How does Snapchat detect the XPosed Framework?

Question

How does Snapchat detect the XPosed Framework?

I tried installing Snapchat on my newly introduced Xposed smartphone. But login is not possible because Snapchat discovers the Xposed Framework. I "understand" the reason for this limitation, although I think it is too much, since I do not use Xposed for Snapchat.

But my question is: how do they discover the Framework?

+7

android snapchat xposed xposed-framework

Gp2mv3 Oct 28 '16 at 7:54

source share

3 answers

I believe Snapchat uses SafetyNet , an API that also protects Android Pay and Pokemon GO.

+2

Maxr1998 Jan 05 '17 at 18:14

source share

Xposed can be checked by reflection in the XposedHelper class

 public class XposedHelper { private static final String LOGTAG = "XposedHelpers"; private static final HashMap<String, Field> fieldCache = new HashMap<>(); private static final HashMap<String, Method> methodCache = new HashMap<>(); private static final HashMap<String, Constructor<?>> constructorCache = new HashMap<>(); private static final WeakHashMap<Object, HashMap<String, Object>> additionalFields = new WeakHashMap<>(); private static final HashMap<String, ThreadLocal<AtomicInteger>> sMethodDepth = new HashMap<>(); }

Check if your application information contains these options.

0

Mikey yang Sep 04 '19 at 3:59

source share

Jared rummler · Accepted Answer · 2016-10-28T09:38:35+0000

Snapchat uses the SafetyNet Certification API Google and does not check if XPosed is valid . Snapchat launches SafetyNet when it first launches the application.

To make sure that Snapchat doesn't specifically test the XPosed framework, I decompiled Snapchat and ran grep -lri xposed . Your search returned no results.

Verifying XPosed Installation:

I am sure there are many ways to check if Xposed is installed. I wrote the following method, which gets the currently installed version of Xposed or returns null if XposedBridge.jar is not found on the device:

 /** * Get the current Xposed version installed on the device. * * @param context The application context * @return The Xposed version or {@code null} if Xposed isn't installed. */ public static Integer getXposedVersion(Context context) { try { File xposedBridge = new File("/system/framework/XposedBridge.jar"); if (xposedBridge.exists()) { File optimizedDir = context.getDir("dex", Context.MODE_PRIVATE); DexClassLoader dexClassLoader = new DexClassLoader(xposedBridge.getPath(), optimizedDir.getPath(), null, ClassLoader.getSystemClassLoader()); Class<?> XposedBridge = dexClassLoader.loadClass("de.robv.android.xposed.XposedBridge"); Method getXposedVersion = XposedBridge.getDeclaredMethod("getXposedVersion"); if (!getXposedVersion.isAccessible()) getXposedVersion.setAccessible(true); return (Integer) getXposedVersion.invoke(null); } } catch (Exception ignored) { } return null; }

As far as I can tell, Xposed always had XposedBridge.jar in / system / framework, so this should work for official releases of Xposed, but may break in future releases.

How does Snapchat detect the XPosed Framework?

Verifying XPosed Installation:

More articles: