Google Auth after resigning - General Questions and Answers

Hello Everyone,
I have a question that might sound stupid , but here it is ,I have been porting some apps to my xiaomi phone(k20 pro) from other phones normally, until I got to an app that uses GoogleAuthUtil, (To signin to google accounts) , which fails after resigning the app.
I ask here if there is someone who has a way to bypass this problem.
Replaced all the apk signature calls on the app to no avail, its seems GMS checks for the signature on its own (upon asking permission to get the accounts and throws an exception about unknown keys or certificate).
How does GMS know if this signature is allowed to access the accounts on the device ? and how to whitelist my signature for example....idk
P.S. I can do it easily bypass it via a magisk module, I want to know if there is a way to do it directly on the apk so it won't need root or a magisk module to work.

For those interested ,I successfully bypassed the google "getAccounts" part , but it seems that nothing can be done once the application tries to connect to the firebase server , it needs the original signature to do so ,=> the xposed module is a must , either that or disable the Android-wide signature verification check and install unsigned apk (which I do not recommend nor use) , so xposed it is.

Hello

Related

UnifiedNLP with GApps Patch

This package contains a few windows batch files to help you get UnifiedNLP working with (or without) Google Play Services on your phone. Extract it anywhere and run the batch files as needed. Everything required is included in the download but you will need root ADB capabilities. Learn more about ADB here:
http://wiki.lineageos.org/adb_fastboot_guide.html
For the record, I use this on Nougat. More specifically, LineageOS 14.1 so I can't say how it will work or what is necessary on other versions or roms.
Included Batch Files
To use these scripts your phone needs to be connected to your computer.
Install.bat - Install apks and addon.d updater script
Patch.bat - Patch framework-res.apk
DisableGoogle.bat - Disable Google location services and permissions
EnableGoogle.bat - Enable Google location services and permissions
Restore.bat - Delete apks, restore stock framework, enable services and permissions
GetDiff.bat - Create new patch file.
Background
UnifiedNlp is a network location provider that can be used instead of the Google network location service that's included in Google Play Services. The version used here is the GApps version that can be used along side Google Play Services.
https://github.com/microg/android_packages_apps_UnifiedNlp
Installing the Apps
Run Install.bat
UnifiedNLP has to be installed as a system app. This script installs it in /system/app along with some backends. It also installs an addon.d script so it will survive system updates if your rom supports it. Once installed, you can find the app in your app drawer. See the thread on XDA to help set it up.
https://forum.xda-developers.com/android/apps-games/app-g-unifiednlp-floss-wi-fi-cell-tower-t2991544
Patching the Framework
Run Patch.bat
To use a location provider, it's package name has to be included in the "config_locationProviderPackageNames". This script patches framework-res.apk to include the UnifiedNLP package name. I've created a thread on the LOS subreddit asking for this to be included by default but until then we'll have to patch each update.
https://www.reddit.com/r/LineageOS/comments/5u919y/support_for_unifiednlp/#ddto2rc
If patching fails run GetDiff.bat to create a new patch file:
When prompted, open arrays.patched.xml in your text editor (Notepad++ recommended)
Find 'config_locationProviderPackageNames' section
Add a new item 'org.microg.nlp'
Save and continue
Run Patch.bat again
Disabling Googles Location Service
Run DisableGoogle.bat
When you enable network location in settings you also enable Google's location service. There's no simple way to enable one without the other... Bit of a monopoly and totally wrong if you ask me, but that's the way it is. So we have to disable a couple of Google services to get UnifiedNLP working.
So now we should have UnifiedNLP working but we still have Google Play Services stalking us and constantly checking our location. This is what gives us all those NLP related wakelocks. To prevent this we just have to revoke coarse/fine location permissions for Google Play Services. DisableGoogle.bat also does this.
Disclaimer:
Needless to say, if you try this you do so at your own risk. I take no responsibility for anything.
It's always a good idea to make a full backup before doing anything like this to your phone.
Download
nlp_patch.zip
Resources:
Everything required is included in the download but if you'd like to download full versions or find out more, checkout the links.
Apktool: https://ibotpeaches.github.io/Apktool/
UnixUtils: http://unxutils.sourceforge.net/
jPortable: http://portableapps.com/apps/utilities/java_portable
ADB: https://dl.google.com/android/repository/platform-tools-latest-windows.zip
Reserved
Download updated: There was a very silly error in Patch.bat.
I'm just posting to say that my ROM won't boot after applying this patch. Fortunately, I had a backup. I'm running Resurrection Remix on a Note 4 (N910T), which is v7.1.1 and based on a mix of LineageOS and Emotion/Emotroid (the latter is AOSP). I followed the instructions to the tee. I already had adb and fastboot installed. The patch did succeed. I also tried clearing cache and dalvik cache in TWRP, but still couldn't boot. I do have GApps installed. What could have gone wrong?
Thanks!
