Introduction to Android Modding - (Original/old)

--- title: Introduction to Android Modding - (Original/old) description: This is a HackMD Note I made to put a bunch of information related to Android Modding into one place image: https://i.imgur.com/yW85UOq.png --- <style> .smol { font-size: 12px; color: #9C9C9C; } .bruh { font-size: 15px; text-align: center; padding-top: 10px; padding-bottom: 20px; } summary { text-align: center; } </style> # Introduction to Android Modding <div class="bruh">made with <img class="emoji" alt=":heart:" src="https://assets.hackmd.io/build/emojify.js/dist/images/basic/heart.png" data-position="202" data-size="18"> by @HowToRush</div> :::spoiler How to comment on HackMD :::info You can comment by selecting the text you want to comment on, and hitting the "Comment" button, from there you can tell me anything I'm missing or similar! :) an example of that is shown here: ![commenting on HackMD](https://i.imgur.com/AW3ar4x.gif "Kommentieren") ::: :::spoiler Table of Contents > [TOC] ::: # Disclaimer! ### Before you continue attempting any of the modifications in this, make sure you're aware of the following: - You might void your warranty - Some carriers have a section in their Terms of Service which prohibits device modifications - Modifying will (by default) trip Samsung Knox and SafetyNet, so be aware that some apps might cease to work! ## Things to consider when modding your Android Device Modding your Android Device has many benefits, like for example: - You can make modifications to your system and apps through [Magisk](https://github.com/topjohnwu/Magisk) or [LSPosed](https://github.com/LSPosed/LSPosed) - You can restrict certain apps on their permissions even more than Android allows by default ([AppOps](https://play.google.com/store/apps/details?id=rikka.appops)) - You can get system updates for longer than your OEM provides them (see: [LineageOS](https://lineageos.org/)) **Though, if you're not careful, you might do something you weren't supposed to, and end up "bricking" the device instead.** This means the device is then *broken*, and cannot be further used There are 2 types of "bricks" - A "Soft Brick" is one you can recover from - A "Hard Brick" is something which you can't recover from (meaning the device is completely broken) There are still many things you can do which I haven't touched on, like for example Viper4Android to modify Audio, though, I leave that for you to discover yourself :wink: ## What is a Custom ROM? A "Custom ROM" is a replacement of the pre-installed version of Android that your device ships with You might want to install one for more features, or faster and longer-lasting system updates There are many to choose from, for instance [LineageOS](https://lineageos.org/), [ArrowOS](https://arrowos.net/) or [Potato Open Sauce Project](https://potatoproject.co/), just to name a few There are some ROMs which focus on Security, like GrapheneOS, and some which focus on customizability, like Resurrection Remix (Resurrection Remix is dead tho) as well as many others with different goals ROMs (usually) are device-specific meaning you cannot take a ROM made for a Galaxy S20 and install it into a Motorola, for example There is also something you'll see often when browsing for Custom ROMs: ***"Official" and "Unofficial"*** ***"Official"*** basically means that the ROM is made for a device in cooperation with the people which make the ROM in the first place, for example, all devices listed on download.lineageos.org are made in cooperation between the LineageOS team and someone which works on the device specifically ***"Unofficial"*** means that the ROM is made by someone which maintains for your device, but not in cooperation with the people which make the Custom ROM in the first place ## What is Magisk, and what are Magisk Modules? Magisk is a modding tool for Android which allows you to do many more things even without installing a Custom ROM. upon installation, Magisk patches your device's `boot.img` file, and from that point onward you have Root Access ### Root Access Root Access means that you got full access over every single file on your Android device. With this, you can make modifications to your already installed ROM that previously weren't possible before. For example, you could now change the hosts file, located in `/etc/hosts` to block certain websites from loading, like for example advertisement sites ### "Systemless" Rooting Magisk, due to being installed by patching the `boot.img` is a "Systemless" Root method, meaning that no files are changed inside of the root filesystem, here: `/system`. Instead, Magisk puts all it's data into, well, `/data` This also allows Magisk - unlike other rooting methods - to do changes without any of them being permanent and not easily revertible in `/system`  ### Magisk Modules This is exactly what a **Magisk Module** does, it allows you to change system files, but stil have the ability to revert the changes if it breaks, or you simply don't like them You could test different changes without breaking the device, or install things like LSPosed to further modify apps and other parts of your device if your device starts bootlooping, you can