Adding android.uid.system apps with Magisk - General Questions and Answers

I'm working on porting "CIT test" application from MIUI to custom Android 11 ROMs (for calibrating proximity and fingerprint sensors), with end goal of creating a Magisk module. I'm stuck now with the application calling android.os.ServiceManager/addService, which fails with SecurityException -- I presume because I removed android:sharedUserId="android.uid.system" from its manifest, so it doesn't run with system app permissions. Currently I place it in /system/priv-app instead, which allows me to give it at least all the manifest permissions that it requires.
AFAIU, there is no way for me to simply use android.uid.system, as it requires one to sign the package with the same keys that were used for the ROM itself. As my idea is to have a general Magisk module, this is out of the question. However, because obviously I expect devices to be rooted (and can require Xposed), I want to find some way of circumventing signature check for this one package. Say, using Xposed to patch signature check, and to allow my public key to be used for android.uid.system apps. I don't want to completely disable signature checks, as this greatly compromises security.
I also thought of somehow using su to run this application as root, but apparently this is also not possible.
Is there a way to do this or something similar? Maybe I miss another way of implementing what I want? Any help or links are greatly appreciated.

I am curious about this too. It would help install the nReal nebula service on non-carrier devices and use nRreal Light AR glasses with the Nebula app.

Re-add the android.uid.system line
disable your Android Signature Verification
install with magisk to /system/app or priv-app

