HiddenCore Module - what was it doing

Search This thread

flamery

Senior Member
Feb 24, 2011
158
42
Found this module, although it didn't look too legit, I thought if it does what it really says it does then it would be very useful (bypass safetynet, disable all root detection, selinux, bypass signature verification etc) so i installed it.

Anyway now I see its been removed from the repository. I'm guessing it was not legit after all, anyway other than decompiling the apk file to see what it was doing, is there anyway to find out why it was removed and what potential damage/data has been done to my device?


Edit, the link: https://repo.xposed.info/module/com.cofface.invader
 

Mysticblaze347

Senior Member
Jun 12, 2018
523
185
I was wondering this as well. I had and it was gone. Have yet to find another one that allows full safteynet pass. Wonder why it was removed
 

flamery

Senior Member
Feb 24, 2011
158
42
I was wondering this as well. I had and it was gone. Have yet to find another one that allows full safteynet pass. Wonder why it was removed

I suspect it wasn't actually doing anything it claimed to do. I noticed my screen was staying on for some reason, then I realised it was caused by that app. I was a bit concerned it was actually a RAT or some malware sending off all my private data somewhere.

If I get time this weekend I might try decompile it and have a look I still have the apk file, have just disabled it in xposed.
 
I suspect it wasn't actually doing anything it claimed to do. I noticed my screen was staying on for some reason, then I realised it was caused by that app. I was a bit concerned it was actually a RAT or some malware sending off all my private data somewhere.

If I get time this weekend I might try decompile it and have a look I still have the apk file, have just disabled it in xposed.

This tool probably can help:

https://forum.xda-developers.com/xposed/release-deckard-static-dynamic-xposed-t3901260

But it would be interesting to know the reason from who removed it from the repository.

On XDA Labs App xposed section it is listed yet an has some positive feedbacks (fake?)
 

Mysticblaze347

Senior Member
Jun 12, 2018
523
185
I suspect it wasn't actually doing anything it claimed to do. I noticed my screen was staying on for some reason, then I realised it was caused by that app. I was a bit concerned it was actually a RAT or some malware sending off all my private data somewhere.

If I get time this weekend I might try decompile it and have a look I still have the apk file, have just disabled it in xposed.

I noticed my screen not auto shutting off either unless in gallery r something, but not main screen. Did seem like phone got a lil sluggish as well.

I extracted the app and noticed that sdk says 22 when I need 24 lol. Can't re-apk app tho. Zip and renaming don't cut it.

This app seemed to being doing what it intended from what I seen. Magisk fully passed safteynet. Basic integrity mainly. Cts is already green on my end from no device check module. This does both green check marks.
 
Last edited:

lahceneamine

Senior Member
Jul 8, 2011
651
268
Algiers
I suspect it wasn't actually doing anything it claimed to do. I noticed my screen was staying on for some reason, then I realised it was caused by that app. I was a bit concerned it was actually a RAT or some malware sending off all my private data somewhere.

If I get time this weekend I might try decompile it and have a look I still have the apk file, have just disabled it in xposed.
It was working until I updated to the latest riru v15 and edxposed.
Without it my banking app isn't working anymore (detects xposed, root,.. Etc).
 

2777

New member
Jun 14, 2008
3
0
Thanks, it work, if anybody detect lost money from you card, please, tell me, I will off this danger module
 

WowkaZ

Member
Mar 18, 2018
15
2
NetGuard shows, that HiddenCore Module has no internet connection.
P.S. My version of HiddenCore is 1.3 - and the screen goes asleep after 2 min (the fault with screen always on is since version 1.5).
 
Last edited:

WowkaZ

Member
Mar 18, 2018
15
2
No. But I maybe can upload the version 1.5, tomorrow.
Would it help?
 
Last edited:

2777

New member
Jun 14, 2008
3
0
is version 1.7, is there any way to make the screen according to the Gus settings, and not constantly burning with this module?
 

Top Liked Posts

  • There are no posts matching your filters.
  • 43
    Here is the module but without the "always on screen".
    All I did was took the original module, baksmalied it, found the switch for the screen always on, patched so it would be always false, smalied back and resigned. Of course you shouldn't trust me, so you can do it by yourself.

    UPD: Forgot to say, that if you have the original module installed, you should remove it first, or else there is a high chance that the install will fail because of mismatched signatures.
    11
    Found this module, although it didn't look too legit, I thought if it does what it really says it does then it would be very useful (bypass safetynet, disable all root detection, selinux, bypass signature verification etc) so i installed it.

    Anyway now I see its been removed from the repository. I'm guessing it was not legit after all, anyway other than decompiling the apk file to see what it was doing, is there anyway to find out why it was removed and what potential damage/data has been done to my device?


    Edit, the link: https://repo.xposed.info/module/com.cofface.invader
    6
    I actually used this code as reference when was searching for the switch in the smali. The line in question is
    Code:
    systemwideScreenOn = prefs.getBoolean("systemwide", true);
    (link) - you just gotta need to replace it with
    Code:
    systemwideScreenOn = false;

    And no, I saw nothing about Chrome, but the hooks seems to be too wide, hooking a little bit more than really is needed, so that may be the case.

    I'm not using Chrome though, prefering Firefox, so can't say.
    3
    I was wondering this as well. I had and it was gone. Have yet to find another one that allows full safteynet pass. Wonder why it was removed

    I suspect it wasn't actually doing anything it claimed to do. I noticed my screen was staying on for some reason, then I realised it was caused by that app. I was a bit concerned it was actually a RAT or some malware sending off all my private data somewhere.

    If I get time this weekend I might try decompile it and have a look I still have the apk file, have just disabled it in xposed.
    3
    Interesting, I must say.
    Read the whole thread in one sitting, it was better than any thing oh Netflix right now.
    And about GPay, freaking evil mothaeffers, I've always thought they were so totally being meme if you will, about that permission for pay...
    @Didgeridoohan, what's your take on what's discussed hehe? I believe there would be awesome benefiting from your knowledge.

    Honestly, not sure... Lots of conflicting info on the thread, so really hard to say anything and I'm not gonna install Xposed just to test.

    But, I'm a bit paranoid by nature and my spider sense is tingling slightly. Personally I would be careful...