Tutorial How to remove root and apps detection from APK file (Smali modding)

AndnixSH

PMT Elite Modder
Staff member
Modding-Team
Note: This tutorial is only helpful with simple detections. This tutorial will not be helpful in modern apps with strong protection.
In this tutorial, I will mod old game Age of Empires World Domination

When you run it on rooted device or have unauthorized apps installed, you will be greeted with this message. Remember this message for later use

1672957041297.png


1. Download any APK tool of your choice

2. Install Notepad++ or other text editors that support searching through all files

3. Decompile an APK file

4. Open Notepad++, click on “Search” -> “Find in files…”

1672957044404.png


5. Input the words of the error message in the “Find what :” field. In directory section, click on “…” button

1672957047941.png


6. Select the path of the decompiled APK, and click OK

1672957051489.png


7. Click on “Find all”

1672957054451.png


8. The result will appear below. Double-click in it to open the html file and it will highlight the word. See screenshot below

1672957062118.png

1672957066191.png


9. Look at bootup_stopped. Click on “Search” -> “Find in files…” and type “bootup_stopped” in the field, and select "smali" folder to be searched

1672957070392.png


1672957073774.png


10. The result will appear below. If you found something interesting, double-click on the line to open the smali file and it will highlight the word. See screenshot below. Ignore the IDs because they are useless

1672957077133.png

1672957080292.png


11. Scroll up until you see the name of the function. The function with ()V is ‘void’ which means the function returns nothing

1672957084064.png


12. Clear the code inside so the code will look like

1672957087618.png


13. Null the function like this
Code:
.locals 0

return void

1672957091205.png


14. Find debuggable. The function with ()Z is boolean which means the function can return false or true.

1672957094918.png


15. Return it false. 0x0 means false and 0x1 means true.

Code:
.locals 1

const/4 v0, 0x0

return v0

1672957097966.png


16. Find isSuBinaryPresent. The function with ()Z is boolean which means the function can return false or true. Look at the keyword ‘native’. The native is applied to a method to indicate that the method is implemented in native code using JNI (Java Native Interface), so you can’t add the code to it.

1672957101557.png


17. Remove the ‘native’ and return false function like this

1672957104745.png


18. Save the file and recompile the APK file with APKtool.

19. Zipalign and sign the APK file

Now you can play the game on any rooted devices with unauthorized apps installed

Credits:
AndnixSH
 
Back
Top Bottom