Hmm... Not sure why it wouldn't work for you. I can only guess that the framework didn't re-compile properly or it wasn't pushed to system properly.
One thing you could try is boot to twrp, mount system and run patch.bat from there.
No GCN push
Hey, thank you very much for your effort! I have used your Windows Batch files in an editor to translate the process to Linux. Everything works flawlessly on my LG G4 with Lineage 14.1!
Without GCM, which is sadly a dealbreaker. It seems to need permission for "com.google.android.gms android.permission.ACCESS_FINE_LOCATION", the other three adb lines in your DisableGoogle.bat can be executed and GCM still works.
So I ask: What do I lose in privacy in not revoking permission for the line above?
If location permissions are allowed then google play services will keep accessing network/gps to keep track of your location. This causes all those nlp wakelocks. I did find however that using UnifiedNLP like this caused significantly less wakelocks than using the google location services. So if that's how you need it then go for it.
BTW, what's GCN push?
Sorry, I meant GCM, Google Cloud Messaging (not Notification).
The main question would be if Google still collects and tracks Wi-Fis, cell towers etc. when I don't revoke this permission. If so, the whole enterprise to get the Mozilla Location Provider to work would be rather pointless. No push notifications for Signal, Tweetings etc. is sadly not acceptable for me.
Ah, I can't comment on GCM as I've never used it but third party app's I use push ok. But that being said, you use GCM so that's what you need to work.
The whole point of this really is to stop google from stalking you (whether for privacy, battery or both). So yeah, I'd have to agree that using this and allowing those google location permissions would be pretty pointless.
Works great on my op3t thanks a million
microG's built in unified nlp and this are same?
vegoja said:
Works great on my op3t thanks a million
Click to expand...
Click to collapse
Good to know, cheers.
sohamsen said:
microG's built in unified nlp and this are same?
Click to expand...
Click to collapse
Yes. If you're using MicroG then this isn't useful for you.
Hi,
This method works if i disabled google play services only.
Disablepatch disabled my gps lock.
any idea?
The download is dead, can you reupload?
Hi. With some little changes (updating java and apktool) I managed to get Patch.bat working on LOS 15.1 *but* my device did not boot anymore once the patched framework-res.apk was in place (and booted again once I piut back the original apk). Did I miss a step? Thks in advance for your help.
@Nyakov: the download isnt dead, try again.
@Julien Faure: You probably didnt do anything wrong. I tried this same patch on Resurrection Remix Nougat many months ago, ROM wouldnt boot. I suspect that you need to disable Android's signature verification for this to work. Check out Smali Patcher.
Thansk a lot for the quick answer! If possible, I would like to avoid rooting (and thus avoid Magisk): is there a way to disable signature verification w/o it? Something to be done, applied, installed from TWRP for instance.
@Julien Faure: Smali patcher doesnt need root. It doesnt even need Magisk, despite being listed as a Magisk module on XDA.
Follow the steps in the SP thread. Since all you want is signature verification disabled, only check that box. Once it is successful, it will create a zip file. Extract the services.jar from that, boot into TWRP, replace your services.jar with the new one, set permissions on this file to 0644.
In the zip SP produces, there will also be zero byte (0 in size) files. These are placemarkers that tell Magisk to systemlessly delete these files. But since you wont be using Magisk, you need to look in /system/framework and manually delete these files. So just find the ones that match the paths and names of the zero byte files in the zip, delete them. If you cant find all of them, just skip the ones not present.
Because you are modifying the system partition, you may also need to disable dm-verity and/or Verified Boot (AVB). But since you're patching LOS, i dont believe it will be necessary.
AnonVendetta said:
@Julien Faure: Smali patcher doesnt need root. It doesnt even need Magisk, despite being listed as a Magisk module on XDA.
Follow the steps in the SP thread. Since all you want is signature verification disabled, only check that box. Once it is successful, it will create a zip file. Extract the services.jar from that, boot into TWRP, replace your services.jar with the new one, set permissions on this file to 0644.
In the zip SP produces, there will also be zero byte (0 in size) files. These are placemarkers that tell Magisk to systemlessly delete these files. But since you wont be using Magisk, you need to look in /system/framework and manually delete these files. So just find the ones that match the paths and names of the zero byte files in the zip, delete them. If you cant find all of them, just skip the ones not present.
Because you are modifying the system partition, you may also need to disable dm-verity and/or Verified Boot (AVB). But since you're patching LOS, i dont believe it will be necessary.
Click to expand...
Click to collapse
Wow thanks a lot again. Will report here once I will have tested that.
@AnonVendetta: BTW, are you aware of any ROM (not necessarily for the 5X) which supports the UNLP + GApps configuration "out-of-the-box" w/o having to apply those patches (OP's one + Smali)? Seems to me that a lot of ROMs (if not all) decided to support the "microG as a gmscore replacement" scenario only.

