Welcome to XDA

Search to go directly to your device's forum

Register an account

Unlock full posting privileges

Ask a question

No registration required
Post Reply

[APP MOD] Exchange Security Bypass (No PIN/No Admin) - Android 4.1+ [v6.0]

OP craigacgomez

3rd July 2012, 11:07 PM   |  #1  
craigacgomez's Avatar
OP Senior Member
Flag Lake Forest, CA
Thanks Meter: 3,021
 
1,909 posts
Join Date:Joined: Jan 2010
Donate to Me
More
The Android Email application enforces various security policies such as PIN/password lockscreen, device administration. remote wipe, blocked attachments, etc. based on your Exchange server security requirements.

The aim of this patch is to bypass those security enforcements and allow you to set up an Exchange account without any security restrictions. This is achieved through various code modification in the AOSP Email application where security policies are checked and enforced. These modifications bypass the creation of the various security policies and forcefully makes the application think that all the security policies are enabled. For example, one part of this modification completely bypasses the Device Administrator creation and forcefully returns a true every time the code check if the account is a device administrator.

This modification is based on AOSP (or AOSP derivatives) and should work on any stock Google ROMs or AOSP-based ROMs like CyanogenMod, AOKP, ParanoidAndroid, Evervolv, SlimRoms, Carbon. There, however, is no guarantee that this will work on all ROMs or devices, especially OEM ROMs like Sense, Touchwiz, Blur, etc.

IMPORTANT:
Since this modification disables the enforcement of Exchange security policies, it may be illegal and may violate your workplace/school policies. If you chose to install and use this modification, please remember that you are doing so at your own discretion. I, craigacgomez, cannot and will not be held responsible for any issues, legal, technical or otherwise, that may arise due to the use of this modification.

The latest version of this modification is based on AOSP android-4.4.2_r1 (KOT49H) and should work on Android 4.1+. However, should you encounter any issues, please use the previous version of this patch.

PLEASE READ THROUGH THIS THREAD PROPERLY, ESPECIALLY THE KNOWN ISSUES AND INSTRUCTIONS


CHANGELOG:
v6.0
1. Rebased to AOSP android-4.4.2_r1 (KOT49H)
2. Made some modifications to the bypass code to fix issues with storage encryption
3. Improved robustness of the bypass logic
4. Added backuptools script for custom ROMs like CyanogenMod, SlimRoms, etc. which will automatically restore the mod after re-flashes and/or updates to the ROM. Credit @BlackFang171


v5.0.1
1. Fix manual user app install on Google Stock ROMs. Only the manual install package has been updated.

v5.0
1. Built using AOSP android-4.4_r1.1 (KTR16O)
2. Rebuilt the modification from ground up and added several bypasses to improve robustness of the modification
3. Disables remote wipe functionality
4. No longer requires modifications in the Exchange apk. All modification are in Email apk
4. Should also work on any Google stock/AOSP-based ROMs running Android 4.1.x, 4.2.x & 4.3.x (untested)

v4.0
1. Rebased to the CM-10.2 (Android 4.3) source. This release is only intended for Android 4.3.x. For prior versions of Android, flash the appropriate mod release below.

v3.1
1. Small bugfixes to "really" make sure that we fake that all security policies are active. This is basically making "really" sure that the device does not ask you to set up any security policies. It can be safely flashed over v3.0 without having to remove & re-setup the account. However, updating from any earlier version would still require you to remove and re-setup the account.

v3.0
1. Built using the latest updates from the CyanogenMod 10.1 (Android 4.2.2) source as of July 20, 2013.
2. Published source code to GitHub (link below)
3. Fixes and updates to the patch changes
4. No longer requires that the account be setup as a "Device Administrator"

v2.0
1. Built using the CyanogenMod 10.1 (Android 4.2.2) source
2. Some nice additions and fixes over the AOSP version like LED notification support, blocked attachment extensions selection and more.


