Thursday, October 27, 2011

antilvl 1.4.0

it's been a while, but antilvl 1.4.0 is finally released. i did not plan to make another release, but there were some show-stopping bugs in the linux version and some other things that were just embarrassing. :D

major changes include:
  • option to use your own signatures
  • more control over which fingerprints are used
  • support for verizon drm
  • a few new anti-tampering checks are known
  • some fixes in how fingerprints were applied

you can read more / download here: http://androidcracking.blogspot.com/p/antilvl_01.html

29 comments :

  1. This comment has been removed by a blog administrator.

    ReplyDelete
  2. I have used your tool to reclaim all the Verizon DRM protected apps that I bought.

    Now when I switch carriers this week they wont be stealing all my game loft games from me and robbing me of my hard earned money

    Thank you for this tool
    IT works well and it's very fast. Thanks once again

    ReplyDelete
  3. LaBBa, i had to remove your comment since it mentioned a specific app. the --skip-cleanup option will still create an *-antilvl.apk and you should use that for your output when you do --assemble-only. all antilvl has is the classes.dex, and without a full apk it can not rebuild a working apk.

    ReplyDelete
  4. Anonymous: you're a great example of when drm fails. glad you got it sorted.

    ReplyDelete
  5. Lohan I will be supporting you in your further development of this tool. I know the whole community of users will be also behind you.

    In your opinion do you think the fingerprint method will be able to detect and disable every ammount of DRM code in a .apk file if the fingerprints are updated?

    Google is saying that with LVL Tamper resistance that they can stop it but I believe this is just lies that are being told to developers to not discourage them.

    I would like to know your opinion on this since you are the writer of this great tool.

    ReplyDelete
  6. Anonymous, since fingerprints replicate what someone would do, ie. find this, replace it with that, it can do most things. the trick is understanding the code well enough to make good fingerprints.

    google and other developers know there is no uncrackable drm. everyone knows. the decision to add more protection requires a cost benefit analysis. how much does developing robust protection cost and how much do you benefit as a developer? this is not an easy question to answer since there is not any good evidence to suggest a direct link between a pirated release and a decline in sales. eventually it will be cracked anyway, so programmer efforts will be wasted.

    ReplyDelete
  7. Amen brother lohan. Very wise words from a wise person. I agree with you.

    I am disgusted by DRM especially since I would rather buy products without DRM than buy something that has it (as is most Verizon products)

    Especially since most of these "methods" will require the user to have internet. Totally defeating the purpose of a versatile mobile device.

    ReplyDelete
  8. i'm not worthy of such praise, really. i'm just some guy. :D

    since you are into drm free games, you might be interested to know about the humble indie bundle. there have been several, so far. they are "pay as much as you want" and all of the games are drm free. they're all indie developers, but the games are quite well produced, especially for the price.

    ReplyDelete
  9. Thank you for the game suggestion. I have checked it out and I plan to purchase it to help charitable organizations.

    I have a question about antiLVL.jar
    Is it possible to do batch processing of APKs using this tool so that every APK will be checked patched and signed in a specific directory

    ReplyDelete
  10. batch processing can be done with the terminal. if you're on linux, you have shell scripts. if on windows, you could write a one line batch file that looped through every *.apk in a directory.

    this is a batch file i use:
    @ECHO OFF

    SET TEST_DIR=\antilvl
    SET OUTPUT_DIR=%TEST_DIR%\output

    SET ANTILVL_CMD=java -jar antilvl.jar
    SET ANTILVL_OPTS=--force --skip-cleanup

    FOR /f "usebackq delims=|" %%f IN (`dir /b "%TEST_DIR%\*.apk"`) DO %ANTILVL_CMD% %ANTILVL_OPTS% %TEST_DIR%\%%f "%OUTPUT_DIR%\%%f-antilvl.apk"

    PAUSE

    ReplyDelete
  11. Forgive me lohan but would those commands be used in a .bat file?
    Those commands look like Windows CMD

    I tried using them as a bat but I don't think I'm going about it correctly.(I'm not trained with all the CMD commands and so trying to understand each function variable is confusing me)

    ReplyDelete
  12. yes, it's a batch file. we'll talk on google.

