Master Key multi-fix

Requires theXposed Framework. Grab it athttp://forum.xda-developers.com/showthread.php?t=1574401and make sure it runs properly on your device.ROOTonly required for installing the Xposed Framework, it can be dropped afterwards.

This app patches severalvulnerability issuesfound on Android collectively known as 'Master Key' exploits:

- bug 8219321

- bug 9695860

- bug 9950697

In general terms, these allow exploiting signed APKs by replacing the code they contain while maintaining the existing signature valid (hence the term 'Master Key'), leading you to think the original author is someone you trust.

The original Android sources have been corrected to fix these problems, but it might take a while

till stock ROMs include the fixes, if ever.

To check if you're vulnerable, you can use other apps available on the store such as SRT AppScanner (https://play.google.com/store/apps/details?id=de.backessrt.appintegrity) or Bluebox Security Scanner (https://play.google.com/store/apps/details?id=com.bluebox.labs.onerootscanner).Note: If using Bluebox Security Scanner, make sure to force a refresh on the app once the fix is applied, otherwise you might get a cached and incorrect result.

For any questions or to support my work, please visithttp://forum.xda-developers.com/showthread.php?t=2365294的需要的Xposed框架。http://forum.xda-developers.com/showthread.php?t=1574401抓住它，并确保移动设备上正常运行。根只需要安装Xposed框架，它可以被丢弃之后。

这个程序补丁几个漏洞问题 Android上统称为“主密钥”战功：

- 错误8219321

- 错误9695860

- 错误9950697

总体而言，这些允许利用签署的APK更换其包含的代码，同时保持现有的签名有效（因此术语“主键”），您认为原作者是你信任的人。

原生Android源已纠正，解决这些问题，但它可能需要一段时间

直到股票ROM包含的修补程序，如果有的话。

要检查，如果你是脆弱的，你可以使用其他可用的应用程序商店如：SRT AppScanner（https://play.google.com/store/apps/details?id=de.backessrt.appintegrity）或BLUEBOX安全扫描器（https://play.google.com/store/apps/details?id=com.bluebox.labs.onerootscanner）。注意：如果使用BLUEBOX安全扫描，确保强制刷新的应用程序，一旦应用此修复程序，否则，你可能会得到一个缓存和不正确的结果。

如有任何疑问或支持我的工作，请访问http://forum.xda-developers.com/showthread.php?t=2365294