You've already forked PlayIntegrityFork
mirror of
https://github.com/osm0sis/PlayIntegrityFork.git
synced 2025-09-06 06:37:06 +00:00
113 lines
7.8 KiB
Markdown
113 lines
7.8 KiB
Markdown
# Play Integrity Fork
|
|
*PIF forked to be more futureproof and develop more methodically*
|
|
|
|
[](https://github.com/osm0sis/PlayIntegrityFork/releases/latest)
|
|
[](https://github.com/osm0sis/PlayIntegrityFork/releases)
|
|
[](https://github.com/osm0sis/PlayIntegrityFork/releases/latest)
|
|
[](https://github.com/osm0sis/PlayIntegrityFork/releases)
|
|
|
|
A Zygisk module which fixes "ctsProfileMatch" (SafetyNet) and "MEETS_DEVICE_INTEGRITY" (Play Integrity).
|
|
|
|
To use this module you must have one of the following (latest versions):
|
|
|
|
- [Magisk](https://github.com/topjohnwu/Magisk) with Zygisk enabled (and Enforce DenyList enabled if NOT also using [Shamiko](https://github.com/LSPosed/LSPosed.github.io/releases), for best results)
|
|
- [KernelSU](https://github.com/tiann/KernelSU) with [ZygiskNext](https://github.com/Dr-TSNG/ZygiskNext) module installed
|
|
- [APatch](https://github.com/bmax121/APatch) with [ZygiskNext MOD](https://github.com/Yervant7/ZygiskNext) module installed
|
|
|
|
## About module
|
|
|
|
It injects a classes.dex file to modify a few fields in the android.os.Build class. Also, it creates a hook in the native code to modify system properties. These are spoofed only to Google Play Services' DroidGuard (SafetyNet/Play Integrity) service.
|
|
|
|
The purpose of the module is to avoid hardware attestation.
|
|
|
|
## About 'custom.pif.json' file
|
|
|
|
You can fill out the included template [example.pif.json](https://raw.githubusercontent.com/osm0sis/PlayIntegrityFork/main/module/example.pif.json) from the module directory (/data/adb/modules/playintegrityfix) then rename it to custom.pif.json to spoof custom values to the GMS unstable process. It will be used instead of any included pif.json (none included currently).
|
|
|
|
As a general rule you can't use values from recent devices due to them only being allowed with full hardware backed attestation.
|
|
|
|
Older formatted custom.pif.json files from cross-forks and previous releases will be automatically migrated to the latest format. Simply ensure the filename is custom.pif.json and place it in the module directory before upgrading.
|
|
|
|
A migration may also be performed manually with `sh migrate.sh` and custom.pif.json in the same directory, or from a file explorer app that supports script execution.
|
|
|
|
<details>
|
|
<summary><strong>Resources</strong></summary>
|
|
|
|
- FAQ:
|
|
- [PIF FAQ](https://xdaforums.com/t/pif-faq.4653307/) - Frequently Asked Questions (READ FIRST!)
|
|
|
|
- Guides:
|
|
- [How-To Guide](https://xdaforums.com/t/module-play-integrity-fix-safetynet-fix.4607985/post-89189572) - Info to help find build.prop files, then manually create and use a custom.pif.json
|
|
- [Complete Noobs' Guide](https://xdaforums.com/t/how-to-search-find-your-own-fingerprints-noob-friendly-a-comprehensive-guide-w-tips-discussion-for-complete-noobs-from-one.4645816/) - A more in-depth basic explainer of the How-To Guide above
|
|
- [UI Workflow Guide](https://xdaforums.com/t/pixelflasher-a-gui-tool-for-flashing-updating-rooting-managing-pixel-phones.4415453/post-87412305) - Build/find, edit, and test custom.pif.json using PixelFlasher on PC
|
|
- [Tasker PIF Testing Helper](https://xdaforums.com/t/pif-testing-helper-tasker-profile-for-testing-fingerprints.4644827/) - Test custom.pif.json using Tasker on your device
|
|
|
|
- Scripts:
|
|
- [gen_pif_custom.sh](https://xdaforums.com/t/tools-zips-scripts-osm0sis-odds-and-ends-multiple-devices-platforms.2239421/post-89173470) - Script to generate a custom.pif.json from device dump build.prop files
|
|
- [autopif.sh](https://xdaforums.com/t/module-play-integrity-fix-safetynet-fix.4607985/post-89233630) - Script to extract the latest working Xiaomi.eu fingerprint (though frequently banned) to test an initial setup
|
|
- [pickaprint.sh](https://xdaforums.com/t/module-data-custom-pif-json-files-collection-for-play-integrity-fix.4646739/) - Script to help find a random working custom.pif.json (rarely banned) for long-term use
|
|
- [install-random-fp.sh](https://xdaforums.com/t/script-for-randomly-installing-custom-device-fingerprints.4647408/) - Script to randomly switch between multiple working fingerprints found by the user
|
|
|
|
</details>
|
|
|
|
## About 'custom.app_replace.list' file
|
|
|
|
You can customize the included default [example.app_replace.list](https://raw.githubusercontent.com/osm0sis/PlayIntegrityFork/main/module/example.app_replace.list) from the module directory (/data/adb/modules/playintegrityfix) then rename it to custom.app_replace.list to systemlessly replace any additional conflicting custom ROM spoof injection app paths to disable them.
