[INDEX] How to get Signature Spoofing support

Search This thread
By:
Advanced…
D

DrWu

Senior Member
Feb 10, 2015
107
3
Do I understand that I can use NanoDriod to apply a Signature Spoofing patch to the stock ROM on my (rooted) Moto G7 provided I Deodex it first?
 
D

DrWu

Senior Member
Feb 10, 2015
107
3
Let me ask in a fashion that might produce some useful information. Provided I've met all the preliminary requirements (unlocked bootloader, rooted, deleted Google Play Services, deodexed, yadda, yadda, yadda), is there a high probability that either Haystack, Tingle or the NanoDroid Patcher will enable Signature Spoofing on any random stock Android Pie ROM? IOW, is this a one-size-fits-all solution, provided it's a ROM that will allow you to meet all the preliminary requirements?
 
Last edited:
kurtn

kurtn

Senior Member
Jan 28, 2017
5,214
2,374
Small town in Bavaria
POCO M2 Pro
OnePlus Nord N10 5G
DrWu said:
Let me ask in a fashion that might produce some useful information. Provided I've met all the preliminary requirements (unlocked bootloader, rooted, deleted Google Play Services, deodexed, yadda, yadda, yadda), is there a high probability that either Haystack, Tingle or the NanoDroid Patcher will enable Signature Spoofing on any random stock Android Pie ROM? IOW, is this a one-size-fits-all solution, provided it's a ROM that will allow you to meet all the preliminary requirements?
Click to expand...
Click to collapse
Yes, I see high probably that you will find a way to enable signature spoofing in a stock ROM. And there is smali patcher, if the other methods fail. No need to deodex. Only magisk needed.
 
  • Like
Reactions: DrWu
V

vanbinsbergen

Member
Mar 10, 2020
48
7
Hi,

I'm coming from [ROM][BETA][UNOFFICIAL] LineageOS 17.1 for Galaxy A70 https://xdaforums.com/galaxy-a70/development/rom-lineageos-17-0-galaxy-a70-t3989807/page19

Hence the question get too specific for that topic, i'm posting it here.

Everything went well so now it's time for Signature spoofing so microG can be installed.

But now i see this topic is years old and the guide Is a little out dated.

- Xposed guy has gone up in the wind as i understand. Back then he didn't support Android 10.
- As for all the Nanodroid patches, they don't work for Android 10.
- Haystack go's to android 9
- Needle mashes up magisk

There's also tingle. But that one doesn't have that much documentation to know if it's gonna work. https://github.com/ale5000-git/tingle

Anyone knows how to help Lingeage OS 17.1 users on a Samsung A70 to a Google victory?

Thanks!
 
Last edited:
kurtn

kurtn

Senior Member
Jan 28, 2017
5,214
2,374
Small town in Bavaria
POCO M2 Pro
OnePlus Nord N10 5G
vanbinsbergen said:
Hi,

I'm coming from [ROM][BETA][UNOFFICIAL] LineageOS 17.1 for Galaxy A70https://xdaforums.com/galaxy-a70/development/rom-lineageos-17-0-galaxy-a70-t3989807/page19

Hence the question get too specific for that topic, i'm posting it here.

Everything went well so now it's time for Signature spoofing so microG can be installed.

But now i see this topic is years old and the guide Is a little out dated.

- Xposed guy has gone up in the wind as i understand. Back then he didn't support Android 10.
- As for all the Nanodroid patches, they don't work for Android 10.
- Haystack go's to android 9
- Needle mashes up magisk

There's also tingle. But that one doesn't have that much documentation to know if it's gonna work. https://github.com/ale5000-git/tingle

Anyone knows how to help Lingeage OS 17.1 users on a Samsung A70 to a Google victory?

Thanks!
Click to expand...
Click to collapse
Smali patcher
 
V

vanbinsbergen

Member
Mar 10, 2020
48
7
Thanks!!

