Hide Root and Xposed from Sparkasse+

[Yverson87]

Can u please add Support for the Sparkasse+ app?

Since the last Update (sparkasse-app) i'm no longer able to start the app although i added it via Rootcloak. Before, it worked. Rootcloak did hide root but now there is a error calling out Xposed as reason for not working. I also added the package-name in Surrogate "com.starfinanz.smob.andoid.sbanking" but its not helping :(

[csu333]

What kind of bank makes you pay for their app ?

I can give it a try but could you provide me the app ? The "base.apk" file should be located in /data/app/com.starfinanz.smob.android.sbanking-1/ I should be able to work with that.

[csu333]

I managed to find version 2.10.1 but until now, all I see is a warning, but it let me go further. Where is it blocking exactly ? What error message do you have ?

[csu333]

I started looking but I see that current version Surrogate won't be able to handle this case because the detection is made in a constructor and Surrogate only supports method at the time being. I'm marking this issue as a improvement.

That being said, it seems that rootcloak is working just fine with Sparkasse+ (and is using much a more generic method).

[Yverson87]

Good Morning, Sorry i forgot about the + Version The "Sparkasse" without + is basicly the same with the Error and its for free ;)

• allows to sync Accounts from other Banks. Version 3.0.2 The Error attached in German just Talks about xposed. That it is installed and Dangerous. It advices to deinstal xposed framework then The App will work again.

Base apk: http://dl.dropboxusercontent.com/1/view/s8rpjejzwy02w2n/base.apk

If u need anything more i like to help! Thanks so far for your effort. Greetings from Germany Thomas

Am 04.02.2017 7:57 vorm. schrieb "csu333" notifications@github.com:

I managed to find version 2.10.1 but until now, all I see is a warning, but it let me go further. Where is it blocking exactly ? What error message do you have ?

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/csu333/Surrogate/issues/5#issuecomment-277424360, or mute the thread https://github.com/notifications/unsubscribe-auth/AYV4p8Kn7mPCjaT3lo4_BislxNjHAz9rks5rZCFhgaJpZM4L2Gj8 .

[csu333]

Ok, I can make Sparkasse work without replacing any constructor (at least so it seems).

Unfortunately, Sparkasse+ uses other classes so I have to figure out what are the new names of the class. Besides, given the obfuscation used, I expect that it will have to be adapted for each version :-(

[csu333]

Now Sparkasse+ is also working (at least up to the login screen, I can't check what is happening after).

[Yverson87]

Oh wow nice I'm looking forward for your Update (?) and May i somehow buy you a Coffee for your effort?

Am 04.02.2017 3:31 nachm. schrieb "csu333" notifications@github.com:

Now Sparkasse+ is also working (at least up to the login screen, I can't check what is happening after).

— You are receiving this because you authored the thread. Reply to this email directly, view it on GitHub https://github.com/csu333/Surrogate/issues/5#issuecomment-277449497, or mute the thread https://github.com/notifications/unsubscribe-auth/AYV4p4ipETPeOKACxZlCkRVti76bqExTks5rZIvcgaJpZM4L2Gj8 .

[csu333]

Actually, you don't have to wait for an update: just delete the package you created and download definitions from internet (the cloud-shaped button). It will download the definition for the 2 application ;-)

[Yverson87]

Good Morning, yes - it actually works until the login screen! But (sry^^) while typing in Login-Data there comes a Message "Sparkasse+ stoped working" - OK Then it restarts the app and gets stuck in the Red Sparkasse+ Screen.

I deleted Data from Sparkasse+ and reinstalled fresh, but i am not able to start the App. Not able to enter Login-Data and press OK Not able to restore a Sparkasse-Backup within the App (Its in Login-Screen) Same Error occures "App stoped working..." So yes the original Error is gone, but it still doesnt work :(

I Tried reinstalling RootCloak, Surrogate, Sparkasse, Sparkasse+

• Tried only RootCloak,
• only Surrogate,
• both
• just clean Data of RC/Surro/Spark/Spark+
• fresh install of each

I got nothing to work yet :(

[csu333]

There comes the hard part then. Would you know how to access the android logs? I have an Android studio running so that's pretty easy for me but if you don't, I'll try to find an easy way (there are android applications but their output is hard to exploit).

