Sunday, September 26, 2010

way of the android cracker 0

this is the first tutorial in a series. it lays the foundation. as you follow along you will set up your cracking environment, learn to use apktool and will have a general idea on how various cracking methods can be implemented.

also included is a crackme, an ultraedit syntax highlighting file and some heavily commented dalvik code.

if you learn anything new on your journey share it with others.

download it here:
https://sites.google.com/site/lohanplus/files/WayoftheAndroidCracker0.zip?attredirects=0&d=1

24 comments :

  1. This comment has been removed by the author.

    ReplyDelete
  2. I have followed the tutorial and have got to the 'Using Apktool' section. When I run 'apktool d crackme0.apk dump-crackme0' it only produces an empty folder. Cmd never runs through any steps. It only displays apktool options (the help dialogs describing which options to use). Any ideas what I may be doing wrong?
    screenshot: http://img2.me/OO7dT

    ReplyDelete
  3. After more research I've solved my problem. Somehow in my download of apktool I was not supplied with the mgwz.dll file. I was able to find it on xda. After putting that file in the same directory where I was running apktool I was able to decompile the apk.

    ReplyDelete
  4. good. i'm glad you figured it out and thanks for posting your solution afterwards.

    ReplyDelete
  5. was the mgwz.dll file added to the dl? Or do i need to also search for that file to add to my DIR? I am just starting out, thanks for this.

    FurRelKT

    ReplyDelete
  6. furelkt, where are you seeing this error?

    ReplyDelete
  7. sorry lohan disreg, i was just asking if this was something i needed... all installed perfectly. TY.

    ReplyDelete
  8. i was expecting a better tutorial.

    Please see this:

    http://www.androidpolice.com/2010/08/23/exclusive-report-googles-android-market-license-verification-easily-circumvented-will-not-stop-pirates/

    Much more in depth.

    ReplyDelete
  9. the article you link to is good. i read it about 4 months ago. it really only covers a tiny, narrow, single, solitary subject of one possible method of breaking one single implementation of unobfuscated lvl checks.

    comparing it with tutorial 0 is not very helpful with regard to improving since the topics covered differ in scope and objective.

    ReplyDelete
  10. Part 1 is much better than part 0. Much appreciate the info. I have tried to crack 2 apps both Dynomaster 3.0 & Trackmaster 2.12 both manually and with AntiLVL to no avail.

    It seems the license check is removed. Though then the app launches the market to the app page telling me that it is installed. Though if i then try and get back to the app it keeps pushing me to the market. This keeps happening in a loop.

    Anyways you said to let you know if AntiLVL wasnt working so this could be a challenge for you :).

    ReplyDelete
  11. i should have said "thought when the app launches it then launches the market app"

    ReplyDelete
  12. if you would like to discuss things, please contact me via a non-public channel. google may ban my account if people are discussing cracking specific apps.

    ReplyDelete
  13. where do i find this non-public channel? i could not find any email address listed :)

    ReplyDelete
  14. there are hidden ones. :) i will make it easy for you: lohan.plus (at) gmail.com

    ReplyDelete
  15. i just wanna thank you

    ReplyDelete
  16. Thank you very much for your amazing tutorial. I hope to see more tutorials from you.

    I solved it different ways:
    1. by changing line 148 to if-eqz instead of if-nez (best solution I think)
    2. by moving the success logic from OnClick to onCreate to automatically start as pro version, but I think this won't be feasible in big apps.

    3. by reading the serial generation code and making a Keygen :)

    /* ======= KeyGen ======== */
    TelephonyManager mTelephonyMgr = (TelephonyManager) GetApplicationContext().getSystemService(Context.TELEPHONY_SERVICE);
    String devId = mTelephonyMgr.getDeviceId();
    try {
    MessageDigest m = MessageDigest.getInstance("MD5");
    byte[] bytes = devId.getBytes();
    m.update(bytes, 0, devId.length());

    BigInteger serialInt = new BigInteger(1, bytes);
    String serial = serialInt.toString(16);

    Log.v("Serial", serial);
    } catch (NoSuchAlgorithmException e) {
    e.printStackTrace();
    }
    /* ========================= */

    Thanks again very much for the awesome geeky blog ;)

    ReplyDelete
  17. Hi Lohan,
    Thank you for your post!

    I would love to discuss in private with you.

    How could I please reach to you?

    Thank you so much!

    ReplyDelete
    Replies
    1. no, thanks. i'll spare us both the trouble.

      Delete
  18. Very interesting,good job and thanks for sharing such a good blog.your article is so convincing that I never stop myself to say something about it.
    You’re doing a great job.

    ReplyDelete
  19. Trade Stocks, Forex, And Bitcoin Anywhere In The World: roboforex login Is The Leading Provider Of Software That Allows You To Trade On Your Own Terms. Whether You Are Operating In The Forex, Stock, Or Cryptocurrency Markets, Use roboforex login Software And Anonymous Digital Wallet To Connect With The Financial World.: roboforex login Is A Currency Trading Company That Allows You To Trade Stocks, Forex, And Cryptocurrency.

    ReplyDelete
  20. Market Forex Is The Best And Most Reliable Forex Company In The Industry.. We Started Our Journey To Educate Traders And Help Them With Their Trading Techniques. We Review The Top Brokers And Share Our Insights With You To Make Informed Decisions Before Investing. We Also Offer Investment Tips, Guides And Much More To Improve Your Success Rate In Trading.

    ReplyDelete
  21. Do you believe in long term investement . One of the option of doing investement is by investing in Crypto currencies. You can invest in Fudxcoin company that deals in the selling and purchasing of Crypto Currency. It is a reliable company. One need not doubt in investing in it as i have also bought crypto currency from it and feeling very satisfied with their services.
    crypto currency blockchain techology

    ReplyDelete
  22. Fudx is a hospitality industry which caters the need of an individual by providing them with food,medicines,grocery and dairy products at their door steps with speedy delivery from your favourite places. One can order through Fudx app and the needs of the customers are met with their speedy service. One need not go anywhere ,just download its app and start ordering.

    ReplyDelete
  23. Does anyone one wants to enjoy the delcious food? that to from their favourite resturants. Here comes a company that is offering a wide variety of services like home food delivery, medicine delivery,grocery products and dairy products at the customers doorsteps. It is just a matter of a click, on their app (fudx app) and in no time, you will get your ordered products at your doorsteps.
    food delivery medicine delivery dairy products grocery items


    ReplyDelete

Do NOT post about or link to specific apps!