Related

UnifiedNLP with GApps Patch

This package contains a few windows batch files to help you get UnifiedNLP working with (or without) Google Play Services on your phone. Extract it anywhere and run the batch files as needed. Everything required is included in the download but you will need root ADB capabilities. Learn more about ADB here:
http://wiki.lineageos.org/adb_fastboot_guide.html
For the record, I use this on Nougat. More specifically, LineageOS 14.1 so I can't say how it will work or what is necessary on other versions or roms.
Included Batch Files
To use these scripts your phone needs to be connected to your computer.
Install.bat - Install apks and addon.d updater script
Patch.bat - Patch framework-res.apk
DisableGoogle.bat - Disable Google location services and permissions
EnableGoogle.bat - Enable Google location services and permissions
Restore.bat - Delete apks, restore stock framework, enable services and permissions
GetDiff.bat - Create new patch file.
Background
UnifiedNlp is a network location provider that can be used instead of the Google network location service that's included in Google Play Services. The version used here is the GApps version that can be used along side Google Play Services.
https://github.com/microg/android_packages_apps_UnifiedNlp
Installing the Apps
Run Install.bat
UnifiedNLP has to be installed as a system app. This script installs it in /system/app along with some backends. It also installs an addon.d script so it will survive system updates if your rom supports it. Once installed, you can find the app in your app drawer. See the thread on XDA to help set it up.
https://forum.xda-developers.com/android/apps-games/app-g-unifiednlp-floss-wi-fi-cell-tower-t2991544
Patching the Framework
Run Patch.bat
To use a location provider, it's package name has to be included in the "config_locationProviderPackageNames". This script patches framework-res.apk to include the UnifiedNLP package name. I've created a thread on the LOS subreddit asking for this to be included by default but until then we'll have to patch each update.
https://www.reddit.com/r/LineageOS/comments/5u919y/support_for_unifiednlp/#ddto2rc
If patching fails run GetDiff.bat to create a new patch file:
When prompted, open arrays.patched.xml in your text editor (Notepad++ recommended)
Find 'config_locationProviderPackageNames' section
Add a new item 'org.microg.nlp'
Save and continue
Run Patch.bat again
Disabling Googles Location Service
Run DisableGoogle.bat
When you enable network location in settings you also enable Google's location service. There's no simple way to enable one without the other... Bit of a monopoly and totally wrong if you ask me, but that's the way it is. So we have to disable a couple of Google services to get UnifiedNLP working.
So now we should have UnifiedNLP working but we still have Google Play Services stalking us and constantly checking our location. This is what gives us all those NLP related wakelocks. To prevent this we just have to revoke coarse/fine location permissions for Google Play Services. DisableGoogle.bat also does this.
Disclaimer:
Needless to say, if you try this you do so at your own risk. I take no responsibility for anything.
It's always a good idea to make a full backup before doing anything like this to your phone.
Download
nlp_patch.zip
Resources:
Everything required is included in the download but if you'd like to download full versions or find out more, checkout the links.
Apktool: https://ibotpeaches.github.io/Apktool/
UnixUtils: http://unxutils.sourceforge.net/
jPortable: http://portableapps.com/apps/utilities/java_portable
ADB: https://dl.google.com/android/repository/platform-tools-latest-windows.zip
Reserved
Download updated: There was a very silly error in Patch.bat.
I'm just posting to say that my ROM won't boot after applying this patch. Fortunately, I had a backup. I'm running Resurrection Remix on a Note 4 (N910T), which is v7.1.1 and based on a mix of LineageOS and Emotion/Emotroid (the latter is AOSP). I followed the instructions to the tee. I already had adb and fastboot installed. The patch did succeed. I also tried clearing cache and dalvik cache in TWRP, but still couldn't boot. I do have GApps installed. What could have gone wrong?
Thanks!
Hmm... Not sure why it wouldn't work for you. I can only guess that the framework didn't re-compile properly or it wasn't pushed to system properly.
One thing you could try is boot to twrp, mount system and run patch.bat from there.
No GCN push
Hey, thank you very much for your effort! I have used your Windows Batch files in an editor to translate the process to Linux. Everything works flawlessly on my LG G4 with Lineage 14.1!
Without GCM, which is sadly a dealbreaker. It seems to need permission for "com.google.android.gms android.permission.ACCESS_FINE_LOCATION", the other three adb lines in your DisableGoogle.bat can be executed and GCM still works.
So I ask: What do I lose in privacy in not revoking permission for the line above?
If location permissions are allowed then google play services will keep accessing network/gps to keep track of your location. This causes all those nlp wakelocks. I did find however that using UnifiedNLP like this caused significantly less wakelocks than using the google location services. So if that's how you need it then go for it.
BTW, what's GCN push?
Sorry, I meant GCM, Google Cloud Messaging (not Notification).
The main question would be if Google still collects and tracks Wi-Fis, cell towers etc. when I don't revoke this permission. If so, the whole enterprise to get the Mozilla Location Provider to work would be rather pointless. No push notifications for Signal, Tweetings etc. is sadly not acceptable for me.
Ah, I can't comment on GCM as I've never used it but third party app's I use push ok. But that being said, you use GCM so that's what you need to work.
The whole point of this really is to stop google from stalking you (whether for privacy, battery or both). So yeah, I'd have to agree that using this and allowing those google location permissions would be pretty pointless.
Works great on my op3t thanks a million
microG's built in unified nlp and this are same?
vegoja said:
Works great on my op3t thanks a million
Click to expand...
Click to collapse
Good to know, cheers.
sohamsen said:
microG's built in unified nlp and this are same?
Click to expand...
Click to collapse
Yes. If you're using MicroG then this isn't useful for you.
Hi,
This method works if i disabled google play services only.
Disablepatch disabled my gps lock.
any idea?
The download is dead, can you reupload?
Hi. With some little changes (updating java and apktool) I managed to get Patch.bat working on LOS 15.1 *but* my device did not boot anymore once the patched framework-res.apk was in place (and booted again once I piut back the original apk). Did I miss a step? Thks in advance for your help.
@Nyakov: the download isnt dead, try again.
@Julien Faure: You probably didnt do anything wrong. I tried this same patch on Resurrection Remix Nougat many months ago, ROM wouldnt boot. I suspect that you need to disable Android's signature verification for this to work. Check out Smali Patcher.
Thansk a lot for the quick answer! If possible, I would like to avoid rooting (and thus avoid Magisk): is there a way to disable signature verification w/o it? Something to be done, applied, installed from TWRP for instance.
@Julien Faure: Smali patcher doesnt need root. It doesnt even need Magisk, despite being listed as a Magisk module on XDA.
Follow the steps in the SP thread. Since all you want is signature verification disabled, only check that box. Once it is successful, it will create a zip file. Extract the services.jar from that, boot into TWRP, replace your services.jar with the new one, set permissions on this file to 0644.
In the zip SP produces, there will also be zero byte (0 in size) files. These are placemarkers that tell Magisk to systemlessly delete these files. But since you wont be using Magisk, you need to look in /system/framework and manually delete these files. So just find the ones that match the paths and names of the zero byte files in the zip, delete them. If you cant find all of them, just skip the ones not present.
Because you are modifying the system partition, you may also need to disable dm-verity and/or Verified Boot (AVB). But since you're patching LOS, i dont believe it will be necessary.
AnonVendetta said:
@Julien Faure: Smali patcher doesnt need root. It doesnt even need Magisk, despite being listed as a Magisk module on XDA.
Follow the steps in the SP thread. Since all you want is signature verification disabled, only check that box. Once it is successful, it will create a zip file. Extract the services.jar from that, boot into TWRP, replace your services.jar with the new one, set permissions on this file to 0644.
In the zip SP produces, there will also be zero byte (0 in size) files. These are placemarkers that tell Magisk to systemlessly delete these files. But since you wont be using Magisk, you need to look in /system/framework and manually delete these files. So just find the ones that match the paths and names of the zero byte files in the zip, delete them. If you cant find all of them, just skip the ones not present.
Because you are modifying the system partition, you may also need to disable dm-verity and/or Verified Boot (AVB). But since you're patching LOS, i dont believe it will be necessary.
Click to expand...
Click to collapse
Wow thanks a lot again. Will report here once I will have tested that.
@AnonVendetta: BTW, are you aware of any ROM (not necessarily for the 5X) which supports the UNLP + GApps configuration "out-of-the-box" w/o having to apply those patches (OP's one + Smali)? Seems to me that a lot of ROMs (if not all) decided to support the "microG as a gmscore replacement" scenario only.

