I have currently installed are particularly large and they certainly do not modify much compared to what is possible. I am going to attach a list to this response, however I am also going to try disabling them one by one and see if I can find the culprit! Unfortunately, I will not be able to disable the "Google Dialer Framework" module, since it causes the device to bootloop if the google dialer app is still present.
Here is a list of all the modules I have installed and enabled at the moment:
Spoiler
App Systemizer (Terminal Emulator)
Busybox for Android NDK
Google Dialer Framework
Looki75 Product Sans font
Systemless Hosts
ViPER4ANDROID FX
Honourable mentions (these modules are completely DISABLED):
Spoiler
Riru
Riru - EdXposed
However, please note again that SafetyNet seems to be INTACT, with "basicIntegrity" and "ctsProfile" still passing and "evalType" being "BASIC".
In any case. Thanks to everyone for their contribution! I really appreciate any suggestion!
Edit: @mario0318 right after I posted this message, I went ahead and gave "RootbeerFresh" a shot. It does not detect root when it is hidden from it. This makes my leading theory to be that the app truly does not support OnePlus 7 Pro devices. Wouldn't know why it doesn't support this model in particular though. Until I either unroot or find someone with the same device, willing to install Adobe Account Access, i can't say for sure though.

Barrel Titor said:
Hi all!
First of all: Apologies! I meant to respond sooner to this, but work has kept me occupied and the one time I actually was available, XDA Forums went down into maintenance mode..
Secondly: Sorry for maybe jumping the gun here a bit!
It does look like I should have tested this issue a bit more! I am definitely going to keep on trying to fix this on my own using the resources and methods you have suggested!
I have tested com.adobe.ims.accountaccess on my sisters unrooted OnePlus Nord.. It works fine there, which is really confusing. None of the other apps I am using show this sort of issue :c Not even my banking app!
@mario0318 Thanks for your suggestion! I know it is good practice to remove/disable all your modules. However, none of the modules I have currently installed are particularly large and they certainly do not modify much compared to what is possible. I am going to attach a list to this response, however I am also going to try disabling them one by one and see if I can find the culprit! Unfortunately, I will not be able to disable the "Google Dialer Framework" module, since it causes the device to bootloop if the google dialer app is still present.
Here is a list of all the modules I have installed and enabled at the moment:
Spoiler
App Systemizer (Terminal Emulator)
Busybox for Android NDK
Google Dialer Framework
Looki75 Product Sans font
Systemless Hosts
ViPER4ANDROID FX
Honourable mentions (these modules are completely DISABLED):
Spoiler
Riru
Riru - EdXposed
However, please note again that SafetyNet seems to be INTACT, with "basicIntegrity" and "ctsProfile" still passing and "evalType" being "BASIC".
In any case. Thanks to everyone for their contribution! I really appreciate any suggestion!
Edit: @mario0318 right after I posted this message, I went ahead and gave "RootbeerFresh" a shot. It does not detect root when it is hidden from it. This makes my leading theory to be that the app truly does not support OnePlus 7 Pro devices. Wouldn't know why it doesn't support this model in particular though. Until I either unroot or find someone with the same device, willing to install Adobe Account Access, i can't say for sure though.
Click to expand...
Click to collapse
So upon Google searching "oneplus 7 pro adobe account access" it appears to be a common problem.

mario0318 said:
So upon Google searching "oneplus 7 pro adobe account access" it appears to be a common problem.
Click to expand...
Click to collapse
I cannot find any results using this search term on google other than my own post on the adobe community forums.. This one: https://community.adobe.com/t5/acco...access-app-device-not-supported/td-p/11695914

@mario0318 do you happen to know a way to somehow "pretend" to the app that i am in fact using a different phone? Something that would allow me to make the app believe it is running on a different device?

Barrel Titor said:
@mario0318 do you happen to know a way to somehow "pretend" to the app that i am in fact using a different phone? Something that would allow me to make the app believe it is running on a different device?
Click to expand...
Click to collapse
Well, the well known magisk module MHPC or Magisk Hide Props Config comes to mind. You can change device fingerprints and maybe also give the Device Simulation feature a go, or custom edit any range of configurable props.
You could do so without the module editing the build.props yourself. Or if you stick with edxposed and deal with not having magisk manager's hide enabled, perhaps any of the device spoofers on the xposed repo could fool the app. Or Sudohide if you set Adobe app to hide from any and all apps that are root relevant. May also consider removing directories in your internal and removable storage for things like TWRP or PBRP, Titanium Backup, xposes, etc, you know, things that a simple media scan looking for any sign of root apps might pick up.
But for now, I'd give MHPC a try and change device fingerprint and maybe enable device simulation if simple fingerprint change doesn't work.

