Kraken Eradicator
an ANTI ANTI-PIRACY fix, for custom roms

the issue: nowadays, many custom rom devs, embed "anti-piracy" protection into their rom ( like AntiPiracySupport by ContentGuard )
this causes the rom to be SLOWER, and adds unwelcome malware-like behavior like echoing sound of a pirate at random, showing icons of "middle finger" or a "Aaar-rrggghhh pirate" on the QS tiles or lockscreen and disables/hurt basic operations of apps like LP, uret etc which can be used to simply disable ads ( that CAN NOT be disabled COMPLETELY by adaway etc.. ) or just theme an app through custom patches.
in summery, these rom devs hijack your phone with additional services, sound & images files, making your phone bloated as hell.
Possible solutions & their cons:

• AntiPiracy, checkmate - xposed based solution -> thus, not applicable to nougat+ roms, at all, since no xposed for N is available at all ( not even alpha )
• Disable specific service using apps(like cn.wq.disableservice): does not necessary fully solves the anti-piracy protection - youtube is full with comments proofs

thus, A new solution was born: Meet the "Kraken Eradicator"
Pros:

• it works for Nougat roms(and lower), NO xposed is needed.
• 100% block/disable any anti-piracy protection, since NO targeted apps (like LP, uret etc ) are being recognized as installed, due to modification of system core files.
  thus, no need to disable various services or install any services disabler-apps for that matter, since the services are not running at all since no targeted apps being recognized.

Cons:

• *in the MEANTIME* - no support for ODEX roms, it's WIP.
• can't be updated on daily basis to deal with 0-day changes in nightly updates of roms.
  I.E -> if you're a coder & not a kraken yourself - CONTACT ME - I'M LOOKING FOR PARTNERS IN CODE

V17 (ODEX & DEODEX support): DOWNLOAD LINK HERE
Decryption key (NOTE: manually change LAST char to CAPITAL letter):

Code: Select all!bvfSg34FDHBc3h0wz73cu07dRC0TfxAOfs2ScXk8gOq


V14: DOWNLOAD LINK HERE
Decryption key (NOTE: manually change the char BEFORE THE LAST to CAPITAL letter):

Code: Select all!bAfn0mozdbwzI9xPhIs7L206AMquqDKUctcRJ9H6Ur0


V12: DOWNLOAD LINK HERE
Decryption key (NOTE: manually change LAST char to SMALL letter):

Code: Select all!SBFeXVTF9bNfYzvgpGLfRauV4VVvqc_XJq7g_kR3XIW


* key not working even after changing last letter? -> try to remove the opening exclamation-mark char, if exist.

IMPORTANT NOTES:

1. YOU MUST BE ROOTED and have TWRP recovery.
2. ARCH support(i.e kernel type): in the meantime: ARM & ARM64 devices only!
   (thankfully, I haven't seen krakening on roms devices with x86/x86_64, since they barely get custom roms as is)
3. IN THE MEAN TIME - ONLY DEODEX ROM SUPPORTED.
   (i.e that do NOT have /system/framework/arm or arm64 folders and many OAT files under them.
   ODEX ROMS support is WIP - it will take some time, DO NOT ASK FOR ETA !
   i'm a VERY BUSY MAN, and I CODE IN MY REALLY SHORT SPARE TIME.
4. WHEN YOU INSTALL THIS ZIP IN RECOVERY - LET IT WORK FOR AT LEAST 5 MIN !
   the script runs hex pattern search on a ~10mb file... this takes time !
5. you MUST re-install this zip every time you wipe /system partition, like when manually performing OTA/dirty or semi-dirty flashing of your rom.
   ( i.e NO NEED, to run this script again after dalvik&cache wipe, BUT a dalvik&cache wipe is a MUST after installing this script ! )
6. YOU MUST WIPE DALVIK&CACHE AFTER YOU INSTALL THIS SCRIPT !
   ( don't say I didn't mentioned that in BOLD ! )

UPDATES:

• 17 Jun 17 - version 17
  
  • Faster code execution for ODEX roms
• 17 Jun 16 - version 16
  
  • !!!! ODEX ROM SUPPORT IS FINALLY HERE !!!!
    
