Bypassing client-sided signature check is super easy and can be bypassed in many ways
In
In this tutorial, I will show you how to bypass "Not a genuine copy" from TAP SPORTS BASEBALL 2016
You need Notepad++ and apktool. You can use APK Easy Tool
Decompile APK file
Open Notepad++, click Search -> Find in files… . Select the directory to search and search "not a genuine copy"
Here is the result. We only look for name="invalid_signature" that is used by smali code. Search invalid_signature
Find the const-string v that is using the invalid_signature string, like:
const-string v3, "string/invalid_signature" as seen below
Replace const/4 v4, 0x0 with 0x1 so it returns true. The game will pass the signature check and let you play.
That's all, the game will launch
My next step is to bypass server-sided signature check that makes the game stuck in loading screen, yep another fake bug that I will look into it.
About bypassing server-sided signature check, it required you to spoof signature hash by putting original hash in smali or keep original signature (we call it unsigned). The server needs at least one original signature hash that matches the server-sided signature hash to let you play. Giving the server wrong signature hash, such as, blank string, hash from testkeys, "null", "don't ban me please", etc won't let you play the game online.
Credit: iAndroHacker
In
In this tutorial, I will show you how to bypass "Not a genuine copy" from TAP SPORTS BASEBALL 2016
You need Notepad++ and apktool. You can use APK Easy Tool
Decompile APK file
Open Notepad++, click Search -> Find in files… . Select the directory to search and search "not a genuine copy"
Here is the result. We only look for name="invalid_signature" that is used by smali code. Search invalid_signature
Find the const-string v that is using the invalid_signature string, like:
const-string v3, "string/invalid_signature" as seen below
Replace const/4 v4, 0x0 with 0x1 so it returns true. The game will pass the signature check and let you play.
That's all, the game will launch
My next step is to bypass server-sided signature check that makes the game stuck in loading screen, yep another fake bug that I will look into it.
About bypassing server-sided signature check, it required you to spoof signature hash by putting original hash in smali or keep original signature (we call it unsigned). The server needs at least one original signature hash that matches the server-sided signature hash to let you play. Giving the server wrong signature hash, such as, blank string, hash from testkeys, "null", "don't ban me please", etc won't let you play the game online.
Credit: iAndroHacker
