Bypass signature check in Assembly-Csharp.dll
Well that's pretty easy, just search
IsGenuine, GetSignature or InstalledFromRightLocation and return it to TRUE.
They are all boolean.
Use dnSpy, it's much easier to edit
code. Right click inside method code, select "Edit Method (C#)..."
and replace it with "return true;"
Tip: Dump source code from dll and
search keywords in files using Notepad++ and analize them. It's much easier for
me because i can search string, url string, excat code etc.
Keywords to search: Integrity,
Check, Genuine, Signature, Installed, Location etc.
How i found IsGenuine?
First, i was analizing
ShowInvalidBuildError() but i was unable to locate the check, so i just just
dump the entire source code and search "signature" in files using
Notepad++ because it's much easier for me to find the useful code. My former
friend told me that trick.
How i found
InstalledFromRightLocation?
I recorded a logcat using Matlog app
to find an error, and i already found interesting function ReceiveInstallFromWrongLocationError()
so i took a look in dnSpy. I
analized it , look InitOnStart() and there is a code
bool flag2 = AndroidUnityUtilWrapper.InstalledFromRightLocation();
InstalledFromRightLocation() is also
an interesting method. It was a boolead so I returned it true and it worked!
Credits:
iAndroHacker
Comments
Post a Comment