Magisk + Magisk Manager = Total Confusion

I've read myself to exhaustion trying to understand how this all works with no luck. With articles on the web having no or vague instruction and authors using the terms Magisk and Magisk Manager interchangeably (this one is the worst) I'm totally confused. Additionally there is too much assumed knowledge in the instructions I find. Go do this, go install this with no links, no explanation of what I'm installing, how to install it, where the instruction and files live, how to use it or the actual effect upon install.
Here is my current state and my questions (please excuse the caps, they just express my frustration):
Pixel 4a
Android 11
Rooted with Magisk
Can't use banking apps
MagiskHide doesn't fix the problem
I read that using MagiskHide Props Config can fix my SafetyNet issues but the instructions are very extensive and I want to be sure of what I'm doing before I tackle it.
Does Magisk also live inside Magisk Manger? Do I need both?
Do I need Magisk Manager to load modules?
Hiding root and passing Safety Net:Magisk and MagiskHide Installation and Troubleshooting guide
www.didgeridoohan.com
Why do these instructions tell me to "Make sure that the app in question is selected in the Hide list (Under MagiskHide in the Magisk app)." and there IS NO HIDE LIST! under MagiskHide in the Magisk app?!
OR
"Most Magisk modules can be hidden by MagiskHide, but that depends on exactly what the module does. If you can't figure out what is triggering an app, try disabling all modules." THERE IS NO PLACE TO SELECT OR DISABLE MODULES IN MAGISK!
I am very, very technical and can can follow well written instructions but this android (and linux) stuff is new to me. I just want my Pixel 4a to have root and be able to use my Golden1 credit union software. I apologize for the drama but this task is becoming almost insurmountable.
Thank you very much for any opinion or insight!
Arsenal420 said:
I've read myself to exhaustion trying to understand how this all works with no luck. With articles on the web having no or vague instruction and authors using the terms Magisk and Magisk Manager interchangeably (this one is the worst) I'm totally confused.
Click to expand...
Click to collapse
Totally agree with you: all is based on slopiness of the authors.
Magisk is a software framework- it provides additional low level routines / replaces in parts Android's default system software - what hooks Android's boot and system files, thus you can extend Android's default system features by adding 3rd-party modules.
Magisk Manager is a pure Android app for managing Magisk.
jwoegerbauer said:
Totally agree with you: all is based on slopiness of the authors.
Magisk is a software framework- it provides additional low level routines / replaces in parts Android's default system software - what hooks Android's boot and system files, thus you can extend Android's default system features by adding 3rd-party modules.
Magisk Manager is a pure Android app for managing Magisk.
Click to expand...
Click to collapse
Thank you very, very much. So do you need to have Magisk installed for Magisk Manager to work? If it's like maybe .Net framework then the answer would be "yes" but since I don't know this platform perhaps Magisk is "embedded" in Magisk Manger and you only need it to do all your work. Thanks again jwoegerbauer you filled in a major blank.
Magisk Manager is companion Android application for Magisk framework so it should be obvious that Magisk framework must be installed before.
I know what you mean. I just started trying to install an news magic today instead of lucky passer and I can't even get it installed and authorized because of the tar and the different things that wants to have me do. There's no instruction it's just supposed to be knowledge you're supposed to have. I think I'm just gonna delete it go back lucky.

Root check bypass for a particular app

As the title suggest, I'm trying to bypass a root check for an app, more specifically MyMazda App. I have tried several different methods ( repacking Magisk, Root Cloak, LSposed/Xpirvacy, Unviersal SafteyFix Patch ). None seem to work, my bank, credit and stock exchange apps work completely fine along with every other app except this one. I'm running on a complete stock ROM.
I am running:
Oneplus 8 Pro
Android 11
OxygenOS 11.0.10.10.IN11AA
Magisk v24.1
This raised a few questions:
1. Is it even possible to bypass this apps root check?
2. If it is and when I do bypass it, will all the features work (ie. Remote Start/Stop, Remote Lock/Unlock, etc.)?
3. If there is no way, will downgrading Magisk to when MagiskHide was in the app?
4. And if I do need to downgrade, is there aspecific procedure for the Op8 Pro or is just like any other phone?
Sidenote: I am very new to this, I only just rooted my phone 2 days ago, without any issues thankfully, so I may have missed something important to one of the modules for it to work. Thank you in advanced!
Checking whether Android is rooted or not basically requires only 1 line of program code.
xXx yYy said:
Checking whether Android is rooted or not basically requires only 1 line of program code.
Click to expand...
Click to collapse
Interesting, then how come this app is causing so much issues compared to my banking apps and such?

