https://github.com/5ec1cff/TrickyStore
https://github.com/5ec1cff/TrickyStore
Last synced: 7 months ago
JSON representation
- Host: GitHub
- URL: https://github.com/5ec1cff/TrickyStore
- Owner: 5ec1cff
- Created: 2024-07-10T07:06:29.000Z (over 1 year ago)
- Default Branch: release
- Last Pushed: 2024-10-28T14:04:11.000Z (over 1 year ago)
- Last Synced: 2024-11-19T13:51:42.638Z (over 1 year ago)
- Size: 279 KB
- Stars: 1,536
- Watchers: 27
- Forks: 153
- Open Issues: 1
-
Metadata Files:
- Readme: README.md
- Changelog: changelog.md
Awesome Lists containing this project
- awesome-kernelsu - **Tricky Store**
- awesome-android-root - TrickyStore - Modifying the certificate chain generated for android key attestation. `Proprietary` `[M]` `[K]` (π Root Management / Root Hiding and Play Integrity)
README
# Tricky Store
A trick of keystore. **Android 10 or above is required**.
This module is used for modifying the certificate chain generated for android key attestation.
[δΈζ README](README.zh-CN.md)
## Stop opening source
Due to the rampant misuse and the contributions received after open-sourcing being less than expected, this module will be closed-source starting from version 1.1.0.
## Usage
1. Flash this module and reboot.
2. For more than DEVICE integrity, put an unrevoked hardware keybox.xml at `/data/adb/tricky_store/keybox.xml` (Optional).
3. Customize target packages at `/data/adb/tricky_store/target.txt` (Optional).
4. Enjoy!
**All configuration files will take effect immediately.**
## keybox.xml
format:
```xml
1
-----BEGIN EC PRIVATE KEY-----
...
-----END EC PRIVATE KEY-----
...
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
... more certificates
...
```
## Support TEE broken devices
Tricky Store will hack the leaf certificate by default.
On TEE broken devices, this will not work because we can't retrieve the leaf certificate from TEE.
In this case, we fallback to use generate key mode automatically.
You can add a `!` after a package name to force use generate certificate support for this package.
Also, you can add a `?` after a package name to force use leaf hack mode for this package.
For example:
```
# target.txt
# use auto mode for KeyAttestation App
io.github.vvb2060.keyattestation
# always use leaf hack mode
io.github.vvb2060.mahoshojo?
# always use certificate generating mode for gms
com.google.android.gms!
```
## Customize security patch level (1.2.1+)
Create the file `/data/adb/tricky_store/security_patch.txt`.
Simple:
```
# Hack os/vendor/boot security patch level
20241101
```
Advanced:
```
# os security patch level is 202411
system=202411
# do not hack boot patch level
boot=no
# vendor patch level is 20241101 (another format)
vendor=2024-11-01
# default value
# all=20241101
# keep consistent with system prop
# system=prop
```
Note: this feature will only hack the result of KeyAttestation, it will not do resetprop, you need do it yourself.
## Acknowledgement
- [FrameworkPatch](https://github.com/chiteroman/FrameworkPatch)
- [BootloaderSpoofer](https://github.com/chiteroman/BootloaderSpoofer)
- [KeystoreInjection](https://github.com/aviraxp/Zygisk-KeystoreInjection)
- [LSPosed](https://github.com/LSPosed/LSPosed)