Jump to content

  1. 0
  2. 0
  3. 0/5

Rate this Topic

- - - - -

[APP MOD] Exchange Security Bypass (No PIN/No Admin) - Android 4.1+ [v6.0]

  • Please log in to reply

OP craigacgomez

craigacgomez

Android & Linux FTW!!

Posted 03 July 2012 - 04:08 PM #1

The Android Email application enforces various security policies such as PIN/password lockscreen, device administration. remote wipe, blocked attachments, etc. based on your Exchange server security requirements.
 
The aim of this patch is to bypass those security enforcements and allow you to set up an Exchange account without any security restrictions. This is achieved through various code modification in the AOSP Email application where security policies are checked and enforced. These modifications bypass the creation of the various security policies and forcefully makes the application think that all the security policies are enabled. For example, one part of this modification completely bypasses the Device Administrator creation and forcefully returns a true every time the code check if the account is a device administrator.
 
This modification is based on AOSP (or AOSP derivatives) and should work on any stock Google ROMs or AOSP-based ROMs like CyanogenMod, AOKP, ParanoidAndroid, Evervolv, SlimRoms, Carbon. There, however, is no guarantee that this will work on all ROMs or devices, especially OEM ROMs like Sense, Touchwiz, Blur, etc.
 
IMPORTANT:
Since this modification disables the enforcement of Exchange security policies, it may be illegal and may violate your workplace/school policies. If you chose to install and use this modification, please remember that you are doing so at your own discretion. I, craigacgomez, cannot and will not be held responsible for any issues, legal, technical or otherwise, that may arise due to the use of this modification.
 
The latest version of this modification is based on AOSP android-4.4.2_r1 (KOT49H) and should work fine on Android 4.1+. However, should you encounter any issues, please use the previous version of this patch.
 
PLEASE READ THROUGH THIS THREAD PROPERLY, ESPECIALLY THE KNOWN ISSUES AND INSTRUCTIONS
 
CHANGELOG:

v6.0
1. Rebased to AOSP android-4.4.2_r1 (KOT49H)
2. Made some modifications to the bypass code to fix issues with storage encryption
3. Improved robustness of the bypass logic
4. Added backuptools script for custom ROMs like CyanogenMod, SlimRoms, etc. which will automatically restore the mod after re-flashes and/or updates to the ROM. Credit BlackFang171

 

v5.0.1

1. Fix manual user app install on Google Stock ROMs. Only the manual install package has been upda
 

v5.0
1. Built using AOSP android-4.4_r1.1 (KTR16O)
2. Rebuilt the modification from ground up and added several bypasses to improve robustness of the modification
3. Disables remote wipe functionality
4. No longer requires modifications in the Exchange apk. All modification are in Email apk
4. Should also work on any Google stock/AOSP-based ROMs running Android 4.1.x, 4.2.x & 4.3.x (untested)
 
v4.0
1. Rebased to the CM-10.2 (Android 4.3) source. This release is only intended for Android 4.3.x. For prior versions of Android, flash the appropriate mod release below.
 
v3.1
1. Small bugfixes to "really" make sure that we fake that all security policies are active. This is basically making "really" sure that the device does not ask you to set up any security policies. It can be safely flashed over v3.0 without having to remove & re-setup the account. However, updating from any earlier version would still require you to remove and re-setup the account.
 
v3.0
1. Built using the latest updates from the CyanogenMod 10.1 (Android 4.2.2) source as of July 20, 2013.
2. Published source code to GitHub (link below)
3. Fixes and updates to the patch changes
4. No longer requires that the account be setup as a "Device Administrator"
 
v2.0
1. Built using the CyanogenMod 10.1 (Android 4.2.2) source
2. Some nice additions and fixes over the AOSP version like LED notification support, blocked attachment extensions selection and more.
 
INSTRUCTIONS [RECOVERY VERSION]:
1. Download the zip file named ExchangeNoPIN-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Flash the zip using ClockworkMod Recovery, TWRP or a similar recovery
5. Wipe cache & dalvik-cache
6. Reboot and set up you Exchange account(s)
 
INSTRUCTIONS [MANUAL USER APP INSTALL]:
1. Download the zip file named ExchangeNoPINNoRoot-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Stock ROMs: Disable/freeze EmailGoogle.apk (com.google.android.email) & Exchange2Google.apk (com.google.android.exchange)
5. AOSP-based ROMs: Uninstall/remove Email.apk (com.android.email)
6. Stock ROMs: Extract the zip file and install Email.apk & Exchange2.apk
7. AOSP-based ROMs: Extract the zip file and install Email.apk
8. Reboot and set up you Exchange account(s)
 
INSTRUCTIONS [MANUAL SYSTEM APP INSTALL]:
1. Download the zip file named ExchangeNoPIN-xxxx
2. Remove all existing Exchange accounts and wipe data for Email/EmailGoogle & Exchange2/Exchange2Google
3. Make a nandroid backup (optional, but recommended)
4. Stock ROMs: Uninstall/remove EmailGoogle.apk (com.google.android.email) & Exchange2Google.apk (com.google.android.exchange)
5. AOSP-based ROMs: Uninstall/remove Email.apk (com.android.email)
6. Stock ROMs: Extract the zip file and copy Email.apk & Exchange2.apk to /system/app
7. AOSP-based ROMs: Extract the zip file and copy Email.apk to /system/app
8. Reboot and set up you Exchange account(s)
 
KNOWN ISSUES
1. v5.0 - When setting up your account, when you reach the wizard screen where you set up your sync preferences, wait for 5-10 seconds before clicking Next. Clicking through too fast sometimes causes the account reconciliation code to remove your account. I am still trying to work this out.
2. v5.0 - After you finish you account set up, you will see a "Security policies changed" notification. You can just ignore this and swipe it away.
 
IMPORTANT:
1. For patch version 4.0 and earlier, you need to have a device with a custom recovery or a rooted device.
2. Root is not required unless you wish to apply this patch manually by replacing the files in /system/app.
3. After you flash this, make sure you DO NOT replace the Email or Exchange apks with themed versions or you will have issues.
4. If you use the ExchangeNoPIN-xxxx zip version, you need to reflash this every time you update your ROM.
5. Before upgrading to a newer version of this patch (example v2.0 to v3.0), you need to remove all existing Exchange accounts.
 
CREDITS:
The base of this modification is the EmailPolicyPatch created by rustamabd. I have made these change to the AOSP source rather than smali patches to pre-compiled version and I have expanded the capabilities of the modification.

 

DOWNLOAD v6.0 (Android 4.1+):
 

DOWNLOAD v5.0 ( Android 4.1+ ):
ExchangeNoPIN-v5.0.zip
ExchangeNoPIN-Manual-v5.0.1.zip
 
DOWNLOAD v4.0 ( Android 4.3.x ):
ExchangeNoPIN-4.3.x.zip
 
DOWNLOAD v2.0 ( Android 4.2.x ):
ExchangeNoPIN-4.2.x.zip
 
DOWNLOAD v1.0 ( Android 4.1.x ):
Stock OTA Android 4.1.x
AOSP Android 4.1.x
CM10 Android 4.1.x
 
SOURCE ( Android 4.4 ):
GitHub
 
SOURCE ( Android 4.3.x/4.2.x ):
GitHub


Edited by craigacgomez, 16 December 2013 - 04:15 PM.

  • 3 Likes

psychedel!k

psychedel!k

Member

  • 65 posts

Posted 11 July 2012 - 09:22 PM #2

Just what i've been looking for! Would you mind making one for JRO03C OTA? Thanks a million!!
  • 0 Likes

OP craigacgomez

craigacgomez

Android & Linux FTW!!

Posted 11 July 2012 - 11:21 PM #3

Just what i've been looking for! Would you mind making one for JRO03C OTA? Thanks a million!!


Added to OP...
  • 0 Likes

psychedel!k

psychedel!k

Member

  • 65 posts

Posted 11 July 2012 - 11:33 PM #4

nice, thanks! Qs: Did you remove "Google" from the file names on purpose, and do those work in the stock OTA build? The file sizes of the original APKs are a bit different between AOSP and OTA..


No offense. Just playing safe. I can send you those files if you'd like.

Edited by psychedel!k, 11 July 2012 - 11:35 PM.

  • 0 Likes

OP craigacgomez

craigacgomez

Android & Linux FTW!!

Posted 12 July 2012 - 10:51 AM #5

nice, thanks! Qs: Did you remove "Google" from the file names on purpose, and do those work in the stock OTA build? The file sizes of the original APKs are a bit different between AOSP and OTA..


No offense. Just playing safe. I can send you those files if you'd like.


The Google Stock OTA build have the files named EmailGoogle.apk & Exchange2Google.apk... When built from AOSP, the files are named Email.apk & Exchange2.apk... There may be differences in the apk sizes... and both should work on any 4.1 ROMs

Edited by craigacgomez, 12 July 2012 - 10:52 AM.

  • 0 Likes

psychedel!k

psychedel!k

Member

  • 65 posts

Posted 12 July 2012 - 08:19 PM #6

thanks..but it didn't work on my OTA build..
  • 0 Likes

OP craigacgomez

craigacgomez

Android & Linux FTW!!

Posted 13 July 2012 - 08:21 AM #7

thanks..but it didn't work on my OTA build..


Send me EmailGoogle.apk & Exchange2Google.apk...
  • 0 Likes

psychedel!k

psychedel!k

Member

  • 65 posts

Posted 13 July 2012 - 06:10 PM #8

Send me EmailGoogle.apk & Exchange2Google.apk...


Check you PM
  • 1 Likes

OP craigacgomez

craigacgomez

Android & Linux FTW!!

Posted 13 July 2012 - 07:25 PM #9

Added stock/ota 4.1.1 JRO03C version... thanks to @psychedel!k for the original apks.. updated first post... please read new section titled IMPORTANT
  • 1 Likes

psychedel!k

psychedel!k

Member

  • 65 posts

Posted 13 July 2012 - 08:48 PM #10

Added stock/ota 4.1.1 JRO03C version... thanks to @psychedel!k for the original apks.. updated first post... please read new section titled IMPORTANT


works like a charm. thanks again! Good bye ugly password screen and hello Face/Pattern Unlock :lol:
  • 1 Likes