IMPORTANT: This has been replaced by http://repo.xposed.info/module/com.devadvance.rootcloak2

If you want to update, please UNINSTALL this version of RootCloak, and install the new version. The package name has been changed.

.

.

.

.

.

.

Please read top before downloading!

This is a module for Xposed Framework v2.4.1 (with XposedBridge v42).

This allows you to run apps that detect root without disabling root. You select from a list of your installed apps (or add a custom entry), and using a variety of methods, it will completely hide root from that app. This includes hiding the su binary, superuser/supersu apks, processes run by root, and more.

Requires:

-Xposed Framework v2.4.1 (with XposedBridge v42)

-Root (otherwise why use this ;) )

Instructions:

1) Make sure you have Xposed Framework v2.4.1+ installed (with XposedBridge v42+).

2) Install RootCloak.

3) Enable RootClock in the Xposed Installer app. Do this by opening Xposed Installer, going to Modules, and pressing the check box next to RootClock.

4) Reboot your phone.

5) Open RootClock settings (just open the app from the launcher), and then go to Add/Remove. This is where you will change which apps RootCloak hides root from.

6) FIRST TIME USERS ON VERSION 1.2 AND LOWER: Go to the menu (3 dots), and press "Reset to Default Apps".

7) If the app you want is not among the default apps, press the + button to add it. Find the app in the list, and press it to add it to the list.

8) Exit RootCloak settings. If the app you just added was already running, either FORCE CLOSE it, or reboot your phone.

9) Run the app to see if root was successfully hidden.

Devices/OS Tested:

HTC One GPE - 4.3 (Jellybean)

HTC One GPE - 4.4.x (KitKat)

>>Apps successfully tested:

DME Mail - Excitor - https://play.google.com/store/apps/details?id=dk.excitor.dmemail

Fox Digital Copy - Fox - https://play.google.com/store/apps/details?id=com.fde.DomesticDigitalCopy

DirecTV GenieGo - DirecTV - https://play.google.com/store/apps/details?id=com.directv.application.an...

Best Buy CinemaNow - Best Buy - https://play.google.com/store/apps/details?id=com.res.bby

Bright House TV - Bright House - https://play.google.com/store/apps/details?id=com.BHTV

Mobile Pay - Apriva - https://play.google.com/store/apps/details?id=com.apriva.mobile.bams

AprivaPay - Apriva - https://play.google.com/store/apps/details?id=com.apriva.mobile.aprivapay

IKO - PKO Bank Polski SA - https://play.google.com/store/apps/details?id=pl.pkobp.iko

Bradford Mobile Agent - Bradford Networks - https://play.google.com/store/apps/details?id=com.bradfordnetworks.bma

ParcelSend - Australia Post Digital - https://play.google.com/store/apps/details?id=au.com.auspost

Worx Home by Citrix - Zenprise - https://play.google.com/store/apps/details?id=com.zenprise

Movies by Flixster - Flixster - https://play.google.com/store/apps/details?id=net.flixster.android

Sparkasse - Star Finanz GmbH - https://play.google.com/store/apps/details?id=com.starfinanz.smob.androi...

City Video (Citytv) - Rogers Digital Media - https://play.google.com/store/apps/details?id=com.rogers.citytv.phone

ラブライブ！スクールアイドルフェスティバル - KLab - https://play.google.com/store/apps/details?id=klb.android.lovelive

예스24 전자도서관 (Yes24) - YES24 - https://play.google.com/store/apps/details?id=com.incube.epub

Yuppi - Yuppi Mobil A.Ş. - https://play.google.com/store/apps/details?id=com.ovidos.yuppi ( as of v1.2)

AirWatch MDM Agent - AirWatch - https://play.google.com/store/apps/details?id=com.airwatch.androidagent (as of v1.2)

D3 GO - D3 GO - https://play.google.com/store/apps/details?id=com.zappware.twintv.d3 (as of v1.2)

Not currently working (reason to be determined):

Puzzles & Dragons - GungHoOnlineEntertainment - https://play.google.com/store/apps/details?id=jp.gungho.pad

McAfee EMM - McAfee Mobile Security - https://play.google.com/store/apps/details?id=com.mcafee.apps.emmagent

Virgin TV Anywhere - Virgin Media - https://play.google.com/store/apps/details?id=com.virginmedia.tvanywhere

Apps that need more testing/analysis:

App: Good for Enterprise - Good Technology - https://play.google.com/store/apps/details?id=com.good.android.gfe

Reason: It doesn't seem to check for root using the NDK, but I cannot be sure. The updates that I have made to RootCloak may handle GFE, but I have no way of testing.

Apps with calls most likely can never be directly intercepted by Xposed:

App: WebTV - Stofa - https://play.google.com/store/apps/details?id=com.stofa.webtv

Method: Detects root by checking for the existance of the su binary. It uses fopen() and access() in order to do this check via native library (built with Android NDK).

Relevant Files: liblifevibes_openplayer_arm11.so OR liblifevibes_openplayer_armA8.so (internal libraries)

App: Yelo TV - Telenet - https://play.google.com/store/apps/details?id=be.telenet.yelo

Method: Detects root via native library (built with Android NDK). Unsure of exact method, but the strings "ERROR: Device is rooted. aborting execution" and "ERROR: Debbuger running. aborting execution" can be found in the library.

Relevant Files: libDxDrmDlcCore.so

App: Sky Go - BSkyB - https://play.google.com/store/apps/details?id=com.bskyb.skygo

Method: Most likely detects root via native library (built with Android NDK). Unsure of exact method, but the Java portion of the app contains "VGDRM_STATUS_DEVICE_IS_ROOTED = -41942891", and based on the library name, it's a safe bet.

Relevant Files: libvgc.so

App: Barclays Mobile Banking - Barclays - https://play.google.com/store/apps/details?id=com.barclays.android.barcl...

Method: Most likely detects root via native library. Using FileObserver you can see it accessing /system/(x)bin/su, but since I am hooking all File constructors and exec() methods, there is no way it is done without the native library.

Relevant Files: TBD

App: S-pushTAN - Star Finanz GmbH - https://play.google.com/store/apps/details?id=com.starfinanz.mobile.andr...

Reason: Uses a native library to check for root. There is a callback inside the Java code, so it's possible to intercept that at the Java level, but that can be patched fairly easily.

Releveant Files: libshield.so

Apps that need testing (I cannot test due to Play Store restrictions):

Barclays Homeowner - Barclays - https://play.google.com/store/apps/details?id=uk.co.barclays.barclayshom...

MobileTV - Deutsche Telekom AG - https://play.google.com/store/apps/details?id=no.rdml.android.mobiletv

Please post on XDA if you find an app that RootCloak successfully or unsuccessfully works with! In additional, while it shouldn't interfere with any other modules, please let me know if you encounter any bugs or issues!