disable all modules by entering [Android Safe-mode](https://www.androidauthority.com/how-to-enter-safe-mode-android-801476/) There used to be an official Module Repository, for you to easily find Magisk Modules, though, that has been removed with Magisk v.24 To not completely leave everyone in the dark, there have been multiple efforts to replace the Magisk Module Repository from the community, for example: - [:fox_face: Fox's Magisk Module Manager](https://github.com/Fox2Code/FoxMagiskModuleManager) This is an application which allows to download and manage Magisk Modules - [Magisk Module Alternative Repository](https://github.com/Magisk-Modules-Alt-Repo) This is - *as the name implies* - an alternative repo for Magisk, they also have a `patcher` that allows patching the existing Magisk app to use the Magisk Module Alternative Repository instead of the default one more is to come to this list soon lol ## What is Xposed? Xposed is quite an old framework for modifying apps and services without modifying their APKs. In practice it's similar to what Zygisk does, just internally it's quite different The original developer of Xposed hasn't been seen working on Xposed every since Android Oreo, which is why other developers have created more modern versions of Xposed The most popular version, and the one I would recommend is called **LSPosed** You can install LSPosed if you have Zygisk enabled or Riru installed from [this website](https://lsposed.org) ## What is a "Bootloop"? In the community, you might see people say the word "Bootloop" from time to time The word "bootloop" is made out of 2 words, "Boot" and "Loop" "Boot" is the term for your device turning on after it being completely turned off, and "Loop" is to signify that it repeats over and over again So in simple terms: A bootloop is when your device doesn't boot and instead gets stuck booting, or keeps turning on and off ### Should I be worried about a bootloop? Bootloops are generally rare if you're running ROMs which have been tested by others, or if you're not developing yourself Though, if you're worried you might break something, it's better to not do changes to the device if you don't know what you're doing (...or if there's no good guide to follow, like for example LineageOS's installation guides. Then you might want to not do changes too) ## SafetyNet ### What is SafetyNet? SafetyNet is a system put in place by Google to detect modified devices, and devices which aren't Google Play Certified. This means if you modify your device, SafetyNet is likely going to detect that. Many applications, for example Banking Apps, or Nintendo's Mobile Games check for Root Access using SafetyNet or their own methods See <a href="https://www.xda-developers.com/pokemon-go-aggressive-root-checking-twrp-folder/">here</a> for an XDA article on how Nintendo/Niantic is abusing File System Access to search for TWRP and Root on your device ### Does Magisk affect SafetyNet? Magisk is one of - if not THE - most popular Android modding toolkits there is, though **installing and using it often trips SafetyNet**, making applications ++know++ that you're running Rooted (Many apps then refuse to open, or restrict functionality) ### Can we bypass this detection? #### Short Answer: Yes! #### Long Answer: Yes, though it isn't very consistent Ever since the Magisk 24 release, Magisk Hide - a "works-but-isnt-great" solution to hiding Root Access - got discontinued and removed from the Application In the same version, Zygisk got introduced, allowing Magisk Modules to modify apps and services at runtime From there, Kdrag0n and other developers started developing (or improving) projects like Universal SafetyNet Fixer, Shamiko, and many others, to hide Root Access even better than before There are many tutorials out there on how to install these projects, though, I will instead leave download links to USF and Shamiko here: - [Universal SafetyNet Fixer](https://github.com/kdrag0n/safetynet-fix/releases) - [Shamiko](https://t.me/LSPosed) ← Login with Telegram or open it in-app! ## ADB and Fastboot ### How do I use ADB/Fastboot? You can get ADB and Fastboot from Google's developer website [here](https://developer.android.com/studio/releases/platform-tools) From there, you can extract them anywhere you'd like, and use them in a Terminal or Powershell like so: make sure your Terminal/Powershell is opened in the same folder as you extracted! ``` ./adb <your command here> ``` ``` ./fastboot <your command here> ``` for example, this is how you pull a file (here an example image) from your phone, to your PC using ADB: ``` ./adb pull /sdcard/Pictures/example.png/ ``` as another example, here is how to erase user data using fastboot ***(DONT RUN THIS BY ACCIDENT, YOU WILL LOOSE DATA)***: ```bash ./fastboot erase userdata # or alternatively ./fastboot -w ``` ## Logs ### What are logs? A "log" in Android is basically the same thing it stands for in the English language: it just tells you what happened and when So, through logs we can see errors, information, warnings, and so on ### Getting logs Getting logs is quite easy, and can be done in various ways, for example: - You can run `adb logcat` to get logs over a USB connection to your phone *(if ADB Debugging is enabled)* - You can use logging apps like [MatLog](https://play.google.com/store/apps/details?id=com.pluscubed.matlog) to record logs - You can run `logcat` in a Terminal or in Termux with `su` - You can pull `/sys/fs/pstore/console-ramoops` if you can't access ADB or the device is bootlooping (do this from TWRP or another recovery!) ### Reading logs Reading logs can be kind of hard, though, there are some things which can help! #### There are tools like [logcatf](https://github.com/ujiro99/logcatf) (Cross Platform - Works on Windows) or [Logcat Colorizer](https://github.com/carlonluca/logcat-colorize) (GNU/Linux and darwin/macOS) You can look at the tools above to see many different things a lot easier, like what is an error, a warning, and so on #### You can filter logcats by different types like this (In a Terminal or CMD/Powershell): ```bash adb logcat *:E # This filters to only errors adb logcat *:W # This filters only warnings adb logcat *:E *:W # This filters only warnings and errors ``` :::spoiler Tip : Filtering by word :::info You can also filter by specific words on Linux and macOS by adding `|grep -i "your filtered word here"` at the end of the command! :) on windows (Powershell), you can add `| Select-String "your words here"` at the end of your Command ::: This can be useful to find a specific line, or a specific error, especially when many things are happening at once To see a list of possible arguments and more information, check [the official documentation](https://developer.android.com/studio/command-line/logcat) ## Things you absolutely should NOT do: As with any kind of modding, there are some things you should just generally be careful about, so, I've condensed some of that into this list here :) - Don't flash ROMs which aren't made for your device, you will end up Soft bricking the device or worse - Don't flash .zip files or anything else if you don't trust whoever is distributing them! - never flash stuff like voltefix.zip, pubgfix.zip, or anything similar without investigating first. Usually, these are made to troll people, and they are known to Hard Brick devices by overwriting the entire storage or removing criticial partitions - Do not run `fastboot erase abl`! "abl" stands for "++A++ndroid ++B++oot++l++oader", erasing it makes your device practically useless, as it is now ***Hard Bricked*** - Do not erase or overwrite partitions with Fastboot that you don't know what they are! So please don't run commands like `fastboot flash system`,`fastboot flash boot.img` etc if you don't know what they do, and if you don't trust the person giving you things to flash! ## OEM Roms and Android Modding Most Android OEMs have their own Android ROM. Xiaomi has MIUI, Oppo has ColorOS, Realme has RealmeUI, Samsung has OneUI, etc. Some people might enjoy these Android skins and use them on a daily basis, though, this generally cannot be recommended if you want to customize Android to it's fullest. This is because most OEMs try to avoid users from rooting and modding their Android phone, like Xiaomi tries to detect Magisk in the System Security and Cleaning app. Some OEM skins might also restrict applications from running in the background, you can check wether your OEM does this aggressively and how to bypass it on "[Don't Kill My App!](https://dontkillmyapp.com)". Outside of that, some OEM skins might have customization mods made specifically for them. Here's a list of some that I know of: (Paid entries in this list have a :heavy_dollar_sign: next to them - [CustoMIUIzer](https://play.google.com/store/apps/details?id=name.mikanoshi.customiuizer) - Customize MIUI using LSPosed or other Xposed implementations. - [HEX Installer (:heavy_dollar_sign: )](https://play.google.com/store/apps/details?id=project.vivid.hex.bodhi) - [Android 12 Repainter (:heavy_dollar_sign: )](https://play.google.com/store/apps/details?id=dev.kdrag0n.dyntheme) ← Works without root on Samsung, and partially without root on Pixel! - Samsung Goodlock <details>Samsung's goodlock is available per-region, specifically places like Canada, though you can install it on any version of OneUI no matter the region using "Nicelock" from the Google Play Store</details> More will be added to the list soon... ## Where do I even get all this stuff??? You can get Custom ROMs as well as other mods for your Android device from many places, though many use the [XDA Forums](https://forum.xda-developers.com/) to do this, though you can also find many things in Telegram channels and alike if you search for a little --- <div style="font-size: 20px;"> Oh, you've made it all the way through already? well if you still have any questions, don't be shy to ask them in the <a href="https://t.me/Android_Learners">Telegram Group</a>! and look out for an easter egg on this page <img class="emoji" alt=":wink:" src="https://assets.hackmd.io/build/emojify.js/dist/images/basic/wink.png" data-position="15422" data-size="6"> </div> <details style="color: white;background-color: white;"> <img class="emoji" alt=":cat:" src="https://assets.hackmd.io/build/emojify.js/dist/images/basic/cat.png" data-position="5012" data-size="5"> you found a cat! :> </details>