"Cannot Create Work Profile" Error

I recently downloaded an app called "Island" from the google play store and stumpled across this problem:
"The security policy prevents the creation of a work profile because a Custom OS has been installed on this device.
I have a Samsung Galaxy S7 (7.0)
Rooted with Unofficial Xposed Framework (by PurifyOS)
Also have Superkernel v2.70 installed.
Is there a way to bypass this using an Xposed module or other rooted applications?
You can try xTouchWiz Xposed module which has a function to fake the system status as Official instead of Custom under the security hacks section.
Alternatively you can use Magisk which should hide everything but Xposed from apps.
What worked for me was connecting the device to wifi or putting in an activated sim card before doing the work profile setup process.
Same problem here (S9 Soldier Rom), did someone made it work?
No one yet?
Has anyone gotten this to work?
Beanvee7 said:
You can try xTouchWiz Xposed module which has a function to fake the system status as Official instead of Custom under the security hacks section.
Alternatively you can use Magisk which should hide everything but Xposed from apps.
Click to expand...
Click to collapse
I don't have Xposed but I recently rooted with Magisk. And MagiskHide is not working for this. Do we have to hide system apps as well? I actually get this error when I add my Gsuite work account.

Adding android.uid.system apps with Magisk

I'm working on porting "CIT test" application from MIUI to custom Android 11 ROMs (for calibrating proximity and fingerprint sensors), with end goal of creating a Magisk module. I'm stuck now with the application calling android.os.ServiceManager/addService, which fails with SecurityException -- I presume because I removed android:sharedUserId="android.uid.system" from its manifest, so it doesn't run with system app permissions. Currently I place it in /system/priv-app instead, which allows me to give it at least all the manifest permissions that it requires.
AFAIU, there is no way for me to simply use android.uid.system, as it requires one to sign the package with the same keys that were used for the ROM itself. As my idea is to have a general Magisk module, this is out of the question. However, because obviously I expect devices to be rooted (and can require Xposed), I want to find some way of circumventing signature check for this one package. Say, using Xposed to patch signature check, and to allow my public key to be used for android.uid.system apps. I don't want to completely disable signature checks, as this greatly compromises security.
I also thought of somehow using su to run this application as root, but apparently this is also not possible.
Is there a way to do this or something similar? Maybe I miss another way of implementing what I want? Any help or links are greatly appreciated.
I am curious about this too. It would help install the nReal nebula service on non-carrier devices and use nRreal Light AR glasses with the Nebula app.
Re-add the android.uid.system line
disable your Android Signature Verification
install with magisk to /system/app or priv-app

Question Signature spoofing on ROG 5 ?

