android cracking: cracking verizon's v cast apps drm

Friday, June 10, 2011

cracking verizon's v cast apps drm

verizon has a new app store. it has an amazon-store like drm that's fairly simple to crack.

here's how it works. in the launching activity a thread is started that calls checkLicense(). this was in com/cp/app/MainActivity$2.smali:

.method public run()V
    .locals 2

    .prologue
    .line 100
    invoke-static {}, Landroid/os/Looper;->prepare()V

    .line 102
    :try_start_0
    iget-object v0, p0, Lcom/cp/app/MainActivity$2;->this$0:Lcom/cp/app/MainActivity;

    iget-object v0, v0, Lcom/cp/app/MainActivity;->licenseAuthenticator:Lcom/verizon/vcast/apps/LicenseAuthenticator;

    sget-object v1, Lcom/cp/app/MainActivity;->verizonAppKeyword:Ljava/lang/String;

    # call checkLicense and store result in v0
    invoke-virtual {v0, v1}, Lcom/verizon/vcast/apps/LicenseAuthenticator;->checkLicense(Ljava/lang/String;)I
    move-result v0

    .line 103
    iget-object v1, p0, Lcom/cp/app/MainActivity$2;->this$0:Lcom/cp/app/MainActivity;

    # send result of checkLicense (v0) to isDRMDone()
    invoke-virtual {v1, v0}, Lcom/cp/app/MainActivity;->isDRMDone(I)Z
    move-result v0

    # isDRMDone() handles error messages and returns true when all is good
    if-eqz v0, :cond_0

    # ... rest of code

if you look at isDRMDone() you'll see that it's basically a big switch. input of 0 or 1 counts as valid. everything else is some kind of error. so we just need to make sure checkLicense returns 1 and doesn't call anything else that may have side effects (timeouts, checking to see if verizon app store is installed, etc..).

checkLicense() is defined in com/verizon/vcast/apps/LicenseAuthenticator.smali. after modification it looks like:

.method public declared-synchronized checkLicense(Ljava/lang/String;)I
    .locals 10
    .parameter "keyword"

    .prologue
    
    # just set v0 to true and return
    # the rest of the code never runs
    const/4 v0, 0x1
    return v0

    const/16 v9, 0x64

    const-string v7, "checkLicense() finished.  Trying to shutDownLicenseService()"

    const-string v7, "LicenseAuthenticator"

    .line 256
    monitor-enter p0

    :try_start_0
    const-string v7, "LicenseAuthenticator"

    const-string v8, "begin checkLicense()"

    # ... rest of code

if you're a developer, depending on how they implement the insertion of their drm, it may still be possible to use classical protection / anti-tampering techniques. i'd like to know. but really though, don't waste your time on protection. i'm not blasting verizon or amazon or google for weak security. real effort should be spent improving the program, not slowing down (because you can't stop) crackers. if you want money, use ads.

24 comments :

AnonymousJuly 7, 2011 at 11:30 AM
Which apk are you referring to here?
ReplyDelete
Replies
lohan+July 7, 2011 at 11:50 AM
i do not post anything regarding specific apps. that would be straight up illegal. this is a general case. yours may be modified beyond recognition.
ReplyDelete
Replies
AnonymousJuly 11, 2011 at 9:24 PM
This comment has been removed by the author.
ReplyDelete
Replies
fr1sJuly 14, 2011 at 2:00 AM
@ Lohan
Hi.. I'm a bit of a noob who's trying to edit some apps n got stuck..

this particular app wont resize for my Asus Transformer.. it's TouchOSC

I got main menus fixed but as soon as I try using the control surface(layout) it stays in small screen.. n I did try editing layout file (.xml).. which did nothing..

so I'm thinking it's .smali files I've got.. is there a way .smali files would be able to control screen size?? if so how?

here's .smali's

http://stackoverflow.com/questions/6688448/smali-files-and-screen-size-issue-in-touchosc
ReplyDelete
Replies
lohan+July 14, 2011 at 5:27 AM
@Waryam i do not fully understand you.

@fr1s have you considered contacting the developer? they might be able to fix it readily. the file you posted is a viewgroup, so you might want to fully understand how android treats those. it could be something in the xml or it could be something in the code. check out http://developer.android.com/reference/android/view/ViewGroup.html and look for anything useful. viewgroups contain child views and maybe those aren't resizing. sorry, i don't know much more about this.
ReplyDelete
Replies
fr1sJuly 14, 2011 at 1:28 PM
well thank you for help anyways :)
I i didnt contact the developer.. but nothing sofar
ReplyDelete
Replies
fr1sJuly 14, 2011 at 1:30 PM
I mean I did back few days ago..
typed wrong thing
ReplyDelete
Replies
fr1sJuly 14, 2011 at 2:02 PM
Anyways..
would you mind taking a look?? maybe i missed something

http://www.mediafire.com/?p300cpn0t7634v5 .apk file
http://www.mediafire.com/?i8b8c56x0rp8e85 rest of the stuff inside
ReplyDelete
Replies
AnonymousAugust 20, 2011 at 5:00 AM
hi lohan, i'm having an issue and i was wondering if you could offer any insight. i posted my problem here: http://stackoverflow.com/questions/7130324/calling-a-class-method-within-a-third-party-apk-from-a-class-onclick-in-android-p

if you have any suggestions, plz contact me at jsnake862@gmail.com. i would be extraordinarily grateful.
ReplyDelete
Replies
AnonymousSeptember 21, 2011 at 9:23 AM
"if you want money, use ads."