[GUIDE] How to get SafetyNet working with MicroG

This is a tutorial on how to set up your phone so that you can consistently pass SafetyNet. Note that all this is from my own experience, and if what works on one device blows up another, that's not my problem and I'm not responsible for that. I will attempt to keep this tutorial as clean and simple as possible, but if you have any further questions that are more specific you are welcome to ask.
In order to be as simple as possible to understand, this guide assumes the following:
- You have a PC. Windows, Mac, the almighty Linux, it makes no difference.
- You have the android platform tools on your PC
- Your device has an unlocked bootloader.
- Your device does not have support for signature spoofing.
- Your device does not have Google's official play services on it.
- You have a working brain.
If one or more of the above is incorrect, you'll have to make more use of the last item on the list.
If the last item on the list is incorrect, you're beyond hope.
Now, the guide:
Step 1: Get some magisk on your phone
Setting up magisk is incredibly simple, and I won't be going into detail here. I would recommend installing the regular magisk app and patching your boot image, as that is what I've done.
Note that you do not need the magisk manager app for this guide at all.
I've attached the magisk app I used to this post. You'll need to install the app and make use of the "install" section of the home page.
Once magisk is installed and set up, you'll need to enable zygisk in the magisk settings. Then reboot.
Step 2: Installing MicroG
I am not going to list through all the possible way you can install microG. Instead, have a link to microG's wiki:
index - MicroG
r/MicroG: Subreddit about microG, a free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries. This …
www.reddit.com
Now here comes the important bit:
From everything I have seen, it appears clear that google stores information about each device that registers with it, and that this in turn will affect SafetyNet.
Therefore, the best way to prevent this leading to SafetyNet failing is to prevent connection with google completely - till the phone is ready.
Before you install microG, make sure your phone has both wifi and data turned off. Leave these off till the setup is complete. Note that only the phone needs to be disconnected, nothing else matters.
In essence, this means that google sees nothing till your device is setup correctly, and then SafetyNet has nothing to complain about.
Now that you've read every word of the above paragraph, go ahead and install microG on your phone.
Make sure you've got all the different components: Core, GSF Framework, FakeStore, and DroidGuard helper. If your installation method does not handle all of this for you, then it sucks, and you shouldn't have used it. Regardless, you can find apks for all of these at https://microg.org/
Step 3: Don't touch
As I've already made clear above, do not change any microG settings at this point. Don't enable device registration (if it's disabled), don't enable safetynet, and just generally leave microG settings alone for now. Oh yeah, and don't turn on wifi or data.
Step 4: Tricking SafetyNet
Everything up till now has just been preparation for actually tricking SafetyNet. So now that we've got all that out the way, let's get down to details:
First, downloads:
Download the latest zip: https://themagisk.com/magiskhide-props-config/
Download the latest zygisk zip: https://themagisk.com/universal-safetynet-fix/
Move these over to your phone and install them both as magisk modules.
Once these modules are installed and you've rebooted, connect your phone to your pc.
Open a terminal/command prompt in your platform tools folder, and type "adb shell props". You may need to grant the superuser permission from your phone.
Then choose option 1.
You'll then need to choose a device from the list available.
The key here is that we need to spoof our device fingerprint, so google thinks the device is certified, even if it actually isn't.
If your device is approved by google, then simply select your device model.
If not, things get a bit more unclear. Not every fingerprint will work for every device - If your device is vastly different from the one you are trying to spoof things may not always work correctly. The best advice I can give here is to choose a device that matches yours as closely as possible. As an example: if your device is made by Xiaomi but is not approved by google, I would select a fingerprint belonging to a Xiaomi device.
Keep in mind that if you try a fingerprint that does not work, you cannot simply switch it to something else and try again, as the SafetyNet history for the device has to be clean.
Once you've spoofed your device fingerprint and rebooted, you're almost ready to test out SafetyNet and google sign in. But first:
Step 5: Do you need signature spoofing?
To ensure things work as smoothly as possible, it's important to make sure you have signature spoofing working before you test SafetyNet. If you've got your own solution to that great. If not:
The first thing I have to point out is that a lot of sigspoof methods on google nowadays are outdated and semi-functional at best, working for a handful of devices. As this guide is intended to be a universal solution regardless of your device, the only answer is lsposed and fakegapps.
Download the latest zygisk zip: https://themagisk.com/lsposed/
Transfer it to your phone and install it as a magisk module.
I've attached the full lsposed manager apk to this post, as the parasitic one sucks. Install it and the fakegapps apk which I've also attached to this post.
You'll now need to enable fakegapps, and turn it on for anything that might need access to spoofing. This includes the system framework, all the microG stuff, and any app that needs to be fooled by microg. Then reboot.
Step 6: Ready to test
Everything should now be set up correctly.
Check the microG settings to make sure signatures are correctly being spoofed.
Enable device registration (if disabled).
Enable SafetyNet attestation.
At this point your phone should still be completely disconnected from the internet.
