Definitely add DEVICE_INITIAL_SDK_INT/FIRST_API_LEVEL (ro.product.first_api_level or ro.board.first_api_level from vendor build.prop), falling back to Version SDK values if this is not present (ro. or ro. from system build.prop, ro. from vendor build.prop, or, ro. from product build.prop), noting my caveats for this field from Step 2. You may remove this line if you aren't using it. Optionally add SECURITY_PATCH (ro._patch from system build.prop), noting my caveats for this field from Step 2. From these you'll copy the 6 main values to between the quotes of the corresponding fields in the template below: PRODUCT (ro.*.name), DEVICE (ro.*.device), MANUFACTURER (ro.*.manufacturer), BRAND (ro.*.brand), MODEL (ro.*.model), and FINGERPRINT (ro.*.fingerprint). In general they'll be ro.build.fingerprint + ro.product.* (older system build.prop), or, ro. + ro.product.system.* (newer system build.prop), or, ro. + ro.product.product.* (product build.prop, only needed on devices where system build.prop contains "generic" values). product can be /product/build.prop and/or /product/etc/build.prop and vendor is /vendor/build.prop or sometimes /system/vendor/build.prop (if the device has no proper vendor partition but is pretending). When downloading your build.props, for some devices you may be looking at system-as-root dumps, in which case (since the partition is still called system) it'll be at /system/system/build.prop instead of /system/build.prop. Depending on whether you're looking in system build.prop or product build.prop there could be different names for the props you need to take the values from, but here's how it works: The less obvious statistical data Google receives indicating a particular fingerprint is being abused, the fewer fingerprints will get banned.ģ. on an OEM's stock ROM Factory Images site, so try to pick a device and then a ROM release both of which you don't think many people will choose. You've got lots of options, especially e.g. Any build prior to Madoes not require a matching SECURITY_PATCH field (note the date to compare is from ro.build.date in system build.prop, not the AOSP base date in the fingerprint), but it might still be good to know for those just in case that changes. Start with it at the correct value for the fingerprint, but if the device's First API Level is 33+ you'll definitely need to lower it to 32 or less to keep BASIC evaluationType in SafetyNet, and note some fingerprints may also need it set to 25 or less to keep BASIC. The DEVICE_INITIAL_SDK_INT/FIRST_API_LEVEL field should always be set to avoid the fallback to actual device value possibly triggering HARDWARE_BACKED evaluationType in SafetyNet depending on the fingerprint, and thus ensuring consistency of results across host devices. Devices launching with Pie (Android 9) or later have a First API Level 28+ and seem less likely to work out of the box, though there may be exceptions. Note you can still use the pre-Oreo fingerprints from these devices however! The device must have at least been upgraded to Oreo (Android 8) to possibly work, which also means it should have received an ro.*.first_api_level in its system (8.0) or vendor (8.1+) build.prop the earliest working devices I've seen have First API Level 23, which is Marshmallow (Android 6). Final release ROM builds of all no-longer-supported remaining Nexus and Pixel devices are banned. All older Nexus devices (Nexus 6/shamu and older) appear to be banned. Some general patterns/trends/guidelines I've noticed to help you find a working build fingerprint: You could also use `adb shell getprop` to dump all prop values from a stock ROM on another actual device, but some props may not be visible unless rooted, and this of course requires you to physically have the device you want to spoof.Ģ. There are lots of how-to's for that depending on the format, so search for them, use the tools and you're good. If you know how to extract files from a Full OTA zip, ROM Factory Images or stock ROM dumps, you can do that instead. You may use your favorite search engine to look for these there are a number of sites containing whole extracted ROM partition and build.prop dumps that can be used, I'm not going to list them to keep Google from just directly crawling them all and mass banning the fingerprints, but they're out there. Find stock ROM system build.prop *and/or* product build.prop *and* vendor build.prop dumps for the device you want to spoof. the actual devices of course continue to work fine if locked).ġ. Note: for the purposes of keeping this post simple I'll be referring to devices as "banned", but more accurately it's only the specific build fingerprints, and they are only banned for spoofing purposes (i.e.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |