Quick rundown of what I tried so you can skip these BS stuff...
I hooked the verify call to fake success but it never fires, the game filters fakes upstream first. Then I tried mocking the billing layer with synthetic purchases, same filter ate it. Writing ownership directly on the backend got reverted in like 5 sec, no error or ban tho which was nice. Heads up, don't touch the restore path, wrong shape there nuked a throwaway account I was testing on. Also tried the offline trick (load then kill wifi), local cache just stays empty so the UI never flips anything.
Spent today building a local mock backend and redirecting the game to it. Got past auth and even the welcome screen showing my nickname which felt like progress, but loading hangs at one specific spot bc I'm guessing field shapes blind without owned data to copy from. Kinda death by papercuts at this point ngl.
Stuff I haven't tried but might be your angle(?)... patching the ownership check directly in memory (risky if the offsets change between updates), or watching what the game actually reads when it loads purchase data. I started the second one but my reverse engineering tools gave me wrong function names, so I couldn't really tell what was what and gave up.
What is possible and can be safely modded right now... cookies, reroll, ad bypass, and daily cookie stuff. The DLC unlock part is the only thing still stuck because of the billing wall, and honestly if anyone here already owns one of the DLCs and could share a capture from a normal play session, that would basically end this in a day. Just one capture and I can copy the response shape directly..
apkpure.com