Smali patcher states :


CERTAIN PATCHES WILL NOT WORK WITH ANDROID 10, ANDROID 10 SUPPORT IS CONSIDERED ALPHA.. YOU HAVE BEEN WARNED.
Click to expand...
Click to collapse

Little scary to me. Anyone knows if the spoofing module works?

Thanks again. Victory is near
 
Last edited:
V

vanbinsbergen

Member
Mar 10, 2020
48
7
kurtn said:
Worked for me. More scary: people report the windows program makes strange internet connections. And the module is not restrictive concerning what apps to allow spoofing.
Click to expand...
Click to collapse

Yeah man. That's it with all the rooting developers. You need to trust them. I don't. It's a risk.

https://www.hybrid-analysis.com/sample/d6300b7db5076e5a1c290b98dace01b42ffa01082ec24f3367ef68b48a3380b9?environmentId=120

Incident Response
Risk Assessment
Fingerprint
Queries kernel debugger information
Reads the active computer name
Reads the cryptographic machine GUID
Evasive
Possibly tries to evade analysis by sleeping many times
Network Behavior
Contacts 4 hosts.
MITRE ATT&CK™ Techniques Detection
This report has 15 indicators that were mapped to 11 attack techniques and 9 tactics.

Indicators
Not all malicious and suspicious indicators are displayed. Get your own cloud service or the full version to view all details.

Malicious Indicators4
External Systems
Sample was identified as malicious by at least one Antivirus engine
Network Related
Malicious artifacts seen in the context of a contacted host
Multiple malicious artifacts seen in the context of different hosts
Uses network protocols on unusual ports
Suspicious Indicators15
Anti-Detection/Stealthyness
Queries kernel debugger information
Anti-Reverse Engineering
Creates guarded memory regions (anti-debugging trick to avoid memory dumping)
PE file has unusual entropy sections
Environment Awareness
Possibly tries to evade analysis by sleeping many times
Reads the active computer name
Reads the cryptographic machine GUID
External Systems
Found an IP/URL artifact that was identified as malicious by at least one reputation engine
General
Reads configuration files
Installation/Persistance
Monitors specific registry key for changes
System Security
Modifies Software Policy Settings
Unusual Characteristics
Installs hooks/patches the running process
Reads information about supported languages
Hiding 3 Suspicious Indicators
All indicators are available only in the private webservice or standalone version
Informative15
Environment Awareness
Queries volume information
General
Accesses Software Policy Settings
Accesses System Certificates Settings
Contacts server
Contains PDB pathways
Creates mutants
Drops files marked as clean
Loads the .NET runtime environment
Installation/Persistance
Connects to LPC ports
Dropped files
Touches files in the Windows directory
Network Related
Found potential URL in binary/memory
System Security
Creates or modifies windows services
Opens the Kernel Security Device Driver (KsecDD) of Windows
Unusual Characteristics
Matched Compiler/Packer signature
File Details
All Details:
SmaliPatcher.exe
Filename
SmaliPatcher.exe
Size
961KiB (983552 bytes)
Type
peexe assembly executable
Description
PE32 executable (GUI) Intel 80386 Mono/.Net assembly, for MS Windows
Architecture
WINDOWS
SHA256
d6300b7db5076e5a1c290b98dace01b42ffa01082ec24f3367ef68b48a3380b9Copy SHA256 to clipboard
Compiler/Packer
Microsoft visual C# v7.0 / Basic .NET
PDB Timestamp
02/03/2019 10:32:44 (UTC)
PDB Pathway
C:\Users\Pauly\Documents\Visual Studio 2015\Projects\SmaliPatcher\obj\Release\SmaliPatcher.pdb
Resources
Language
NEUTRAL
Icon
Sample Icon
Visualization
Input File (PortEx)
PE Visualization
Version Info
Translation
0x0000 0x04b0
LegalCopyright
Copyright 2017
Assembly Version
0.0.3.7
InternalName
SmaliPatcher.exe
FileVersion
0.0.3.7
CompanyName
fOmey
LegalTrademarks
-
Comments
-
ProductName
SmaliPatcher
ProductVersion
0.0.3.7
FileDescription
SmaliPatcher
OriginalFilename
SmaliPatcher.exe
 
Last edited:
Setialpha

Setialpha

Senior Member
Jul 24, 2011
2,555
5,890
Nürnberg
www.nanolx.org
OnePlus 7T
vanbinsbergen said:
Hi,

I'm coming from [ROM][BETA][UNOFFICIAL] LineageOS 17.1 for Galaxy A70https://xdaforums.com/galaxy-a70/development/rom-lineageos-17-0-galaxy-a70-t3989807/page19

Hence the question get too specific for that topic, i'm posting it here.

