Pokemon Go inherits a certain vulnerability to GPS location spoofing from it’s predecessor Ingress, but also the progress that has been made in spoof detection. Since taking advantage of a game’s underlying mechanisms is part of the winner’s game, why not hook up your smartphone to Xcode and see if you can beat Niantic this time? [Dave Conroy] shows you how to play back waypoints and activate your Pokemon Go warp drive.
The hack (therefore the Monospace
) is based on the developers toolkits on Android and iOS, and also the easiest way to get banned from the game. On an Android smartphone, you need to get one of the many GPS spoofing apps from the Play store, repeatedly tap About phone
to activate the developer settings and select that app as GPS spoofing source there. As [Max] points out in the comments, you may also need to install the mock mock locations Xposed module
, which requires a rooted
device. In iOS, you can (probably) also install a spoofing app through Cydia, although the easiest way without jailbreak is creating a new iOS app in Xcode (or any iOS application you have at hand) and build it to the phone. While in debugging mode, you can then load a *.GPX-file, which is simply a text file containing GPS waypoints in the XML-based GPS Exchange Format:
<gpx> <name>My waypoints</name> <wpt lat="34.143895" lon="-118.151556"> <name>SupplyFrame, Inc.</name> </wpt> </gpx>
You can also create timed routes:
<gpx> <name>My tracks</name> <trk> <name>Some track</name> <trkseg> <trkpt lat="34.143657" lon="-118.152368"><time>2016-07-18T00:00:00Z</time></trkpt> <trkpt lat="34.144502" lon="-118.152368"><time>2016-07-18T00:01:00Z</time></trkpt> <trkpt lat="34.144490" lon="-118.150470"><time>2016-07-18T00:02:00Z</time></trkpt> <trkpt lat="34.143654" lon="-118.150455"><time>2016-07-18T00:03:00Z</time></trkpt> </trkseg> </trk> </gpx>
The file is loaded via Product -> Debug -> Simulate Location -> Add GPX file to project
, as shown in the video. This makes the waypoints or tracks available from the Simulate Location
menu. From there, you then can then teleport your phone to the defined locations, or take it for a walk along the tracking points.
While the video is more a tutorial on how to get banned from the game than anything else, we’re not here to judge you if you try it. In the contrary, we’d actually love to see an implementation that catches ’em all without falling over the various strings Niantic has put in place, effectively turning GPS spoofing into a game of its own. Check out the video below to see [Dave Conroy’s] approach.
Oh, and did we mention this is probably get you banned? Can’t stress this one enough.
It’s not quite that simple on android since apps can check whether they’re being handed a spoofed location. You have to install Xposed (which requires an unlocked bootloader and root iirc) then install mock mock location which hides the state of the mock location setting from apps. Might wanna update the article to reflect that.
Or use any Fake/Spoof GPS app and set it as System App.
So you can Uncheck the Fake Location in the Settings.
Tried that, but you get “Failed to detect location even if you do that.
Go to settings>developer>allow test locations >off if done correctly you can play anywhere now you might want to download disable service from the plastered and turnoff fused location services whenever you play pokemon go, ban risk is high but is only couple hours at its worst happy playing ;)
I can’t find that setting.. I’m on Android 6.0.1
[Andreas Andersen] You have to tap the version number like 8 times or something, and then you get a message.
notrealemail… you’re not understanding him. We do not have that option in our developer settings. There is no point on clicking on the version number when we’re already in developer mode! That option to allow test locations does not exist. Only the other one – which as Andres said, leads to the failed detection message.
Okay. I knew I was missing something. ;)
Mr to having same problem in pokemon go
What should I do now
How do you set it as a System App?
I added that! Thanks!
You seem to know a lot about this stuff. Do you think if someone made a Bluetooth “GPS receiver” that transmitted spoofed locations to the phone, and set that as the GPS source on the device, that would be harder to detect and ban? Software-wise there would be no funny business on the phone this way.
