VirtualXposed Analysis/Module Development Thread

Search This thread

CarteNoir

Senior Member
Nov 26, 2012
106
46
For commercial/internal usage, it is a better choice than VirtualXposed. (Many organizations use the free and open-source VirtualXposed, and i maintain it for free but get few donations.

EXposed/TaiChi is free for ordinary users.
I guess that's pretty fair, you deserve more income for a project like this, it's pretty amazing. Thanks for your hard work. Would you be open to explaining how TaiChi works differently from VX?
 

weishu

Senior Member
Mar 8, 2018
52
568
Beijing
github.com
I guess that's pretty fair, you deserve more income for a project like this, it's pretty amazing. Thanks for your hard work. Would you be open to explaining how TaiChi works differently from VX?

VirtualXposed = VirtualApp + epic , it make the target app(such as YouTube) run in VirtualApp(and VirtualApp runs in system) , then make hooks in VirtualApp and loads the Xposed modules.
EXposed/TaiChi = Modified apk + epic, it modified the target apk and install it in system directly.

The stability of VirtualXposed depends on VirtualApp and epic, while EXposed/TaiChi only depends on epic. EXposed modify the apk, which may cause signature error. But we have Xposed to bypass the detect.

In a word, EXposed/TaiChi is much more stable than VirtualXposed, and the performance and the fluency of App is better than VirtualXposed. Some app like VPN/InputMethod can not take effect in VirtualXposed but EXposed/Taichi can. While VirtualXposed can run multi-app like Parallel Space, but EXposed/TaiChi can not.
 

CarteNoir

Senior Member
Nov 26, 2012
106
46
VirtualXposed = VirtualApp + epic , it make the target app(such as YouTube) run in VirtualApp(and VirtualApp runs in system) , then make hooks in VirtualApp and loads the Xposed modules.
EXposed/TaiChi = Modified apk + epic, it modified the target apk and install it in system directly.

The stability of VirtualXposed depends on VirtualApp and epic, while EXposed/TaiChi only depends on epic. EXposed modify the apk, which may cause signature error. But we have Xposed to bypass the detect.

In a word, EXposed/TaiChi is much more stable than VirtualXposed, and the performance and the fluency of App is better than VirtualXposed. Some app like VPN/InputMethod can not take effect in VirtualXposed but EXposed/Taichi can. While VirtualXposed can run multi-app like Parallel Space, but EXposed/TaiChi can not.

Thanks for the explanation, that's some incredible work! Will EXposed/TaiChi ever support users trying whatever modules they like (like VirtualXposed lets you try all modules, even if some don't work)? Or will it always be limited to the ones in the app currently?
 

Robert342

Senior Member
Oct 17, 2014
307
55
@akhilkedia94 maybe you can cooperate with some custom roms creators for build new with your app into system? On Android Pie will be the best for moment when official framework exist.

Wysłane z mojego Redmi 4X przy użyciu Tapatalka
 
Last edited:

Devilish_Angel

Senior Member
Nov 15, 2012
419
138
So at the end of the day, what should a normal user install? VirtualXposed, TaiChi or EXposed? Can you please explain their differences a bit to make it easier for people who don't know much about this? [emoji16]
 

grotesque02

Senior Member
Jan 28, 2011
987
76
Sorry @weishu but I can't find xinsta and grindrmod under download module (both are suported).
And most of module don't download, only fast open a chrome page.
What's wrong? I'm follow the guide
 

grotesque02

Senior Member
Jan 28, 2011
987
76
It would be better if you mention your setup like phone model, OS, IG version and of course, modules you are taking about? Then only you can expect someone to be able to help you...[emoji4]

Oneplus 3T with omnidragon rom (oreo 8.1)
MinMinGuard and grindrmod don't work (like module aren't intalled).
Of course with the right module/app version.
Same error with last taichi version
 

ariaaz

New member
Jan 3, 2019
2
0
bootloop

My device is honor 9 lite (LLD-L21) android 8.0.0.046 oreo sdk 26. I rooted my device and when i installed xposed framework and restarted ,it went into bootloop. How can i install xposed framework without getting into bootloop. please help me i need it :(
 

thedicemaster

Senior Member
May 10, 2009
1,761
863
My device is honor 9 lite (LLD-L21) android 8.0.0.046 oreo sdk 26. I rooted my device and when i installed xposed framework and restarted ,it went into bootloop. How can i install xposed framework without getting into bootloop. please help me i need it :(

you're in the wrong place for that.
this is not a support thread for the xposed framework, this is a development thread for a non-root alternative.
 
  • Like
Reactions: kkraines

Dev. Opt_Beta

Member
Feb 22, 2018
7
0
I'm using virtual xposed app in my none-root sam note3 and it's work very well but only with its kind of modules.Not all module work.And,i've lost that link where i've download and flash my device with it.,But i've lost my device also. My new Oppo A5s v.8.1.0 get me to ask someone here,Can or cannot it use virtual exposed?If can,href its links here.,Thanks..
 
