Attend XDA's Second Annual Developer Conference, XDA:DevCon 2014!
5,812,579 Members 43,658 Now Online
XDA Developers Android and Mobile Development Forum

[APP MOD] Exchange Security Bypass (No PIN/No Admin) - Android 4.1+ [v6.0]

Tip us?
 
craigacgomez
Old
(Last edited by craigacgomez; 17th December 2013 at 12:11 AM.) Reason: android-4.4.2_r1
#1  
craigacgomez's Avatar
Senior Member - OP
Thanks Meter 2,621
Posts: 1,831
Join Date: Jan 2010
Location: Lake Forest, CA

 
DONATE TO ME
Default [APP MOD] Exchange Security Bypass (No PIN/No Admin) - Android 4.1+ [v6.0]

The Android Email application enforces various security policies such as PIN/password lockscreen, device administration. remote wipe, blocked attachments, etc. based on your Exchange server security requirements.

The aim of this patch is to bypass those security enforcements and allow you to set up an Exchange account without any security restrictions. This is achieved through various code modification in the AOSP Email application where security policies are checked and enforced. These modifications bypass the creation of the various security policies and forcefully makes the application think that all the security policies are enabled. For example, one part of this modification completely bypasses the Device Administrator creation and forcefully returns a true every time the code check if the account is a device administrator.

This modification is based on AOSP (or AOSP derivatives) and should work on any stock Google ROMs or AOSP-based ROMs like CyanogenMod, AOKP, ParanoidAndroid, Evervolv, SlimRoms, Carbon. There, however, is no guarantee that this will work on all ROMs or devices, especially OEM ROMs like Sense, Touchwiz, Blur, etc.

IMPORTANT:
Since this modification disables the enforcement of Exchange security policies, it may be illegal and may violate your workplace/school policies. If you chose to install and use this modification, please remember that you are doing so at your own discretion. I, craigacgomez, cannot and will not be held responsible for any issues, legal, technical or otherwise, that may arise due to the use of this modification.

The latest version of this modification is based on AOSP android-4.4.2_r1 (KOT49H) and should work on Android 4.1+. However, should you encounter any issues, please use the previous version of this patch.

PLEASE READ THROUGH THIS THREAD PROPERLY, ESPECIALLY THE KNOWN ISSUES AND INSTRUCTIONS


CHANGELOG:
v6.0
1. Rebased to AOSP android-4.4.2_r1 (KOT49H)
2. Made some modifications to the bypass code to fix issues with storage encryption
3. Improved robustness of the bypass logic
4. Added backuptools script for custom ROMs like CyanogenMod, SlimRoms, etc. which will automatically restore the mod after re-flashes and/or updates to the ROM. Credit @BlackFang171

 

v5.0.1
1. Fix manual user app install on Google Stock ROMs. Only the manual install package has been updated.

v5.0
1. Built using AOSP android-4.4_r1.1 (KTR16O)
2. Rebuilt the modification from ground up and added several bypasses to improve robustness of the modification
3. Disables remote wipe functionality
4. No longer requires modifications in the Exchange apk. All modification are in Email apk
4. Should also work on any Google stock/AOSP-based ROMs running Android 4.1.x, 4.2.x & 4.3.x (untested)

v4.0
1. Rebased to the CM-10.2 (Android 4.3) source. This release is only intended for Android 4.3.x. For prior versions of Android, flash the appropriate mod release below.

v3.1
1. Small bugfixes to "really" make sure that we fake that all security policies are active. This is basically making "really" sure that the device does not ask you to set up any security policies. It can be safely flashed over v3.0 without having to remove & re-setup the account. However, updating from any earlier version would still require you to remove and re-setup the account.

v3.0
1. Built using the latest updates from the CyanogenMod 10.1 (Android 4.2.2) source as of July 20, 2013.
2. Published source code to GitHub (link below)
3. Fixes and updates to the patch changes
4. No longer requires that the account be setup as a "Device Administrator"

v2.0
1. Built using the CyanogenMod 10.1 (Android 4.2.2) source
2. Some nice additions and fixes over the AOSP version like LED notification support, blocked attachment extensions selection and more.