I'm having the same issue on a rooted OnePlus 8T

Same for me on op7 pro. Hiding with somiko but Adobe still not working. Nor could I bypass square, it notes root when it pairs Bluetooth

The future of MagiskHide

MagiskHide is dropped in v24. According to the developer's blog, there will remain a feature that “will be able to assign a denylist of processes where Magisk denies further modifications and reverts all changes it had done". What will this feature do in the future? Will it satisfy those picky apps that don't like rooted phones? And most importantly, are there any other hiding mechanisms in the pipeline that's supposed to replace MagiskHide?

petersohn said:
MagiskHide is dropped in v24. According to the developer's blog, there will remain a feature that “will be able to assign a denylist of processes where Magisk denies further modifications and reverts all changes it had done". What will this feature do in the future? Will it satisfy those picky apps that don't like rooted phones? And most importantly, are there any other hiding mechanisms in the pipeline that's supposed to replace MagiskHide?
Click to expand...
Click to collapse
Yes, they are. The changes made in v24 allows for even more powerful hiding mechanism, but they need to be added as separate modules. Please consult this thread: https://forum.xda-developers.com/t/discussion-magisk-the-age-of-zygisk.4393877/

New Xposed API Proposal

We are now working on the new Xposed API, which allows modules to get / set scope, to get framework info, and to store configs across apps without the embarrassing New-XSharedPreferences interface. The API library will be released to GitHub/libxposed and maven central after it is ready.
Now we are considering removal of resources hook in the incoming new API, so we need to know whether it is still needed or unreplaceable for some modules.
About why we want to remove this API: Resources hook is very hard to maintain and is even not fully supported now under some frameworks (e.g. Taichi). So even if we keep it, it will be maintain-only.
Old modules can still use this feature. We are just considering remove it in the new API.
You can vote at the LSPosed Telegram group or write your opinion here. Also we are glad to hear your suggestions about the new API.

@AndroidX @siavash79 @Dark_Eyes_ @firefds @David B. @Quinny899 @wanam
Just mentioning you guys since you're all active here on XDA. Please see the first post.
Regards,
shadowstep
Senior Moderator

Dr-TSNG said:
We are now working on the new Xposed API, which allows modules to get / set scope, to get framework info, and to store configs across apps without the embarrassing New-XSharedPreferences interface. The API library will be released to GitHub/libxposed and maven central after it is ready.
Now we are considering removal of resources hook in the incoming new API, so we need to know whether it is still needed or unreplaceable for some modules.
About why we want to remove this API: Resources hook is very hard to maintain and is even not fully supported now under some frameworks (e.g. Taichi). So even if we keep it, it will be maintain-only.
Old modules can still use this feature. We are just considering remove it in the new API.
You can vote at the LSPosed Telegram group or write your opinion here. Also we are glad to hear your suggestions about the new API.
Click to expand...
Click to collapse
Thanks for getting opinions
1. Xshared preferences interface overhaul is good news since it was always unstable for me. I personally switched to remote preferences API for AOSPMods
2. When going to systemUI and framework, it's sometimes very difficult and complicated to change some variable values through Xposed, specially with R8 code optimizations which dramatically limit the points we can hook into code.
There are two workarounds I know of, being Xposed resource hooking that can be also dynamic in runtime, or overlays, which being static, still limit the way we can change resources dramatically.
So, I'd really suggest keeping it in the API

siavash79 said:
2. When going to systemUI and framework, it's sometimes very difficult and complicated to change some variable values through Xposed, specially with R8 code optimizations which dramatically limit the points we can hook into code.
Click to expand...
Click to collapse
For R8 code optimizations, we introduced a new API to parse dex file, which allows modules to find methods/fields more accurately.
Anyway if we finally decide to keep resources hook API, do you have any suggestions on keeping/adding/removing specific methods of it or refine it to a more modern interface?

