feat(spoofer): more spoof options

* installer package name * debug flag * mock location * split classloader
2025-06-12 05:07:46 +02:00 · 2023-09-03 12:07:07 +02:00
parent 77584d67e2
commit 6a32c69404
4 changed files with 84 additions and 7 deletions
--- a/core/src/main/assets/lang/en_US.json
+++ b/core/src/main/assets/lang/en_US.json
@ -428,11 +428,47 @@
                        "properties": {
                            "location": {
                                "name": "Location",
-                                "description": "Spoof your location"
+                                "description": "Spoof your location",
+                                "properties": {
+                                    "location_latitude": {
+                                        "name": "Latitude",
+                                        "description": "The latitude of the location"
+                                    },
+                                    "location_longitude": {
+                                        "name": "Longitude",
+                                        "description": "The longitude of the location"
+                                    }
+                                }
                            },
                            "device": {
                                "name": "Device",
-                                "description": "Spoof your device information"
+                                "description": "Spoof your device information",
+                                "properties": {
+                                    "fingerprint": {
+                                        "name": "Device Fingerprint",
+                                        "description": "Spoofs your device Fingerprint"
+                                    },
+                                    "android_id": {
+                                        "name": "Android ID",
+                                        "description": "SpoofS your Android ID to the specified value"
+                                    },
+                                    "installer_package_name": {
+                                        "name": "Installer Package name",
+                                        "description": "Spoofs the installers Package name"
+                                    },
+                                    "debug_flag": {
+                                        "name": "Debug Flag",
+                                        "description": "Makes Snapchat debuggable"
+                                    },
+                                    "mock_location": {
+                                        "name": "Mock location",
+                                        "description": "Spoofs the Mock Location device state"
+                                    },
+                                    "split_classloader": {
+                                        "name": "Split Classloader",
+                                        "description": "Spoofs splitClassloader\nRequested by org.chromium.base.JNIUtils"
+                                    }
+                                }
                            }
                        }
                    },
--- a/core/src/main/kotlin/me/rhunk/snapenhance/core/config/impl/Spoof.kt
+++ b/core/src/main/kotlin/me/rhunk/snapenhance/core/config/impl/Spoof.kt
@ -1,6 +1,7 @@
 package me.rhunk.snapenhance.core.config.impl

 import me.rhunk.snapenhance.core.config.ConfigContainer
+import me.rhunk.snapenhance.core.config.FeatureNotice

 class Spoof : ConfigContainer() {
    inner class Location : ConfigContainer(hasGlobalState = true) {
@ -10,8 +11,12 @@ class Spoof : ConfigContainer() {
    val location = container("location", Location())

    inner class Device : ConfigContainer(hasGlobalState = true) {
-        val fingerprint = string("device_fingerprint")
-        val androidId = string("device_android_id")
+        val fingerprint = string("fingerprint")
+        val androidId = string("android_id")
+        val getInstallerPackageName = string("installer_package_name")
+        val debugFlag = boolean("debug_flag")
+        val mockLocationState = boolean("mock_location")
+        val splitClassLoader = string("split_classloader")
    }
-    val device = container("device", Device())
+    val device = container("device", Device()) { addNotices(FeatureNotice.BAN_RISK) }
 }
--- a/core/src/main/kotlin/me/rhunk/snapenhance/data/SnapClassCache.kt
+++ b/core/src/main/kotlin/me/rhunk/snapenhance/data/SnapClassCache.kt
@ -16,6 +16,7 @@ class SnapClassCache (
    val feedEntry by lazy { findClass("com.snapchat.client.messaging.FeedEntry") }
    val conversation by lazy { findClass("com.snapchat.client.messaging.Conversation") }
    val feedManager by lazy { findClass("com.snapchat.client.messaging.FeedManager\$CppProxy") }
+    val chromiumJNIUtils by lazy { findClass("org.chromium.base.JNIUtils")}

    private fun findClass(className: String): Class<*> {
        return try {
--- a/core/src/main/kotlin/me/rhunk/snapenhance/features/impl/experiments/DeviceSpooferHook.kt
+++ b/core/src/main/kotlin/me/rhunk/snapenhance/features/impl/experiments/DeviceSpooferHook.kt
@ -11,9 +11,17 @@ class DeviceSpooferHook: Feature("device_spoofer", loadParams = FeatureLoadParam

 		val fingerprint by context.config.experimental.spoof.device.fingerprint
 		val androidId by context.config.experimental.spoof.device.androidId
+		val getInstallerPackageName by context.config.experimental.spoof.device.getInstallerPackageName
+		val debugFlag by context.config.experimental.spoof.device.debugFlag
+		val mockLocationState by context.config.experimental.spoof.device.mockLocationState
+		val splitClassLoader by context.config.experimental.spoof.device.splitClassLoader
+
+		val settingsSecureClass = android.provider.Settings.Secure::class.java
+		val fingerprintClass = android.os.Build::class.java
+		val packageManagerClass = android.content.pm.PackageManager::class.java
+		val applicationInfoClass = android.content.pm.ApplicationInfo::class.java

 		if (fingerprint.isNotEmpty()) {
-			val fingerprintClass = android.os.Build::class.java
 			Hooker.hook(fingerprintClass, "FINGERPRINT", HookStage.BEFORE) { hookAdapter ->
 				hookAdapter.setResult(fingerprint)
 				context.log.verbose("Fingerprint spoofed to $fingerprint")
@ -25,7 +33,6 @@ class DeviceSpooferHook: Feature("device_spoofer", loadParams = FeatureLoadParam
 		}

 		if (androidId.isNotEmpty()) {
-			val settingsSecureClass = android.provider.Settings.Secure::class.java
 			Hooker.hook(settingsSecureClass, "getString", HookStage.BEFORE) { hookAdapter ->
 				if(hookAdapter.args()[1] == "android_id") {
 					hookAdapter.setResult(androidId)
@ -33,5 +40,33 @@ class DeviceSpooferHook: Feature("device_spoofer", loadParams = FeatureLoadParam
 				}
 			}
 		}
+
+		//TODO: org.chromium.base.BuildInfo, org.chromium.base.PathUtils getDataDirectory, MushroomDeviceTokenManager(?), TRANSPORT_VPN FLAG, isFromMockProvider, nativeLibraryDir, sourceDir, network capabilities, query all jvm properties
+
+		//INSTALLER PACKAGE NAME
+		if(getInstallerPackageName.isNotEmpty()) {
+			Hooker.hook(packageManagerClass, "getInstallerPackageName", HookStage.BEFORE) { hookAdapter ->
+				hookAdapter.setResult(getInstallerPackageName)
+			}
+		}
+
+		//DEBUG FLAG
+		Hooker.hook(applicationInfoClass, "FLAG_DEBUGGABLE", HookStage.BEFORE) { hookAdapter ->
+			hookAdapter.setResult(debugFlag)
+		}
+
+		//MOCK LOCATION
+		Hooker.hook(settingsSecureClass, "getString", HookStage.BEFORE) { hookAdapter ->
+			if(hookAdapter.args()[1] == "ALLOW_MOCK_LOCATION") {
+				hookAdapter.setResult(mockLocationState)
+			}
+		}
+
+		//GET SPLIT CLASSLOADER
+		if(splitClassLoader.isNotEmpty()) {
+			Hooker.hook(context.classCache.chromiumJNIUtils, "getSplitClassLoader", HookStage.BEFORE) { hookAdapter ->
+				hookAdapter.setResult(splitClassLoader)
+			}
+		}
 	}
 }