revanced-patches-template icon indicating copy to clipboard operation
revanced-patches-template copied to clipboard

Published 20 hours ago • verified publisher icon ReVanced

bug: pflotsh ecmwf

Open Technikte opened this issue 2 years ago • 4 comments

Type

Error at runtime

Bug description

The patch pflotsch ecmwf subscription unlock breaks the embedded maps when the non-root install methoed gets used. The rooted version still works fine. All other function except the embedded map loading are working via both install methods.

Error from Millieno#9002 https://discord.com/channels/952946952348270622/952946952348270626/1009403457431687220

Steps to reproduce

Build the apk with the patch and install via non-root.. java -jar revanced-cli-2.9.0-all.jar -a Pflotsh_ECMWF_v3.5.4.apk -c -o pflotsh_ecmwf_patch.apk -b revanced-patches-2.33.2.jar -i subscription-unlock --exclusive

Relevant log output

2022-08-17 16:35:23.049 8071-8159/? E/Google Maps Android API: In the Google Developer Console (https://console.developers.google.com)
    Ensure that the "Google Maps Android API v2" is enabled.
    Ensure that the following Android Key exists:
    	API Key: AIzaSyBuD6z9exxxxxN20eyviJxxxxxW84_6p1c
    	Android Application (<cert_fingerprint>;<package_name>): A4:F6:E9:3E:12:09:33:A5:ED:53:D5:B5:C8:FF:EC:C3:73:7F:BE:A3;com.garzotto.pflotsh.ecmwf_a

2022-08-17 16:35:24.823 8071-8105/? W/MobStoreFlagStore: Unable to update local snapshot for com.google.android.libraries.consentverifier#com.garzotto.pflotsh.ecmwf_a, may result in stale flags.
    java.util.concurrent.ExecutionException: java.lang.SecurityException: GoogleCertificatesRslt: not allowed: pkg=com.garzotto.pflotsh.ecmwf_a, sha256=[63186586338aa71510083edc52b4f35d64ac84859f151828778cbd9876d2c538], atk=false, ver=222615028.true (go/gsrlt)
        at aif.s(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):3)
        at aif.get(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):2)
        at ajp.g(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):2)
        at yg.d(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):1)
        at yi.run(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):0)
        at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:462)
        at java.util.concurrent.FutureTask.run(FutureTask.java:266)
        at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:301)
        at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1167)
        at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:641)
        at java.lang.Thread.run(Thread.java:919)
     Caused by: java.lang.SecurityException: GoogleCertificatesRslt: not allowed: pkg=com.garzotto.pflotsh.ecmwf_a, sha256=[63186586338aa71510083edc52b4f35d64ac84859f151828778cbd9876d2c538], atk=false, ver=222615028.true (go/gsrlt)
        at android.os.Parcel.createException(Parcel.java:2088)
        at android.os.Parcel.readException(Parcel.java:2056)
        at android.os.Parcel.readException(Parcel.java:2004)
        at es.bc(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):2)
        at rs.a(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):4)
        at iz.e(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):2)
        at jy.t(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):2)
        at jy.u(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):3)
        at jy.e(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):2)
        at kc.handleMessage(:com.google.android.gms.dynamite_mapsdynamite@[email protected] (100400-0):69)
        at android.os.Handler.dispatchMessage(Handler.java:103)
        at android.os.Looper.loop(Looper.java:237)
        at android.os.HandlerThread.run(HandlerThread.java:67)

Screenshots or videos

grafik

Solution

Fix for the GoogleCertificatesRslt: not allowed error which stop the embedded map from loading. For the moment the root install works.

Additional context

I will try to submit a fix for this quickly..

Technikte avatar Aug 17 '22 14:08 Technikte

Something similar has been implemented for the WarnWetter app patch: https://github.com/revanced/revanced-patches/blob/main/src/main/kotlin/app/revanced/patches/warnwetter/misc/firebasegetcert/patch/FirebaseGetCertPatch.kt

oSumAtrIX avatar Aug 17 '22 14:08 oSumAtrIX

Something similar has been implemented for the WarnWetter app patch: https://github.com/revanced/revanced-patches/blob/main/src/main/kotlin/app/revanced/patches/warnwetter/misc/firebasegetcert/patch/FirebaseGetCertPatch.kt

Yeah, I will try to understand what happens and then write a fix for that..

Technikte avatar Aug 17 '22 14:08 Technikte

@oSumAtrIX I dont think I can pull this off.. I tried to modify zzde and zzdr classes but nothing worked..in log I see every time the hash of the debug cert, which get used for app signing. Since this is quite a bit different as the firbasepatch, I am not quite sure if I even found the right spot to insert code or if I have done something wrong.

Maybe @Itroublve can help, since he wrote the firebase patch for warnwetter..

Interessting classes I found.. with some hash function and so on..

com.google.android.libraries.places.internal.zzde
com.google.android.libraries.places.internal.zzdr
com.garzotto.pflotsh.library_a.k   public static String x

Technikte avatar Aug 18 '22 16:08 Technikte

Like described in discord chat, there is no easy in app fix with patches possible. We need a mircog with cert spoofing..

https://discord.com/channels/952946952348270622/1009833917311885313/1011931201013022761 https://discord.com/channels/952946952348270622/1009833917311885313/1011932041866117151

Technikte avatar Aug 24 '22 15:08 Technikte

I have seen a patch of another app that also broke its use of Google Maps v2 API due to certificate mismatch. The author fixed it by replacing it with a matching API key for the new signing certificate.

philklc avatar Oct 10 '22 06:10 philklc

I have seen a patch of another app that also broke its use of Google Maps v2 API due to certificate mismatch. The author fixed it by replacing it with a matching API key for the new signing certificate.

Thanks for your message, but I would say this would not work even when I change like the script does. Since the api key is set and came from the orginal developer...I dont have any vaild api keys on my own, so changing does not help ?

Or did I understand that part wrong..

    constructor(inputAPK : string, outputAPK = "patched-kmb.apk", tempDir = "tmp") {
        this.mapKey = Buffer.from("QUl6xxxxQXR6YxxxxzFfb1RBxxxxdXBXxxxxcENCUXJZRjxxxxJr", 'base64').toString('utf8');

            // Update MAP Key
            $("application meta-data").each(function () {
                if ($(this).attr("android:name") == "com.google.android.maps.v2.API_KEY") {
                    $(this).attr("android:value", self.mapKey);
                }
            });

<meta-data android:name="com.google.android.geo.API_KEY" android:value="@string/google_maps_key"/>

<string name="google_maps_key">AIxxxxBuDxxxxjzZzxxxxeyviJxxxxVW84_6p1c</string>

The following pull https://github.com/revanced/revanced-patches/pull/603 looks interessting but I didnt get yet any time to workout a patch that uses this spoof function to fool google services..

Technikte avatar Oct 10 '22 07:10 Technikte