Everything went well so now it's time for Signature spoofing so microG can be installed.

But now i see this topic is years old and the guide Is a little out dated.

- Xposed guy has gone up in the wind as i understand. Back then he didn't support Android 10.
- As for all the Nanodroid patches, they don't work for Android 10.
- Haystack go's to android 9
- Needle mashes up magisk

There's also tingle. But that one doesn't have that much documentation to know if it's gonna work. https://github.com/ale5000-git/tingle

Anyone knows how to help Lingeage OS 17.1 users on a Samsung A70 to a Google victory?

Thanks!
Click to expand...
Click to collapse

NanoDroid Patcher is a frontend for Haystack, just for your information. So they have the same compat level.
 
V

vanbinsbergen

Member
Mar 10, 2020
48
7
Thanks mate,

For everyone who's reading: signature proofing can also be done with SMALI PATCHER

---------- Post added at 09:47 PM ---------- Previous post was at 09:47 PM ----------

Thanks mate,

For everyone who's reading: signature proofing can also be done with SMALI PATCHER
 
I

Incognito777

Member
Oct 5, 2015
44
5
Xiaomi Mi 10i
Hey! Guys
I am using the AEX 7.2 Rom, problem is that Spoof Package Signature is empty. How do I get to toggle MicroG??
 

Attachments

  • Screenshot_20200530-034548988.jpg
    Screenshot_20200530-034548988.jpg
    145.9 KB · Views: 166
  • Screenshot_20200530-034701027.jpg
    Screenshot_20200530-034701027.jpg
    162.5 KB · Views: 164
  • Screenshot_20200530-034731300.jpg
    Screenshot_20200530-034731300.jpg
    188.4 KB · Views: 164
kurtn

kurtn

Senior Member
Jan 28, 2017
5,214
2,374
Small town in Bavaria
POCO M2 Pro
OnePlus Nord N10 5G
Incognito777 said:
Yes sir! Thanks for responding! :good: Safety net fails, need to install my banking apps, lastly whatsapp works fine but does not back up. Thanks once again.
Click to expand...
Click to collapse
Your issue is in no way related to signature spoofing. Best place to discuss failing safety net is magisk thread.

For banking i would use iPhone
 
  • Like
Reactions: DavidxxxD and Incognito777
You must log in or register to reply here.

Similar threads

S
[GUIDE] [HOW-TO] Install Adobe Flash Player on Android 4.1 Jelly Bean/ Android 4.4
Replies
1K
Views
3M
dasdsad1
dasdsad1
lokeshsaini94
  • Locked
[CLOSED] [GUIDE] [how to] CREATE OWN ROM [FOR ANY ANDROID DEVICE] [FOR N00B] [EASIEST METHODS]
Replies
1K
Views
1M
Oswald Boelcke
Oswald Boelcke
K
Support List of KingRoot [Samsung]
Replies
284
Views
937K
Tousifmeer
Tousifmeer
zbeyuz
Haipai Noble i9220 5.2 inch MTK6575 Android 4.0 Firmware, Custom ROMs!
Replies
2K
Views
924K
A
Anonymous_Gamer
C
[GUIDE] How to enter developer mode on 2017 Honda Civic (and now root & install apps)
Replies
3K
Views
893K
mvmnts666
mvmnts666

Top Liked Posts

24 Hours All time
  • There are no posts matching your filters.
  • 53
    lee.wp14
    lee.wp14

    5c2cf64616b6d.jpg

    Beware, you are about to enter a dangerous zone!

