UPDATE: Not even 24 hours and it fails SafetyNet now. I'm currently working on another solution.
Hi all. Long time lurker, first time developer. I created a modified version of the Xposed Framework that doesn't cause you to fail SafetyNet, even while it's enabled and active. Instructions:
Hi all. Long time lurker, first time developer. I created a modified version of the Xposed Framework that doesn't cause you to fail SafetyNet, even while it's enabled and active. Instructions:
- Remove any existing Xposed versions
- Get your phone in a state where it passes SafetyNet without Xposed (install a custom kernel to hide an unlocked bootloader, hide root with RootSwitch, etc.)
- Install the Xposed Installer app if you don't already have it
- Go to https://github.com/josephcsible/Xposed/releases/tag/v86a and download xposed-v86a-safetynet-josephcsible-sdk23-arm.zip
- Flash xposed-v86a-safetynet-josephcsible-sdk23-arm.zip from recovery
- Wipe cache and dalvik
- Reboot
- Do not turn off Xposed with RootSwitch with this build. It will probably break things because of differences in how app_process sits, and the entire point of this build is that you don't need to do this.
- The only build I made was for ARM and Marshmallow, because that's all I have to test on
- The official uninstaller won't work right with this version, so use my version of the uninstaller instead
- This passes SafetyNet as of November 2nd. It probably won't for very long.
- I made this build by compiling my own app_process, then editing it into the stock installer zip. I didn't recompile anything else or use the tools to make the zip.
- app_process32 is now a regular file instead of a symlink to app_process32_xposed.
- XposedBridge.jar is now called YqptfeBridge.jar (since SafetyNet checks the classpath for a file called XposedBridge.jar)
- I obfuscated many of the strings in the app_process binary with a simple Caesar cipher. The source for this is in the GitHub with the download link.
Last edited: