UPDATE 4.1: HackProtect Extension (No Permissions Needed) - Better Emulator Detection

Extensions
#1

HackProtect v4.1 UPDATE (Emulator Detection) cian1

HackProtect.aix (13.7 KB)

ChangeLog

New Features:

  • AmazonStoreInstalled: Returns true if application was installed via Amazon

    image

  • PlayStoreInstalled: Returns true if the application was installed via GooglePlay

    image

  • GetPackagerManagerName: . Gets the name of the Package Manager that installed the app.

    image

  • GetPackageName: Returns the name of the current application package,

    image

  • IsRoSecureRoKernelQemu: This returns true if either the ro.secure or ro.kernel.qemu have been modified, which is a root indicator as the kernel activity may be compromised and viewable.

    image

  • CheckForSuperUserAPK: Returns TRUE if one of 6 known root packages or variants is installed. The name of the package is not returned, so the user does not know which package name to change.

    image

  • CheckForDangerousAPK: Returns TRUE if one of 12 known patching or root emulating packages is installed. The name of the package is not returned, so the user does not know which package name to change.

    image

Updates:

  • RoSecure process has been deleted and replaced with isRoSecureRoKernelQemu.

  • Added more root detection processes.

  • Disabled super user check, as it is giving strange results on different android versions.

  • Improved and Added Emulator Detection support for: (over 160 different checks)

    • Android Studio
    • Andy
    • Droid4x
    • Generic
    • Genymotion
    • Goldfish
    • MIT
    • Nox
    • TitaniamVM
    • VBox

Some reports that nox support is not working perfect .

  • Updated Descriptions.

  • Updated names.

Raodmap:

  • Method to scan for user defined packages

  • Method to scan for certain processes

Notes:

  • The only way to ensure you have emulator or virtual device detection is by getting the READ_PHONE_STATE, so you can get the Carrier ID, and Phone Number. I decided not to do this because it is a very aggressive permission. If people want this as a separate extension, let me know.

  • Another method is to watch the accelerometer, and make sure that it is moving. Emulators don’t move. If there is enough demand, I will try to add this.

DISCLAIMER:

This is not perfect. I know it, and I do not claim it is now, or ever. So if there are bugs be kind, and report them.

Total Blocks (11)

image
image.png866×284 47.8 KB

Example Use Case

image
image.png1772×612 91.9 KB

Description

This light weight extension helps you limit how your users can hack your application. 9 critical elements are detected.

  1. Was the application installed from Amazon
  2. Is ADB Debugging enabled,
  3. Is the application running on an emulator,
  4. Is the device rooted,
  5. Is the app installed from the Google Playstore,
  6. Is a well known Super User APK installed,
  7. Is a well known Patching APK installed,
  8. Name of the package manager that installed the application,
  9. Name of the package of the current app,
  10. Is RO secure, or Ro kernel qemu modified.

(NOX Emulator Bug should be fixed)

When you handle these elements properly, you can shut your app down before people can logcat, or intercept network traffic, thereby protecting things like API credentials, passwords, proxies, etc.

90 Likes
Lucky Patcher In-App purchase hack bypass
How to secure my app not to open in clone version
Instant Identity Confirmation. Kaywic. Know Your Customer
Play store link with package component…
Is it possible to make applications only run if they are downloaded on PlayStore?
How to make app unhackable from lucky patcher
How much Time it takes to get ads approval?
Google Paid Application Verification
Amazon Services
Check Developers Options
I want this badly 🥺
How to prevent app run in emulator (LDplayer / bluestack)
Help! Application should not run if not installed from the playstore!
I want HackProof extension
The app is not installed from playstore
Full access to content after payment
How to check if app user have built in Play Store or Not
Block Is emulator does not recognize emulator
Quizzer - Create or Join Online Test
Hackprotect Amazon App Store approval
Hackprotect Amazon App Store approval
How to improve the security of a Kodular app?
After installation installation
#2

Nice extension

5 Likes
#3

Thank you!

4 Likes
#4

Nice Tool,
Thanks

2 Likes
#5

Thanks You!

1 Like
#6

Thanks for this good extenstion its very helpful to developers

4 Likes
#7

My pleasure!

3 Likes
#8

nice you made it really, Thanks man this will help us to protect our apps a bit more.

4 Likes
#9

Small But very Useful!

4 Likes
#10

Thanks ! I’ve just searched for an extension like this yesterday, and today, it’s here :slight_smile:

3 Likes
#19

Man, that’s really an amazing extension.
Very simple and at the same time very important at some cases.

Congratulations for the idea!

Don’t care about this guy talking nonsense. He is probably just a troll or he is envious of you.

5 Likes
#30

Hey… You have 17 Likes ! Which speaks for itself that you have done a great job! :ok_hand::+1::+1::+1::+1:

5 Likes
#31

it is amazing! thank you very much!

1 Like
#32

Thank you.

1 Like
#33

Thank you, it will be very useful

2 Likes
#34

Just need to know a think btw as I can’t test it now.
When I use the is rooted component, does it ask for superuser permissions (so the promp appears) or it checks the su file in the /system folder without asking for it like the shell component?
Because it would be very useful if it detects the root status without making the superuser popup appear.

1 Like
#35

Among other things, It checks a variety of places for the SU file.

It does not invoke the shell component

#36

Very nice… I was hoping so.
And what about isSystemUser? I don’t figure out what is it for…
When does it return true?

2 Likes
#37

Well SystemUser on Android is like Root on Unix/Linux. It is supposed to indicate that the application may be running in a manner that has root. I am not sure it is performing as expected after some feedback from others.

It is only an indicator, not decisive.

#38

So it works with these phones that got multi user right?

1 Like