Last edited:

Thanos Atha

Member
Oct 29, 2015
29
4
I try to connect my phone with TV via microHDMI, but it seems it doesn't support it.... ...so, Is there any "driver" MHL app or module, to make a support & connect every phone with TV via MicroHDMI (from Type C microUSB port & without device specific hardware support)???

Also, there is a serious problem with microG & app login redirects (Google Play Games, Fb login on PUBG etc.)..! #VirtualGyroscope

Can Root apps work? #OldVersions - ThanosAthaYT

PS: made android better!
 
Last edited:

Top Liked Posts

  • There are no posts matching your filters.
  • 16
    This thread is intended as an All-in-one discussion of VirtualXposed (https://forum.xda-developers.com/xposed/virtualxposed-xposed-root-unlock-t3760313), how it works, its safety/security issues, what works on it, its limitations and how to develop modules on it.

    What is VirtualXposed?

    An OPEN-SOURCE Container-like environment for running apks on Android, which allows the use of (some) xposed features without the need for root/xposed/unlocked bootloader etc. If this can be made trustable and stable, it has the potential to bring Xposed mods to a much wider community.

    How VirtualXposed works, based on a review of the source code and dev response -

    1. All apps run inside VirtualApp (https://github.com/asLody/VirtualApp) - A containter-like library (like docker) that wraps around some android system calls to allows to run apks as plugins inside the original app. The project is also mostly open-source, but there seem to be some propreitary code blocks as well (such as https://github.com/asLody/VirtualApp/tree/master/VirtualApp/app/libs/armeabi-v7a). Its not free for commercial use though, that requires the purchase of a license. The dev maintains and independent fork of VirtualApp, without these closed-source blobs. The docs for VirtualApp can be found here - https://github.com/prife/VirtualAppDoc
    2. Uses Epic (https://github.com/tiann/epic) to actually process xposed hooks - This is an open-source library, actually inspired from xposed itself, for developer to "hook" into their own Java methods in their own apps.
    3. Uses a simple compatibility layer Exposed (https://github.com/android-hacker/exposed/ ) - Fully open source, Compatibility layer for Xposed, it loads Xposed modules and does some basic services (such as dealing with unsupported feature: initForZygote/resource hooks)
    4. For the UI, uses this Launcher (https://github.com/android-hacker/Launcher3) - This is a fork of the popular (and open source) Rootless Pixel Launcher, modified for multi-user scenarios
    5. Launcher3 and VirtualApp are project dependencies in VirtualXposed, exposed and epic are depended by aar.

    Safety/Security Issues
    1. The app requests a ton of permissions - Seems legit given that it has to emulate all of those APIs. Perhaps these can be changed to runtime permissions?
    2. Possible proprietary blobs (Not sure yet - waiting for dev response) The app is fully open source.
    3. Noone knows in detail how it works - Well, I am starting to get an idea of how it works :p
    4. Virus Scan results - 1 virus detected by VirusTotal. See developer rant - https://github.com/android-hacker/VirtualXposed/issues/10#issuecomment-377295527, I think is a false positive

    What works so far -
    1. Hooking into a virtual app's own java functions (hooked using findAndHookMethod())
    2. Hooking into SOME base Android APIs (I tried TextView.setText()) - I have published a working sample here - https://github.com/akhilkedia/VirtualXposedSamplePOC

    Limitations of VirtualXposed so far that I know -
    1. Module hooks sometimes work, sometimes dont. I tested AllTrans 5 times, and it only worked once was because of change in Application.onCreate() - see below.
    2. Hooking Application.onCreate and casting it to Application returns and error see below
    3. New modules are seemingly often not changed even after re-installing. Un-installed virtual apps are sometimes detected as still being present by the xposed module (?!)
    4. Cannot hook apks outside of VirtualApp (including possibly SystemUI).
    5. No Resource Hooks
    6. No Google Play Service yet.
    7. Epic library's readme says not supported for arm32, x86_64 and mips device architectures for ART.
    8. Logging to logcat doesnt seem to work. Logging to logcat works. @#$*%$ Android studio log filters.

    How to develop modules on it.-
    1. Some utilities for developers (translated wiki page from VirtualXposed) - https://translate.googleusercontent...700201&usg=ALkJrhhSn_e_4E8NyifibMpfzUV70sy_fg I have not tried any of the steps mentioned here. These steps work.
    2. Application.onCreate/attachBaseContext is transformed to ContextWrapper.attachBaseContext
    3. Here is what I am currently doing, which seems to be a more stable way of getting consistent results - Erase application data of VirtualXposed, install xposed module, enable xposed module in xposed installer, force-stop VirtualXposed, start VirtualXposed. If you have enabled an Xposed Module outside of VirtualXposed, it will still affect apps inside it - So its recommended to turn the module off outside.