I'm experimenting with rolling Micro-G on ROG5 and de-Google the device (on stock rom obviously). But getting successful signature spoofing is a blocker for me. The Xposed method is not working out , and neither is flashing patches.
Has anyone successfully signature spoofed an ROG 5 yet? If so, mind sharing how you did it. Thanks.
Did you ever solve this?
Hello, You can use this Xposed modules:
On android 11: https://github.com/whew-inc/FakeGApps (latest version should work also on Android 12)
On android 12: https://github.com/nift4/FakeGApps/releases
They are confirmed working, but don't check them with "signature spoofing checker" as they spoof signature only for GMS and Play Store. To install MicroG just systemlessly debloat original GMS and Play Store, reboot and install MicroG Magisk Module from Fox Magisk Modules Manager. This way You will have MicroG installed fully systemless way and You can install system updates from ASUS website without need to repeat installation of MicroG after each update.
Yes I did although didn't stick with it. I need Play Services to remain for a couple of things. Practically everything else Google is stripped from my device however and Play Service is heavily restricted, I found that to be the best solution for me.

[GUIDE] How to get SafetyNet working with MicroG

This is a tutorial on how to set up your phone so that you can consistently pass SafetyNet. Note that all this is from my own experience, and if what works on one device blows up another, that's not my problem and I'm not responsible for that. I will attempt to keep this tutorial as clean and simple as possible, but if you have any further questions that are more specific you are welcome to ask.
In order to be as simple as possible to understand, this guide assumes the following:
- You have a PC. Windows, Mac, the almighty Linux, it makes no difference.
- You have the android platform tools on your PC
- Your device has an unlocked bootloader.
- Your device does not have support for signature spoofing.
- Your device does not have Google's official play services on it.
- You have a working brain.
If one or more of the above is incorrect, you'll have to make more use of the last item on the list.
If the last item on the list is incorrect, you're beyond hope.
Now, the guide:
Step 1: Get some magisk on your phone
Setting up magisk is incredibly simple, and I won't be going into detail here. I would recommend installing the regular magisk app and patching your boot image, as that is what I've done.
Note that you do not need the magisk manager app for this guide at all.
I've attached the magisk app I used to this post. You'll need to install the app and make use of the "install" section of the home page.
Once magisk is installed and set up, you'll need to enable zygisk in the magisk settings. Then reboot.
Step 2: Installing MicroG
I am not going to list through all the possible way you can install microG. Instead, have a link to microG's wiki:
index - MicroG
r/MicroG: Subreddit about microG, a free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries. This …
www.reddit.com
Now here comes the important bit:
From everything I have seen, it appears clear that google stores information about each device that registers with it, and that this in turn will affect SafetyNet.
Therefore, the best way to prevent this leading to SafetyNet failing is to prevent connection with google completely - till the phone is ready.
Before you install microG, make sure your phone has both wifi and data turned off. Leave these off till the setup is complete. Note that only the phone needs to be disconnected, nothing else matters.
In essence, this means that google sees nothing till your device is setup correctly, and then SafetyNet has nothing to complain about.
Now that you've read every word of the above paragraph, go ahead and install microG on your phone.
Make sure you've got all the different components: Core, GSF Framework, FakeStore, and DroidGuard helper. If your installation method does not handle all of this for you, then it sucks, and you shouldn't have used it. Regardless, you can find apks for all of these at https://microg.org/
Step 3: Don't touch
As I've already made clear above, do not change any microG settings at this point. Don't enable device registration (if it's disabled), don't enable safetynet, and just generally leave microG settings alone for now. Oh yeah, and don't turn on wifi or data.
Step 4: Tricking SafetyNet
Everything up till now has just been preparation for actually tricking SafetyNet. So now that we've got all that out the way, let's get down to details:
First, downloads:
Download the latest zip: https://themagisk.com/magiskhide-props-config/
Download the latest zygisk zip: https://themagisk.com/universal-safetynet-fix/
Move these over to your phone and install them both as magisk modules.
Once these modules are installed and you've rebooted, connect your phone to your pc.
Open a terminal/command prompt in your platform tools folder, and type "adb shell props". You may need to grant the superuser permission from your phone.
Then choose option 1.
You'll then need to choose a device from the list available.
The key here is that we need to spoof our device fingerprint, so google thinks the device is certified, even if it actually isn't.
If your device is approved by google, then simply select your device model.
If not, things get a bit more unclear. Not every fingerprint will work for every device - If your device is vastly different from the one you are trying to spoof things may not always work correctly. The best advice I can give here is to choose a device that matches yours as closely as possible. As an example: if your device is made by Xiaomi but is not approved by google, I would select a fingerprint belonging to a Xiaomi device.
Keep in mind that if you try a fingerprint that does not work, you cannot simply switch it to something else and try again, as the SafetyNet history for the device has to be clean.
Once you've spoofed your device fingerprint and rebooted, you're almost ready to test out SafetyNet and google sign in. But first:
Step 5: Do you need signature spoofing?
To ensure things work as smoothly as possible, it's important to make sure you have signature spoofing working before you test SafetyNet. If you've got your own solution to that great. If not:
The first thing I have to point out is that a lot of sigspoof methods on google nowadays are outdated and semi-functional at best, working for a handful of devices. As this guide is intended to be a universal solution regardless of your device, the only answer is lsposed and fakegapps.
Download the latest zygisk zip: https://themagisk.com/lsposed/
Transfer it to your phone and install it as a magisk module.
I've attached the full lsposed manager apk to this post, as the parasitic one sucks. Install it and the fakegapps apk which I've also attached to this post.
You'll now need to enable fakegapps, and turn it on for anything that might need access to spoofing. This includes the system framework, all the microG stuff, and any app that needs to be fooled by microg. Then reboot.
Step 6: Ready to test
Everything should now be set up correctly.
Check the microG settings to make sure signatures are correctly being spoofed.
Enable device registration (if disabled).
Enable SafetyNet attestation.
At this point your phone should still be completely disconnected from the internet.
If you're happy everything is set up correctly, turn on your wifi or data, and test SafetyNet attestation.
Step 7: Done.
Hopefully you now have working SafetyNet and google sign in. If this does work for you, it means that safetynet is now stable on your device, and you are free to install whatever you want on it.
If it didn't work, keep in mind that this hasn't been tested on every device in existence. All I know is that this consistently works for me.
If your phone doesn't turn on, you probably need to charge it.
If your phone has exploded, you probably have a Samsung.
Thanks everyone for reading my guide, I hope you enjoyed! (Maybe it even worked)
RESERVED FOR STUFF
Your guide is well made but I have some things I would change.
1) Since everything has to be done offline and adb is used in linux installation at least I would recommend adding an tip with adb push ~/Downloads/safetynet-tools.zip /storage/emulated/0/Downloads.
Furthermore cause of it I recommend attaching a single zip with
tools so they can be moved easily to the device.
2) there is missing Information: you said in the guide that safety net trips extremely easily. During the entire process the device cant be connected to the internet but what if you want to install another app. For example what if you want to install another app later lets say Netflix for example. I know for a fact it requires safetynet. It would be configured automatically will it? This would conclude to permanetley lock safety net till its reinstalled.
hypethetime said:
Your guide is well made but I have some things I would change.
1) Since everything has to be done offline and adb is used in linux installation at least I would recommend adding an tip with adb push ~/Downloads/safetynet-tools.zip /storage/emulated/0/Downloads.
Furthermore cause of it I recommend attaching a single zip with
tools so they can be moved easily to the device.
Click to expand...
Click to collapse
Hi, I think you may have misunderstood slightly. Only the phone has to be offline, you can still connect it to a PC and download the files on the PC. The only important thing is that the device doesn't communicate with google till you are ready for it to.
