Menu
I tried to install Snapchat on my newly rooted and Xposed smartphone. But the login is impossible as Snapchat detects Xposed Framework. I "understand" the reason of this restriction, even though I think it's a bit too much as I don't use Xposed for Snapchat.
But my question is: How do they detect the Framework ?
261
Xposed itself can be detected using several ways: Using the files it installs or modifies and second more important using the stack-trace within your app. If Xposed is installed this is visible in the stack trace as Xposed is loaded into the Dalvik VM and therefore is active in each and every app.
It provides seamless customization ability on compatible Android devices. The Xposed Framework is easy to install and a module-based framework. It allows users to extend the functionality of the device by letting install other apps/mods/tweak at the system level.
SnapChat uses Google's SafetyNet Attestation API and does not specifically check if XPosed is installed. SnapChat runs SafetyNet the first time the app is launched.
To make sure SnapChat does not specifically check for the XPosed framework, I decompiled Snapchat and ran grep -lri xposed. The search came up with no results.
I'm sure there are plenty of ways you could check if Xposed is installed. I wrote the following method which gets the currently installed Xposed version or returns null if the XposedBridge.jar was not found on the device:
/**
* Get the current Xposed version installed on the device.
*
* @param context The application context
* @return The Xposed version or {@code null} if Xposed isn't installed.
*/
public static Integer getXposedVersion(Context context) {
try {
File xposedBridge = new File("/system/framework/XposedBridge.jar");
if (xposedBridge.exists()) {
File optimizedDir = context.getDir("dex", Context.MODE_PRIVATE);
DexClassLoader dexClassLoader = new DexClassLoader(xposedBridge.getPath(),
optimizedDir.getPath(), null, ClassLoader.getSystemClassLoader());
Class<?> XposedBridge = dexClassLoader.loadClass("de.robv.android.xposed.XposedBridge");
Method getXposedVersion = XposedBridge.getDeclaredMethod("getXposedVersion");
if (!getXposedVersion.isAccessible()) getXposedVersion.setAccessible(true);
return (Integer) getXposedVersion.invoke(null);
}
} catch (Exception ignored) {
}
return null;
}
As far as I can tell, Xposed has always had XposedBridge.jar in /system/framework so this should work for the official releases of Xposed but could break in future releases.
56
I believe Snapchat uses SafetyNet, the API which also protects Android Pay and Pokemon GO.
23
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