INSTRUCTIONS [RECOVERY VERSION]:
1. Download the zip file named ExchangeNoPIN-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Flash the zip using ClockworkMod Recovery, TWRP or a similar recovery
5. Wipe cache & dalvik-cache
6. Reboot and set up you Exchange account(s)

INSTRUCTIONS [MANUAL USER APP INSTALL]: (UNTESTED)
1. Download the zip file named ExchangeNoPINNoRoot-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Stock ROMs: Disable/freeze EmailGoogle.apk (com.google.android.email) & Exchange2Google.apk (com.google.android.exchange)
5. AOSP-based ROMs: Uninstall/remove Email.apk (com.android.email)
6. Stock ROMs: Extract the zip file and install Email.apk & Exchange2.apk
7. AOSP-based ROMs: Extract the zip file and install Email.apk
8. Reboot and set up you Exchange account(s)

INSTRUCTIONS [MANUAL SYSTEM APP INSTALL]:
1. Download the zip file named ExchangeNoPIN-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Stock ROMs: Uninstall/remove EmailGoogle.apk (com.google.android.email) & Exchange2Google.apk (com.google.android.exchange)
5. AOSP-based ROMs: Uninstall/remove Email.apk (com.android.email)
6. Stock ROMs: Extract the zip file and copy Email.apk & Exchange2.apk to /system/app
7. AOSP-based ROMs: Extract the zip file and copy Email.apk to /system/app
8. Reboot and set up you Exchange account(s)

KNOWN ISSUES
None that I know of!

IMPORTANT:
1. For patch version 4.0 and earlier, you need to have a device with a custom recovery or a rooted device.
2. Root is not required unless you wish to apply this patch manually by replacing the files in /system/app.
3. After you flash this, make sure you DO NOT replace the Email or Exchange apks with themed versions or you will have issues.
4. If you use the ExchangeNoPIN-xxxx zip version, you may need to reflash this every time you update your ROM.
5. Before upgrading to a newer version of this patch (example v2.0 to v3.0), you need to remove all existing Exchange accounts.

CREDITS:
The base of this modification is the EmailPolicyPatch created by rustamabd. I have made these change to the AOSP source rather than smali patches to pre-compiled version and I have expanded the capabilities of the modification.

DOWNLOAD v6.0 (Android 4.1+):
ExchangeNoPIN-v6.0.zip
ExchangeNoPINNoRoot-v6.0.zip


DOWNLOAD v5.0 (Android 4.1+):
ExchangeNoPIN-v5.0.zip
ExchangeNoPIN-Manual-v5.0.1.zip

DOWNLOAD v4.0 (Android 4.3.x):
ExchangeNoPIN-4.3.x.zip

DOWNLOAD v2.0 (Android 4.2.x):
ExchangeNoPIN-4.2.x.zip

DOWNLOAD v1.0 (Android 4.1.x):
Stock OTA Android 4.1.x
AOSP Android 4.1.x
CM10 Android 4.1.x


SOURCE (Android 4.4.x):
GitHub

SOURCE (Android 4.3.x/4.2.x):
GitHub
Last edited by craigacgomez; 17th December 2013 at 01:11 AM. Reason: android-4.4.2_r1
The Following 217 Users Say Thank You to craigacgomez For This Useful Post: [ View ]
3rd July 2012, 11:34 PM   |  #2  
Member
Flag New Jersey
Thanks Meter: 4
 
46 posts
Join Date:Joined: Sep 2010
More
This is exactly what I'm looking for but seems like the link is dead - 404's.

Edit: Thanks for the updates! Works beautifully!
Last edited by pchuk815; 12th September 2012 at 06:39 PM.
4th July 2012, 12:08 AM   |  #3  
Junior Member
Thanks Meter: 2
 
18 posts
Join Date:Joined: Jun 2012
Please re-up!
Thanks, this seems to work. I can get my company email without a pin lock. Great!

Now... every time I try to open the phone dialer I get:
"Unfortunately, Contacts has stopped"
Am I alone in this?
Last edited by matt68000; 4th July 2012 at 11:47 AM.
4th July 2012, 01:56 AM   |  #4  
craigacgomez's Avatar
OP Senior Member
Flag Lake Forest, CA
Thanks Meter: 3,021
 
1,909 posts
Join Date:Joined: Jan 2010
Donate to Me
More
Didn't realise XDA attachments were broken... added new download link to OP!!
The Following 2 Users Say Thank You to craigacgomez For This Useful Post: [ View ]
4th July 2012, 02:32 PM   |  #5  
Member
Flag New Jersey
Thanks Meter: 4
 
46 posts
Join Date:Joined: Sep 2010
More
Works perfectly. Even syncs my calendar which for some reason never worked on Froyo or GB.
4th July 2012, 03:52 PM   |  #6  
Senior Member
Thanks Meter: 14
 
173 posts
Join Date:Joined: Mar 2007
More
Are there any diff between ICS's email client and JB's email client?
4th July 2012, 08:58 PM   |  #7  
Junior Member
Thanks Meter: 0
 
8 posts
Join Date:Joined: Feb 2008
I think the link is dead again (in a different way). I tried removing the key parameter from the end of the download URL and managed to get a file but get a Status 6 in ClockworkMod when installing even after attempting to re-sign.

[user@host jellybean]$ md5sum ExchangeNoPIN-JRN84D.zip
47d88ad677b4b8d24d1581ab30edc275 ExchangeNoPIN-JRN84D.zip
Last edited by djg08642; 4th July 2012 at 09:04 PM. Reason: added md5sum matching
4th July 2012, 11:38 PM   |  #8  
Senior Member
Thanks Meter: 69
 
711 posts
Join Date:Joined: Jan 2008
Quote:
Originally Posted by djg08642

I think the link is dead again (in a different way). I tried removing the key parameter from the end of the download URL and managed to get a file but get a Status 6 in ClockworkMod when installing even after attempting to re-sign.

[user@host jellybean]$ md5sum ExchangeNoPIN-JRN84D.zip
47d88ad677b4b8d24d1581ab30edc275 ExchangeNoPIN-JRN84D.zip

It just sits and sits but never actually downloads. Tried it on Chrome-Mac.
4th July 2012, 11:46 PM   |  #9  
Junior Member
Thanks Meter: 2
 
18 posts
Join Date:Joined: Jun 2012
New link
I'll just mirror it here:
internetonastick.net/tmp/ExchangeNoPIN-JRN84D.zip

[edit, original torrent not working, Transmission Tracker announce borked]
I created a torrent of the original zip.

magnet:?xt=urn:btih:8994226f9aaa3bc0514274808a1d41 3adb274adf&dn=ExchangeNoPIN-JRN84D.zip&tr=http%3A%2F%2Ftracker.openbittorrent. com%3A80%2Fannounce&tr=http%3A%2F%2Ftracker.public bt.com%3A80%2Fannounce&tr=http%3A%2F%2Ftracker.bit torrent.am%3A80%2Fannounce&tr=http%3A%2F%2Fvip.tra cker.thepiratebay.org%2Fannounce&tr=http%3A%2F%2Ft pb.tracker.thepiratebay.org%2Fannounce&tr=http%3A% 2F%2Ftracker.torrentbox.com%3A2710%2Fannounce&tr=h ttp%3A%2F%2Ftracker.thepiratebay.org%2Fannounce&tr =http%3A%2F%2Ftracker.torrentbox.com%3A2710%2Fanno unce
Last edited by matt68000; 5th July 2012 at 09:38 PM.
5th July 2012, 12:30 AM   |  #10  
Account currently disabled
Thanks Meter: 269
 
1,586 posts
Join Date:Joined: Oct 2011
Nice work,Thanks for your work!

Post Reply Subscribe to Thread

Tags
android, exchange, jellybean, no pin, security bypass
Previous Thread Next Thread
Thread Tools Search this Thread
Search this Thread:

Advanced Search
Display Modes