If you're happy everything is set up correctly, turn on your wifi or data, and test SafetyNet attestation.
Step 7: Done.
Hopefully you now have working SafetyNet and google sign in. If this does work for you, it means that safetynet is now stable on your device, and you are free to install whatever you want on it.
If it didn't work, keep in mind that this hasn't been tested on every device in existence. All I know is that this consistently works for me.
If your phone doesn't turn on, you probably need to charge it.
If your phone has exploded, you probably have a Samsung.
Thanks everyone for reading my guide, I hope you enjoyed! (Maybe it even worked)
RESERVED FOR STUFF
Your guide is well made but I have some things I would change.
1) Since everything has to be done offline and adb is used in linux installation at least I would recommend adding an tip with adb push ~/Downloads/safetynet-tools.zip /storage/emulated/0/Downloads.
Furthermore cause of it I recommend attaching a single zip with
tools so they can be moved easily to the device.
2) there is missing Information: you said in the guide that safety net trips extremely easily. During the entire process the device cant be connected to the internet but what if you want to install another app. For example what if you want to install another app later lets say Netflix for example. I know for a fact it requires safetynet. It would be configured automatically will it? This would conclude to permanetley lock safety net till its reinstalled.
hypethetime said:
Your guide is well made but I have some things I would change.
1) Since everything has to be done offline and adb is used in linux installation at least I would recommend adding an tip with adb push ~/Downloads/safetynet-tools.zip /storage/emulated/0/Downloads.
Furthermore cause of it I recommend attaching a single zip with
tools so they can be moved easily to the device.
Click to expand...
Click to collapse
Hi, I think you may have misunderstood slightly. Only the phone has to be offline, you can still connect it to a PC and download the files on the PC. The only important thing is that the device doesn't communicate with google till you are ready for it to.
hypethetime said:
2) there is missing Information: you said in the guide that safety net trips extremely easily. During the entire process the device cant be connected to the internet but what if you want to install another app. For example what if you want to install another app later lets say Netflix for example. I know for a fact it requires safetynet. It would be configured automatically will it? This would conclude to permanetley lock safety net till its reinstalled.
Click to expand...
Click to collapse
Once the process is complete, you can install whatever else you want and safetynet will not stop working. The main thing is that the process of setting up the device so that it can be approved is very easy to mess up, so that part has to be done carefully.
I'll edit the guide to make these points more clear.
Sense_101 said:
Hi, I think you may have misunderstood slightly. Only the phone has to be offline, you can still connect it to a PC and download the files on the PC. The only important thing is that the device doesn't communicate with google till you are ready for it to.
Click to expand...
Click to collapse
I knew you always were able to use pc and you miss understood me. I at least often had the problem with transferring files for some reseason and for this adb push is extremey helpful.
Regarding instaling more apps thank you for the answer and how quickly it came.
Sense_101 said:
This is a tutorial on how to set up your phone so that you can consistently pass SafetyNet. Note that all this is from my own experience, and if what works on one device blows up another, that's not my problem and I'm not responsible for that. I will attempt to keep this tutorial as clean and simple as possible, but if you have any further questions that are more specific you are welcome to ask.
In order to be as simple as possible to understand, this guide assumes the following:
- You have a PC. Windows, Mac, the almighty Linux, it makes no difference.
- You have the android platform tools on your PC
- Your device has an unlocked bootloader.
- Your device does not have support for signature spoofing.
- Your device does not have Google's official play services on it.
- You have a working brain.
If one or more of the above is incorrect, you'll have to make more use of the last item on the list.
If the last item on the list is incorrect, you're beyond hope.
Now, the guide:
Step 1: Get some magisk on your phone
Setting up magisk is incredibly simple, and I won't be going into detail here. I would recommend installing the regular magisk app and patching your boot image, as that is what I've done.
Note that you do not need the magisk manager app for this guide at all.
I've attached the magisk app I used to this post. You'll need to install the app and make use of the "install" section of the home page.
Once magisk is installed and set up, you'll need to enable zygisk in the magisk settings. Then reboot.
Step 2: Installing MicroG
I am not going to list through all the possible way you can install microG. Instead, have a link to microG's wiki:
index - MicroG
r/MicroG: Subreddit about microG, a free-as-in-freedom re-implementation of Google’s proprietary Android user space apps and libraries. This …
www.reddit.com
Now here comes the important bit:
From everything I have seen, it appears clear that google stores information about each device that registers with it, and that this in turn will affect SafetyNet.
Therefore, the best way to prevent this leading to SafetyNet failing is to prevent connection with google completely - till the phone is ready.
Before you install microG, make sure your phone has both wifi and data turned off. Leave these off till the setup is complete. Note that only the phone needs to be disconnected, nothing else matters.
In essence, this means that google sees nothing till your device is setup correctly, and then SafetyNet has nothing to complain about.
Now that you've read every word of the above paragraph, go ahead and install microG on your phone.
