Cannot pass strong integrity because of XiaomiEU Injector?


Not a toggle and not a prop, but I added auto-switching based on whether inject module APK is loaded successfully.
If the APK is missing, uninstalled, disabled, or failed to load, then "engineGetCertificateChain" will execute normally.
Would it be added for older MIUI devices? I understand it would take a longer time to rebuild a new image for all devices. If not, would there be any simple ways so that we could patch framework.jar ourselves to make "engineGetCertificateChain" function normally?
 
Would it be added for older MIUI devices? I understand it would take a longer time to rebuild a new image for all devices. If not, would there be any simple ways so that we could patch framework.jar ourselves to make "engineGetCertificateChain" function normally?
There was a magisk module but it is not available anymore:


Try to ask the author
 
  • Like
Reactions: mkcs121
Would it be added for older MIUI devices? I understand it would take a longer time to rebuild a new image for all devices. If not, would there be any simple ways so that we could patch framework.jar ourselves to make "engineGetCertificateChain" function normally?
No, it's not our problem.
 
No, it's not our problem.
So would it be normal for the APP mentioned in #6 which flags a non-rooted environment of xiaomi.eu ROM as untrusted even though the built-in injector is up to date? I understand it's not your problem or responsibility. What is being discussed in this thread is for possible improvement. What if more apps are adopting similar technology that even a non-rooted custom ROM fails to function normally?
 
So would it be normal for the APP mentioned in #6 which flags a non-rooted environment of xiaomi.eu ROM as untrusted even though the built-in injector is up to date? I understand it's not your problem or responsibility. What is being discussed in this thread is for possible improvement. What if more apps are adopting similar technology that even a non-rooted custom ROM fails to function normally?
Then you'll have to use whichever root workaround there is if you want to use those apps. I simply made sure our workaround doesn't interfere when the module is disabled. We're not going to rebuild anything for that, it's applied to newer builds already.
 
Then you'll have to use whichever root workaround there is if you want to use those apps. I simply made sure our workaround doesn't interfere when the module is disabled. We're not going to rebuild anything for that, it's applied to newer builds already.
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
 

Attachments

  • Screenshot_com.octopuscards.nfc_reader.png
    Screenshot_com.octopuscards.nfc_reader.png
    65 KB · Views: 88
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
Yes, our MIUI 14 ROMs will forever be detectable.
 
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
Well either the app requires strong or it uses some other detection that can see spoofed things.

Your only solution is either buy a new phone, use Xiaomi.eu as is (or with some patches if possible to get strong) or use stock rom...
 
doh ... never noticed that. The trick was the "show all apps" ... i'm using the miui from old old version and in those old version lthe only option for disabling/removing bloatware was from the command line as root
thanks
 
So that means all previous builds are still affected and modification is still detected....It's not about getting root to spoof or hide can deal with. Now apps are capable of detecting a tampered environment although you spoofed and achieved the device integrity.

Try this app on xiaomi.eu MIUI 14, it refuses to run even though you injected an unbanned prints via the xiaomi.eu module and the device is not rooted: https://apk.support/app/com.octopuscards.nfc_reader
I tried to install the app and went to login screen. I don't know if it's far enough.

I broke Google Play Interity to BASIC.
I did not hide unlocked bootloader from application.
I didn't take any special method to hide root.
I use local ROM with MIUI14 but without spoofing and injector (version from time before updatable injector was inserted).
Root method is APatch.
Hope it helps you.
 
I tried to install the app and went to login screen. I don't know if it's far enough.

I broke Google Play Interity to BASIC.
I did not hide unlocked bootloader from application.
I didn't take any special method to hide root.
I use local ROM with MIUI14 but without spoofing and injector (version from time before updatable injector was inserted).
Root method is APatch.
Hope it helps you.
I know, actually the app only requires basic integrity. However, there is other detection that even strong integrity cannot let you pass
 
Well either the app requires strong or it uses some other detection that can see spoofed things.

Your only solution is either buy a new phone, use Xiaomi.eu as is (or with some patches if possible to get strong) or use stock rom...
The app actually requires BASIC INTEGRITY only. It's likely the way how xiaomi.eu devs modified in framework.jar to avoid a safetynet hardware-backed attestation triggers a tampering detection. I tried on a rooted device with stock rom. As long as basic integrity is maintained, without any keybox or fingerprints, the app does run successfully. Besides, the app also refuse to run if Play Protect is disabled. However, it's regrettable that the app does not run on any previous xiaomi.eu ROMs which contains any built-in safetynet hacks, no matter what injection module, valid prints/keybox and other root/xposed modules exist bla bla bla....

A demonstration : https://streamable.com/z64ict
 
The app actually requires BASIC INTEGRITY only. It's likely the way how xiaomi.eu devs modified in framework.jar to avoid a safetynet hardware-backed attestation triggers a tampering detection. I tried on a rooted device with stock rom. As long as basic integrity is maintained, without any keybox or fingerprints, the app does run successfully. Besides, the app also refuse to run if Play Protect is disabled. However, it's regrettable that the app does not run on any previous xiaomi.eu ROMs which contains any built-in safetynet hacks, no matter what injection module, valid prints/keybox and other root/xposed modules exist bla bla bla....

A demonstration : https://streamable.com/z64ict
Have you tried this module?
 
I just updated to the latest version on nuwa, and I see I only pass basic, that's when I realized the keybox I had which was supposed to work didn't work once it should have...
Well I hope I will find a new one soon.
 
Have you tried this module?
The home launcher is crashed after installing this module. The crux relies on xiaomi.eu devs to disable the bulit-in hacks on any previous builds. It has been the era that apps could restrict you from access even though you're non-rooted.
 
Last edited:
Not a toggle and not a prop, but I added auto-switching based on whether inject module APK is loaded successfully.
If the APK is missing, uninstalled, disabled, or failed to load, then "engineGetCertificateChain" will execute normally.
Just a question please - is this auto-switching (to allow passing Strong with Tricky Store and the proper keybox) provided for Mi 11 Lite 5G NE in the latest HyperOS 1.0.5 build:
 
Just a question please - is this auto-switching (to allow passing Strong with Tricky Store and the proper keybox) provided for Mi 11 Lite 5G NE in the latest HyperOS 1.0.5 build:
It should be since the ROM was released after Igor's announcement. Don't forget to disable eu injector app to be able to use your solution

Sent from my 2210132G using Tapatalk
 
  • Like
Reactions: Igor Eisberg
It should be since the ROM was released after Igor's announcement. Don't forget to disable eu injector app to be able to use your solution

Sent from my 2210132G using Tapatal
I was expecting that comparing the release date (and I know how to properly debloati XiaomiEUInject). That date was the reason I asked

My point way if somebody who installed himself the particular build could confirm

But ok, if it's not possible to get that kind of answer, never mind
 
Last edited:
I was expecting that comparing the release date (and I know how to properly debloati XiaomiEUInject). That date was the reason I asked

My point way if somebody who installed himself the particular build could confirm

But ok, if it's not possible to get that kind of answer, never mind
I can do you one better. Nuwa which was released 5 days earlier than lisa had the workaround, so it's a safe bet that this ROM has it as well

Sent from my 2210132G using Tapatalk
 
  • Like
Reactions: ekzeshka