You've already forked TrickyStore
mirror of
https://github.com/5ec1cff/TrickyStore.git
synced 2025-09-06 06:37:07 +00:00
100 lines
2.9 KiB
Markdown
100 lines
2.9 KiB
Markdown
# Tricky Store
|
|
|
|
A trick of keystore. **Android 12 or above is required**.
|
|
|
|
## Usage
|
|
|
|
1. Flash this module and reboot.
|
|
2. For more than DEVICE integrity, put an unrevoked hardware keybox.xml at `/data/adb/tricky_store/keybox.xml` (Optional).
|
|
3. Customize target packages at `/data/adb/tricky_store/target.txt` (Optional).
|
|
4. Enjoy!
|
|
|
|
**All configuration files will take effect immediately.**
|
|
|
|
## keybox.xml
|
|
|
|
format:
|
|
|
|
```xml
|
|
<?xml version="1.0"?>
|
|
<AndroidAttestation>
|
|
<NumberOfKeyboxes>1</NumberOfKeyboxes>
|
|
<Keybox DeviceID="...">
|
|
<Key algorithm="ecdsa|rsa">
|
|
<PrivateKey format="pem">
|
|
-----BEGIN EC PRIVATE KEY-----
|
|
...
|
|
-----END EC PRIVATE KEY-----
|
|
</PrivateKey>
|
|
<CertificateChain>
|
|
<NumberOfCertificates>...</NumberOfCertificates>
|
|
<Certificate format="pem">
|
|
-----BEGIN CERTIFICATE-----
|
|
...
|
|
-----END CERTIFICATE-----
|
|
</Certificate>
|
|
... more certificates
|
|
</CertificateChain>
|
|
</Key>...
|
|
</Keybox>
|
|
</AndroidAttestation>
|
|
```
|
|
|
|
## Build Vars Spoofing
|
|
|
|
> **Zygisk (or Zygisk Next) is needed for this feature to work.**
|
|
|
|
If you still do not pass you can try enabling/disabling Build variable spoofing by creating/deleting the file `/data/adb/tricky_store/spoof_build_vars`.
|
|
|
|
Tricky Store will automatically generate example config props inside `/data/adb/tricky_store/spoof_build_vars` once created, on next reboot, then you may manually edit your spoof config.
|
|
|
|
Here is an example of a spoof config:
|
|
|
|
```
|
|
MANUFACTURER=Google
|
|
MODEL=Pixel 8 Pro
|
|
FINGERPRINT=google/husky_beta/husky:15/AP31.240617.009/12094726:user/release-keys
|
|
BRAND=google
|
|
PRODUCT=husky_beta
|
|
DEVICE=husky
|
|
RELEASE=15
|
|
ID=AP31.240617.009
|
|
INCREMENTAL=12094726
|
|
TYPE=user
|
|
TAGS=release-keys
|
|
SECURITY_PATCH=2024-07-05
|
|
```
|
|
|
|
For Magisk users: if you don't need this feature and zygisk is disabled, please remove or rename the
|
|
folder `/data/adb/modules/tricky_store/zygisk` manually.
|
|
|
|
## Support TEE broken devices
|
|
|
|
Tricky Store will hack the leaf certificate by default. On TEE broken devices, this will not work because we can't retrieve the leaf certificate from TEE. You can add a `!` after a package name to enable generate certificate support for this package.
|
|
|
|
For example:
|
|
|
|
```
|
|
# target.txt
|
|
# use leaf certificate hacking mode for KeyAttestation App
|
|
io.github.vvb2060.keyattestation
|
|
# use certificate generating mode for gms
|
|
com.google.android.gms!
|
|
```
|
|
|
|
## TODO
|
|
|
|
- Support App Attest Key.
|
|
- [Support Android 11 and below.](https://github.com/5ec1cff/TrickyStore/issues/25#issuecomment-2250588463)
|
|
- Support automatic selection mode.
|
|
|
|
PR is welcomed.
|
|
|
|
## Acknowledgement
|
|
|
|
- [PlayIntegrityFix](https://github.com/chiteroman/PlayIntegrityFix)
|
|
- [FrameworkPatch](https://github.com/chiteroman/FrameworkPatch)
|
|
- [BootloaderSpoofer](https://github.com/chiteroman/BootloaderSpoofer)
|
|
- [KeystoreInjection](https://github.com/aviraxp/Zygisk-KeystoreInjection)
|
|
- [LSPosed](https://github.com/LSPosed/LSPosed)
|