microg / remotedroidguard Goto Github PK

View Code? Open in Web Editor NEW

89.0 36.0 27.0 416 KB

Service to run Google's DroidGuard binary in an isolated environment

Java 95.95% Shell 4.05%

microg android android-app google safetynet droidguard

remotedroidguard's People

Contributors

Stargazers

Watchers

remotedroidguard's Issues

couldnt find libarthook_native.so

Hi, i got this error when running SaftyNet Helper.
Android 7.1.1
January Security Patch Level
Resurrection Remix OS 5.8.0-20170121-h815-Unofficial_tyler

05:06:11.827  7072  7197 E AndroidRuntime: FATAL EXCEPTION: Thread-2
01-28 05:06:11.827  7072  7197 E AndroidRuntime: Process: com.google.android.gms.unstable, PID: 7072
01-28 05:06:11.827  7072  7197 E AndroidRuntime: java.lang.UnsatisfiedLinkError: dalvik.system.PathClassLoader[DexPathList[[zip file "/system/priv-app/org.microg.gms.droidguard.apk"],nativeLibraryDirectories=[/system/lib64/org.microg.gms.droidguard, /system/fake-libs64, /system/priv-app/org.microg.gms.droidguard.apk!/lib/arm64-v8a, /system/lib64, /vendor/lib64, /system/lib64, /vendor/lib64]]] couldn't find "libarthook_native.so"
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at java.lang.Runtime.loadLibrary0(Runtime.java:984)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at java.lang.System.loadLibrary(System.java:1530)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at de.larma.arthook.Native.<clinit>(Native.java:22)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at de.larma.arthook.Native.is64Bit(Native.java:45)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at de.larma.arthook.ArtHook.<clinit>(ArtHook.java:46)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at de.larma.arthook.ArtHook.hook(ArtHook.java:75)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at org.microg.gms.droidguard.SysHook.activate(SysHook.java:52)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at org.microg.gms.droidguard.DroidguardHelper.guard(DroidguardHelper.java:91)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at org.microg.gms.droidguard.RemoteDroidGuardService$1$1.run(RemoteDroidGuardService.java:23)
01-28 05:06:11.827  7072  7197 E AndroidRuntime: 	at java.lang.Thread.run(Thread.java:761)

kind regards

SafetyNet Issues

Describe the bug
Latest version of microG + RemoteDroidGuard isn't working.

{"nonce":"","timestampMs":1635290903792,"ctsProfileMatch":false,"apkCertificateDigestSha256":[],"basicIntegrity":false,"advice":"RESTORE_TO_FACTORY_ROM","evaluationType":"BASIC"}

Both basic and CTS are returning false, I've successfully applied kdrag0n's AOSP patches listed here, so the Build.Fingerprint etc APIs are indeed being hooked, as well as verifiedboot state.

It's at a point where both CTS and Basic should be passing successfully, is there a specific package name for DroidGuard? Currently I'm hooking calls to build flags if the package name is org.microg.gms.droidguard or com.google.android.gms.

This issue seems to be a specific issue with RemoteDroidGuard, standard GMS is reported to be working, does anyone know how this actually works? It looks like it's downloading an APK from somewhere then executing it?

Please advise.

System
Android 12

microg lineage builds don't pass safetynet

Could someone fix the microg lineage builds to pass safetynet? Now I need to root lineage and copy the apk to /system/priv-app/ myself and then unroot it to pass.

Leaked ServiceConnection from SafetyNetClientService to RemoteDroidGuardConnector

microG: 0.2.10.19420 on lineage-16.0-20191226-microG-oneplus3

This happens some times, but I can't reproduce it reliably; best way I found so far is to cold start Uber, then cold start Lyft while Uber is in the background.

12-30 17:25:03.505  4469  4469 E ActivityThread: Service org.microg.gms.snet.SafetyNetClientService has leaked ServiceConnection org.microg.gms.droidguard.RemoteDroidGuardCo
nnector$Connection@3f8846a that was originally bound here
12-30 17:25:03.505  4469  4469 E ActivityThread: android.app.ServiceConnectionLeaked: Service org.microg.gms.snet.SafetyNetClientService has leaked ServiceConnection org.mic
rog.gms.droidguard.RemoteDroidGuardConnector$Connection@3f8846a that was originally bound here
12-30 17:25:03.505  4469  4469 E ActivityThread:        at android.app.LoadedApk$ServiceDispatcher.<init>(LoadedApk.java:1610)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at android.app.LoadedApk.getServiceDispatcher(LoadedApk.java:1502)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at android.app.ContextImpl.bindServiceCommon(ContextImpl.java:1659)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at android.app.ContextImpl.bindService(ContextImpl.java:1612)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at android.content.ContextWrapper.bindService(ContextWrapper.java:698)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at org.microg.gms.droidguard.RemoteDroidGuardConnector.connectForTask(Unknown Source:25)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at org.microg.gms.droidguard.RemoteDroidGuardConnector.guard(Unknown Source:22)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at org.microg.gms.snet.SafetyNetClientServiceImpl$1.run(Unknown Source:63)
12-30 17:25:03.505  4469  4469 E ActivityThread:        at java.lang.Thread.run(Thread.java:764)