|
|
|
|
## Troubleshooting
|
|
|
|
Make sure Google Play Services (com.google.android.gms) is NOT on the Magisk DenyList if Enforce DenyList is enabled since this interferes with the module; the module does prevent this using scripts but it only happens once during each reboot.
|
|
|
|
### Failing BASIC verdict
|
|
|
|
If you are failing basicIntegrity (SafetyNet) or MEETS_BASIC_INTEGRITY (Play Integrity) something is wrong in your setup. Recommended steps in order to find the problem:
|
|
|
|
- Disable all modules except this one
|
|
- Try a different (ideally known working) custom.pif.json
|
|
|
|
Note: Some modules which modify system can trigger DroidGuard detections, as can any which hook GMS processes.
|
|
|
|
### Failing DEVICE verdict (on KernelSU/APatch)
|
|
|
|
- Disable ZygiskNext
|
|
- Reboot
|
|
- Enable ZygiskNext
|
|
|
|
### Failing DEVICE verdict (on custom kernel/ROM)
|
|
|
|
- Check the kernel release string with command `adb shell uname -r` or `uname -r`
|
|
- If it's on the [Known Banned Kernel List](https://xdaforums.com/t/module-play-integrity-fix-safetynet-fix.4607985/post-89308909) then inform your kernel developer/ROM maintainer to remove their branding for their next build
|
|
- You may also try a different custom kernel, or go back to the default kernel for your ROM, if available/possible
|
|
|
|
### Play Protect/Store Certification and Google Wallet Tap To Pay Setup Security Requirements
|
|
|
|
Follow these steps:
|
|
|
|
- Reflash the module in your root manager app
|
|
- Clear Google Wallet (com.google.android.apps.walletnfcrel) and/or Google Pay (com.google.android.apps.nbu.paisa.user) cache, if you have them installed
|
|
- Clear Google Play Store (com.android.vending) cache and data
|
|
- Clear Google Play Services (com.google.android.gms) cache and data, or, optionally skip clearing data and wait some time (~24h) for it to resolve on its own
|
|
- Reboot
|
|
|
|
Note: Clearing Google Play Services app ***data*** will then require you to reset any WearOS devices paired to your device.
|
|
|
|
### Read module logs
|
|
|
|
You can read module logs using one of these commands directly after boot:
|
|
|
|
`adb shell "logcat | grep 'PIF/'"` or `su -c "logcat | grep 'PIF/'"`
|
|
|
|
Add a "VERBOSE_LOGS" entry with a value of "0", "1", "2", "3" or "100" to your custom.pif.json to enable higher logging levels; "100" will dump all Build fields, and all the system properties that DroidGuard is checking.
|
|
|
|
## Can this module pass MEETS_STRONG_INTEGRITY?
|
|
|
|
No.
|
|
|
|
## About Play Integrity (SafetyNet is deprecated)
|
|
|
|
- [Play Integrity API](https://xdaforums.com/t/info-play-integrity-api-replacement-for-safetynet.4479337/) - FAQ/information about PI (Play Integrity) replacing SN (SafetyNet)
|
|
|
|
## Credits
|
|
|
|
Module scripts were adapted from those of kdrag0n/Displax's Universal SafetyNet Fix (USNF) module, please see the commit history of [Displax's USNF Fork](https://github.com/Displax/safetynet-fix/tree/dev/magisk) for proper attribution.
|