Cannot pass strong integrity because of XiaomiEU Injector?


Igor Eisberg said:
Not a toggle and not a prop, but I added auto-switching based on whether inject module APK is loaded successfully.
If the APK is missing, uninstalled, disabled, or failed to load, then "engineGetCertificateChain" will execute normally.
Click to expand...
Would it be added for older MIUI devices? I understand it would take a longer time to rebuild a new image for all devices. If not, would there be any simple ways so that we could patch framework.jar ourselves to make "engineGetCertificateChain" function normally?
 
mkcs121 said:
Would it be added for older MIUI devices? I understand it would take a longer time to rebuild a new image for all devices. If not, would there be any simple ways so that we could patch framework.jar ourselves to make "engineGetCertificateChain" function normally?
Click to expand...
There was a magisk module but it is not available anymore:

xiaomi.eu

[MODULE] Framework Patcher for Strong integrity

Decided to modify FrameworkPatcherGo to disable the droidguard check in framework.jar. I'm not an android dev, so YMMV. Should be safe, but do your own research and use at your own risk since I'm just a random person on the Internet. Module found here: https://pixeldrain.com/u/9GmWzNe2 Edit...
xiaomi.eu xiaomi.eu

Try to ask the author
 
  • Like
Reactions: mkcs121
mkcs121 said:
Would it be added for older MIUI devices? I understand it would take a longer time to rebuild a new image for all devices. If not, would there be any simple ways so that we could patch framework.jar ourselves to make "engineGetCertificateChain" function normally?
Click to expand...
No, it's not our problem.
 
Igor Eisberg said:
No, it's not our problem.
Click to expand...
So would it be normal for the APP mentioned in #6 which flags a non-rooted environment of xiaomi.eu ROM as untrusted even though the built-in injector is up to date? I understand it's not your problem or responsibility. What is being discussed in this thread is for possible improvement. What if more apps are adopting similar technology that even a non-rooted custom ROM fails to function normally?
 
mkcs121 said:
So would it be normal for the APP mentioned in #6 which flags a non-rooted environment of xiaomi.eu ROM as untrusted even though the built-in injector is up to date? I understand it's not your problem or responsibility. What is being discussed in this thread is for possible improvement. What if more apps are adopting similar technology that even a non-rooted custom ROM fails to function normally?
Click to expand...
Then you'll have to use whichever root workaround there is if you want to use those apps. I simply made sure our workaround doesn't interfere when the module is disabled. We're not going to rebuild anything for that, it's applied to newer builds already.
 
Igor Eisberg said:
Then you'll have to use whichever root workaround there is if you want to use those apps. I simply made sure our workaround doesn't interfere when the module is disabled. We're not going to rebuild anything for that, it's applied to newer builds already.
Click to expand...
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
 

Attachments

  • Screenshot_com.octopuscards.nfc_reader.png
    Screenshot_com.octopuscards.nfc_reader.png
    65 KB · Views: 23
mkcs121 said:
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
Click to expand...
Yes, our MIUI 14 ROMs will forever be detectable.
 
mkcs121 said:
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
Click to expand...
Well either the app requires strong or it uses some other detection that can see spoofed things.

Your only solution is either buy a new phone, use Xiaomi.eu as is (or with some patches if possible to get strong) or use stock rom...
 
doh ... never noticed that. The trick was the "show all apps" ... i'm using the miui from old old version and in those old version lthe only option for disabling/removing bloatware was from the command line as root
thanks
 
mkcs121 said:
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
Click to expand...
I tried to install the app and went to login screen. I don't know if it's far enough.

I broke Google Play Interity to BASIC.
I did not hide unlocked bootloader from application.
I didn't take any special method to hide root.
I use local ROM with MIUI14 but without spoofing and injector (version from time before updatable injector was inserted).
Root method is APatch.
Hope it helps you.
 
AlfaX said:
CZ.Kostra said:
I tried to install the app and went to login screen. I don't know if it's far enough.

I broke Google Play Interity to BASIC.
I did not hide unlocked bootloader from application.
I didn't take any special method to hide root.
I use local ROM with MIUI14 but without spoofing and injector (version from time before updatable injector was inserted).
Root method is APatch.
Hope it helps you.
Click to expand...
I know, actually the app only requires basic integrity. However, there is other detection that even strong integrity cannot let you pass
Click to expand...
 
AlfaX said:
Well either the app requires strong or it uses some other detection that can see spoofed things.

