Commit

.gitignore

@@ -0,0 +1,9 @@
+*.iml
+.gradle
+/local.properties
+.idea
+.DS_Store
+/build
+/captures
+.externalNativeBuild
+.cxx

README.md

@@ -0,0 +1,49 @@
+# AntiAntiDefraud
+
+Preventing Miui from uploading installed app list.
+
+---
+
+## How Miui collect your privacy?
+
+Since Miui 14, Miui is keeping sending information that contain uuid from GuardProvider, Miui version and installed app information list to Xiaomi's server without asking user.
+
+Miui China Mainland version has been tested and confirmed that Xiaomi is collecting user's privacy without asking their users. Xiaomi named this function as AntiDefraud in their code and **these code is also existing in Miui Global version**.
+
+Behavior list below will trigger Miui to uploading your installed app list(Tested on Miui China Mainland version):
+* Launch Security - Settings - Security scan - Check for updates(Whether Online definitions is on or off)
+* Force Stop SecurityCenter(Whether Online definitions is on or off)
+* Clear Security app data
+
+## What will this xposed module do?
+
+This xposed module will make GuardProvider work as debug mode and preventing Miui from uploading installed app list and print log with content that Miui want to collect.
+
+Install this app and active it in lsposed. You can check log in lsposed to confirm is Miui uploading your installed app list.
+
+### About Debug mode flag process log
+
+**Info: GuardProvider will work as debug mode!**  
+That means GuardProvider is working as debug mode and it will print log if GuardProvider is sending your installed app list to Xiaomi's server. Besides, if this appear, you can ignore **Warning: GuardProvider debug mode flag not found!**.  
+You can do a research in logcat(not in lsposed) with keyword **responseDetectApp**, and then you can find log:  
+*W/TAG: responseDetectApp get: {"code":200,"desc":"success","data":[]}*  
+But if this xposed module work correctly, the above log can not be found is normal cause this module will prevent Miui from uploading installed app list.
+
+**Info: GuardProvider will work as debug mode!**  
+GuardProvider will not work as debug mode and this means GuardProvider will not print log when it uploads your installed app list.
+
+### About Prevent miui from uploading app list log
+
+**Skip: AntiDefraudAppManager class not found.**  
+**Skip: getAllUnSystemAppsStatus method not found.**  
+That means this module can't find the code will upload your installed app list. It is normal if you are not using Miui 14.  
+But If you are using Miui 14, maybe Xiaomi has edited the code. Maybe Xiaomi has deleted or just renamed to make this module not to work.
+
+**Info: Intercept={"timestamp":"xxx","os":"xxx","biz_id":"virus_scan","uuid":"xxx","content":[]}**  
+That means Miui is trying to upload your installed app list to Xiaomi's server but this module intercepted it. You can check it to know which information is collecting by Xiaomi.
+
+**You can ignore these log:**  
+Warning: Can't get MIUI_VERSION.  
+Warning: uuidHelper class not found.  
+Warning: getUUID method not found.  
+Info: xxxxxx

app/.gitignore

@@ -0,0 +1,2 @@
+/build
+/releases

app/build.gradle

@@ -0,0 +1,32 @@
+apply plugin: 'com.android.application'
+
+android {
+    compileSdkVersion 32
+
+    defaultConfig {
+        applicationId "moe.minamigo.antiantidefraud"
+        minSdkVersion 28
+        targetSdkVersion 32
+        versionCode 1
+        versionName "1.0"
+
+        testInstrumentationRunner "androidx.test.runner.AndroidJUnitRunner"
+    }
+
+    buildTypes {
+        release {
+            minifyEnabled false
+            proguardFiles getDefaultProguardFile('proguard-android-optimize.txt'), 'proguard-rules.pro'
+        }
+    }
+}
+
+dependencies {
+    compileOnly 'de.robv.android.xposed:api:82'
+    implementation fileTree(dir: "libs", include: ["*.jar"])
+    implementation 'androidx.appcompat:appcompat:1.2.0'
+    implementation 'androidx.constraintlayout:constraintlayout:2.0.0'
+    testImplementation 'junit:junit:4.12'
+    androidTestImplementation 'androidx.test.ext:junit:1.1.1'
+    androidTestImplementation 'androidx.test.espresso:espresso-core:3.2.0'
+}

