mukeshsolanki/Android-Tamper-Detector mukeshsolanki/Android-Tamper-Detector

  • Stars
    star
    175
  • Rank 218,059 (Top 5 %)
  • Language
    Kotlin
  • License
    MIT License
  • Created over 5 years ago
  • Updated about 1 year ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
mukeshsolanki/Android-Tamper-Detector
github

mukeshsolanki

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

A simple library that can help you detect if you app is modded or tampered with

Android Tamper Detector



A simple library that can help you detect if you app is modded or tampered with or debugger tools are being used to break your app and checks install source.

Supporting Tamper Detector

Tamper Detector is an independent project with ongoing development and support made possible thanks to donations made by you.

How to integrate into your app?

To integrate tamper detector to your project, Follow the below steps

Step 1. Add the JitPack repository to your build file. Add it in your root build.gradle at the end of repositories:

allprojects {
  repositories {
    ...
    maven { url "https://jitpack.io" }
  }
}

Step 2. Add the dependency

dependencies {
        debugImplementation 'com.github.mukeshsolanki.Android-Tamper-Detector:tamperdetector-no-op:1.0.0'
        releaseImplementation 'com.github.mukeshsolanki.Android-Tamper-Detector:tamperdetector:1.0.0'
}

How to use the library?

Okay seems like you integrated the library in your project but how do you use it? Well its really easy

  1. Debugger Check You can make a debugger check before running any function by calling guardDebugger()
guardDebugger({
    //No debugger tools detected continue executing the code.
}, {
    //Some debugger tools were detected.
})
  1. Verify Installer To verify whether your app is downloaded from the right source call verifyInstaller()
this.verifyInstaller(Installer.GOOGLE_PLAY_STORE)?.let {
    if (it) {
        // App is installed from Google Play
    } else {
        // App is not installed from Google Play
    }
}
  1. Verify Signature To verify whether your app has been modified or not you can use validateSignature(). You can get your release signature from here
if (this.validateSignature("INSERT YOUR RELEASE SIGNATURE HERE") == Result.VALID) {
    // Signature is valid continue using the app
} else {
    // Signature is invalid likely a modded version of the app
}

How to get release signature?

This would be a onetime process. Inorder to get your signature you would have to temporarily enable debugging on the release version of the app and sign the app. Don't worry you don't have to publish the app you just want to take a look at the logs for the release version. Step 1. Change the releaseImplementation to point to 'com.github.mukeshsolanki.Android-Tamper-Detector:tamperdetector-no-op:1.0.0' Step 2. Adding the debuggable true to your app/build.gradle file

    ...
    buildTypes {
        debug {

        }
        release {
            debuggable true // This is the temporary flag we added. Please remove this once you have got the signature
            minifyEnabled false
            proguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'
        }
    }
    ...

Next we are going to call the getSignature() to get and log our signature.

    Log.d("Signature", context.getSignature())

Sign the app and run the release version and look at logcat. You should be able to see your release signature on the console. Note it down and then we can use this to securely validate your apk using validateSignature(). Please remove the debuggable flag and change the releaseImplementation to the original one back once you have noted down the signature. Also the getSignature() method only works on the debug version and not on production

Author

Maintained by Mukesh Solanki

Contribution

GitHub contributors

  • Bug reports and pull requests are welcome.

License

MIT License

Copyright (c) 2019 Mukesh Solanki

Permission is hereby granted, free of charge, to any person obtaining a copy
of this software and associated documentation files (the "Software"), to deal
in the Software without restriction, including without limitation the rights
to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
copies of the Software, and to permit persons to whom the Software is
furnished to do so, subject to the following conditions:

The above copyright notice and this permission notice shall be included in all
copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
SOFTWARE.

More Repositories

1

android-otpview-pinview

A custom view to enter otp of different sizes used usually in cases of authentication.
Java
704
star
2

MarkdownView-Android

Markdown lets you easily display markdown data in android and its compose ready.
JavaScript
594
star
3

photofilter

A simple easy to use library that lets you edit pictures on the fly with easy. Photo filter lets you apply a large number of filters all while maintaining maximum image quality. Supports Android 2.3 and higher.
Kotlin
469
star
4

country-picker-android

A simple library that displays a beautiful list of all the countries allowing the user to pick the country he wishes and provide details like country code, iso code name,currency and flag.
Java
322
star
5

DrawingView-Android

DrawingView is a simple view that lets you draw on screen using your fingers and lets you save the drawings as images.
Java
237
star
6

liquidrefreshlayout

Liquid Refresh Layout is a simple SwipeToRefresh library that helps you easily integrate SwipeToRefresh and performs simple clean liquid animation
Kotlin
129
star
7

android-proguard-rules

Set of Proguard rules that need to be configured for some frequently used libraries
Groovy
87
star
8

easypermissions-android

A simple library that will remove all the boilerplate code and speed up your work with new Runtime Permissions introduced in Android M.
Java
87
star
9

Google-Places-AutoComplete-EditText

A simple library that can connect your autocomplete edittext to Google places api
Kotlin
74
star
10

snake-game-android

Snake game for Android made with Jetpack Compose
Kotlin
70
star
11

easypreferences

This class simplifies calls to SharedPreferences in a line of code. It can also do more like: saving a list of strings, integers and saving images. All in 1 line of code!
Kotlin
37
star
12

animated-splash-screen

A sample app showcasing how to create cool animated splash screen with jetpack compose and lottie
Kotlin
27
star
13

Prevailer-orientation-support-library-for-Android

Prevailer is a simple android library that helps in preserving object instances across orientation change in android and is JAVA 8 and MVP ready.
Java
17
star
14

otpview-swiftui

OTP/PinView for swift ui
Swift
16
star
15

bundletool-action

This action will help you convert your aab to signed apk file.
JavaScript
12
star
16

mukeshsolanki

2
star
17

News-API-Kotlin

An wrapper for https://newsapi.org/
Kotlin
1
star
18

dev-tools

A gem that removes the hassel of setting up your machine evertime you change to a new development device
Ruby
1
star
19

youtube-examples

All the examples from my YouTube channel
Kotlin
1
star