Tricky Store

TR

Tricky Store

5ec1cff
0(0 reviews)
5downloads
Open SourceGPL-3.0Recommended
Quick Actions
Source
11 versions available
Security Warnings
This module is closed source.
About this module

Tricky Store

A trick of keystore. Android 10 or above is required.

This module is used for modifying the certificate chain generated for android key attestation.

中文 README

Stop opening source

Due to the rampant misuse and the contributions received after open-sourcing being less than expected, this module will be closed-source starting from version 1.1.0.

Usage

  1. Flash this module and reboot.
  2. For more than DEVICE integrity, put an unrevoked hardware keybox.xml at /data/adb/tricky_store/keybox.xml (Optional).
  3. Customize target packages at /data/adb/tricky_store/target.txt (Optional).
  4. Enjoy!

All configuration files will take effect immediately.

keybox.xml

format:

<?xml version="1.0"?>
<AndroidAttestation>
    <NumberOfKeyboxes>1</NumberOfKeyboxes>
    <Keybox DeviceID="...">
        <Key algorithm="ecdsa|rsa">
            <PrivateKey format="pem">
-----BEGIN EC PRIVATE KEY-----
...
-----END EC PRIVATE KEY-----
            </PrivateKey>
            <CertificateChain>
                <NumberOfCertificates>...</NumberOfCertificates>
                    <Certificate format="pem">
-----BEGIN CERTIFICATE-----
...
-----END CERTIFICATE-----
                    </Certificate>
                ... more certificates
            </CertificateChain>
        </Key>...
    </Keybox>
</AndroidAttestation>

Support TEE broken devices

Tricky Store will hack the leaf certificate by default. On TEE broken devices, this will not work because we can't retrieve the leaf certificate from TEE. In this case, we fallback to use generate key mode automatically.

You can add a ! after a package name to force use generate certificate support for this package. Also, you can add a ? after a package name to force use leaf hack mode for this package.

For example:

# target.txt
# use auto mode for KeyAttestation App
io.github.vvb2060.keyattestation
# always use leaf hack mode 
io.github.vvb2060.mahoshojo?
# always use certificate generating mode for gms
com.google.android.gms!

Customize security patch level (1.2.1+)

Create the file /data/adb/tricky_store/security_patch.txt.

Simple:

# Hack os/vendor/boot security patch level
20241101

Advanced:

# os security patch level is 202411
system=202411
# do not hack boot patch level
boot=no
# vendor patch level is 20241101 (another format)
vendor=2024-11-01
# default value
# all=20241101
# keep consistent with system prop
# system=prop

Note: this feature will only hack the result of KeyAttestation, it will not do resetprop, you need do it yourself.

Acknowledgement

Features
  • Play Integrity spoofing
  • Use your banking apps again with STRONG integrity!
  • Use keybox files
What's New (v1.4.0)
  • 支持持久化存储已生成的密钥
  • 支持自动解析 AVB key(联发科设备疑似使用了自定义算法,暂不支持)
  • 支持自定义认证密钥的解析和导入
  • 支持拦截并模拟更多 keystore 操作
  • 修复一些证书链生成问题

新功能用法请参照安装包中的 README.MD 和 SECURITY.MD。

  • Support persistent storage of generated keys
  • Support automatic parsing of AVB keys (MediaTek devices seem to use a custom algorithm, currently not supported)
  • Support parsing and importing of custom attestation keys
  • Support intercepting and simulating more keystore operations
  • Fix some certificate chain generation issues

For usage of the new features, please refer to README.MD and SECURITY.MD in installation package.

Thanks @Cyberenchanter for most new featrures and fixes.

All Files (Latest Release v1.4.0)
Tricky-Store-v1.4.0-235-e15da3d-release.zip
2.59 MB
Module Information
Version1.4.0
Size2.59 MB
Updated2025-10-20
CategorySystem

Compatibility

Android Versions:
10+11+15+14+13+12+16+
Root Methods:
MagiskKernelSUKernelSU-Next
All Releases
Page 1 of 3
11 releases
1.4.0Latest
2.59 MB0 downloads
  • 支持持久化存储已生成的密钥
  • 支持自动解析 AVB key(联发科设备疑似使用了自定义算法,暂不支持)
  • 支持自定义认证密钥的解析和导入
  • 支持拦截并模拟更多 keystore 操作
  • 修复一些证书链生成问题

**新功能用法请参照安装包中的 README.MD 和 SECU...

(truncated)
1.3.0
2.57 MB5 downloads
  • 支持 KeyMint 4.0 新增的 moduleHash 字段
  • 支持 Android 16
  • 修复偶发注入失败的问题
  • 将 Play 商店加入默认作用列表
  • 修复大量证书链生成问题
  • Support for the new moduleHash fiel...
(truncated)
1.2.1
2.24 MB0 downloads

支持自定义安全补丁级别(请参见 [README.md](https://github.com/5ec1cff/TrickyStore/blob/1.2.1/README.zh-CN.md#%E8%87%AA%E5%AE%9A%E4%B9%89%E5%AE%89%E5%85%A8%E8%A1%A5%E...

(truncated)
1.2.0
2.17 MB0 downloads

修复注入失败的问题 修复安装失败的问题 修复 cert hack 下报错的问题

修改叶证书模式同时会修改安全等级与信任根为非软件 修复缺失的 osVersion 字段

初步支持 Android 10-11 (感谢 @N-X-T ) 自动模式会检测是否支持硬件加密 修复模块损坏问...

(truncated)
1.2.0-RC2
2.07 MB0 downloads

修改叶证书模式同时会修改安全等级与信任根为非软件 修复缺失的 osVersion 字段

该版本为测试版,可能不稳定

Leaf hack mode will also change the security level and root of trust to non-so...

(truncated)
Reviews(...)