SafetyNet check failing

Hi,

I'm on a Nexus 5 (hammerhead) running the latest LineageOS 7.1.1 build. com.google.android.gms-10087435.apk and org.microg.gms.droidguard-8.apk are installed in /system/priv-app, and the su addon, while it was once installed, has been removed.

The relevant portion of logcat's output when running a safetynet test is:

03-03 13:31:08.376  4394  4394 D c       : apkCertificateDigests:[FJZqNb3u3c9XbWF4NmmpNkUzP/q2q9IW+5LyS/P86/s=]
03-03 13:31:08.421  4394  4394 D c       : apkDigest:Nu7iBqfVPKJocBAen1etJeEVrbU/CrKE8f2bzPIv08c=
03-03 13:31:08.425  4394  4394 E Ads     : This app is using a lightweight version of the Google Mobile Ads SDK that requires the latest Google Play services to be installed, but Google Play services is either missing or out of date.
03-03 13:31:08.430  3384  6317 D SafeParcel: Unknown field num 9 in com.google.android.gms.common.internal.GetServiceRequest, skipping.
03-03 13:31:08.430  3384  6317 D GmsSafetyNetClientSvc: bound by: GetServiceRequest{serviceId=SAFETY_NET_CLIENT, gmsVersion=10084000, packageName='org.freeandroidtools.safetynettest', extras=Bundle[{}]}
03-03 13:31:08.441  4394  4394 V c       : Google play services connected
03-03 13:31:08.441  4394  4394 V c       : running SafetyNet.API Test
03-03 13:31:08.489  4589  6544 D GmsDroidguardHelper: -- Request --
03-03 13:31:08.489  4589  6544 D GmsDroidguardHelper: DGRequest{usage=DGUsage{type=attest, packageName=com.google.android.gms}, info=[KeyValuePair{key=BOARD, val=hammerhead}, KeyValuePair{key=BOOTLOADER, val=HHZ20h}, KeyValuePair{key=BRAND, val=google}, KeyValuePair{key=CPU_ABI, val=armeabi-v7a}, KeyValuePair{key=CPU_ABI2, val=armeabi}, KeyValuePair{key=DEVICE, val=hammerhead}, KeyValuePair{key=DISPLAY, val=lineage_hammerhead-userdebug 7.1.1 NOF26W c16dd0a420}, KeyValuePair{key=FINGERPRINT, val=google/hammerhead/hammerhead:6.0.1/M4B30Z/3437181:user/release-keys}, KeyValuePair{key=HARDWARE, val=hammerhead}, KeyValuePair{key=HOST, val=phenom.zifnab.net}, KeyValuePair{key=ID, val=NOF26W}, KeyValuePair{key=MANUFACTURER, val=LGE}, KeyValuePair{key=MODEL, val=Nexus 5}, KeyValuePair{key=PRODUCT, val=hammerhead}, KeyValuePair{key=RADIO, val=M8974A-2.0.50.2.30}, KeyValuePair{key=SERIAL, val=03abe5e2094772e2}, KeyValuePair{key=TAGS, val=release-keys}, KeyValuePair{key=TIME, val=1488258759000}, KeyValuePair{key=TYPE, val=user}, KeyValuePair{key=USER, val=jenkins}, KeyValuePair{key=CODENAME, val=REL}, KeyValuePair{key=INCREMENTAL, val=c16dd0a420}, KeyValuePair{key=RELEASE, val=7.1.1}, KeyValuePair{key=SDK, val=25}, KeyValuePair{key=SDK_INT, val=25}], versionNamePrefix=10.0.84 (430-, isGoogleCn=false, enableInlineVm=true, cached=[ByteString[size=20 md5=10c9039e3b03bbcf21b4cbe38464b3c0]], currentVersion=3, arch=armv7l}
03-03 13:31:08.739  4589  6544 D GmsDroidguardHelper: Using cached file from /data/user/0/org.microg.gms.droidguard/app_dg_cache/728c52bb3c15b9bc06d2d3bdeab4dbceb7306c79/the.apk
03-03 13:31:08.743  4589  6544 E linker  : readlink("/proc/self/fd/46") failed: No such file or directory [fd=46]
03-03 13:31:08.743  4589  6544 E linker  : warning: unable to get realpath for the library "/data/user/0/org.microg.gms.droidguard/app_dg_cache/728c52bb3c15b9bc06d2d3bdeab4dbceb7306c79/lib/libdBF914251138C.so". Will use given path.
03-03 13:31:08.885  6544  6544 W Thread-4: type=1400 audit(0.0:28): avc: denied { read } for name="/" dev="tmpfs" ino=7172 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:device:s0 tclass=dir permissive=0
03-03 13:31:08.916  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:08.916  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:08.916  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:08.920  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:08.922  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:08.922  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:08.922  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:08.925  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:08.995  4589  6544 D GmsDroidguardHelper: b -> 4248316063309356145