When the application crashes, it writes in the logs with method caused the issue so we could act on it.

[Yverson87]

mmhmmpf i have an Android Studio with sdk running but i dont know how to get logs. Maybe we can do a Teamviewer Session some evening? Dont know whats easier - maybe a step by step guide?

[csu333]

Well if you have an Android Studio running, this should be pretty easy: at the bottom of the interface, there is an "Android Monitor" buttom that continuously shows the output of the connected device.

You can select the level of the log to display. The crash is on the "Error" level. So if you run the Sparkasse application up to its crash, you'll get the stacktrace giving the exact exception and the whole call hierarchy.

If this sounds gibberish to you, we can certainly set up a Teamviewer session.

[Yverson87]

Allright i created a Project and logged the process trying to login to Sparkasse+ I just noticed that it maybe has smth to do with the fact that i have installed the Sparkasse+ App via the old Amazon Appstore and not googleplay :o The Link to the ziped Project-File https://www.dropbox.com/s/8q050rhkx6tcz2i/Sparkasse.rar?dl=0

[csu333]

That shouldn't be an issue for you since I made the rules from the app you provided me.

The project in itself is not mandatory. Android Studio only provides an easy way to look at the logs. If you look in the interface completely at the bottom left, you should see an Android Monitor button. If you have:

• Debug mode activated on your device
• Connected the device and unlocked the screen

You should see there a lot of activity, including the activity of Surrogate and Sparkasse

Alternatively, if you don't see the button but have adb installed, you can just launch the command "adb logcat" which gives the same output. In my experience, this command works better run as administrator.

[Yverson87]

Thanks a lot. In this .doc file you will find the Log-Text: https://www.dropbox.com/s/230sgzw3vlz9x0l/Sparkasse-Log.docx?dl=0

[csu333]

Sorry for the answer time and thank you for this document. This is exactly what I needed.

I can see now that I missed something: I try to call a method in a class I didn't import nor use the full class name. It's fixed in the latest definition. Could you remove the Sparkasse application from Surrogate and import the definition from internet once more ? Hopefully, it was just that.

[OliverKrr]

I tried your new solution. However, the Sparkasse+ App still crashes.

[csu333]

Crap! Could you try to collect the error log so I can see where it crashes ?

[OliverKrr]

I created a bug report on my phone, while the app crashed. Hope it helps. https://www.dropbox.com/s/h5xmw0xblslx3xo/bugreport-2017-02-18-12-27-02.txt?dl=0

[csu333]

Unfortunately, I only see one meaningful Exception in this report: 02-18 12:27:15.495 10857 10857 W System.err: java.io.FileNotFoundException: /data/data/com.starfinanz.smob.android.sbanking/files/serviceConfiguration: open failed: ENOENT (No such file or directory)

It seems to happen at log in time but there isn't any reference to Surrogate in the stack trace. Is it still working when the application is disabled in Surrogate ?

[OliverKrr]

When disabled the warning with xposed framework appears and the application will be closed. Interestingly the mentioned file is there and can be opend by me. https://www.dropbox.com/s/tc83i5q1zo5i0w1/Screenshot_2017-02-18-15-31-19.png?dl=0

[csu333]

OK so there must be something else but I don't see what :(

[OliverKrr]

See here http://stackoverflow.com/a/19309163 Maybe you override a function, which has a declaration to throw a FileNotFoundException (or catched it from below), but the new one does not?

[Yverson87]

Well hello there, i am back from my vacation and unfortunatly the app is still crashing like Oliver already noticed. Thanks again for your effort! Both of you :)

[csu333]

I don't understand how the override could have something to do with this file. I had a proper look but there are only 2 overridden methods that only return true instead of calling another method. Besides, I doubt a File not found could actually trigger a complete crash of the application so my best guess (of my biggest hope) is that the bug report is not showing what actually happened.

Would it be possible to collect the logs at the time of the crash ? It's also possible to just use adb in command line with "adb logcat" (I guess you should have adb somewhere since most of the root methods needs it)

[OliverKrr]

I have recently updated the app to a new version. Now it detects xposed again. I think that they will add new ways to detect, xposed every time we override them. Because of that, I switched to an app called "finanzblick" which does what I want. Nevertheless, I want to thank you for helping us and making the app. ;)