Sunday, February 13, 2011

antilvl 1.1.3

just put up antilvl 1.1.3. a few small but annoying bugs fixed and some improvements with the hooks. pick it up from the usual spot: http://androidcracking.blogspot.com/p/antilvl_01.html

also had to do some major refactoring so people could make use of the source once it's released, and i think i got most of the kinks out.

while working on this, i noticed a few more apps that were using string encryption. maybe it will start to get popular? i wrote a proof of concept decryptor just to see how feasible it would be to convert dex to java .class files and run the apk's own methods to decrypt the strings. it worked but i want to make something more general. here's my idea:

  • start with an apk and disassemble
  • chose to decode literal strings (ex: const-string "some-encoded-string") or assume strings are the result of a function call (ex: invoke-static LStringHolder;->getString(v0)).
  • show all lines that match the above selection and allow for regex filtering. this way, if you pick literal strings and not all strings are encoded, you can filter for just the ones that are
  • decode strings by one of several methods: run the function, in the case of function-call encryption, built-in stuff like base 64, etc. or by using reflection on the classes of the apk. this way if every literal string in the apk is decoded through some function, i could use dex2jar to get the java class, dynamically load that and run each string through it.
the goal is to make the tool generic enough so that it's useful in the most situations. shouldn't be too hard. half of the work will be making my patching and apk libraries more generic and useful, so it wont be a total waste of time.

17 comments :

  1. how to use fpexclude? command prompt "java -jar antilvl.jar --fpexclude License Validator" don't work...

    ReplyDelete
  2. "don't work" = option not recognized? option parsing error? option has no effect? option has incorrect effect? option creates code that will not compile?

    ReplyDelete
  3. c:\1>java -jar antilvl.jar --fpexclude Hook File Size 2.apk
    -----------------------------------------------------
    AntiLVL - Android License Verification Library Subversion
    Version: 1.1.3 Updated: February 13th, 2011 By: lohan+
    For educational purposes only! :-D
    -----------------------------------------------------

    Error: File does not exist.
    Usage: java -jar antilvl.jar [options] <Apktool/Baksmali dump | Apk fi
    t Apk]
    Options:
    -f, --force Force overwriting
    -s, --skip-assembly Skip assembly
    -d, --detect-only Detect protection information only
    -n, --skip-nonlvl Skip Non LVL protection subversion
    -v#, --verbose# Verbose level (1-3)
    --sign-only Sign Apk file then exit
    --info-only Get App info then exit
    --assemble-only Assemble dump then exit
    --skip-cleanup Do not clean up any files while running
    --fplist List installed fingerprints
    --fpexclude Comma-separated fingerprints to exclude
    -h, --help Show this friendly message

    ReplyDelete
  4. try with quotes:
    java -jar antilvl.jar --fpexclude "Hook File Size" 2.apk

    ReplyDelete
  5. This is great stuff. antilvl's anti-anti features have saved me a ton of time. THANK YOU!

    ReplyDelete
  6. Great Article..Thanks for the sharing..

    Bigo live is a GooD APK.Connect friends.
    Install the application here.....

    Bigo Live App

    ReplyDelete
  7. Great Article..Thanks for the sharing..

    Bigo live is a GooD APK.Connect friends.
    Install the application here.....

    Bigo Live App

    ReplyDelete
  8. **SELLING SSN+DOB FULLZ**

    CONTACT
    Telegram > @leadsupplier
    ICQ > 752822040
    Email > leads.sellers1212@gmail.com

    >>1$ each without DL/ID number
    >>2$ each with DL
    >>5$ each for premium (also included relative info)

    *Will reduce price if buying in bulk
    *Hope for a long term business

    FORMAT OF LEADS/FULLZ/PROS

    ->FULL NAME
    ->SSN
    ->DATE OF BIRTH
    ->DRIVING LICENSE NUMBER WITH EXPIRY DATE
    ->COMPLETE ADDRESS
    ->PHONE NUMBER, EMAIL, I.P ADDRESS
    ->EMPLOYMENT DETAILS
    ->REALTIONSHIP DETAILS
    ->MORTGAGE INFO
    ->BANK ACCOUNT DETAILS

    >Fresh Leads for tax returns & w-2 form filling
    >Payment mode BTC, ETH, LTC, PayPal, USDT & PERFECT MONEY

    ''OTHER GADGETS PROVIDING''

    >SSN+DOB Fullz
    >CC with CVV
    >Photo ID's
    >Dead Fullz
    >Spamming Tutorials
    >Carding Tutorials
    >Hacking Tutorials
    >SMTP Linux Root
    >DUMPS with pins track 1 and 2
    >Sock Tools
    >Server I.P's
    >HQ Emails with passwords

    Email > leads.sellers1212@gmail.com
    Telegram > @leadsupplier
    ICQ > 752822040

    THANK YOU

    ReplyDelete
  9. Nice to be visiting your blog again. it has been months for me. Well this article that i’ve been waited for so long. I need this article to complete my assignment in the college. and it has same topic with your article. Thanks. great share Feel free to visit my website; 카지노

    ReplyDelete
  10. That is a very good tip especially to those new to the blogosphere. Short but very accurate info… Appreciate your sharing this one. A must read post. Feel free to visit my website; 토토

    ReplyDelete
  11. Great post ! I am pretty much pleased with your good post. You put really very helpful information. Feel free to visit my website; 온라인카지노

    ReplyDelete
  12. webgirls.pl With regards to battling infections, patients often have their work eliminate for them. It is because candidiasis can easily become persistent and continuous. Bearing that in mind, on this page, we are going to present a variety of among the best verified candida albicans treatment method and prevention ideas all around.

    ReplyDelete
  13. https://gamebegin.xyz You can exercise by yourself. A pitching machine permits you to establish the rate from the ball. By reloading a number of baseballs to the machine, you may exercise reaching without the need for a pitcher. This electronic machine is ideal for individuals who would like to exercise baseball alone. Pitching models might be picked up in your community showing off merchandise retail store.

    ReplyDelete
  14. https://gameboot.xyz You see them on magazines as well as on TV, women and men who appear to be their forearms and legs will explode as his or her muscle tissue are really massive! There is no need that you can consider your system to that level when you don't want to, since the basic methods in this article will enable you to develop muscle mass in a healthful manner.

    ReplyDelete
  15. Bon site internet : Zonahobisaya
    Bon site internet : Tertinggi
    Bon site internet : Zonahobisaya
    Bon site internet : Zonahobisaya
    Bon site internet : Terluas
    Bon site internet : Profil
    Bon site internet : Zonahobisaya
    Bon site internet : Zonahobisaya

    ReplyDelete
  16. I saw your writing and pictures well. Looks like you had a great time. I want to join you next time. I will visit again next time.

    ReplyDelete

Do NOT post about or link to specific apps!