03-03 13:31:08.995  6544  6544 W Thread-4: type=1400 audit(0.0:29): avc: denied { read } for name="address" dev="sysfs" ino=20239 scontext=u:r:priv_app:s0:c512,c768 tcontext=u:object_r:sysfs_mac_address:s0 tclass=file permissive=0
03-03 13:31:09.003  4589  6544 D GmsDroidguardHelper: c -> com.google.android.gms
03-03 13:31:09.007  4589  6544 I Adreno-EGL: <qeglDrvAPI_eglInitialize:379>: QUALCOMM Build: 10/21/15, 369a2ea, I96aee987eb
03-03 13:31:09.042  4589  6544 D GmsDroidguardHelper: a: DMuISYaK+q0io/0+ygI7o4VhjQ4RsFzkElF/mvv7ybaUO7EDau5H0IM/Cyu5W9c9rNMrTHHxitzEroV0UdrSbA== -> 5=b13be5fe2cc2762b4a7ae73a0dd371167d3e1d07
03-03 13:31:09.042  4589  6544 D GmsDroidguardHelper: 7=Qualcomm:Adreno (TM) 330
03-03 13:31:09.042  4589  6544 D GmsDroidguardHelper: 8=-7479576191701395881
03-03 13:31:09.042  4589  6544 D GmsDroidguardHelper: 9=-9192185862579480407
03-03 13:31:09.046  4589  6544 I Adreno-EGL: <qeglDrvAPI_eglInitialize:379>: QUALCOMM Build: 10/21/15, 369a2ea, I96aee987eb
03-03 13:31:09.082  4589  6544 D GmsDroidguardHelper: a: wCMeQIFDuvk/GTVS2nZCUivMs//OxtszFTnlp89/VXdXRqnxNlx+tY3NdhX+bC1leKhdsBBRBV0frquiYVdyoQ== -> 5=b13be5fe2cc2762b4a7ae73a0dd371167d3e1d07
03-03 13:31:09.082  4589  6544 D GmsDroidguardHelper: 7=Qualcomm:Adreno (TM) 330
03-03 13:31:09.082  4589  6544 D GmsDroidguardHelper: 8=354111959722915893
03-03 13:31:09.082  4589  6544 D GmsDroidguardHelper: 9=3622246987746052370
03-03 13:31:09.254  4394  4394 D d       : decodedJWTPayload json:{"extension":"CQl2cO+bLite","apkCertificateDigestSha256":[],"error":"internal_error"}
03-03 13:31:09.255  4394  4394 E c       : invalid nonce, expected = "fVXSgXQRvLDfNhDEcLp1JOHTh3omZfPJYbIeO3S0/BI="
03-03 13:31:09.255  4394  4394 E c       : invalid nonce, response   = "null"
03-03 13:31:09.359  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:09.359  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:09.359  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:09.367  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:09.368  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:09.368  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:09.368  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:09.374  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:09.377  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:09.377  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:09.377  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:09.385  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:09.388  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:09.388  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:09.388  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:09.396  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:09.399  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:09.400  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:09.400  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:09.406  3233  3233 D KP2AAF  : Cancel notif
03-03 13:31:09.409  3233  3233 D KP2AAF  : OnAccEvent
03-03 13:31:09.409  3233  3233 D KP2AAF  : event: 2048, package = org.freeandroidtools.safetynettest
03-03 13:31:09.409  3233  3233 D KP2AAF  : no com.android.systemui
03-03 13:31:09.418  3233  3233 D KP2AAF  : Cancel notif

FWIW: this exact combination of software is working just fine on my Nexus 7 2013 (flo). I'm suspecting there's a mislabeled selinux context somewhere (I'm not seeing the avc denials on the Nexus 7), but don't know enough about the guts of this to have a good idea where to start digging.

