By now, most android users have likely heard of the masterkey exploit which affects millions of android devices worldwide. The exploit(s) which allow malicious hackers to add malicious code to an .apk file or .zip without altering the encryption signature, can allow those individuals to gain total remote control over an android device onto which such files are installed. These exploits were first discovered by independent security firm Bluebox, and they notified Google of the risks, but google didn't push out the patches until June or July of 2013. OEM roms or updates to them before that don't include the masterkey fixes. Users that install applications from locations besides the play store are at the largest risk, and though Google does scan playstore apps for exploits like this, it's very possible that one could slip through.
More about the android masterkey vulnerability:
http://bluebox.com/corporate-blog/bluebox-uncovers-android-master-key/
Luckily, the patch has been made easy to install for users of affected devices via an xposed framework module.
First, you'll need the xposed installer application:
http://forum.xda-developers.com/showthread.php?t=1574401
Download the latest version of the app, allow installation from unknown sources in security settings, and install. Install the framework, and reboot. Go back to security settings and disallow installation of apps from unknown sources if you wish.
At this point, visit the playstore and download bluebox's masterkey scanner app:
https://play.google.com/store/apps/details?id=com.bluebox.labs.onerootscanner
Open the app and let the scan run. The result should be that your device is vulnerable to the first two masterkey vulnerabilities:
8219321 (1st)
9695860 (2nd)
Return to the play store and download the masterkey fix app:
https://play.google.com/store/apps/details?id=tungstwenty.xposed.masterkeydualfix
After the app has been installed, open the xposed installer app, go to the modules section, enable the masterkey module. Reboot. Profit.
You can run the bluebox scan app again to make sure the module took if you wish, and uninstall the scanner app as well if you'd like.
Related
Root Android 2.2.x + Without a PC
Developed By :- Danish
Caution: Its Harmful, it may void Your Warranty and No One is Responsible for Any Damage to Your Device.
To Root Android 4.0.x or Above visit: http://forum.xda-developers.com/showthread.php?t=2263407
What is Rooting?
Rooting enables all the user-installed applications to run privileged commands that are typically unavailable to the devices in their stock configuration. Rooting is required for more advanced and potentially dangerous operations including modifying or deleting system files, removing carrier- or manufacturer-installed applications, and low-level access to the hardware itself (rebooting, controlling status lights, or recalibrating touch inputs.) A typical rooting installation also installs the Superuser application, which supervises applications that are granted root or superuser rights. A secondary operation, unlocking the device's bootloader verification, is required to remove or replace the installed operating system. In contrast to iOS jailbreaking, rooting is not needed to run applications distributed outside of the Google Play Store, sometimes referred to as "sideloading". The Android OS supports this feature natively in two ways: through the "Unknown sources" option in the Settings menu and through the Android Debug Bridge. However some carriers, like AT&T, prevent the installation of applications not on the Store in firmware, although several devices (including the Samsung Infuse 4G) are not subject to this rule, and AT&T has since lifted the restriction on several older devices. As of 2012 the Amazon Kindle Fire defaults to the Amazon Appstore instead of Google Play, though like most other Android devices, Kindle Fire allows sideloading of applications from unknown sources, and the "easy installer" application on the Amazon Appstore makes this easy. Other vendors of Android devices may lock to other sources in the future. Access to alternate apps may require rooting but rooting is not always necessary. Rooting an Android phone allows one to modify or delete the system files which in turn can allow them to perform various tweaks, and use apps which require root access.
Root Android Device (Specially on Qualcomm Processors) without a computer.
Download and Install Poot.apk (Included)
Open the app, it will require to install Ministro II. It will redirect you to Google Play link.
Download Ministro II.
Open Poot Again. It will now download Ministro II libraries.
After libraries are updated, 2 options will be displayed.
Press Here to Poot.
Built in Root Check.
Click on "Press To Poot".
After its Done. It will show 3 options.
Get SuperUser.
Get Root-Checker.
In-Built Root-Checker.
Click on "Get Super User".
You'll be Redirected to Google Play Store.
Download SuperUser.
Reboot.
Your Device is Rooted. Enjoy. :victory:
Thanks to dhinesh77
Additional Tags (Please Ignore) : Root,Android,Root Android,Root Without a pc,root my device,root updated,root me,oneclickroot,qualcomm root,root no pc,no pc required.
Contact Us
We Are Always There To Help You..!!
Contact Us On Facebook At https://www.facebook.com/DaNish.AnSari.1994
Please Give "Thanks".. :good:
PLEASE QUOTE FOR FURTHER INFO.
Hmm... Does this work
Sent from my SAMSUNG-SGH-T989 using Tapatalk
hatememarkz said:
Hmm... Does this work
Sent from my SAMSUNG-SGH-T989 using Tapatalk
Click to expand...
Click to collapse
you can try on your device..
Bro...plz give me this Ministro II
for sumsung gt i9001
I'm looking for ways to bolt down security on the stock Sony ROM or the slim ROM. I'm on slim 4.9 right now. I have all the standard security items in place)(Pin protection, malware scanners, FOSS apps when I can) but I'm looking for some more specific things. I'm looking for a feature that's in cyanogenmod. I want the ability to deny apps the capability to access things they don't need. For example, if a messaging app needs my mic, deny access to that.
Is this doable with xposed? I know next to nothing about the xposed framework.
RNZL3R said:
I'm looking for ways to bolt down security on the stock Sony ROM or the slim ROM. I'm on slim 4.9 right now. I have all the standard security items in place)(Pin protection, malware scanners, FOSS apps when I can) but I'm looking for some more specific things. I'm looking for a feature that's in cyanogenmod. I want the ability to deny apps the capability to access things they don't need. For example, if a messaging app needs my mic, deny access to that.
Is this doable with xposed? I know next to nothing about the xposed framework.
Click to expand...
Click to collapse
Yes, that's also possible on stock or stockbased rom's, regardless of the device. And yes, you need Xposed (and of course root for that).
Install Xposed Installer by rovo89 (you need xposed-v80-sdk22-arm.zip [you need to install it via recovery, e.g. TWRP] and XposedInstaller_3.0_alpha4.apk for your device).
Right after flashing the zip, wipe cache and dalvik/art, then reboot. After the reboot, install the alpha4.apk (don't forget to enable "unknown sources" in "Security" of the "Settings" tab before). Right after that, open "Xposed Installer" app tap "Framework" -> "Reboot" and confirm the root access.
==> Thread here: http://forum.xda-developers.com/showthread.php?t=3034811
==> Q&A Thread: http://forum.xda-developers.com/xposed/modules/xprivacy-ultimate-android-privacy-app-t2320783
3. Install M66B's XPrivacy module
==> Thread here: http://forum.xda-developers.com/xposed/modules/xprivacy-ultimate-android-privacy-app-t2320783
Good luck!
http://forum.xda-developers.com/member.php?u=4419114
I'm working on porting "CIT test" application from MIUI to custom Android 11 ROMs (for calibrating proximity and fingerprint sensors), with end goal of creating a Magisk module. I'm stuck now with the application calling android.os.ServiceManager/addService, which fails with SecurityException -- I presume because I removed android:sharedUserId="android.uid.system" from its manifest, so it doesn't run with system app permissions. Currently I place it in /system/priv-app instead, which allows me to give it at least all the manifest permissions that it requires.
AFAIU, there is no way for me to simply use android.uid.system, as it requires one to sign the package with the same keys that were used for the ROM itself. As my idea is to have a general Magisk module, this is out of the question. However, because obviously I expect devices to be rooted (and can require Xposed), I want to find some way of circumventing signature check for this one package. Say, using Xposed to patch signature check, and to allow my public key to be used for android.uid.system apps. I don't want to completely disable signature checks, as this greatly compromises security.
I also thought of somehow using su to run this application as root, but apparently this is also not possible.
Is there a way to do this or something similar? Maybe I miss another way of implementing what I want? Any help or links are greatly appreciated.
I am curious about this too. It would help install the nReal nebula service on non-carrier devices and use nRreal Light AR glasses with the Nebula app.
Re-add the android.uid.system line
disable your Android Signature Verification
install with magisk to /system/app or priv-app
Hello I want to play this game but I can't because it force closes. I don't have root I only have custom rom because I don't like miui. Can I bypass it? What are the possible solutions?
The Custom ROM in use may contain a rooted Android. Check this with
Root Validator (Android)
Manage your root installation
root-validator.en.uptodown.com
Lupa031 said:
Hello I want to play this game but I can't because it force closes. I don't have root I only have custom rom because I don't like miui. Can I bypass it? What are the possible solutions?
Click to expand...
Click to collapse
Is your device passing SafetyNet? And even if you get a visual pass that may not be sufficient. You need to:
- Install LSPosed/Xprivacy and run the latest SafetyNet FIX patch for Magisk and complete the process for hiding root.