Make sure you've got all the different components: Core, GSF Framework, FakeStore, and DroidGuard helper. If your installation method does not handle all of this for you, then it sucks, and you shouldn't have used it. Regardless, you can find apks for all of these at https://microg.org/
Step 3: Don't touch
As I've already made clear above, do not change any microG settings at this point. Don't enable device registration (if it's disabled), don't enable safetynet, and just generally leave microG settings alone for now. Oh yeah, and don't turn on wifi or data.
Step 4: Tricking SafetyNet
Everything up till now has just been preparation for actually tricking SafetyNet. So now that we've got all that out the way, let's get down to details:
First, downloads:
Download the latest zip: https://themagisk.com/magiskhide-props-config/
Download the latest zygisk zip: https://themagisk.com/universal-safetynet-fix/
Move these over to your phone and install them both as magisk modules.
Once these modules are installed and you've rebooted, connect your phone to your pc.
Open a terminal/command prompt in your platform tools folder, and type "adb shell props". You may need to grant the superuser permission from your phone.
Then choose option 1.
You'll then need to choose a device from the list available.
The key here is that we need to spoof our device fingerprint, so google thinks the device is certified, even if it actually isn't.
If your device is approved by google, then simply select your device model.
If not, things get a bit more unclear. Not every fingerprint will work for every device - If your device is vastly different from the one you are trying to spoof things may not always work correctly. The best advice I can give here is to choose a device that matches yours as closely as possible. As an example: if your device is made by Xiaomi but is not approved by google, I would select a fingerprint belonging to a Xiaomi device.
Keep in mind that if you try a fingerprint that does not work, you cannot simply switch it to something else and try again, as the SafetyNet history for the device has to be clean.
Once you've spoofed your device fingerprint and rebooted, you're almost ready to test out SafetyNet and google sign in. But first:
Step 5: Do you need signature spoofing?
To ensure things work as smoothly as possible, it's important to make sure you have signature spoofing working before you test SafetyNet. If you've got your own solution to that great. If not:
The first thing I have to point out is that a lot of sigspoof methods on google nowadays are outdated and semi-functional at best, working for a handful of devices. As this guide is intended to be a universal solution regardless of your device, the only answer is lsposed and fakegapps.
Download the latest zygisk zip: https://themagisk.com/lsposed/
Transfer it to your phone and install it as a magisk module.
I've attached the full lsposed manager apk to this post, as the parasitic one sucks. Install it and the fakegapps apk which I've also attached to this post.
You'll now need to enable fakegapps, and turn it on for anything that might need access to spoofing. This includes the system framework, all the microG stuff, and any app that needs to be fooled by microg. Then reboot.
Step 6: Ready to test
Everything should now be set up correctly.
Check the microG settings to make sure signatures are correctly being spoofed.
Enable device registration (if disabled).
Enable SafetyNet attestation.
At this point your phone should still be completely disconnected from the internet.
If you're happy everything is set up correctly, turn on your wifi or data, and test SafetyNet attestation.
Step 7: Done.
Hopefully you now have working SafetyNet and google sign in. If this does work for you, it means that safetynet is now stable on your device, and you are free to install whatever you want on it.
If it didn't work, keep in mind that this hasn't been tested on every device in existence. All I know is that this consistently works for me.
If your phone doesn't turn on, you probably need to charge it.
If your phone has exploded, you probably have a Samsung.
Thanks everyone for reading my guide, I hope you enjoyed! (Maybe it even worked)
Click to expand...
Click to collapse
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
WheelingPigeon said:
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
Click to expand...
Click to collapse
Yeah, that's a joke
WheelingPigeon said:
I have a Samsung galaxy note 10 plus running LineageOS 19.1. I'ts unlocked, and rooted with Magisk. Is there something about Samsung phones that are more likely to "explode" trying to install MicroG?
Click to expand...
Click to collapse
Samsung phones have a history of "blowing" up. First they were actually dangerous in very few cases but now they can expand and pop of the back of your phone. As long as you switch the battery then your safe to use it.
AOSP Rom (signature spoofing unsupported, without MicroG installer)
After Root install patch for spoofing via NanoDroid Patcher
Open Magisk settings -> Enable Zygisk + Enforce DenyList, install module MagiskHide Props Config -> reboot
Open Termux or ADB, type su to set root permission then type props (option 1)
Install MicroG via APK or offical F-Droid app, grant Signature spoofing permission
If you want using play store, install patched version (F-Droid add repo NanoDroid)
Open MicroG Settings -> Self-Check -> make sure all box checked
Turn on Google device registration, Google SafetyNet, if CTS fail then install Universal SafetyNet Fix
Install magisk module App Systemizer, Busybox for Android NDK to change MicroG to system app

How To Make App Think My Phone Is A Different Device?

So I want to spoof my phone and make it so an app that requires new users in exchange for points can be unlimited. I want to do this by spoofing my device and making the app think im a new device registering for their app.
So far I have:
Galaxy S7 Edge
Rooted the device
Using Magisk Delta
Hide all the root stuff
(Root Undetectable)
If someone could suggest an apk or module that would do just that please lmk
This can be done by changing the related entries in Android's system file named build.prop: requires Android is rooted.

Categories

Resources