    The original developer seems to not speak perfect English, and the current users are mostly all Chinese.

    Note - I intend to keep updating this post as we get more/new information.
    @ Forum Moderators - Please feel free to move this thread if this is not the correct forum for it.

    Edits - updated with more information from dev.
    13
    Hi, akhilkedia94, Thank you for your hard work :)

    I am the maintainer of VirtualXposed, sorry for my poor English. I will try to translate all the wiki and documents to English, If the translation is not good, please let me know :)

    And there are some facts that need clarification:

    1. https://github.com/asLody/VirtualApp...bs/armeabi-v7a this library is a map/location library provided by Tencent, But i have remove it in VirtualXposed, it only exist in VirtualApp.
    2. hook of Application.onCreate/attachBaseContext is transformed to ContextWrapper.attachBaseContext.
    3. VirtualXposed is more stable on Android 8.0 than before ( i didn't update the document in time, sorry :(

    VirtualXposed is consist of four modules:
    1. https://github.com/asLody/VirtualApp provides the ability of container(works like docker, not virtual machine); It is closed source from 2017/12/31. I maintain a standalone branch in VirtualXposed. VitualApp also have a inline hook module, which can hook native methods.
    2. https://github.com/tiann/epic provides the ability of Hook Java Method.
    3. https://github.com/android-hacker/exposed is the compatibility layer of Xposed, it loads Xposed modules and do some clutter things(such as dealing with unsupported feature: initForZygote/resource hooks)
    4. https://github.com/android-hacker/Launcher3 is the UI, it is modified for multi-user in VirtualXposed.

    Launcher3 and VirtualApp are project dependencies in VirtualXposed, exposed and epic are depended by aar.

    Welcome to any questions, Although I may be hard to explain it clearly : )
    12
    akhilkedia , I have heard from you at github, Thank you ! !

    I've put together some information, and I hope this will help.

    Q: The app requests a ton of permissions
    A: All thre permission are used for app inside VirtualXposed, i don't know what apps will be added to VirtualXposed, so i must request all the permission in advance. If VirtualXposed doesn't have a permission of one app, the app may can not work properly in VirtualXposed.
    I am planning to upgrade the targetSdkVersion to 23, then there are little permission requests when install it (VirtualXposed will request permission dynamicly, but if you refuse some permission of one app in VirtualXposed, all the app in VirtualXposed won't grant that permission; this is truly frustrating, XPrivicyLua can not work properly in VirtualXposed: https://github.com/android-hacker/VirtualXposed/issues/7, I am trying to add a built-in permission control in VirtualXposed: https://github.com/android-hacker/VirtualXposed/issues/33, but there are lot of work to do...

    Q: New modules are seemingly often not changed even after re-installing. Un-installed virtual apps are sometimes detected as still being present by the xposed module (?!)
    A: This is a bug, the state of installation and launcher3 are not the same.

    Q: Epic library's readme says not supported for arm32, x86_64 and mips device architectures for ART.
    A: Yes, Epic doesn't support arm32, x86. you can install it on x86 device, but Xposed won't work.

    Q: If you have enabled an Xposed Module outside of VirtualXposed, it will still affect apps inside it - So its recommended to turn the module off outside.
    A: Yes, Xposed in system will take effect in VirtualXposed, and sometimes may cause conflicts if you enable the same module both in Xposed outside and VirtualXposed.

    Q: The original developer seems to not speak perfect English, and the current users are mostly all Chinese.
    A: Yes, my English speaking is poor, but my reading skills is good, there are no obstacles to understand what you say :)
    The current users are mostly all Chinese, in fact, there are more than one million users in total :) If you think it is useful, please tell it to your friends, this is the best way to encourage me to make VirtualXposed better and better.

    Q: is there any part of the source code of VirtualXposed (or any of its dependecies) that is proprietary/closed-source
    A: No, VirtualXposed is fully open source, but the License is complex. I have no idea of it totally.

    Q: If you have some free time later, can you explain in some detail (such as with links to relevant folders/files in Github) how VirtualApp, Epic and VirtualXposed work?
    A: See below

    Q: How VirtualApp works?

    A:

    First, you can read my blog and follow my tutorial:
    My Blog: http://weishu.me/2016/01/28/understand-plugin-framework-overview/
    My Tutorial: https://github.com/tiann/understand-plugin-framework

    These articles tell you how Android Framework works and how Plugin-Framework hooks into system to establish a virtual environment.

    If you are familar with Android Framework, you can read the source code of demo.

    But sorry, it is fully Chinese, lots of Chinese say it is the best way to understand DroidPlugin/VirtualApp :)

    Then, you can read the VirtyalAppDoc: https://github.com/prife/VirtualAppDoc.

