-2

I found an app that detects Location spoofing and returns a warning screen. [1]: https://i.stack.imgur.com/qbhuU.jpg Then I tried to reverse engineer the app and remove the function isFromMockProvider()which checks whether the Location data is from a Mock location provider or not. I found these lines of code from a smali file

method public onLocationChanged(Landroid/location/Location;)V
.registers 10
.annotation build Landroidx/annotation/RequiresApi;
    api = 0x12
.end annotation

const-string v0, "0"

.line 1
invoke-virtual {p1}, Landroid/location/Location;->isFromMockProvider()Z

move-result v1

const-string v2, "IS_MOCK"

const-string v3, "LIVE_TRACKING_MOCK_LOCATION"

if-eqz v1, :cond_1e

.line 2
new-instance p1, Landroid/content/Intent;

invoke-direct {p1, v3}, Landroid/content/Intent;-><init>(Ljava/lang/String;)V

const-string v0, "false"

.line 3
invoke-virtual {p1, v2, v0}, Landroid/content/Intent;->putExtra(Ljava/lang/String;Ljava/lang/String;)Landroid/content/Intent;

.line 4
invoke-static {p0}, Landroidx/localbroadcastmanager/content/LocalBroadcastManager;->getInstance(Landroid/content/Context;)Landroidx/localbroadcastmanager/content/LocalBroadcastManager;

move-result-object v0

invoke-virtual {v0, p1}, Landroidx/localbroadcastmanager/content/LocalBroadcastManager;->sendBroadcast(Landroid/content/Intent;)Z

return-void

.line 5
:cond_1e
new-instance v1, Landroid/content/Intent;

invoke-direct {v1, v3}, Landroid/content/Intent;-><init>(Ljava/lang/String;)V

const-string v3, "false"

what changes have to be made here to prevent the detection of mock location?

AJESHKUMAR T G
  • 3
  • 2

1 Answers1

1

The calls

invoke-virtual {p1}, Landroid/location/Location;->isFromMockProvider()Z
move-result v1

returns 1 (true) if a mock provider is used and 0 otherwise. The result is stored in v1.

Later the value is used for a conditional branch in

if-eqz v1, :cond_1e   // if v1==0 GOTO cond_1e

So only if there is no mock provider used (v1=0) it jumps to a special code part. Otherwise it continues with a code part that handles the mock location which is most likely what you don't want.

So you have to tweak that check and for doing so you have two possibilities:

  1. Overwrite v1 with 0 before the check, e.g. via the command const/4 v1, 0x0
  2. Replace the conditional branch if-eqz v1, :cond_1e with a non-conditional goto :cond_1e so it doesn't matter what value v1 has.
Robert
  • 39,162
  • 17
  • 99
  • 152
  • Thanks for the advice @robert. "1. Overwrite v1 with 0 before the check, e.g. via the command const/4 v1, 0x0" this one worked for me. – AJESHKUMAR T G Oct 23 '21 at 08:41