Haystack - Signature Spoofing Patcher for Android.

Haystack – Signature Spoofing Patcher for Android.

Haystack is a proof-of-concept hack to showcase DexPatcher and ideally show that, although smali is great, it is not the best tool for every task.

The smali patching in Needle including the patching code and the injected smali can be replaced by this simple DexPatcher patch that I wrote in less than 5 minutes (based on the original source-level patch by microG’s Marvin). The DexPatcher patch is plain Java and very readable, even for people that never encountered DexPatcher before. Try to understand what Needle actually does just by looking at its source code and you are in for a ride, even if you are versed in Python and smali. Yes, you can get an idea; but are you sure it does what you think it does?

DexPatcher understands Dalvik bytecode to a deeper level than the usual smali manipulation tools, resulting in higher assurance that patches do exactly what you expect if they apply without warnings and errors. DexPatcher can patch Android 6.0’s framework.jar with a constrained Java heap of less than 50 MiB and produces no temporary files. It is coded to be efficient, with 90+% of the typical run time used up in writing the output dex files. And it natively supports multi-dex.

haystack – signature spoofing

Haystack includes bash scripts to apply binary patches that do most of the work for you:
– pull-fileset: pulls a fileset from a device via adb.
– push-fileset: pushes a fileset back to a device via adb.
– patch-fileset: patches a fileset that resides on your PC.

+ An Android device that:
+-+ Runs a non-odexed rom based on Android version 1.5 through 7.1.
+-+ And either has TWRP recovery installed or supports root adb in Android.
+ Java runtime.
+ Bash shell. (If you use Windows (dear mother of god!) read this.)
+ Working adb.
+ And to build the patches:
+-+ Java SDK (for javac).
+-+ Android SDK (for dx).

Changes 2017-08-16:
– Update DexPatcher tool to version 1.3.0.
– Update patches to use the new @DexWrap tag instead of the @DexEdit/@DexAdd idiom.
– Document how to patch using TWRP recovery as an alternative to root adb.


Source: https://github.com/Lanchon