    I N T R O D U C T I O N
    Signature Spoofing is a feature that allow apps to impersonate themselves as other apps. It works by faking the package signature of an app as the one that the app is trying to spoof.
    This feature is common among microG users, as it is required for microG's custom implementation of Google Play Services to work fine.
    If you do not understand what microG is, you should consider leave this page. You are probably trying to do something dangerous. If you know exactly what you are doing, you may however proceed at your own risk :)
    Thanks to @Primokorn for starting this thread and maintaining the list previously!

    I M P L E M E N T A T I O N
    You have 3 options. Read carefully to determine which option suits you the best.
    O P T I O N 1 : Xposed Module
    If you are a Xposed user, and you need a hassle-free implementation method, go ahead and get the FakeGApps module designed for microG!​
    O P T I O N 2 : System Patch
    If you want a more persistent, perfect approach, you may patch your system to have Signature Spoofing feature supported.​
    There are quite a number of Signature Spoofing patch out there, mainly Haystack, Needle/Tingle, and NanoDroid patcher. It is advisable to use this approach on deodexed systems only.​
    Haystack and Tingle requires a PC and some basic knowledge on running scripts, while NanoDroid patcher is actually a flashable ZIP - it patches your system on-the-fly.​
    Additionally, Haystack provides a patch for Settings app that allows you to turn Signature Spoofing on and off in Developer Options.​
    Haystack - GitHub
    Tingle - GitHub
    NanoDroid Patcher - Direct | GitLab | XDA Forum
    O P T I O N 3 : Use supported ROM
    There are quite a number of ROMs which comes with Signature Spoofing support. Some is enabled globally, some requires you to enable it in Developer Options, while some requires you to grant Signature Spoofing explicitly (managed by AppOps). However, do take note that there are still a few Android distributions which rejects merging of Signature Spoofing implementation commit, commented that implementing Signature Spoofing is to introduce a big security hole.​
    Below is a list of Custom ROMs that supports Signature Spoofing officially:​
    • AospExtended (AEX)
    • Android Ice Cold Project (AICP)
    • AIMROM
    • Android Open Source Illusion Project (AOSIP)
    • ArrowOS
    • CarbonROM
    • Corvus ROM
    • crDroid
    • dotOS
    • Ground Zero ROMs (GZOSP)
    • Havoc-OS
    • LineageOS for MicroG
    • MSM-Xtended
    • OmniROM
    Inactive Custom ROMs with official Signature Spoofing support :​
    • Android Open Source G-OS Project (AOSGP)
    • Atomic-OS
    • Cardinal-AOSP
    • CitrusCAF
    • HalogenOS
    • Hexa-Project
    • MarshRom
    • nAOSProm
    • Nitrogen OS
    • Tugapower
    • Validus
    • ViperOS
    • XOSP
    N O T A N O P T I O N : For Developers
    MicroG personally provides Signature Spoofing patches on GitHub, however those patches do not include a switch for toggling Signature Spoofing.​
    Developers can refer to commits on Omni's gerrit, which includes a switch for Signature Spoofing in Developer Options (commit 1, commit 2). You can however and also highly recommended, refer to more latest commits from other ROMs.​
    For Android 4.4, I personally have adapted the commit from Omni's to make it works for Android 4.4.4 (commit 1, commit 2, commit 3).​

    OLD

    microg.png

    Introduction
    microG GmsCore is a FLOSS (Free/Libre Open Source Software) framework to allow applications designed for Google Play Services to run on systems, where Play Services is not available. If you use your phone without GAPPS this might become a useful tool for you.
    microG GmsCore is one of the two core components of the microG project.

    XDA Thread | Wiki
    Click to expand...
    Click to collapse


    IF YOU WANT A XPOSED MODULED
    You can simply use this Xposed module: FakeGapps (tested on Oreo 8.1 by @kurtn)



    IF YOU DO NOT USE XPOSED
    You can use Tingle but you have to run it each time you install a new ROM or a dirty flash. The ROM has to be deodexed. Thanks @ale5000
    Haystack is also a solution.
    Do you know NanoDroid? It's a microG installer with a large selection of useful apps. Additionally there is a flashable zip to patch your ROM. It automatically re-patches after a dirty flash (e.g. OTA update). No adb/PC required! (thanks @Setialpha)

    Your last option is to use a custom ROM that includes the signature spoofing patch. Here is the list:
    The signature spoofing option is normally available at the bottom of the dev options or in Settings > Apps > Advanced (gear icon) > Additional permissions. Or simply ask the permission from microG's self-check screen.

    • AEX AospExtended
    • AICP
    • AimRom
    • AOSGP
    • Android Open Source Illusion Project (AOSIP)
    • AtomicOS
    • CarbonROM
    • Cardinal-AOSP
    • CitrusCAF
    • crDroid
    • dotOS
    • Ground Zero Roms aka GZR: Tipsy
    • HalogenOS
    • Havoc-OS
    • Hexa-Project
    LineageOS (unofficial builds for several devices) thanks to @Simon94 // Official website: https://lineage.microg.org/
    • MarshRom
    • nAOSProm
    • NitrogenOS
    • OmniROM
    • Tugapower
    • Validus (Oreo at least)
    • ViperOS
    • XOSP


    Signature spoofing is also supporting on these specific custom ROMS:
    Click here

    Thanks to all these developers!!!



    PENDING REQUESTS TO INCLUDE SIGNATURE SPOOFING IN THE FOLLOWING CUSTOM ROMS
    None
    Click to expand...
    Click to collapse

    CLOSED REQUESTS
    • LineageOS → Rejected / Thread on XDA
    • Dirty Unicorns → Rejected
    • Resurrection Remix → Probably rejected since no answer from 2 maintainers despite my reminders...
    • Phoenix AospExtended (OP3/3T) → Accepted
    Click to expand...
    Click to collapse


    Notes:
    1. I won't check every ROM thread on XDA so feel free to tag me or post a comment below
    2. You will probably have to enable the signature spoofing in the dev options. Then check microG settings app > Self-Check.
    3. Have a look at the development section of your device specific forum. You may find one of these custom ROMS!
    View
    5
    kurtn
    kurtn
    DualJoe said:
    Anyone having success with fakegapps and lsposed on LOS18.1? I whitelisted nearly everything and it says system is able to spoof signature but gmscore and fakestore still show as unspoofed.
    Click to expand...
    Click to collapse
    There are several procedures available like
    Or
    Signature Spoofing for Android 11
    Guide by bluede-v Will

    First of all Flash your ROM and Magisk (you need to download the latest version to get Magisk working on Android 11)

    Click on Build number (7x) to enable Developer Options

    After that enable ADB-Debugging and Root-ADB-Debugging in your ROM in case of LineageOS go to Setting -> System -> Developer Options

    So Lets go this is the more complicated part. but also really easy if you done it once.

    I'm using Debian Linux but it should be possible on every OS. In Windows use the Linux Subsystem.

    You need to have ADB installed on your System tho.

    ADB link: https://adbdownload.com

    First of all you need to download this 2 Files:

    spoof_AVDapi30.zip.ONLY'MAGISK&ANDROID-STUDIO · 11-attempt · oF2pks / Haystack · GitLab

    GitLab.com
    gitlab.com gitlab.com


    Rename "spoof\_AVDapi30.zip.ONLY'MAGISK&ANDROID-STUDIO" to "spoof\_AVDapi30.zip"

    Next Download this zip: https://gitlab.com/oF2pks/haystack/-/archive/11-attempt/haystack-11-attempt.zip

    Also download this jar file: https://github.com/DexPatcher/dexpa...nload/v1.8.0-beta1/dexpatcher-1.8.0-beta1.jar

    So now unzip the haystack-11-attempt.zip and put the dexpatcher.jar file into to Folder.