app/proguard-rules.pro

@@ -0,0 +1,21 @@
+# Add project specific ProGuard rules here.
+# You can control the set of applied configuration files using the
+# proguardFiles setting in build.gradle.
+#
+# For more details, see
+#   http://developer.android.com/guide/developing/tools/proguard.html
+
+# If your project uses WebView with JS, uncomment the following
+# and specify the fully qualified class name to the JavaScript interface
+# class:
+#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
+#   public *;
+#}
+
+# Uncomment this to preserve the line number information for
+# debugging stack traces.
+#-keepattributes SourceFile,LineNumberTable
+
+# If you keep the line number information, uncomment this to
+# hide the original source file name.
+#-renamesourcefileattribute SourceFile

app/src/androidTest/java/moe/minamigo/antiantidefraud/ExampleInstrumentedTest.java

@@ -0,0 +1,26 @@
+package moe.minamigo.antiantidefraud;
+
+import android.content.Context;
+
+import androidx.test.platform.app.InstrumentationRegistry;
+import androidx.test.ext.junit.runners.AndroidJUnit4;
+
+import org.junit.Test;
+import org.junit.runner.RunWith;
+
+import static org.junit.Assert.*;
+
+/**
+ * Instrumented test, which will execute on an Android device.
+ *
+ * @see <a href="http://d.android.com/tools/testing">Testing documentation</a>
+ */
+@RunWith(AndroidJUnit4.class)
+public class ExampleInstrumentedTest {
+    @Test
+    public void useAppContext() {
+        // Context of the app under test.
+        Context appContext = InstrumentationRegistry.getInstrumentation().getTargetContext();
+        assertEquals("moe.minamigo.antiantidefraud", appContext.getPackageName());
+    }
+}

app/src/main/AndroidManifest.xml

@@ -0,0 +1,29 @@
+<?xml version="1.0" encoding="utf-8"?>
+<manifest xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:tools="http://schemas.android.com/tools"
+    package="com.minamigo.antiantidefraud">
+    <uses-permission android:name="android.permission.QUERY_ALL_PACKAGES"
+        tools:ignore="QueryAllPackagesPermission" />
+
+    <application
+        android:allowBackup="true"
+        android:icon="@mipmap/ic_launcher"
+        android:label="@string/app_name"
+        android:roundIcon="@mipmap/ic_launcher_round"
+        android:supportsRtl="true"
+        android:theme="@style/AppTheme">
+        <meta-data
+            android:name="xposedmodule"
+            android:value="true" />
+        <meta-data
+            android:name="xposeddescription"
+            android:value="阻止Miui上传已安装应用列表。Preventing Miui from uploading installed app list." />
+        <meta-data
+            android:name="xposedminversion"
+            android:value="53" />
+        <meta-data
+            android:name="xposedscope"
+            android:resource="@array/xposed_scope" />
+    </application>
+
+</manifest>

app/src/main/assets/xposed_init

@@ -0,0 +1 @@
+moe.minamigo.antiantidefraud.XposedMain

app/src/main/java/moe/minamigo/antiantidefraud/XposedMain.java

@@ -0,0 +1,146 @@
+package moe.minamigo.antiantidefraud;
+
+import org.json.JSONArray;
+import org.json.JSONObject;
+
+import java.lang.reflect.Field;
+import java.lang.reflect.Method;
+import java.util.List;
+
+import de.robv.android.xposed.IXposedHookLoadPackage;
+import de.robv.android.xposed.XC_MethodHook;
+import de.robv.android.xposed.XposedBridge;
+import de.robv.android.xposed.XposedHelpers;
+import de.robv.android.xposed.callbacks.XC_LoadPackage;
+
+public class XposedMain implements IXposedHookLoadPackage {
+
+    @Override
+    public void handleLoadPackage(final XC_LoadPackage.LoadPackageParam lpparam) {
+        if (lpparam.packageName.equals("com.miui.guardprovider")) {
+            XposedBridge.log("[[[AntiAntiDefraud]]] Start to hook package " + lpparam.packageName);
+
+            // Debug mode flag process
+            final Class<?> guardApplication = XposedHelpers.findClass("com.miui.guardprovider.GuardApplication", lpparam.classLoader);
+            if (guardApplication != null) {
+                Field[] guardApplicationFields = guardApplication.getDeclaredFields();
+                for (Field field : guardApplicationFields) {
+                    if (field.getName().equals("c")) {
+                        XposedHelpers.setStaticBooleanField(guardApplication, "c", true);
+                        XposedBridge.log("[[[AntiAntiDefraud]]] Info: GuardProvider will work as debug mode!");
+                    }
+                    XposedBridge.log("[[[AntiAntiDefraud]]] Warning: GuardProvider debug mode flag not found!");
+                }
+            }else{
+                XposedBridge.log("[[[AntiAntiDefraud]]] Warning: GuardApplication class not found. GuardProvider will not work as debug mode! ");
+            }
+
+            // Prevent miui from uploading app list
+            final Class<?> antiDefraudAppManager = XposedHelpers.findClassIfExists("com.miui.guardprovider.engine.mi.antidefraud.AntiDefraudAppManager", lpparam.classLoader);
+            if (antiDefraudAppManager == null) {
+                XposedBridge.log("[[[AntiAntiDefraud]]] Skip: AntiDefraudAppManager class not found.");
+                return;
+            } else {
+                XposedBridge.log("[[[AntiAntiDefraud]]] Info: AntiDefraudAppManager class found.");
+            }
+
+            final Method[] methods = antiDefraudAppManager.getDeclaredMethods();
+            Method getAllUnSystemAppsStatus = null;
+            for (Method method : methods) {
+                if (method.getName().equals("getAllUnSystemAppsStatus") && method.getParameterTypes().length == 1) {
+                    getAllUnSystemAppsStatus = method;
+                    break;
+                }
+            }
+            if (getAllUnSystemAppsStatus == null) {
+                XposedBridge.log("[[[AntiAntiDefraud]]] Skip: getAllUnSystemAppsStatus method not found.");
+                return;
+            } else {
+                XposedBridge.log("[[[AntiAntiDefraud]]] Info: getAllUnSystemAppsStatus method found.");
+            }
+
+            XposedBridge.hookMethod(getAllUnSystemAppsStatus, new XC_MethodHook() {
+                @Override
+                protected void beforeHookedMethod(MethodHookParam methodHookParam) throws Throwable {
+                    List<Object> list = (List) methodHookParam.args[0];
+
+                    String MIUI_VERSION = null;
+                    Field[] antiDefraudAppManagerFields = antiDefraudAppManager.getDeclaredFields();
+                    for (Field field : antiDefraudAppManagerFields) {
+                        if (field.getName().equals("MIUI_VERSION")) {
+                            MIUI_VERSION = (String) XposedHelpers.getStaticObjectField(antiDefraudAppManager, "MIUI_VERSION");
+                        }
+                    }
+                    if (MIUI_VERSION == null) {
+                        XposedBridge.log("[[[AntiAntiDefraud]]] Warning: Can't get MIUI_VERSION.");
+                    }
+
+                    String uuid = null;
+                    final Class<?> uuidHelper = XposedHelpers.findClassIfExists("i.b", lpparam.classLoader);
+                    if(uuidHelper != null){
+                        final Method[] uuidHelperMethods = uuidHelper.getDeclaredMethods();
+                        Method getUUID = null;
+                        for (Method method : uuidHelperMethods) {
+                            if (method.getName().equals("b") && method.getParameterTypes().length == 0) {
+                                getUUID = method;
+                                break;
+                            }
+                        }
+                        if (getUUID != null) {
+                            getUUID.setAccessible(true);
+                            uuid = (String) getUUID.invoke(methodHookParam);
+                        } else {
+                            XposedBridge.log("[[[AntiAntiDefraud]]] Warning: getUUID method not found.");
+                        }
+                    }else{
+                        XposedBridge.log("[[[AntiAntiDefraud]]] Warning: uuidHelper class not found.");
+                    }
+
+                    JSONObject jSONObject = new JSONObject();
+                    jSONObject.put("timestamp", String.valueOf(System.currentTimeMillis() / 1000));
+                    jSONObject.put("os", MIUI_VERSION);
+                    jSONObject.put("biz_id", "virus_scan");
+                    jSONObject.put("uuid", uuid);
+
+                    JSONArray jSONArray = new JSONArray();
+                    for (int i2 = 0; i2 < list.size(); i2++) {
+                        JSONObject jSONObject2 = new JSONObject();
+
+                        String pkgName = null;
+                        String version = null;
+                        String sign = null;
+                        String appName = null;
+
+                        Object antiDefraudAppInfo = (Object) list.get(i2);
+
+                        Field[] fields = antiDefraudAppInfo.getClass().getDeclaredFields();
+                        for (Field filed : fields) {
+                            filed.setAccessible(true);
+                            if (filed.getName().equals("pkgName")) {
+                                pkgName = (String) filed.get(antiDefraudAppInfo);
+                            } else if (filed.getName().equals("version")) {
+                                version = (String) filed.get(antiDefraudAppInfo);
+                            } else if (filed.getName().equals("sign")) {
+                                sign = (String) filed.get(antiDefraudAppInfo);
+                            } else if (filed.getName().equals("appName")) {
+                                appName = (String) filed.get(antiDefraudAppInfo);
+                            }
+                        }
+
+                        jSONObject2.put("pkg", pkgName);
+                        jSONObject2.put("version", version);
+                        jSONObject2.put("signature", sign);
+                        jSONObject2.put("appname", appName);
+
+                        jSONArray.put(jSONObject2);
+                    }
+                    jSONObject.put("content", jSONArray);
+
+                    XposedBridge.log("[[[AntiAntiDefraud]]] Info: Intercept=" + jSONObject.toString());
+
+                    methodHookParam.setResult(null);
+                }
+            });
+        }
+    }
+}