This would be trivial with an arduino+BT module with a little bit of glue from a computer program running. Sadly this is way out of the capabilities set for most people wanting to cheat at PokeGo
I tried this last night and the Android App doesn’t let you use external GPS units anymore. They obviously cottoned on to the fact people were doing this, I tried a Bluetooth android GPS location spoofer (separate phone) and a Windows based one with a Bluetooth connection. It seems the only way at the moment is to Root your device.
That was going to be my first method to attempt after just trying mock mock and spoofer on a gps-less sbc. Have to wonder if a usb “GPS module” would work.
Just remember, if your GPS says you are moving then the accelerometers and gyro and compass need to say the same.
I did some investigation into this, it’s possible to get apps that take NMEA strings from a Bluetooth GPS receiver but they typically require Mock Locations to be activated, which the game doesn’t like.
What would be nice is if someone could create a system app (naturally, root users only) that can take this feed and parse it verbatim as a legit location. The GPS receiver on my 3 year old Android handset has slowly been getting worse, where now if I’m simply holding the phone in my hand with a clear view of the sky I get a poor fix, if at all sometimes.
There are apps out there like Fake GPS Location in the Android Marketplace that allow you to hard-set your location (this is what I’d consider cheating) which reportedly do work if you convert it to a system app, what I’m hoping for is someone to do the same for a Bluetooth GPS app that doesn’t require mock locations to be activated.
I would actually pay for that functionality (albeit no more than 10 dollars, 5 preferred).
I tried to use FakeGPS but it works for like 4 seconds and then in warps me back to my actual location and then it goes back to where I wanted to be. Its installed as a system app. (I have a rooted one plus 2) pls help
I have the same problem.. If you have a fix then please tell me! :)
Disable a service called fused location, disable wifi and bluetooth scanning from the location menu, and set location to device only
I know, necroing. If you are getting rubber banned with fake gps, just cover the back of your phone with aluminum and sit inside a building… works every time
Haha. If you get banned trying to ‘hack’ a Pokemon game, I’m laughing at you.
That said, I want to know what’s hiding in the woods!
https://imgs.xkcd.com/comics/pokemon_go.png
Is it possible to set up a bogus AGPS server? Perhaps massivly offsetting by reading the real GPS signal results, or just feed it a fake GPS device over bluetooth.
I’m not sure how you would even begin to spoof AGPS servers, I’m sure there are internal checks by the AGPS subsystem in the actual phone OS which discard overtly dissonant results.
Well the GPX file dupe is essentially a fake GPS device, in software debugging.
Chances are that they use a “reasonable” number of bits to tell you your offset.
i.e. likely offset is not going to be more than 10m, so we use 16 bits, 6 bits before, 10 bits after the meters-decimal-point. That way you can code offsets up to 32m in either direction accurate to 1mm.
I wonder if how easily you could spoof the location on an Android by taking advantage of Google’s location services. I know it’s a “self healing” system, as in it will tell Google where a WiFi router is located based off the GPS. So it seems that you could take a hotspot to a location, use that with your phone GPS on and let Google log the coords. Then use it back at home without your GPS on so that it would rely on Google’s stored location for the mac addressof your hotspot. Since apps have no issue using Google’s “high accuracy” WiFi based GPS.
I’ve been thinking of using SDR to spoof the GPS signal. Maybe add a motor or two to confuse the accelerometer and compass. I’d love to find out what it takes to fool them, but I’m not going to do that on my own phone :)
I don’t see what it would do to your phone? If you have an RT capable of harming it’s GPS antenna, it’s probably going to do more than damage just your phone.
You’d just need to have RTs that can encode onto the UHF band and a way to continuously update it (as if it was that simple). I understand there’s even some SDR software that takes care of most of what is needed to spoof a location.
i think hes afraid of being banned. or cia
I tried one of the many GPS spoofing apps from the Play store. Does not work on a normal phone on it’s own.
And i don’t want to root the phone just for pokemons.
