How to remove root and apps detection from APK file (Smali modding)
Note: I made this tutorial since 2015, it was the noobest way to edit smalis without any knowledge. This is not for all apps, it basically gives you idea how very simple root detections can be removed in smalis. Advanced root detection can be in libs too and may be harder to bypass. I will not cover that
In this tutorial, I will mod old game Age of Empires World Domination
When you run it on rooted device or have unauthorized apps installed, you will be greeted with this message. Remember this message for later use
1. Download any APK tool of your choice
2. Install Notepad++ or other text editors that support searching through all files
3. Decompile an APK file
4.
Open Notepad++,
click on "Search" -> "Find in files..."
5.
Input the words of the error message in the “Find what :” field. In directory
section, click on “…” button
6.
Select the path of the decompiled APK, and click OK
7.
Click on “Find all”
8.
The result will appear below. Double-click in it to open the html file and it
will highlight the word. See screenshot below
9.
Look at bootup_stopped. Click on
"Search" -> "Find in files..." and type “bootup_stopped”
in the field, and select "smali" folder to be searched
10.
The result will appear below. If you found something interesting, double-click
on the line to open the smali file and it will highlight the word. See
screenshot below. Ignore the IDs because they are useless
11.
Scroll up until you see the name of the function. The function with ()V is
'void' which means the function returns nothing
12.
Clear the code inside so the code will look like
13.
Null the function like this
.locals 0
return void
14.
Find debuggable. The function with ()Z is boolean which means the function can
return false or true.
15.
Return it false. 0x0 means false and 0x1 means true.
.locals 1
const/4 v0, 0x0
return v0
16.
Find isSuBinaryPresent. The function with ()Z is boolean which means the
function can return false or true. Look at the keyword 'native'. The native is applied to a method to indicate that the method is implemented in native
code using JNI (Java Native Interface), so you can't add the code to it.
17.
Remove the 'native' and return false function like this
18.
Save the file and recompile the APK file with APKtool.
19. Zipalign and sign the APK file
Now you can play the game on any rooted devices with unauthorized
apps installed
Credits:
AndnixSH
Comments
Post a Comment