INSTRUCTIONS [RECOVERY VERSION]:
1. Download the zip file named ExchangeNoPIN-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Flash the zip using ClockworkMod Recovery, TWRP or a similar recovery
5. Wipe cache & dalvik-cache
6. Reboot and set up you Exchange account(s)

INSTRUCTIONS [MANUAL USER APP INSTALL]: (UNTESTED)
1. Download the zip file named ExchangeNoPINNoRoot-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Stock ROMs: Disable/freeze EmailGoogle.apk (com.google.android.email) & Exchange2Google.apk (com.google.android.exchange)
5. AOSP-based ROMs: Uninstall/remove Email.apk (com.android.email)
6. Stock ROMs: Extract the zip file and install Email.apk & Exchange2.apk
7. AOSP-based ROMs: Extract the zip file and install Email.apk
8. Reboot and set up you Exchange account(s)

INSTRUCTIONS [MANUAL SYSTEM APP INSTALL]:
1. Download the zip file named ExchangeNoPIN-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Stock ROMs: Uninstall/remove EmailGoogle.apk (com.google.android.email) & Exchange2Google.apk (com.google.android.exchange)
5. AOSP-based ROMs: Uninstall/remove Email.apk (com.android.email)
6. Stock ROMs: Extract the zip file and copy Email.apk & Exchange2.apk to /system/app
7. AOSP-based ROMs: Extract the zip file and copy Email.apk to /system/app
8. Reboot and set up you Exchange account(s)

KNOWN ISSUES
None that I know of!

IMPORTANT:
1. For patch version 4.0 and earlier, you need to have a device with a custom recovery or a rooted device.
2. Root is not required unless you wish to apply this patch manually by replacing the files in /system/app.
3. After you flash this, make sure you DO NOT replace the Email or Exchange apks with themed versions or you will have issues.
4. If you use the ExchangeNoPIN-xxxx zip version, you may need to reflash this every time you update your ROM.
5. Before upgrading to a newer version of this patch (example v2.0 to v3.0), you need to remove all existing Exchange accounts.

CREDITS:
The base of this modification is the EmailPolicyPatch created by rustamabd. I have made these change to the AOSP source rather than smali patches to pre-compiled version and I have expanded the capabilities of the modification.

DOWNLOAD v6.0 (Android 4.1+):
ExchangeNoPIN-v6.0.zip
ExchangeNoPINNoRoot-v6.0.zip

 

DOWNLOAD v5.0 (Android 4.1+):
ExchangeNoPIN-v5.0.zip
ExchangeNoPIN-Manual-v5.0.1.zip

DOWNLOAD v4.0 (Android 4.3.x):
ExchangeNoPIN-4.3.x.zip

DOWNLOAD v2.0 (Android 4.2.x):
ExchangeNoPIN-4.2.x.zip

DOWNLOAD v1.0 (Android 4.1.x):
Stock OTA Android 4.1.x
AOSP Android 4.1.x
CM10 Android 4.1.x


SOURCE (Android 4.4.x):
GitHub

SOURCE (Android 4.3.x/4.2.x):
GitHub

CRAiG GoMEZ

Donate to me

Google LGE Nexus 5 [D820] | Android 4.4.4
Google Samsung Nexus 10 [GT-P8110HAEXAR] ThunderKat (Android 4.4.4) - craigacgomez
The Following 212 Users Say Thank You to craigacgomez For This Useful Post: [ Click to Expand ]
 
pchuk815
Old
(Last edited by pchuk815; 12th September 2012 at 05:39 PM.)
#2  
Member
Thanks Meter 4
Posts: 44
Join Date: Sep 2010
Location: New Jersey
This is exactly what I'm looking for but seems like the link is dead - 404's.

Edit: Thanks for the updates! Works beautifully!
 
matt68000
Old
(Last edited by matt68000; 4th July 2012 at 10:47 AM.)
#3  
Junior Member
Thanks Meter 2
Posts: 18
Join Date: Jun 2012
Default Please re-up!

Thanks, this seems to work. I can get my company email without a pin lock. Great!

