From f49984ec9a769390f0afcf098dfa5f46fbc2f75d Mon Sep 17 00:00:00 2001 From: chiteroman <98092901+chiteroman@users.noreply.github.com> Date: Tue, 2 Jan 2024 21:11:34 +0100 Subject: [PATCH] v3.7 --- .gitignore | 2 + app/build.gradle | 6 +-- app/release/output-metadata.json | 20 +++++++ .../chiteroman/bootloaderspoofer/Xposed.java | 52 +++++++++++++++---- 4 files changed, 66 insertions(+), 14 deletions(-) create mode 100644 app/release/output-metadata.json diff --git a/.gitignore b/.gitignore index a68e5b5..ad50c42 100644 --- a/.gitignore +++ b/.gitignore @@ -28,3 +28,5 @@ google-services.json # Android Profiling *.hprof + +*.apk \ No newline at end of file diff --git a/app/build.gradle b/app/build.gradle index c851abc..32463f0 100644 --- a/app/build.gradle +++ b/app/build.gradle @@ -11,9 +11,8 @@ android { applicationId "es.chiteroman.bootloaderspoofer" minSdk 26 targetSdk 34 - versionCode 36 - versionName '3.6' - multiDexEnabled false + versionCode 37 + versionName '3.7' } buildTypes { @@ -22,7 +21,6 @@ android { shrinkResources true proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro' signingConfig signingConfigs.debug - multiDexEnabled false } } diff --git a/app/release/output-metadata.json b/app/release/output-metadata.json new file mode 100644 index 0000000..999cadc --- /dev/null +++ b/app/release/output-metadata.json @@ -0,0 +1,20 @@ +{ + "version": 3, + "artifactType": { + "type": "APK", + "kind": "Directory" + }, + "applicationId": "es.chiteroman.bootloaderspoofer", + "variantName": "release", + "elements": [ + { + "type": "SINGLE", + "filters": [], + "attributes": [], + "versionCode": 37, + "versionName": "3.7", + "outputFile": "app-release.apk" + } + ], + "elementType": "File" +} \ No newline at end of file diff --git a/app/src/main/java/es/chiteroman/bootloaderspoofer/Xposed.java b/app/src/main/java/es/chiteroman/bootloaderspoofer/Xposed.java index e806607..bd6d82a 100644 --- a/app/src/main/java/es/chiteroman/bootloaderspoofer/Xposed.java +++ b/app/src/main/java/es/chiteroman/bootloaderspoofer/Xposed.java @@ -1,5 +1,9 @@ package es.chiteroman.bootloaderspoofer; +import android.app.AndroidAppHelper; +import android.content.Context; +import android.content.SharedPreferences; +import android.content.pm.PackageManager; import android.security.keystore.KeyGenParameterSpec; import android.security.keystore.KeyProperties; @@ -533,16 +537,51 @@ private static Certificate hackLeafExistingCert(Certificate certificate) { @Override public void handleLoadPackage(XC_LoadPackage.LoadPackageParam lpparam) { - Class AndroidKeyStoreKeyPairGeneratorSpi = XposedHelpers.findClassIfExists("android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi", lpparam.classLoader); + PackageManager pm = AndroidAppHelper.currentApplication().getPackageManager(); + SharedPreferences sp = AndroidAppHelper.currentApplication().getSharedPreferences("settings", Context.MODE_PRIVATE); - XposedHelpers.findAndHookMethod(AndroidKeyStoreKeyPairGeneratorSpi, "generateKeyPair", new XC_MethodHook() { + final var systemFeatureHook = new XC_MethodHook() { + @Override + protected void beforeHookedMethod(MethodHookParam param) { + String featureName = (String) param.args[0]; + + if (PackageManager.FEATURE_STRONGBOX_KEYSTORE.equals(featureName)) + param.setResult(Boolean.FALSE); + else if (PackageManager.FEATURE_KEYSTORE_APP_ATTEST_KEY.equals(featureName)) + param.setResult(Boolean.FALSE); + else if ("android.software.device_id_attestation".equals(featureName)) + param.setResult(Boolean.FALSE); + } + }; + + XposedHelpers.findAndHookMethod(pm.getClass(), "hasSystemFeature", String.class, systemFeatureHook); + XposedHelpers.findAndHookMethod(pm.getClass(), "hasSystemFeature", String.class, int.class, systemFeatureHook); + + XposedHelpers.findAndHookMethod(sp.getClass(), "getBoolean", String.class, boolean.class, new XC_MethodHook() { + @Override + protected void beforeHookedMethod(MethodHookParam param) { + String key = (String) param.args[0]; + + if ("prefer_attest_key".equals(key)) param.setResult(Boolean.FALSE); + } + }); + + XposedHelpers.findAndHookMethod(KeyGenParameterSpec.Builder.class, "setAttestationChallenge", byte[].class, new XC_MethodHook() { + @Override + protected void beforeHookedMethod(MethodHookParam param) { + attestationChallengeBytes = (byte[]) param.args[0]; + } + }); + + XposedHelpers.findAndHookMethod("android.security.keystore2.AndroidKeyStoreKeyPairGeneratorSpi", lpparam.classLoader, "generateKeyPair", new XC_MethodHook() { @Override protected void afterHookedMethod(MethodHookParam param) { KeyPair kp = null; try { kp = (KeyPair) param.getResultOrThrowable(); - } catch (Throwable ignored) { + } catch (Throwable t) { + XposedBridge.log(t); } if (kp == null) { @@ -562,13 +601,6 @@ protected void afterHookedMethod(MethodHookParam param) { } }); - XposedHelpers.findAndHookMethod(KeyGenParameterSpec.Builder.class, "setAttestationChallenge", byte[].class, new XC_MethodHook() { - @Override - protected void beforeHookedMethod(MethodHookParam param) { - attestationChallengeBytes = (byte[]) param.args[0]; - } - }); - try { KeyStore keyStore = KeyStore.getInstance("AndroidKeyStore"); KeyStoreSpi keyStoreSpi = (KeyStoreSpi) XposedHelpers.getObjectField(keyStore, "keyStoreSpi");