1. Install Magisk or KernelSU or KernelSU-Next and enable Zygisk (Required)
2. Download the PlayIntegrityFixFork module (Required) (Device fingerprint spoofing)
3. Download the playcurlNEXT module (Optional) (Automated fingerprint updates)
4. Download the TrickyStore module (Required) (Device certificate configuration)
5. Prepare a valid KeyBox.xml file (Required) (Device certificate spoofing)Free from KeyBoxSell
A trick of keystore. Android 10 or above is required.
- FOSS
- Flash this module and reboot.
- For more than DEVICE integrity, put an unrevoked hardware keybox.xml at
/data/adb/tricky_store/keybox.xml(Optional). - Customize target packages at
/data/adb/tricky_store/target.txt(Optional). - Enjoy!
All configuration files will take effect immediately.
format:
<?xml version="1.0"?>
<AndroidAttestation>
<NumberOfKeyboxes>1</NumberOfKeyboxes>
<Keybox DeviceID="...">
<Key algorithm="ecdsa|rsa">
<PrivateKey format="pem">
-----BEGIN EC PRIVATE KEY-----
...
-----END EC PRIVATE KEY-----
</PrivateKey>
<CertificateChain>
<NumberOfCertificates>...</NumberOfCertificates>
<Certificate format="pem">
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
</Certificate>
... more certificates
</CertificateChain>
</Key>...
</Keybox>
</AndroidAttestation>Tricky Store will hack the leaf certificate by default. On TEE broken devices, this will not work because we can't retrieve the leaf certificate from TEE. You can add a ! after a package name to enable generate certificate support for this package.
For example:
# target.txt
# use leaf certificate hacking mode for KeyAttestation App
io.github.vvb2060.keyattestation
# use certificate generating mode for gms
com.google.android.gms!
Edit the file /data/adb/tricky_store/devconfig.toml.
For example:
securityPatch = "2024-04-05"
osVersion = 34
- Support automatic selection mode.
PR is welcomed.