Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

[Feature request] Extend support to banking apps using Zimperium #52

Open
Pharaoh2k opened this issue Sep 23, 2023 · 9 comments
Open

[Feature request] Extend support to banking apps using Zimperium #52

Pharaoh2k opened this issue Sep 23, 2023 · 9 comments

Comments

@Pharaoh2k
Copy link

Device name:

Galaxy Note 10 Plus

Device model number:

SM-N975F

OS version:

Android 12

Software info:

Any

Magisk/KernelSU version:

26301 (Magisk Alpha)

Hook framework app:

LSPosed 1.9.1 (6990)

KnoxPatch version:

v0.6.1 (Enhancer v0.4)

Steps to reproduce:

Some baking apps such as DBS PayLah have introduced an advanced root check by Zimperium.
One of the components of Zimperium is called Knox license receiver.
On Samsung phones using the latest Alpha+Shamiko+Zygisk the app detects root.
On Xiaomi phones with the same exact apps and settings, it doesn't detect root. I assume the reason is Knox's presence on Samsung devices.
I have tried adding the app to Knox Patcher in LSPosed, but then it doesn't even start at all. Easily reproducible.
Would be great if you could add compatibility for such banking apps.

Thank you.

Expected behaviour:

As above.

Actual behaviour:

As above.

Logs:

None available.

@salvogiangri
Copy link
Owner

I need system logs to see what's going on.

@Pharaoh2k
Copy link
Author

Oh, I assumed you have a samsung device and can simply install this DBS paylah app and reproduce it very easily....

@salvogiangri
Copy link
Owner

Oh, I assumed you have a samsung device and can simply install this DBS paylah app and reproduce it very easily....

I don't use my Samsung devices as daily drivers. Also, isn't a banking account required to use a banking app?

@Pharaoh2k
Copy link
Author

No, I don't have an account either, the error is on launch and I guess that anyway you'll need to have it installed and test it to be able to fix it.

@salvogiangri
Copy link
Owner

Looks like the library checks for Knox support via Samsung's API's in system (https://docs.samsungknox.com/devref/knox-sdk/reference/com/samsung/android/knox/EnterpriseDeviceManager.html#getAPILevel()), issue is ZImperium has some anti-hook protection which prevents hooking the desired API's to disable any Knox code in the app.

@salvogiangri
Copy link
Owner

There's already this hook in the module used for the Samsung Health app:
https://github.com/BlackMesa123/KnoxPatch/blob/188d7d77ff36e572087468da15824fc2cd4d694e/app/src/main/java/io/mesalabs/knoxpatch/hooks/SamsungHealthHooks.kt#L31-L42

But as I said there's nothing that can be done with the anti-hook protection in place, unfortunately this goes beyond my current knowledge+the fact I'm very busy lately due to university. Manually spoofing the Knox API version in frameworks like ShaDisNX255/NcX_Stock@d97ec16 might do the trick.

@Pharaoh2k
Copy link
Author

Pharaoh2k commented Sep 23, 2023

Yeah, I am afraid that more and more banking and wallet apps will start using Zimperium. Other brands' devices work just fine, as they don't use Knox.
Thank you so much for looking into it.
I wish I was a dev myself, so I could resolve it somehow :)
Hopefully, you'll find the time and knowledge to fix this challenging and interesting issue.

@Garfield-Z
Copy link

Garfield-Z commented Nov 30, 2023

There's already this hook in the module used for the Samsung Health app:

https://github.com/BlackMesa123/KnoxPatch/blob/188d7d77ff36e572087468da15824fc2cd4d694e/app/src/main/java/io/mesalabs/knoxpatch/hooks/SamsungHealthHooks.kt#L31-L42

But as I said there's nothing that can be done with the anti-hook protection in place, unfortunately this goes beyond my current knowledge+the fact I'm very busy lately due to university. Manually spoofing the Knox API version in frameworks like ShaDisNX255/NcX-S21FE@d97ec16 might do the trick.

On KSU v0.7.1, current latest paylah detect shamiko v0.7.4, I have to disable shamiko and reboot before I can use it and this is quite annoying.
I am trying to follow your suggestion to apply this fix to S23U A13 rooted system-rw stock rom.
After applying the smali fix and re-compile, zip to knoxsdk.jar, replacing /system/framework/knoxsdk.jar with this mod is enough?
Need to do sth to knoxsdk.art or knoxsdk.oat files?

@salvogiangri
Copy link
Owner

salvogiangri commented Nov 30, 2023

On KSU v0.7.1, current latest paylah detect shamiko v0.7.4, I have to disable shamiko and reboot before I can use it and this is quite annoying.

I am trying to follow your suggestion to apply this fix to S23U A13 rooted system-rw stock rom, after applying the smali fix and re-compile, zip to knoxsdk.jar, replacing /system/framework/knoxsdk.jar with this mod is enough? Need to do sth to knoxsdk.art or knoxsdk.oat files?

Modding knoxsdk.jar is all you need to do. You can ignore/delete the prebuilt oat/odex/vdex/art files

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

3 participants