    • Have your rom dev wrote in the changelog that they've enabled "Dexpreopt" ? -> Now you can eliminate this kraken !
    • Do you have arm or arm64 folder under /system/framework ? -> Now you can eliminate this kraken !
  • DE-ODEX support is still exist... the script works for both ODEX (DexPreOpt enabled) and DEODEX Roms.
• 24 May 17 - version 14
  
  • added small compatibility with latest kraken's list changes
• 19 May 17 - version 13
  
  • It should now work with LESS bugs for arm64 - but i'm unsure if it works for arm as well.
    -> therefor I publish v12 ( good for arm ) as well as v13 ( should have better compatibility for arm64 )
    This change required the addition of 'bash for arm64', so +2Mb to the KrakenE total zip file size.
  • added small compatibility with latest kraken's list changes
• 8 May 17 - version 12
  
  • FIX an issue with v11 which was not working for arm64 due too wrong aux tool aarch.
    so now two arch tools attached in the flashable zip for each arm/arm64.
  • Because of above change, zipping compression ratio change to max -> meaning I can't make the flashable zip less then ~1.7MB... which is really nothing to worry about in comparison to your rom's flashable zip of ~1GB size !
• 7 May 17 - version 11
  
  • Smaller aux tools size + more optimized script = total flashable zip size reduced
  • Even less mambo-jambo log output = more human readable log output
• 4 May 17 - version 10
  
  • shorter, more human readable log output
  • more robust flashable-restore-file creator
• 30 Apr 17 - version 9
  
  • more funky strings, the more krakens are in the deeps and not on your boat !
  • AUTO-BACKUP CREATOR:
    Tried of reflashing /system due too Kraken's changes to the system ? no more !
    now it AUTO creates a flashable-zip under /sdcard named "KrakenE_RESTORE".
    if you wish to revert KrakenE'S changes, simply flash that restoration zip
    Please note that KrakenE script OVERWRITE any previous /sdcard/KrakenE_RESTORE.zip.
    thus, if you care about previous backups, just rename them PRIOR to flashing again KrakenE !
• 29 Apr 17 - version 8
  
  • FINALLY ! the script is now a binary !
    * Pros:
    
    • Even faster execution of script !
    • Krakens are left REALLY hungry now... good luck with rev-eng my boat !
    * Cons: My back hurts even more ! -> so NO really any cons for you !
• 27 Apr 17 - version 6
  
  • Script re-written to be more dynamic toward any new kraken's foul strings.
  • WAY FASTER script execution ( now ~15sec (!), before ~3min)
  • still NO ODEX roms support, but now the script is bit more orginized to get such support in the future.
• 26 Apr 17
  
  • bah...last update was not working as it should...
    string replacement does really works, since const strings in dex aren't just limited for one place in the code, they can also be used as a field name, other similar string etc..etc...
    so although now I got more dynamic script... I still need to think of a way to bypass that non-singular usage of strings I edit in the dex.
    so, right now, back to square 1, i.e static replacement of string ( call some other weird X string instead of LP/uret etc ) - this solution works good... but is really static, per-rom-release-version, although it uses hex pattern search with "??"...
    T.B.C.... fight against the kraken is NOT done.... i'll continue in my spare time ( which isn't much at all ) to look for the rum.
• 25 Apr 17
  
  • It should be compatible with latest 'fuckySnatchers' & 'mThreeLeafClovers' changes.
  • IMPORTANT NOTE: it is only compatible with DEODEX roms, i.e roms that do NOT have optimized "oat" files under /system/framework/arm or arm64 ( which are ODEX roms )
    solution for ODEX rom is WIP.

THE STORY IN BIT MORE DETAILS:

lately many un-official custom rom developers have decided - on their own ( W/O the orig rom's team developers ) to add ANTI-PIRACY protection againt LP / freed0m / ur8 apps...
their "protection" is in form of added middle-finger in the notification ( only on lockscreen ? ), added music of a pirate, annoying "pirate" icon at quick-settings etc...
you can see example HERE: https://plus.google.com/117353598228665553397/posts/SapTFm1i2hq...

what the dev might be unaware - or worst - do indeed - is that their smart-ass play with the code make the effected devices SLOW as hell.
really.. I get it... you want to cause ppl to purchase etc..etc..
BUT - i know they can still do so, W/O making my PRIVATE phone SLOW, while using their rom, which is built upon OPEN SOURCE CODE ( android/CM/AOSP etc... ) !!!!!!!

as it seems, the community has already released "anti"-"anti-piracy" XPOSED module (https://forums.oneplus.net/threads/antipiracy-checkmate.336847/) but xposed is NOT supported on android N !!!
also on YT some try to bypass these services by having rooted device...but it isn't perfect as it doesn't disable all the "protection"...
thus, another solution is needed....

one can look at the source code updates related to these "Carnt sniffer" like
https://github.com/AlmightyMegadeth00/AntiPiracySupport and http://gerrit.aicp-rom.com/#/c/34104/ and http://gerrit.aicp-rom.com/#/c/34104/7/core/java/com/android/internal/util/aicp/AicpUtils.java.
so you can see that that "protection" is found on /system/framework/framework.jar... and more specifically, its classes2.dex file...
now... hex editing the **** of that file is easy... the hard part is to understand that once you made changes to that dex file - its internal CHECKSUM ( found at the start of file ) is changed cuz of the modifications...
luckily, an app named radare2 exist for android arm/arm64, not just PC OSs...
radare2 is shell-based software that do what IDA does... software reverse-engineering.
with radare2, one can simply re-calc the checksum of the dex and update the dex with the correct sha-1 & alder32 checksum -> does DEX HEX EDITING IS (RELATIVE) EASILY POSSIBLE !

inorder for that script to work on other cpu-types you *might* need to get the correct tools for your kernel aarch type (arm/arm64 etc..):

• toybox (http://www.landley.net/toybox/bin/)
• radare2 (http://bin.rada.re/)

reserved for future updates2

This should be pinned to every sub forum for Android imo. Excellent work.

This should be pinned to every sub forum for Android imo. Excellent work.

Thanks.

I hope to find some coder-partners,here on mobilism.org, in hope that some veteran respected users can vouch for them.
(since I really don't want an xda/github kraken developer on my boat )

Decryption key not working

Edit: working without first exclamation char.

Thanks awesome work.

Decryption key not working
Edit: working without first exclamation char.
Thanks awesome work.

I Fixed the Decryption key -thanks.
Thanks for the report.
if I may ask, what rom were you using my script, and when its update dated ?

Excellent work night_mare007, I do not have enough skill to implement your script, but it all makes perfect sense, thank you for your work on behalf of this community. For a long time I dream to have FilmicPro video app for our journalism students here in Africa, but LP fails on every attempt to public-domain it. Have a great day.

UPDATE:
i'm in ADVANCE WIP for devices with rom that are "odex"...i.e got "/system/framework/arm or arm64 folder/s or that got under "/system/priv-app/APP-NAME/oat" folder.
I'll be upload solution in the few next days....
the major change is that the script now works from WITHIN android...
so the steps, in short are:
extract zip -> move them to some folder under /data or /system - where you can change perm for one of the files ( NOT POSSIBLE UNDER /SDCARD ! ) -> run the script -> reboot to recovery -> wipe dalvik & cache -> reboot & be Kraken free !

work for really far future is to embedded all of that under one apk...
I thinking about tasker app creator... to speed up development.

EDIT:
I have made the necessary changes to the script... but ODEX roms, are harder to change then I originally thought.
MORE WIP...WIP....

EDIT2:
Solution to odex roms was found and new version (v16) including ODEX and DEODEX rom support !

...I do not have enough skill to implement your script...

Hi Lucas0511,
all you need to do is to unlock your bootloader, install TWRP and making sure your dm-verity of DISABLED ( so that system files can be changed ).
you can get all the relevent info, from step 1 in XDA forums ( for many popular phones models ).
PM me with details of your phone model code ( e.i for samsung s5 one of the models code is SM-G900F ).