- Add the game itself in LSPosed too and block tracking too to isolate it
- Clear cache+data and possibly do a clean re-install
That should in principle do it. However if the game server has banned you because root was detected you need to spoof the SSAID assigned to the game too.
Andrologic said:
Is your device passing SafetyNet? And even if you get a visual pass that may not be sufficient. You need to:
- Install LSPosed/Xprivacy and run the latest SafetyNet FIX patch for Magisk and complete the process for hiding root.
- Add the game itself in LSPosed too and block tracking too to isolate it
- Clear cache+data and possibly do a clean re-install
That should in principle do it. However if the game server has banned you because root was detected you need to spoof the SSAID assigned to the game too.
Click to expand...
Click to collapse
Hi, where can I find the step by step on those? This is the first time I've heard of LSPosed, Xprivacy, Safety Net Fix patch.
Lupa031 said:
Hi, where can I find the step by step on those? This is the first time I've heard of LSPosed, Xprivacy, Safety Net Fix patch.
Click to expand...
Click to collapse
This is a good guide to what needs to be done:
[2023 FIX] Fix Magisk CTS Profile False Error - Bypass Safetynet
Magisk CTS Profile False Error is now popping up on almost everyone's device since Google made some changes in March. To Bypass Safetynet...
droidholic.com
In addition, add the game to LSPosed as well and block tracking for it in Xprivacy (same steps as done for Google Play Services). And clear cache+data and reset the game after doing above.
If done correctly, there should be no way your game can detect root.
Andrologic said:
Is your device passing SafetyNet? And even if you get a visual pass that may not be sufficient. You need to:
- Install LSPosed/Xprivacy and run the latest SafetyNet FIX patch for Magisk and complete the process for hiding root.
- Add the game itself in LSPosed too and block tracking too to isolate it
- Clear cache+data and possibly do a clean re-install
That should in principle do it. However if the game server has banned you because root was detected you need to spoof the SSAID assigned to the game too.
Click to expand...
Click to collapse
Hello how do I spoof the SSAID? I think my ip is blocked now or something after it's latest update.
Lupa031 said:
Hello how do I spoof the SSAID? I think my ip is blocked now or something after it's latest update.
Click to expand...
Click to collapse
There are different ways and apps to do it, I like using App Manger - you can get it on F-Droid (link below). Stop and Disable the game. Clear cache + data. Then give the game a new SSAID. Reboot. Done. All can be done from App Manager.
Note, this will completely de-link your device and the game and reset everything - as if you're on a new phone. Also, if you haven't fully hidden root from the game/app, you will just get banned again so you want to make sure of that first.
App Manager - Android package manager | F-Droid - Free and Open Source Android App Repository
A full-featured open source package manager for android.
f-droid.org
Hi XDA
I'm having an issue deodexing or signature spoofing, all the tutorials seem to be for Android 9, 11 or 12, but not 10. Everyone seems to recommend Nanodroid but that isn't working for me, the MicroG self-check fails on "System spoofs signature" and "Play Services (GmsCore) has correct signature", I hear this happens when spoofing is enabled system-wide, but most Gapps still don't work properly, like the Play Store crashing immediately on startup (I'd prefer to use the Aurora store so I'm just listing it as a symptom), YouTube (stock and revanced root installed) complaining that Play Services isn't enabled, no notifications and location services not working at all so Maps is useless.
I did try Smali Patcher and that didn't work either (though the Screenshot on restricted apps patch did work) and I've heard some call it "shady" though they didn't say why.
I've heard that there is a way of enabling spoofing on a per-app basis (like apps requesting root access) which I would prefer, and I wasn't really a fan of how Nanodroid disabled the app installation dialog box (I prefer to micromanage updates), though as mentioned above I did like that screenshots couldn't be blocked.
Does my ideal setup exist or it is another pipe-dream?
Thank you in advance.
Look inside here:
doc/NanoDroidPerm.md · master · Christopher Roy Bratusek / NanoDroid · GitLab
microG, F-Droid, GNU Bash, FOSS applications and more for Android
gitlab.com
jwoegerbauer said:
Look inside here:
doc/NanoDroidPerm.md · master · Christopher Roy Bratusek / NanoDroid · GitLab
microG, F-Droid, GNU Bash, FOSS applications and more for Android
gitlab.com
Click to expand...
Click to collapse
Thank you for the suggestion, I ran the script as root but it didn't change anything.
EDIT: I just read through the documentation on the nanodroid repo and it seems you can't set up MicroG using this method on a Gapps preloaded stock ROM without installing it through recovery, which I can't as there's no port of any custom recoveries like TWRP.