I do agree with you, but just these past few weeks I'm seeing alarming amounts of ANDROID ADFREE releases, meaning that for some people, even getting the program free is not enough, they will rip the ads out too.

Have you checked how these rips are done or do you have any tips for implementing ad supported apps that won't have this faith?
ReplyDelete
Replies
lohan+September 21, 2011 at 5:47 PM
@Anonymous, i don't know anything about these people. there's really no easy way to prevent it from happening. removing ads can be as simple as modifying resources by removing the layout element, or by breaking part of the ad library. if i knew something easy, i'd tell you.
ReplyDelete
Replies
AnonymousSeptember 26, 2011 at 9:37 PM
Thanks. That was my guess too, it's a shame that this can turn in to exactly the same cat and mouse game that wastes precious time that could be used to improve the games/apps.

Our game hasn't been released yet, so I'll probably try to find some statistics of this before implementing protective measures. If the "ADFREE" players are rare enough, as I hope, it's not worth putting effort into.
ReplyDelete
Replies
roberto marleyOctober 2, 2011 at 12:22 AM
Ads are antithetical to free

Once adware is ripped from an app claimed to be free it becomes actually-free

I remove license check because app X does NOT need internet access. I do buy apps. I do NOT tolerate the PRIVACY RAPING that is allowing apps to render interweb ads
ReplyDelete
Replies
lohan+October 3, 2011 at 7:06 AM
roberto, you have some interesting opinions on rape and privacy. i wonder if you would still have the exact same opinion if you were a developer.
ReplyDelete
Replies
AnonymousOctober 22, 2011 at 8:30 AM
Lohan+
Who the fuck are you to say how a developer should monetize on his effort? Have you developed an app, do you know how much you get from ADs? If you are lucky you might get enough to buy a beer...
ADs need Internet access, most of the moronic android users do not know what internet is, or the ones who do simply shut down the ads...

You are stealing and telling people how to steal, this is far worse and actually a couple of developers are already in contact with blogspot to reveal your contact details.
ReplyDelete
Replies
lohan+October 22, 2011 at 11:53 AM
over generalization is a sign of supreme intelligence. your advice is as profound as it is genius. thank you. my life is forever changed.
ReplyDelete
Replies
AnonymousOctober 23, 2011 at 6:18 AM
good article. I have implemented something similar to this, in one of my app. I wish good luck to the eventual cracker though, if that ever happens :)
ReplyDelete
Replies
iCaption ThatJuly 12, 2012 at 3:20 AM
Amazing Post!
I love it. Will come back again - taking your feeds also.
Thanks.
iCaption That
ReplyDelete
Replies
No NameApril 20, 2021 at 7:43 PM
**SELLING SSN+DOB FULLZ**

CONTACT
Telegram > @leadsupplier
ICQ > 752822040
Email > leads.sellers1212@gmail.com

>>1$ each without DL/ID number
>>2$ each with DL
>>5$ each for premium (also included relative info)

*Will reduce price if buying in bulk
*Hope for a long term business

FORMAT OF LEADS/FULLZ/PROS

->FULL NAME
->SSN
->DATE OF BIRTH
->DRIVING LICENSE NUMBER WITH EXPIRY DATE
->COMPLETE ADDRESS
->PHONE NUMBER, EMAIL, I.P ADDRESS
->EMPLOYMENT DETAILS
->REALTIONSHIP DETAILS
->MORTGAGE INFO
->BANK ACCOUNT DETAILS

>Fresh Leads for tax returns & w-2 form filling
>Payment mode BTC, ETH, LTC, PayPal, USDT & PERFECT MONEY

''OTHER GADGETS PROVIDING''

>SSN+DOB Fullz
>CC with CVV
>Photo ID's
>Dead Fullz
>Spamming Tutorials
>Carding Tutorials
>Hacking Tutorials
>SMTP Linux Root
>DUMPS with pins track 1 and 2
>Sock Tools
>Server I.P's
>HQ Emails with passwords

Email > leads.sellers1212@gmail.com
Telegram > @leadsupplier
ICQ > 752822040

THANK YOU
ReplyDelete
Replies
periyannanNovember 26, 2021 at 12:26 AM
nice blog

internship websites in india
internship acceptance letter
internship experience letter
Internship permission letter
internship courses
Internship offering companies
internship mail format
Internship program in chennai
Internship training online
internship and apprenticeship difference
ReplyDelete
Replies
RozysharmaMarch 3, 2022 at 4:39 AM
The Best Apps and Games For Android ·https://apkmodule.com/fortnite-mobile-mod-apk/
ReplyDelete
Replies
AnonymousApril 16, 2022 at 9:34 PM
Android Cracking: Cracking Verizon'S V Cast Apps Drm >>>>> Download Now

>>>>> Download Full

Android Cracking: Cracking Verizon'S V Cast Apps Drm >>>>> Download LINK

>>>>> Download Now

Android Cracking: Cracking Verizon'S V Cast Apps Drm >>>>> Download Full

>>>>> Download LINK 6h
ReplyDelete
Replies

Add comment

Do NOT post about or link to specific apps!

Subscribe to: Post Comments ( Atom )