feat(patch): General purpose anti root detection patch

[UnlimitedCookies]

Application

A general purpose patch would be great, but a specific patch for e.g. just rootbeer might be easier at first.

An example app might be com.starfinanz.mobile.android.dkbpushtan.

Issue

It should resolve an app crashing or limiting functionality after it detected that your device has been rooted.

Patch

The universal patch should try to disable all popular root detection libraries like rootbeer or should prevent apps from or should prevent apps from querying for certain apps like com.topjohnwu.magisk. Apps also shouldn't query for one of the following paths: "/system/app/Superuser.apk", "/sbin/su", "/system/bin/su", "/system/xbin/su", "/data/local/xbin/su", "/data/local/bin/su", "/system/sd/xbin/su", "/system/bin/failsafe/su", "/data/local/su", "/su/bin/su".

This stackoverflow post might demonstrate some possibilities for detection.

Motivation

Obviously it would remedy the unacceptable practice of app developers trying to dictate what I should do with my device (like rooting).

Acknowledgements

• [X] I have searched the existing issues and this is a new and no duplicate or related to another open issue.
• [X] I have written a short but informative title.
• [X] I filled out all of the requested information in this issue properly.

[marek26340]

If someone created such a patch, sure, that would be great. I don't know which app I'd want to patch like that right now, but yea, that would surely come in handy when I stumble upon an app that won't let me work with it just because of root verification.

But patching banking apps? I would absolutely not want to deal with the aftermath of them (bank) finding out. I always work with those apps with a "f** around and find out" level of carefulness. insert Homer opening door to find Mr. Burns and his lawyers came and want to have a little chat

There are many good reasons as to why the banks do this.

[Linus789]

This is no easy feat, especially for an app like com.starfinanz.mobile.android.dkbpushtan. It uses Promon Shield, you can read more about it here: https://faui1-files.cs.fau.de/filepool/projects/nomorp/nomorp-paper-dimva2018.pdf

[UnlimitedCookies]

I'm totally aware that this is not a walk in the park, but that's what feature requests are for. :P Let's take Promon shielded apps out of scope for now, since they are indeed hard to circumvent. (I should've chosen a better example). A better example might be de.velocity_aachen.velocity, which is a local bike sharing provider, which for no reason refuses to work on rooted devices. I got rid of the root-prevention by dumping the apk to smali files, simply removing the specific branch and then I recompiled the app (got it done fairly quickly, but I don't know how to extrapolate a revanced patch yet; is there perhaps a guide or something I could follow in that case). Since they used rootbeer for detection my guess is that it would be not too hard to implement a general purpose rootbeer removal patch.

[oSumAtrIX]

You can create a ReVanced patch to change the bytecode. You can use the documentation in the docs branch for that.

[Linus789]

You can find a general guide here: https://github.com/revanced/revanced-patches/tree/feat/docs/docs

May I ask for your use case? I’m a little bit interested, since usually something like MagiskHide is used.