AndroidMaster24
Platinian
Big thanks to Rev for this tutorial. I just shared it here for platin modders to learn ;)
Example Game: GoB
Version: 26.0.225
Many games nowadays put in place a "signature check" in an attempt to make modders give up on modding their game. A signature check is something that checks if the signature on the apk is valid, and equal to the "original" signature. If it isn't equal to the original signature, then the game will prevent you from playing it. There are many ways a game developer might implement a signature check, and one of these ways can be done through java. For this "bypass", I'll be using GoB as an example. Their signature is implemented via the games java code, and can therefore be seen with ease when we decompile it.
If we decompile the game, we'll see a set of decompiled dexes. We'll be interested in the first. This game does their signature check in the file named "DeviceStatusCheck.smali" (smali/com/gameinsight/gobandroid/devicestatuscheck.smali). When we open it, we'll see a set of methods. The following methods are the most important;
In order to return true in smali, we write this;
(0x0 would be false)
We then want to return it, like so;
Code:
When returning methods where you don't want to return a particular value, we just do this;
Now, all we need to do is put these in place for the methods mentioned above.
For the getUserSign method, we'll be returning it true. So, we'll do something like this;
As for userSign, we don't want it to get the signature, so we'll just remove all of the code from it, and essentially end it. If we don't give the method anything to return, then the apk won't run or compile (bad syntax). We don't want it to return any particular value, but we still want to complete the method, so we'll be using "return-void". For example;
We also don't want the game to present us with the "dialogue" message we receive when it detects that the game has been modified. So, we'll do the same thing;
I am sure if we just removed the code from the userSignDialog method, and returned void, we would have successfully bypassed this detection - though I haven't tried.
That's it! A pretty bad implementation of a signature check from the developers of GoB, and quite easy to bypass.
Have fun :) Keep the spirit of game modding alive!
Example Game: GoB
Version: 26.0.225
Many games nowadays put in place a "signature check" in an attempt to make modders give up on modding their game. A signature check is something that checks if the signature on the apk is valid, and equal to the "original" signature. If it isn't equal to the original signature, then the game will prevent you from playing it. There are many ways a game developer might implement a signature check, and one of these ways can be done through java. For this "bypass", I'll be using GoB as an example. Their signature is implemented via the games java code, and can therefore be seen with ease when we decompile it.
If we decompile the game, we'll see a set of decompiled dexes. We'll be interested in the first. This game does their signature check in the file named "DeviceStatusCheck.smali" (smali/com/gameinsight/gobandroid/devicestatuscheck.smali). When we open it, we'll see a set of methods. The following methods are the most important;
- getUserSign - Used to check the games signature.
- userSign - Used to check the games signature.
- userSignDialog - Presents a dialogue if the signature isn't original - allowing you not to play the game.
In order to return true in smali, we write this;
Code:
const/4 v0, 0x1We then want to return it, like so;
Code:
Code:
return v0When returning methods where you don't want to return a particular value, we just do this;
Code:
return-voidNow, all we need to do is put these in place for the methods mentioned above.
For the getUserSign method, we'll be returning it true. So, we'll do something like this;
Code:
.method public static getUserSign()Z
.locals 2
const/4 v0, 0x1
return v0
.end methodAs for userSign, we don't want it to get the signature, so we'll just remove all of the code from it, and essentially end it. If we don't give the method anything to return, then the apk won't run or compile (bad syntax). We don't want it to return any particular value, but we still want to complete the method, so we'll be using "return-void". For example;
Code:
.method public static userSign()V
.locals 2
return-void
.end methodWe also don't want the game to present us with the "dialogue" message we receive when it detects that the game has been modified. So, we'll do the same thing;
Code:
.method public static userSignDialog(Landroid/app/Activity;)V
.locals 2
return-void
.end methodThat's it! A pretty bad implementation of a signature check from the developers of GoB, and quite easy to bypass.
Have fun :) Keep the spirit of game modding alive!