Perfect news.
About resource hooking, few things to note are that: it can't differentiate between different resource files, for example normal values vs landscape or dark/light values. It would be great if there's a way to push different values to different resource files.
Also, there are more limitations when talking about special resources such as themes. As an example, in AOSPMods, one of the reasons it's a magisk module instead of being a normal APK is that overlay files have to be used in cases that need modification of theme resources and that can't be done via resource hooking.
I personally love to get a more complete/flexible resource hooking API, but I completely understand if that's too much to ask. So even keeping it as currently is would be good enough

Thank you @shadowstep for bringing this to my attention!
Dr-TSNG said:
We are now working on the new Xposed API, which allows modules to get / set scope, to get framework info, and to store configs across apps without the embarrassing New-XSharedPreferences interface. The API library will be released to GitHub/libxposed and maven central after it is ready.
Click to expand...
Click to collapse
That's wonderful news, although I do not quite understand what you have against the new XSharedPreferences interface. I use it in my modules, and I've never had any issues with it.
Dr-TSNG said:
Now we are considering removal of resources hook in the incoming new API, so we need to know whether it is still needed or unreplaceable for some modules.
About why we want to remove this API: Resources hook is very hard to maintain and is even not fully supported now under some frameworks (e.g. Taichi). So even if we keep it, it will be maintain-only.
Old modules can still use this feature. We are just considering remove it in the new API.
Click to expand...
Click to collapse
I am not currently using the resources hook in any of my modules, so removing it would not impact me, but even so, I'm not a fan of the suggestion to get rid of it completely. I think that at the very least, it should be kept as maintain-only. It is unfortunate that it does not work with Taichi, but given that Taichi isn't a true Xposed implementation, I'm not sure that it's worth worrying about.

This looks great, I've been waiting for it since the initial issue talking about it. Prefs are always a pain to handle, and while the "new" method worked, I always preferred to use a Content Provider, which was nerfed in Android 12.
Really like the idea of setting the scope, it would be beneficial to the Xposed part of DarQ, the only suggestion I have is to make sure it includes some sort of "am I enabled?" check - currently I use self hooks (literally the module hooking itself and changing a method returning false to true) to verify it's enabled, but it doesn't seem to be foolproof as people sometimes still complain it doesn't work.

Quinny899 said:
the only suggestion I have is to make sure it includes some sort of "am I enabled?" check
Click to expand...
Click to collapse
Of course does, and the module app can get more info about the the Xposed state like it's under which framework and which version, and whether it is rootless or not without self-hooking.
You can view the detail here.

@shadowstep Thanks for the head up.
Glad to see a new api to manage configs across apps, shared prefs has been always painful to handle even with the new-xshared prefs.
I would suggest having an api to get the version name of scope's package, I'm aware of some workarounds that help get the version name, but it's not a reliable solution on the latest Android versions, this information is needed for logging/debugging purposes.
@Dr-TSNG thanks and keep up the good work.

@Dr-TSNG Thanks for new api I was wating for this api from more then 1 year coz when I build my first module (Android Faker) its was really pain in ass coz of Xsharedpreference after some research I found better solution which was remote preference but Quinny899 mention in Github issue that its not work in android 11 so after that I move to new Xsharedpreference which was introduce by lsposed team and its working great but its still create issue in some devices so I think it will be a better solution if we get it soon and I am not sure about resources hook coz I don't use it before .

The problem with xshared preferences is that if the apk is a system app it won't work for some reason. Only works on user apps

siavash79 said:
The problem with xshared preferences is that if the apk is a system app it won't work for some reason. Only works on user apps
Click to expand...
Click to collapse
Interesting. I use XSharedPreferences in a System Framework hook and haven't had any issues with it.

David B. said:
Interesting. I use XSharedPreferences in a System Framework hook and haven't had any issues with it.
Click to expand...
Click to collapse
Is your module installed as APK or as magisk module?
Try mounting it to system through magisk and preferences will stop working

siavash79 said:
Is your module installed as APK or as magisk module?
Try mounting it to system through magisk and preferences will stop working
Click to expand...
Click to collapse
It's installed as an APK. I misunderstood what you had said earlier. I thought you meant that the hook doesn't work when you try to use it on system APKs. I didn't realize that you meant that it doesn't work when the module is itself a system APK.

siavash79​Yeah I agree with this and in my testing if you set target sdk 23 its doesn't matter if its as system app or user its work without any issues but its not worth coz it have some other issues

Thank you for accepting the API invokeSpecial() !
Add invokeSpecial · libxposed/[email protected]
Fix #2
github.com
Implement invoke special and new instance special · LSPosed/[email protected]
LSPosed Framework. Contribute to LSPosed/LSPosed development by creating an account on GitHub.
github.com
Looking forward to the new API release.
Happy Chinese New Year!

I just want to see @M66B happy again

Somewhat unrelated, but is there any chance of seeing original Xprivacy return or compatibility? I think it's a lot better than Lua

lawrencee said:
Somewhat unrelated, but is there any chance of seeing original Xprivacy return or compatibility? I think it's a lot better than Lua
Click to expand...
Click to collapse
No. Xprivacy will never "return".
XPrivacyLua is the best ever