[Fake bug] Bypassing X509 fingerprint & MD5 file check with fake crash

Posted by AndnixSH

I still had 3 years old APKs of a racing game that fake crashes if using resigned APK but wasn't able to bypass it due to lack of cracking skills. Today I try to bypass it.

While comparing both old and new version, I discovered a new folder with 2 smali hidden pretending to be ads at \com\applovin\sdk\applovinsdkattributioninterface\. Attribution.smali is an X509 fingerprint check that checks if the APK's fingerprint match with the original fingerprint stored in-game but where the heck is string of fingerprint and fake crash code?

I deleted the folder applovinsdkattributioninterface, compile apk and launch to see what happen. Game gets stuck on black screen. I captured a logcat and got interesting logs


Now I know the signature check and fake crash come from Assembly C# code. After a while of searching I met this code. This code execute Attribution class code to get SHA1 fingerprint and forward data to Unity game. Quit(); is called if fingerprint does not match. Simply remove the whole code or just remove Application.Quit(); in IL editor if you have problem compiling the code


Sample smali code: https://pastebin.com/zaWBUUZx (only useful for code searching purposes)

Credit:
iAndroHacker

Comments

Post a Comment

Popular Posts

VMOS Pro Global/CN FREE Custom ROMs | Gapps, ROOT, Xposed | Android 4.4.4, 5.1.1, 7.1.2, 9.0 ROMs | NO VIP

Posted by AndnixSH
Image
VMOS Pro was protected so i wasn't able to modify APK. Instead, I made a custom ROM as a zip file for VMOS Pro that includes Superuser and Xposed.   If you wonder why VMOS team released pro version, they got suspended from making money from ads so they can only make money from VIP service. If you support them, consider to pay VIP per month to keep them up and you can use their official ROM with switchable root option YOU CANNOT INSTALL ANY OTHER ROMS SUCH AS SAMSUNG, HUAWEI, ETC THAT ARE NOT MADE FOR VMOS. VMOS ROM INSTALLATION IS FOR VMOS ROM ONLY. PLEASE DO NOT BE DUMB, THANKS! Download VMOS Pro app English and Chinese version has been combined into one APK, so you will get same version if you downloaded from EN or CN website   Global (EN) website: https://www.vmos.com/   Chinese website: http://www.vmos.cn/product_center_vmospro.htm   Download custom ROMs: The following ROMs are available. ALL ROMs are tested before release: - Android 9.0 ARM64/64-bit (Root and Gapps inclu
Read more

How to check Il2Cpp Metadata version

Posted by AndnixSH
Image
Need to check metadata version? it's very easy. Open global-metadata.dat with any hex editor programs or if you are using Hex Workshop, right click on global-metadata.dat and click Hex Edit with hex Workshop vX.X Look at caret 0x4, this one says 18 which means 24 in decimal, so we know the metadata version is 24 Use the online tool to convert hex to decimal: http://www.binaryhexconverter.com/hex-to-decimal-converter That's all
Read more