app/src/main/res/drawable-v24/ic_launcher_foreground.xml

@@ -0,0 +1,30 @@
+<vector xmlns:android="http://schemas.android.com/apk/res/android"
+    xmlns:aapt="http://schemas.android.com/aapt"
+    android:width="108dp"
+    android:height="108dp"
+    android:viewportWidth="108"
+    android:viewportHeight="108">
+    <path android:pathData="M31,63.928c0,0 6.4,-11 12.1,-13.1c7.2,-2.6 26,-1.4 26,-1.4l38.1,38.1L107,108.928l-32,-1L31,63.928z">
+        <aapt:attr name="android:fillColor">
+            <gradient
+                android:endX="85.84757"
+                android:endY="92.4963"
+                android:startX="42.9492"
+                android:startY="49.59793"
+                android:type="linear">
+                <item
+                    android:color="#44000000"
+                    android:offset="0.0" />
+                <item
+                    android:color="#00000000"
+                    android:offset="1.0" />
+            </gradient>
+        </aapt:attr>
+    </path>
+    <path
+        android:fillColor="#FFFFFF"
+        android:fillType="nonZero"
+        android:pathData="M65.3,45.828l3.8,-6.6c0.2,-0.4 0.1,-0.9 -0.3,-1.1c-0.4,-0.2 -0.9,-0.1 -1.1,0.3l-3.9,6.7c-6.3,-2.8 -13.4,-2.8 -19.7,0l-3.9,-6.7c-0.2,-0.4 -0.7,-0.5 -1.1,-0.3C38.8,38.328 38.7,38.828 38.9,39.228l3.8,6.6C36.2,49.428 31.7,56.028 31,63.928h46C76.3,56.028 71.8,49.428 65.3,45.828zM43.4,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2c-0.3,-0.7 -0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C45.3,56.528 44.5,57.328 43.4,57.328L43.4,57.328zM64.6,57.328c-0.8,0 -1.5,-0.5 -1.8,-1.2s-0.1,-1.5 0.4,-2.1c0.5,-0.5 1.4,-0.7 2.1,-0.4c0.7,0.3 1.2,1 1.2,1.8C66.5,56.528 65.6,57.328 64.6,57.328L64.6,57.328z"
+        android:strokeWidth="1"
+        android:strokeColor="#00000000" />
+</vector>