Edited.

Been reading your thread as well as trying to read up and understand code as a whole better. Still an infant but learning. Thank you for the Kraken and pushing back against the swelling tide of locking down Android . I was totally unaware of anti-piracy coding being slipped into custom roms at all until reading your thread and the links. That just seems wrong. I found you because I've had a recent problem that's stumped me and now has led me to wonder if anti-piracy coding is being implemented in a way that's beyond what I've read about with QStile pirates and pirate sounds and the like.

I'm on Zenity 7.1.2 rom (RR based - deodex), and I've patched my own framework to remove every signature check I know of as well as a few convenience/personal preference modifications. Apart from that, there is nothing that doesn't come standard in this widely used rom. I've had Xposed installed at different times, but it played no part in this that I could see.

The problem is this: Whenever I have a combination of Lucky Patcher and Substratum 953 installed (specifically 953) most times when I reboot my phone it won't get past the Android boot up screen before the screen going black and displaying a white with a little bit of purple LED that stays on permanently. Only solution is hard reset into TWRP and deleting Lucky Patcher entirely - data/data, davik caches and data/user-de folders OR deleting Substratum in the same way as well. Anything less than that and the rom won't reboot, it exhibits the same behavior. It doesn't have to be both packages, it can be either/or. Also, when this happens, my dalvik cache folder gets wiped somehow, and rebooting without removing one of the apps + its data files, my dalvik cache fails to rebuild so I can't even boot up at all.

This is just following the logic, but is it possible that Substratum could be implementing something like an anti-piracy code that would be having this effect? It seems amazingly coincidental that these two packages are giving signs of being operable or not based on the other's existence. Based on what little I do know and applying simple logic to this problem, there isn't anything else I can figure out as a possible cause that I haven't tried to solve.

One oddity I can point to is this morning I found a services.odex.txt (yep, .txt) file in the root of my internal sdcard. It is something like 450mb in size. Very strange. And upon opening it, it's the code for services.jar's framework dalvik cache file. It's a massive code packed file.

Any insight or perspective or help you can offer would be really appreciated. Not looking for someone to solve my problem for me, I'm actually trying to learn more. I can provide more info if you need it. Thank you.

---> Though I wrote a novel, I miraculously failed to mention I flashed the Kraken zip a few separate times with no results. And the flash only took 30 seconds max every time.

The problem is this: Whenever I have a combination of Lucky Patcher and Substratum 953 installed (specifically 953) most times when I reboot my phone it won't get past the Android boot up screen before the screen going black and displaying a white with a little bit of purple LED that stays on permanently. Only solution is hard reset into TWRP and deleting Lucky Patcher entirely

Substratum indeed have anti-piracy checks embedded in its framework...
don't know if its embedded in the main app or just the theme framework (so it might exist on any theme ).

AFAIK, you can find patched Substratum themes here in the forum... check them out to see if it solves your issue.

Kraken Eradicator was made-in-mind to deal with roms... since 99.9% ppl won't recompile their own code just to get rid of some kraken, a solution was needed ( xposed was not available to nougat in the days of its release... and I still don't think that the existing modules are updated to deal with latest kraken.

Substratum defences are specific for its own APK and/or themes...so that an app level issue, which Kraken Eradicator does not deal with.
As I said, i'm sure that if you'll find patched Substratum here in mobilism... you won't have that issue ( max you need to manually change Substratum under /system/priv-app or /system/app ).

Please let us know if you succeed

P.S - that "services.odex.txt" on /sdcard - defensively NOT my "Kraken Eradicator".
I do create a backup file "/sdcard/krakenE_RESTORE.zip" so users can flash it if they want to revert back the Kraken's changes made to system.

UPDATE:
look here for a possible solution
Also I think that using modded LP ( i.e that its package named was changed ) - can also help you in this case.... just search our forum for it.

Lastly, you can SEE HERE, what package names they scan for