Any ideas, or additional information I could add that would help?

Stable release

It seems pretty stable.
Is it possible to do a new stable release (not preview release)?

SafetyNet now fails again

Google seems to have pushed out an update to SafetyNet that breaks it on MicroG

Safetynet no longer working

Hello!
I installed all the latest MicroG components on my oreo phone, everything works... Except one single, very annoying, thing... Whenever I try to test Safetynet with either Magisk or "Safetynet Test" app, "Droidguard Helper has stopped working" and ofc it fails. This means I can't download Netflix or login to Snapchat for example. Does anyone have a workaround as Safetynet is relatively important nowadays.

64bit binary not available on 0.1.0-10

DroidGuard Helper force closed when running SafetyNet check. Tested on Google Pixel Android 8.1 stock 64bit.

java.lang.UnsatisfiedLinkError: dlopen failed: "/data/data/org.microg.gms.droidguard/app_dg_cache/060a8a22981ed66858a6c5ae81d080f1910911f1/libd623F13F0E0A4.so" is 32-bit instead of 64-bit
	at java.lang.Runtime.load0(Runtime.java:928)
	at java.lang.System.load(System.java:1621)
	at com.google.ccc.abuse.droidguard.DroidGuard.<clinit>(Unknown Source:225)
	at java.lang.reflect.Constructor.newInstance0(Native Method)
	at java.lang.reflect.Constructor.newInstance(Constructor.java:334)
	at org.microg.gms.droidguard.DroidguardHelper.invoke(Unknown Source:42)
	at org.microg.gms.droidguard.DroidguardHelper.guard(Unknown Source:218)
	at org.microg.gms.droidguard.RemoteDroidGuardService$1$1.run(Unknown Source:8)
	at java.lang.Thread.run(Thread.java:764)

crashes by testing with "SafetyNet Helper" app

First I want to thank you for your amazing work.
I just saw the DroidGuard Helper coming up and wanted to give it a try.

Samsung Galaxy S2 (gt-i9100)
cm13.0 nightly20160924
with Xposed

I got the "SafetyNet Helper" app from the PlayStore and started the test, but DroidGuard helper crashed and the test failed.

I saved the log via Catlog, maybe it is helpfull for you.
2016-09-25-18-45-43.txt

MicroG lineage build don't pass SafetyNet and I'm very new to this

Hi,

I installed microG for LineageOS on both my S9+ and S7 Edge but even when I enable SafetyNet and installed the Droid Guard Helper from Fdroid I can't pass the test.

I've read that you might need to push files to /system/priv-app/ and other things but I have no idea how to do that and if I should.

Min sdk mismatch

Here is 9.

Instead here is 10.

Support for API 9

Please add support for API 9

DroidGuard Helper do not work

I get Response validation: fail.
Logcat: DroidGuard-log.txt

ROM: LineageOS based on Android 7.1.1 with su binary removed.

SafetyNet fails with DroidGuard microG on LineageOS 14.1

I haven't been able to get microG or DroidGuard to work with SafetyNet on a LineageOS 14.1 install with and without Magsik. When I try LineageOS 14.1 with OpenGapps and Magisk instead it works fine and SafetyNet passes.

System
Moto X Pure (clark)
LineageOS 14.1

Hide unlocked bootloader

Is it possible to do the same as done in this change but without change the ROM?

Is DroidGuard Helper and DroidGuard the same thing?

SafetyNet seems not to work.

Since today SafetyNet has stopped working for me. I used superSu and xposed but now I wiped the whole phone (system, data, cach, dalvik) installed clean omnirom 6.0.1 and microG: Services Core, Services Framework, DroidGuardHelper an BlankStore. In SafetyNet Helper I now get:
Response signature validation: error

Error Msg:
Response signature validation error: https://www.googleapis.com/androidcheck/v1/attestations/veryfie?key=AlzaSyATMqwT6E0ndqZa43uQNhFOWjQi9RoVQlc

microg / remotedroidguard Goto Github PK

remotedroidguard's People

Contributors

Stargazers

Watchers

Forkers

remotedroidguard's Issues

Recommend Projects

Recommend Topics

Recommend Org