Your only solution is either buy a new phone, use Xiaomi.eu as is (or with some patches if possible to get strong) or use stock rom...
Click to expand...
The app actually requires BASIC INTEGRITY only. It's likely the way how xiaomi.eu devs modified in framework.jar to avoid a safetynet hardware-backed attestation triggers a tampering detection. I tried on a rooted device with stock rom. As long as basic integrity is maintained, without any keybox or fingerprints, the app does run successfully. Besides, the app also refuse to run if Play Protect is disabled. However, it's regrettable that the app does not run on any previous xiaomi.eu ROMs which contains any built-in safetynet hacks, no matter what injection module, valid prints/keybox and other root/xposed modules exist bla bla bla....

A demonstration : https://streamable.com/z64ict
 
mkcs121 said:
The app actually requires BASIC INTEGRITY only. It's likely the way how xiaomi.eu devs modified in framework.jar to avoid a safetynet hardware-backed attestation triggers a tampering detection. I tried on a rooted device with stock rom. As long as basic integrity is maintained, without any keybox or fingerprints, the app does run successfully. Besides, the app also refuse to run if Play Protect is disabled. However, it's regrettable that the app does not run on any previous xiaomi.eu ROMs which contains any built-in safetynet hacks, no matter what injection module, valid prints/keybox and other root/xposed modules exist bla bla bla....

A demonstration : https://streamable.com/z64ict
Click to expand...
Have you tried this module?
xiaomi.eu

[MODULE] Framework Patcher for Strong integrity

Decided to modify FrameworkPatcherGo to disable the droidguard check in framework.jar. I'm not an android dev, so YMMV. Should be safe, but do your own research and use at your own risk since I'm just a random person on the Internet. Module found here: https://pixeldrain.com/u/9GmWzNe2 Edit...
xiaomi.eu xiaomi.eu
 
I just updated to the latest version on nuwa, and I see I only pass basic, that's when I realized the keybox I had which was supposed to work didn't work once it should have...
Well I hope I will find a new one soon.
 
CZ.Kostra said:
Have you tried this module?
xiaomi.eu

[MODULE] Framework Patcher for Strong integrity

Decided to modify FrameworkPatcherGo to disable the droidguard check in framework.jar. I'm not an android dev, so YMMV. Should be safe, but do your own research and use at your own risk since I'm just a random person on the Internet. Module found here: https://pixeldrain.com/u/9GmWzNe2 Edit...
xiaomi.eu xiaomi.eu
Click to expand...
The home launcher is crashed after installing this module. The crux relies on xiaomi.eu devs to disable the bulit-in hacks on any previous builds. It has been the era that apps could restrict you from access even though you're non-rooted.
 
Last edited:
Igor Eisberg said:
Not a toggle and not a prop, but I added auto-switching based on whether inject module APK is loaded successfully.
If the APK is missing, uninstalled, disabled, or failed to load, then "engineGetCertificateChain" will execute normally.
Click to expand...
Just a question please - is this auto-switching (to allow passing Strong with Tricky Store and the proper keybox) provided for Mi 11 Lite 5G NE in the latest HyperOS 1.0.5 build:
 
zgfg12 said:
Just a question please - is this auto-switching (to allow passing Strong with Tricky Store and the proper keybox) provided for Mi 11 Lite 5G NE in the latest HyperOS 1.0.5 build:
Click to expand...
It should be since the ROM was released after Igor's announcement. Don't forget to disable eu injector app to be able to use your solution

Sent from my 2210132G using Tapatalk
 
  • Like
Reactions: Igor Eisberg
stathis95194 said:
It should be since the ROM was released after Igor's announcement. Don't forget to disable eu injector app to be able to use your solution

Sent from my 2210132G using Tapatal
Click to expand...
I was expecting that comparing the release date (and I know how to properly debloati XiaomiEUInject). That date was the reason I asked

My point way if somebody who installed himself the particular build could confirm

But ok, if it's not possible to get that kind of answer, never mind
 
Last edited:
zgfg12 said:
I was expecting that comparing the release date (and I know how to properly debloati XiaomiEUInject). That date was the reason I asked

My point way if somebody who installed himself the particular build could confirm

But ok, if it's not possible to get that kind of answer, never mind
Click to expand...
I can do you one better. Nuwa which was released 5 days earlier than lisa had the workaround, so it's a safe bet that this ROM has it as well

Sent from my 2210132G using Tapatalk
 
You must log in or register to reply here.
Top Bottom
Back