    This part I use Bash shell in Linux.
    Bash:
    adb pull /system/framework/services.jar

    java -jar dexpatcher-1.8.0-beta1.jar -a 11 -M -v -d -o ./ services.jar 11-hook-services.jar.dex 11core-services.jar.dex
    (After that Command you should have 4 files all named classes*.dex)
    Bash:
    mkdir repack

    zip -j repack/services.jar classes*.dex
    After that you should have a new services.jar in your repack Folder.

    Now You need to open the spoof\_AVDapi30.zip go in /system/framework/ and delete the old services.jar and put your own file in. that's in your repack Folder.

    Don't ruin the zip-format of the file tho because otherwise Magisk will cry while install.

    After that put your spoof-AVDapi30.zip and your microG\_AVDx86api30\_magiskMaRViN.zip on your Phone and Flash via Magisk.

    Reboot and you hopefully have Signature spoofig working. If you run in any Problems check out the GitHub Links here. there will be comments that maybe will help.

    View
    3
    G
    gleenfield97
    Installation guide for supported ROM

    This is how I installed microG without using NanoDroid.

    I use Lineage MicroG as reference, which has the following files:
    Code: 
    /system/priv-app/GmsCore.apk
/system/priv-app/FakeStore.apk
/system/etc/permissions/privapp-permissions-GmsCore.xml
/system/etc/permissions/privapp-permissions-FakeStore.xml

    Instructions:
    1. Enable signature spoofing in the ROM setting (when relevant, some ROMs enable by default).
      havos-signature-spoofing.png
    2. Flash microg.zip using TWRP.
    3. Grant microG the necessary permissions through its settings.
      1. If that doesn't work, try using adb shell
        Code: 
        pm grant com.google.android.gms android.permission.FAKE_PACKAGE_SIGNATURE
pm grant com.android.vending android.permission.FAKE_PACKAGE_SIGNATURE
    4. (Recommended) Install Aurora Droid to easily update microG. Aurora Droid is a more user-friendly alternative of the official F-Droid client.
      1. Enable microG repo in Aurora Droid.
      2. (Optional) Flash aurora-services.zip. This enables auto update in Aurora Droid; after flash, in Aurora Services app, whitelist Aurora Droid and grant necessary permissions. Then in Aurora Droid settings, choose Aurora Services as installation method.
    5. Install UnifiedNlp, MozillaNlpBackend (Apple Nlp is better, but proprietary), and NomatimNlpBackend. All available in Aurora Droid.
    6. (Optional) Install the GsfProxy (from Aurora Droid).
    7. Grant spoofing permission (via adb shell):

    adb shell doesn't need root/su since the permission xml is already in the /system.

    Optional: Use Aurora Store to install play store apps.

    SHA256SUMS:
    Code: 
    89860079b63ec895991637dde9a052592afe49c4eed2f8d1e0df9722418ae1ad  aurora-services-1.0.6.zip
d53996741a12570612ffa48e90277a97092b01723de2fd4afba6b2ea6b8c054f microG-0.2.16.204713.zip

    Edit (01/01/2021):
    • Aurora Services 1.0.6
    • microG 0.2.16.204713
    • Removed discontinued Yalp Store
    • Removed Aurora Store & GsfProxy; installable via Aurora Droid.
    • Removed F-Droid, replaced by Aurora Droid+Services

    Edit (27/01/2020):
    • Aurora Store 3.1.8
    • F-Droid 1.7.1
    • GsfProxy 0.1.0 (official-signed, was NanoDroid-signed)
    • microG 0.2.10.19420 (includes official APK
    • Removed discontinued NanoDroid's microG and GsfProxy
    View
    2
    MSe1969
    MSe1969
    Hi,

    I regularly build updates (hosted on AFH) containing the microG patch for following devices (I've included the links to the most current builds):


    However, I do not 'own' dedicated threads for them, I post my updates in respective device/ROM threads.
    Regards, M.
    View
    2
    dic1911
    dic1911
    Hey there, the patch was merged some days ago by me to XOSP, @Primokorn could you add XOSP to the list?
    check the commit here
    View

New posts