    In VirtualXposed, source code of VirtualApp lies in https://github.com/android-hacker/VirtualXposed/tree/license/VirtualApp/lib

    The structure of VirtualApp:

    JNI:

    https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/jni/Foundation and https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/jni/Jni :mainly for IO redirect to make app inside VirtualApp access the corret file system, and also, it do some native hooks for special API(for example, Camera must be hook in native, disable JIT, etc..)
    https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/jni/HookZz: This is an inline hook library, it is fully open source, this is the project: https://github.com/jmpews/HookZz
    https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/jni/Substrate: Another inline hook library, it seems to be closed source, but i don't know how the author of VirtualApp get the source code...
    https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/jni/fb: the JNI framework of facebook.

    Java:

    https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/java/mirror: the reflection framework of VirtualApp, it is used for use reflection conveniently, it is really elegant.
    https://github.com/android-hacker/VirtualXposed/tree/exposed/VirtualApp/lib/src/main/java/android: some hidden API of Android Framework, copy it here for compile.
    https://github.com/android-hacker/V...pp/lib/src/main/java/com/lody/virtual/server: the server process of VirtualApp, for example, Android Framework has ActivityManagerService, PackageManagerService, in VirtualApp, there are VActivityManagerService, the procedure of a process to communicate with Android Framework is: Client process -> VitualApp's server process(Virtual System servier) -> Android Framework's system service.
    https://github.com/android-hacker/V...pp/lib/src/main/java/com/lody/virtual/client: mainly for hooks in client process(App run inside VirtualApp are all client process); There are four type of process in VirtualApp: 1. Virtual Server process(with hook of AMS & PMS) 2. Virtual client process(with hook of All Android System Service) 3. UI process(a normal process) 4. other process(such as native process)
    https://github.com/android-hacker/V...ualApp/lib/src/main/java/com/lody/virtual/os: the multi-user system of VirtualApp and the some envionment variants, such as directory structure.
    https://github.com/android-hacker/V...pp/lib/src/main/java/com/lody/virtual/remote: Parcel data stucture for IPC between Virtual client process and virtual server process.

    If you want to read source code of VirtualApp, this class is the best entry:

    https://github.com/android-hacker/V...com/lody/virtual/client/core/VirtualCore.java.

    Q: How Epic works?
    A:

    You can refer my design procedure of Epic: http://weishu.me/2017/11/23/dexposed-on-art/
    The article introduces many way to hook and tells you how epic solve the problems in the past and why epic does it that way.

    Sorry for it is Chinese again...

    And then, yon can read the paper : https://publications.cispa.saarland/143/ It is strongly recommended to read that!

    In fact, Epic was inspired by https://github.com/mar-v-in/ArtHook, you can also read the source code.

    Q: How VirtualXposed work?

    VirtualXposed loads Xposed Modules in the entry of VirtualApp's client process, and inject the Xposed ClassLoader to that process to make Xposed module can call Xposed API, and epic provides the abilities to hook, That's all.

    All this work is done in https://github.com/android-hacker/exposed

    If you have any doubt with VirtualApp/Epic/exposed, feel free to ask me :)

    In addition, I made an origination named android-hacker when i create VirtualXposed, if you want to contribute to VirtualXposed, welcome to join it!(tell me to invite you)
    5
    I guess that's pretty fair, you deserve more income for a project like this, it's pretty amazing. Thanks for your hard work. Would you be open to explaining how TaiChi works differently from VX?

    VirtualXposed = VirtualApp + epic , it make the target app(such as YouTube) run in VirtualApp(and VirtualApp runs in system) , then make hooks in VirtualApp and loads the Xposed modules.
    EXposed/TaiChi = Modified apk + epic, it modified the target apk and install it in system directly.

    The stability of VirtualXposed depends on VirtualApp and epic, while EXposed/TaiChi only depends on epic. EXposed modify the apk, which may cause signature error. But we have Xposed to bypass the detect.

    In a word, EXposed/TaiChi is much more stable than VirtualXposed, and the performance and the fluency of App is better than VirtualXposed. Some app like VPN/InputMethod can not take effect in VirtualXposed but EXposed/Taichi can. While VirtualXposed can run multi-app like Parallel Space, but EXposed/TaiChi can not.
    2
    https://github.com/asLody/VirtualApp/issues/388
    As linked in the original thread..

    Besides here (before re-editing everything), the dude said something along the line of project's original author having quit from development and it originally not having had any retarded licensing condition.
    Indeed, until this everything was totally just under GPL 3, so forking is an option too.

    p.s: docs https://github.com/prife/VirtualAppDoc

    You can refer https://github.com/android-hacker/VirtualXposed/issues/138 for the License of VirtualXposed.

    I am planning to make a fork of GPL-v3 branch of VirtualApp ( it was completed nearly), But i don't know is it permitted.