hypethetime said:
2) there is missing Information: you said in the guide that safety net trips extremely easily. During the entire process the device cant be connected to the internet but what if you want to install another app. For example what if you want to install another app later lets say Netflix for example. I know for a fact it requires safetynet. It would be configured automatically will it? This would conclude to permanetley lock safety net till its reinstalled.
Click to expand...
Click to collapse
Once the process is complete, you can install whatever else you want and safetynet will not stop working. The main thing is that the process of setting up the device so that it can be approved is very easy to mess up, so that part has to be done carefully.
I'll edit the guide to make these points more clear.
Sense_101 said:
Hi, I think you may have misunderstood slightly. Only the phone has to be offline, you can still connect it to a PC and download the files on the PC. The only important thing is that the device doesn't communicate with google till you are ready for it to.
Click to expand...
Click to collapse
I knew you always were able to use pc and you miss understood me. I at least often had the problem with transferring files for some reseason and for this adb push is extremey helpful.
Regarding instaling more apps thank you for the answer and how quickly it came.
Sense_101 said:
This is a tutorial on how to set up your phone so that you can consistently pass SafetyNet. Note that all this is from my own experience, and if what works on one device blows up another, that's not my problem and I'm not responsible for that. I will attempt to keep this tutorial as clean and simple as possible, but if you have any further questions that are more specific you are welcome to ask.
In order to be as simple as possible to understand, this guide assumes the following:
- You have a PC. Windows, Mac, the almighty Linux, it makes no difference.
- You have the android platform tools on your PC
- Your device has an unlocked bootloader.
- Your device does not have support for signature spoofing.
- Your device does not have Google's official play services on it.
- You have a working brain.
If one or more of the above is incorrect, you'll have to make more use of the last item on the list.
If the last item on the list is incorrect, you're beyond hope.
Now, the guide:
Step 1: Get some magisk on your phone
Setting up magisk is incredibly simple, and I won't be going into detail here. I would recommend installing the regular magisk app and patching your boot image, as that is what I've done.
Note that you do not need the magisk manager app for this guide at all.
I've attached the magisk app I used to this post. You'll need to install the app and make use of the "install" section of the home page.
Once magisk is installed and set up, you'll need to enable zygisk in the magisk settings. Then reboot.
Step 2: Installing MicroG
I am not going to list through all the possible way you can install microG. Instead, have a link to microG's wiki:
index - MicroG
r/MicroG: Subreddit about microG, a free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries. This …
www.reddit.com
Now here comes the important bit:
From everything I have seen, it appears clear that google stores information about each device that registers with it, and that this in turn will affect SafetyNet.
Therefore, the best way to prevent this leading to SafetyNet failing is to prevent connection with google completely - till the phone is ready.
Before you install microG, make sure your phone has both wifi and data turned off. Leave these off till the setup is complete. Note that only the phone needs to be disconnected, nothing else matters.
In essence, this means that google sees nothing till your device is setup correctly, and then SafetyNet has nothing to complain about.
Now that you've read every word of the above paragraph, go ahead and install microG on your phone.
Make sure you've got all the different components: Core, GSF Framework, FakeStore, and DroidGuard helper. If your installation method does not handle all of this for you, then it sucks, and you shouldn't have used it. Regardless, you can find apks for all of these at https://microg.org/
Step 3: Don't touch
As I've already made clear above, do not change any microG settings at this point. Don't enable device registration (if it's disabled), don't enable safetynet, and just generally leave microG settings alone for now. Oh yeah, and don't turn on wifi or data.
Step 4: Tricking SafetyNet
Everything up till now has just been preparation for actually tricking SafetyNet. So now that we've got all that out the way, let's get down to details:
First, downloads:
Download the latest zip: https://themagisk.com/magiskhide-props-config/
Download the latest zygisk zip: https://themagisk.com/universal-safetynet-fix/
Move these over to your phone and install them both as magisk modules.
Once these modules are installed and you've rebooted, connect your phone to your pc.
Open a terminal/command prompt in your platform tools folder, and type "adb shell props". You may need to grant the superuser permission from your phone.
Then choose option 1.
You'll then need to choose a device from the list available.
The key here is that we need to spoof our device fingerprint, so google thinks the device is certified, even if it actually isn't.
If your device is approved by google, then simply select your device model.
If not, things get a bit more unclear. Not every fingerprint will work for every device - If your device is vastly different from the one you are trying to spoof things may not always work correctly. The best advice I can give here is to choose a device that matches yours as closely as possible. As an example: if your device is made by Xiaomi but is not approved by google, I would select a fingerprint belonging to a Xiaomi device.
Keep in mind that if you try a fingerprint that does not work, you cannot simply switch it to something else and try again, as the SafetyNet history for the device has to be clean.
Once you've spoofed your device fingerprint and rebooted, you're almost ready to test out SafetyNet and google sign in. But first:
Step 5: Do you need signature spoofing?
To ensure things work as smoothly as possible, it's important to make sure you have signature spoofing working before you test SafetyNet. If you've got your own solution to that great. If not:
The first thing I have to point out is that a lot of sigspoof methods on google nowadays are outdated and semi-functional at best, working for a handful of devices. As this guide is intended to be a universal solution regardless of your device, the only answer is lsposed and fakegapps.
Download the latest zygisk zip: https://themagisk.com/lsposed/
Transfer it to your phone and install it as a magisk module.
I've attached the full lsposed manager apk to this post, as the parasitic one sucks. Install it and the fakegapps apk which I've also attached to this post.
You'll now need to enable fakegapps, and turn it on for anything that might need access to spoofing. This includes the system framework, all the microG stuff, and any app that needs to be fooled by microg. Then reboot.
Step 6: Ready to test
Everything should now be set up correctly.
Check the microG settings to make sure signatures are correctly being spoofed.
Enable device registration (if disabled).
Enable SafetyNet attestation.
At this point your phone should still be completely disconnected from the internet.
If you're happy everything is set up correctly, turn on your wifi or data, and test SafetyNet attestation.
Step 7: Done.
Hopefully you now have working SafetyNet and google sign in. If this does work for you, it means that safetynet is now stable on your device, and you are free to install whatever you want on it.
If it didn't work, keep in mind that this hasn't been tested on every device in existence. All I know is that this consistently works for me.
If your phone doesn't turn on, you probably need to charge it.
If your phone has exploded, you probably have a Samsung.
Thanks everyone for reading my guide, I hope you enjoyed! (Maybe it even worked)
Click to expand...
Click to collapse
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
WheelingPigeon said:
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
Click to expand...
Click to collapse
Yeah, that's a joke
WheelingPigeon said:
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
Click to expand...
Click to collapse
Samsung phones have a history of "blowing" up. First they were actually dangerous in very few cases but now they can expand and pop of the back of your phone. As long as you switch the battery then your safe to use it.
AOSP Rom (signature spoofing unsupported, without MicroG installer)
After Root install patch for spoofing via NanoDroid Patcher
Open Magisk settings -> Enable Zygisk + Enforce DenyList, install module MagiskHide Props Config -> reboot
Open Termux or ADB, type su to set root permission then type props (option 1)
Install MicroG via APK or offical F-Droid app, grant Signature spoofing permission
If you want using play store, install patched version (F-Droid add repo NanoDroid)
Open MicroG Settings -> Self-Check -> make sure all box checked
Turn on Google device registration, Google SafetyNet, if CTS fail then install Universal SafetyNet Fix
Install magisk module App Systemizer, Busybox for Android NDK to change MicroG to system app

Categories

Resources