    ReplyDelete
  13. there is a tiny bug with the above batch file if your path has spaces. use this instead:

    @ECHO OFF

    SET TEST_DIR=\antilvl
    SET OUTPUT_DIR=%TEST_DIR%\output

    SET ANTILVL_CMD=java -jar antilvl.jar
    SET ANTILVL_OPTS=--force --skip-cleanup

    FOR /f "usebackq delims=|" %%f IN (`dir /b "%TEST_DIR%\*.apk"`) DO %ANTILVL_CMD% %ANTILVL_OPTS% "%TEST_DIR%\%%f" "%OUTPUT_DIR%\%%f-antilvl.apk"

    PAUSE

    ReplyDelete
  14. Great tool Lohan ... thx a lot

    which tool use AntiLVL du decompile/recompile ?
    Because it works with some app I tested whereas I have decompile/recompile errors on the same app with apktool
    (I wanted to do the work with apktool and then my brain ;-) )

    ReplyDelete
  15. Anonymous: apktool will try to decode resources by default and this is often problematic. my guess is the resource formats are always changing and brut has his hands full figuring them out. anyway, use --no-res with apktool and it will just decode the smali. i prefer to just use baksmali and smali instead of apktool, which is what apktool uses under the hood.

    ReplyDelete
  16. Hi Lohan,
    Do I miss something or AntiLVL4 doesn't do anything agaisnt getdeviceID ???

    ReplyDelete
  17. I mean : in antiLVL 1.2.5, there is a deviceID spoof thing in smalihook.smali
    But in antiLVL 1.4.0, I don't find anything about it.
    I tried antiLVL on a target that use several protections with getDeviceId() of TelephonyManager ... and antiLVL didn't touch it.

    ReplyDelete
  18. Learner: hello Learner. you are very astute to notice the missing function. i didn't think anyone used it. unfortunately, i removed it from the public version.

    ReplyDelete
  19. Fortunately i managed to get 1.1.5 working on my target (an app you worked on in the past.. G.. k) but i dream of a 1.4.0 version + this spoofId function. I will try to merge it by myself. Is there a private version ;-)?

    ReplyDelete
  20. So why is the download link removed?
    are you scared of getting busted?

    ReplyDelete
  21. Anonymous, the page was, for some strange reason, no longer existent. it has been recreated. now i have to fix some links..

    ReplyDelete
  22. Hey guys, I just made some stats how much cracked are my apps and anti lvl is used for more than 30% of usage of paid flavor of my apps. Do you really think you are doing great job? I'm disgusted from your work. You think you are smart but you do bad thing for Android:

    - you help warez with trojans
    - you disgust people that work hard to deliver good quality apps
    - incorrectly cracked apps cause application malfunction so I'm spending a lot of time with support of your errors

    Go to hell

    ReplyDelete
  23. I am having some problem with fpinclude of linux version. Can you please tell me , what it does. And Synatax also.

    What i tried?

    java -jar antivil --fpinclude hook file size [my.apk]

    ReplyDelete
    Replies
    1. I am using antivil instead of antilvl , as i have renamed it. xd to avoid confusion

      Delete
  24. Any chance of updating the version of smali/baksmali that antilvl is built with? I've noticed that it's built with v1.2.8 of both libs, but in November of last year, they updated it to include support for Honeycomb/ICS. This is increasingly important since I've been seeing some errors lately related to the outdated [dis]assembler, which I've not seen when manually using v1.3.3.

    A really great help would be allowing the usage of a user-specified distribution...this way an update of antilvl wouldn't be needed. Just a thought.

    ReplyDelete
  25. Exception in thread "main" java.lang.OutOfMemoryError: Java heap space
    at java.util.Arrays.copyOf(Unknown Source)
    at java.lang.AbstractStringBuilder.expandCapacity(Unknown Source)
    at java.lang.AbstractStringBuilder.append(Unknown Source)
    at java.lang.StringBuilder.append(Unknown Source)
    at ev.(Unknown Source)
    at ex.a(Unknown Source)
    at antilvl.Main.main(Unknown Source)

    ReplyDelete
  26. Anonymous,
    seems like a generic java out of memory error. try running antilvl with:
    java -Xmx4g antilvl.jar

    this will use 4 gigs as the maximum heap size. should be enough. if your computer has less, use that.

    ReplyDelete
  27. Have come across a few apps that antilvl isn't working on. They show as failing the license check. Each are apps I've purchased ....I just want the drm gone. Any tips?

    ReplyDelete
  28. Anonymous,
    AntiLVL will never be able to crack all apps. It would require a lot of time and effort and I'm just not that interested in pissing developers off. I made a swiss-army-knife type tool with a decent foundation for cracking many lvl variants and I'm going to leave it at that. I may add some more features, but that's it. Sorry!

    ReplyDelete

Do NOT post about or link to specific apps!