Since the game does not play well (or even start) on my mobile data connection, i was wondering if it might be possible to spoof the location with some cheap SDR device ?
The ‘cheapest’ I can think of are the hackRF and bladeRF for 300 and 420 USD, respectively; although the bladeRF was on sale for 200 just a bit ago. In a couple of months the LimeSDR should join that list, also at 300 bucks.
I don’t usually post, but when I do.. here, use this – it works: https://github.com/osqzss/gps-sdr-sim
Yeah, it does. Just need to write something that lets me control it more easily. Right now it’s not very real-time controllable. Some app that would let you click a path together and then walk along it at some speed… :p
You can make GPX files on google maps easily, just need to get that out to NMEA or ECEF somehow with incremental time differences.
Yes, but make sure not to radiate much power. The GPS signals are very weak and easily overpowered in a relatively long range with little power.
Is my car’s GPS gonna go crazy because someone has to ‘catch ’em all’???
lol the point would be to do it in your house where you don’t get any signal and just use low enough power that the phone hears it.
Just do it in a faraday cage.
Yes. If the FCC find out, they will be very buthurt.
Meh, I don’t care about Pokemon Go… but I wonder if guys at Nintendo are using the game to create Lemmings with real people. Next thing you know players will get a mega rare Pokemon on top of a huge pyramid, but they have to build it first, or something. Or if Nintendo doesn’t like a certain store or place, throw a Pokemon there and it will be like a DDOS with humans.
Well, I do care about Pokemon Go, but not in a way like others. I wonder if Nintendo (or whoever made the actual game) is hiring… ;)
They are probably hiring but not people that interview with tinfoil hats.
i’m pretty sure this whole thing is driven by profit. but i do see spin-offs coming soon. maybe even open source.
NOBODY got banned in Ingress for doing this unless they went to the middle of nowhere to make huge fields. It was full of cheaters. And Pokemon Go will be the same story. They’re not even using the new spoofing detection on Android now. They never cared about cheating on Ingress.
lol, you could not be more wrong. Wonder why the script kiddie client is dead in the water?
Anyone else notice that Pokemon Go for Android fires up an LTE connection for a few seconds on occasion, even when on Wifi? Does LTE have some location information that can cross-check the GPS to detect spoofing?
It would be able to get Cell Tower info that way and, I assume, cross reference it with your GPS data to make sure you are not connected to a tower in Seattle but catching Pokemon in London. If they are not implementing this anti-cheat they should.
I’m surprised we haven’t heard of someone taking an emulated phone (as is common with android development) and tried installing Pokemon Go. With one such phone, it runs entirely on your computer and you have control over everything from position to Bluetooth to battery level.
There is. Bluestacks and Nox both have extensive tutorials for playing and spoofing pokemon go on your PC.
Time to fire up the GPS simulator in the basement. $10/hr if anyone is interested. :)
already did this last week by using HackRF/SDR and gps-sdr-sim :) write-up can be found here: https://www.insinuator.net/2016/07/gotta-catch-em-all-worldwide-or-how-to-spoof-gps-to-cheat-at-pokemon-go/
I have never seen this GPS bug in Ingress bug I have seen this massive GPS bug in pokemon.
It placed my phone in the middle of a 50meter wide dock which would have been useful if squirtle had been around that day, but alas it took that day off :(
Does anyone actually know of anyone that been banned doing this? And by “know” I personally.
this guy tried it https://www.youtube.com/watch?v=4GbMxiNY4N0
I’ve created an easier method to spoof your location ->>>> http://catchemall.co
New Walking Mode added !!!
Genymotion Tutorial added, you can play now on your PC —> http://catchemall.co/genymotion
The more protection they add the more power people who can actually reverse engineer and program have. For example I have a 0.29.2 .apk that is patched to display lat-long of a selected pokemon(if it’s in the tracker the lat-long is in the structure). Their security is load-signing, tls, and hashed resources where the hashes come from the server on-load and some binary obfuscation using a public obfuscation. They’ll add more obfuscation soon and run out of security improvements; maybe do some byte-signing or byte-VM if they have any talented coders.
You control client updates it’s not like they can slip in new ban-tech. Streaming byte-code violates Google policy.
Hmm seems it’s not looked down upon anymore they have “intent” and “StartActivity” and only enforce signing unless disable by user. Go isn’t doing this though and you can just patch a watch thread in to catch it..
There is a MITM repo on GIT for POGO it just uses the cert store to get past TLS. This game is basically cheated and they can only detect with statistics profiling..
sir …when I use this trick in android .it says location error!! but I can use the map perfectly …there is the big problem that no pokemon is popping up and no pokestop..no gym!!!!showing on my map
go home, kid, go home.
You could also do this simulation an android-envirement on ur PC. I sadly only have a german instruction. But the 5 downloads u neew are the same: http://nddts-pokemongo.de/2016/07/17/pokemongo-gps-hack/
No need to root/jailbreak http://www.pokemongoprotips.com/how-to-spoof-geolocation-safely/
Like the others, including MITM with modded TLS cert, the second they update with trivial checks the ban hammer cometh. The only real solution is actually binary reverse engineering where you look for checks and inline patch them. If you do this with updates before you install you can use any method(easier than patching in a lot of functions) and guarantee you never get detected. Unless of course they start doing statistical flagging then you also have to intelligently code timers.
I have a problem. I have installed FakeGPS as a system app and it works wierd. It worksat the beginning but it warps me back to my actual location and then it goes back where wanted to be with the FakeGPS app. Pls help (i have a rooted one plus 2)
I found the solution, hope this helps
“If your GPS is jumping around from your real location to the spoof’d location non stop every few seconds here is a fix you can try. I’m on android had this problem for a while and it was super annoying and got me soft banned a few times.
Go to settings –> Location –> Mode
Make sure it is set to device only. Go check on the scanning tab and make sure WiFi scanning and bluetooth scanning is turned off
install an app from play store called DisableService and allow root (obviously)
Search for the service “Fused Location” under System tab and disable the service
Reset Phone.
Turn on FakeGPS. make sure update interval is < 100, Accuracy is 1
This should fix the jumping around Make sure to turn everything back to normal if you need Google services / GPS again! otherwise nothing works
update: if it doesnt work, have you tried installing Xposed Modules and download "Mock Mock locations / Hide mock locations" and tell me if it works. LG and Samsung phones seem to have issues as another service apart from the ones I named is causing location sniffing
In Android you can install GPS Guider 3 and run tour own routes. Always wity xposed and root. The next versión of this app will let you build your routes without google earth.
[Root required] Works great on Android and you can tilt your phone to walk around in Pokemon Go where ever you want. Just start in an area close to you and walk on realistic paths to avoid being detected. Then have fun exploring the whole area :)
https://play.google.com/store/apps/details?id=havefun.fakegpswalking
(Disclaimer: At the moment the worst that can happen is a few hours of soft-ban. I take no responsibility for anyone getting banned using this app. But I use it myself and it works great.)
It sems to be working, but… its runing not walking and on Pokemon Go i get “Failed to detect location”.
My device is not rooted, is it becouse of that?
The best Pokémon Go fake GPS: http://pokemongofakewalkandlocation.me
How do u reset the game after u started got flustered n cannt start a new game
guys its really simple on android, download fakegps install it, download lucky patcher, install it, in LP change fake gps to a system app, restart, then in fakegps settings enable expert mode, done, you can jump around without getting banned as long as you do it in short distances and not jumping from chicago to japan or some crazy shit, if you want a joystick to tap to walk download gps controller, mand do the same thing with LP making it a system app, done
You can check out the Spoof Go project, an application for spoofing gps coordinates with plugins for different methods of pushing coordinates to different platforms, android included https://www.spoofgo.com/
how much is your weight?
Wow