Now... every time I try to open the phone dialer I get:
"Unfortunately, Contacts has stopped"
Am I alone in this?
 
craigacgomez
Old
#4  
craigacgomez's Avatar
Senior Member - OP
Thanks Meter 2,621
Posts: 1,831
Join Date: Jan 2010
Location: Lake Forest, CA

 
DONATE TO ME
Didn't realise XDA attachments were broken... added new download link to OP!!

CRAiG GoMEZ

Donate to me

Google LGE Nexus 5 [D820] | Android 4.4.4
Google Samsung Nexus 10 [GT-P8110HAEXAR] ThunderKat (Android 4.4.4) - craigacgomez
The Following 2 Users Say Thank You to craigacgomez For This Useful Post: [ Click to Expand ]
 
pchuk815
Old
#5  
Member
Thanks Meter 4
Posts: 44
Join Date: Sep 2010
Location: New Jersey
Works perfectly. Even syncs my calendar which for some reason never worked on Froyo or GB.
 
knave
Old
#6  
Senior Member
Thanks Meter 14
Posts: 173
Join Date: Mar 2007
Are there any diff between ICS's email client and JB's email client?
iPAQ 6828 -> Diamond -> iPhone3GS -> Mozart -> Lumia800 -> OneX
 
djg08642
Old
(Last edited by djg08642; 4th July 2012 at 08:04 PM.) Reason: added md5sum matching
#7  
Junior Member
Thanks Meter 0
Posts: 8
Join Date: Feb 2008
I think the link is dead again (in a different way). I tried removing the key parameter from the end of the download URL and managed to get a file but get a Status 6 in ClockworkMod when installing even after attempting to re-sign.

[user@host jellybean]$ md5sum ExchangeNoPIN-JRN84D.zip
47d88ad677b4b8d24d1581ab30edc275 ExchangeNoPIN-JRN84D.zip
 
Skilover
Old
#8  
Senior Member
Thanks Meter 69
Posts: 710
Join Date: Jan 2008
Quote:
Originally Posted by djg08642 View Post
I think the link is dead again (in a different way). I tried removing the key parameter from the end of the download URL and managed to get a file but get a Status 6 in ClockworkMod when installing even after attempting to re-sign.

[user@host jellybean]$ md5sum ExchangeNoPIN-JRN84D.zip
47d88ad677b4b8d24d1581ab30edc275 ExchangeNoPIN-JRN84D.zip
It just sits and sits but never actually downloads. Tried it on Chrome-Mac.
 
matt68000
Old
(Last edited by matt68000; 5th July 2012 at 08:38 PM.)
#9  
Junior Member
Thanks Meter 2
Posts: 18
Join Date: Jun 2012
Default New link

I'll just mirror it here:
internetonastick.net/tmp/ExchangeNoPIN-JRN84D.zip

[edit, original torrent not working, Transmission Tracker announce borked]
I created a torrent of the original zip.

magnet:?xt=urn:btih:8994226f9aaa3bc0514274808a1d41 3adb274adf&dn=ExchangeNoPIN-JRN84D.zip&tr=http%3A%2F%2Ftracker.openbittorrent. com%3A80%2Fannounce&tr=http%3A%2F%2Ftracker.public bt.com%3A80%2Fannounce&tr=http%3A%2F%2Ftracker.bit torrent.am%3A80%2Fannounce&tr=http%3A%2F%2Fvip.tra cker.thepiratebay.org%2Fannounce&tr=http%3A%2F%2Ft pb.tracker.thepiratebay.org%2Fannounce&tr=http%3A% 2F%2Ftracker.torrentbox.com%3A2710%2Fannounce&tr=h ttp%3A%2F%2Ftracker.thepiratebay.org%2Fannounce&tr =http%3A%2F%2Ftracker.torrentbox.com%3A2710%2Fanno unce
 
john9
Old
#10  
Account currently disabled
Thanks Meter 269
Posts: 1,586
Join Date: Oct 2011
Nice work,Thanks for your work!

Tags
android, exchange, jellybean, no pin, security bypass
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes