unlocked-bootloader-backdoor-demo VS safetynet-fix

I actually made a proof-of-concept: https://github.com/LuigiVampa92/unlocked-bootloader-backdoor-demo

It is possible. The only required thing is an unlocked bootloader, once you have it and you have a few minutes of physical access to the device you can install a persistent backdoor. No matter if there is a stock or a custom ROM on the device, no matter if there is root installed or not, no matter if device is encrypted or not. I even made a small proof of concept - you can check it here, just be careful and make a backup of partitions

I have made a research and created a proof-of-concept how an android device with an unlocked bootloader (which means that we talk about almost any device using custom ROM, root, etc) in case an adversary has a temporary physical access to it (a couple of minutes is enough) can be silently injected with a backdoor that will be successfully installed in almost any case, no matter which OS version it has, no matter if it’s encrypted or not, no matter if it has root or not. I have written an article about it. You can check it here (I’m sorry, it’s only in russian, but the google translate should work) and get the code here to test it yourself.

- I updated the universal safety net fix module for Magisk from v2.2 to 2.4.0 (https://github.com/kdrag0n/safetynet-fix/releases)

Hi! I'm not new to spoofing, but with the "Android 7 no longer supported" update, my four Huawei G8 spoofing phones got obsolete and I have to set up some new phones. I'm trying to follow this tutorial: https://www.reddit.com/r/PokemonGoSpoofing/comments/11azleu/the\_definitive\_guide\_to\_rootingspoofing\_with\_an/ What I already did: -Installed TWRP -Installed Magisk -Installed PoGo -Opened smalli patcher with admin rights, and select only the first box "Mock Locations". -Copyed the created zip to the phone and installed it in Modules. (Step 7) Not sure about the right order of what comes next... Step 6: Download lsposed (zygisk) and safety-net fix zips, install with magisk. Add LSPosed shortcut to your homepage if prompted Lsposed link: https://github.com/LSPosed/LSPosed/releases Safety-net fix https://github.com/kdrag0n/safetynet-fix/releases DO I NEED TO DO STEP 6??? Step 7: DONE! Step 8: Update magisk settings: a. Click systemless hosts b. Enable Zygisk and enforce Denylist c. Configure Denylist and select com.google.android.gms (1st) and com.google.android.gms.unstable (3rd from the last) d.Hide magisk app in magisk settings so far so good, but I have no "com.google.android.gms (1st) and com.google.android.gms.unstable" to select. So, what to select??? Step 9: Download pokemon go and YASNAC safety net checker apps from play store - DONE! Step 10: Download HideMockLocations apk, install, and enable for pogo in lsposed - tryed the last 4 versions, always getting error "An error occurred while parsing the package" when trying to install. So, Step 10+11+12 not done yet Maybe I don't need all of the steps for my Galaxy S7?? This tutorial is MUCH less complicated: https://www.reddit.com/r/PokemonGoSpoofing/comments/a1d07r/a\_better\_way\_to\_spoof\_mini\_guide\_android\_root/ no word about Lsposed, no Safety-net fix, no Zygisk, no enforce Denylist, no Hide magisk app, no YASNAC safety net checker, no HideMockLocations apk This tutorial also doesn't say to do much after adding the smali module to Magisk: https://www.reddit.com/r/PokemonGoSpoofing/comments/glxdfv/rooted\_method\_1\_smali\_patcher\_guide\_for\_android/ I'm confused :D

Safetynet-fix-v2.4.0.zip from https://github.com/kdrag0n/safetynet-fix/releases.

Using a rooted CrDroid, I had the same app "error" but was able to make it work, using root and modules (Safetynet Fix) to hide Magisk, OS debug tools and Lineage fingerprint I guess.

https://github.com/kdrag0n/safetynet-fix (requires Magisk + MagiskHide Props Config

Install shamiko by lsposed team and install universal safetynet bypass by krag0n as modules in magisk.

UniversalSafetyNetFix

Hey there! Yes, there's one major pitfall, which is Google's SafetyNet. If an app asks "is SafetyNet working" and Google answers "no", the app can decide to not offer you services. In my case the one and only issue I had is a banking app refusing to let me use my fingerprint for login, but if you want to avoid it there's ways to fix that (like [safetynet-fix](https://github.com/kdrag0n/safetynet-fix))