Android App Cracking Tutorial by AleX
You have purchased an application on Market official Google Play and you want to install on multiple terminals
without wanting to buy back?
Want to share it with friends and family?
Let's see how
For this tutorial I used a Samsung Galaxy S2 with Android 2.3.4 Gingerbread ,
of ' SDK Manager (Tool + Virtual Device) and a PC running Windows 7 (x64) .
Whether you work in a Linux there are no problems.
Requirements
A terminal based on Android 1.5 or higher ,
a PC running Windows or Linux .
First we install on our device a file manager , Astro will be fine.
On the PC, install the tool Anti-LVL (which I recommend to keep updated):
Let's look at what the guards and tool
LVL and Protections
About 3 years ago, Google has changed the protection system that developers can
implement in your applications to prevent unauthorized copying.
This is based on the control of ' LVL (License Validation Library).
If circumvent old enough to have a terminal with protection rights root
folder and remove applications from the app private ,
today around the control is even easier.
Let's see how the ' LVL
The application does a license check through the ' LVL and Google Play client ,
which handles the communication with the server in the Store .
This is the LicenseValidator Class and you can find once disassembled the APK.
LicenseValidator.smali constants
. Field private static final ERROR_CONTACTING_SERVER: I = 0 × 101 . field private static final ERROR_INVALID_PACKAGE_NAME: I = 0 × 102 . field private static final ERROR_NON_MATCHING_UID: I = 0 × 103 . field private static final ERROR_NOT_MARKET_MANAGED: I = 0 × 3 . field private static final ERROR_OVER_QUOTA: I = 0 × 5 . field private static final ERROR_SERVER_FAILURE: I = 0 × 4 . field private static final LICENSED: I = 0 × 0 . field private static final LICENSED_OLD_KEY: I = 0 × 2 . private static field final NOT_LICENSED: I = 0 × 1 |
LicenseValidator.smali verify
. Sparse-switch 0 × 0 ->: sswitch_d3 0 × 1 ->: sswitch_de 0 × 2 ->: sswitch_d3 0 × 3 ->: sswitch_11d 0 × 4 ->: sswitch_f3 0 × 5 ->: sswitch_101 0 × 101 - >: sswitch_e5 0 × 102 ->: sswitch_10f 0 × 103 ->: sswitch_116 . sparse-end switch |
0 × 0 and 0 × 3 values are both positive and when the application will control
the license will recognize as genuine .
The important part is this:
0 × 1 or NOT_LICENSED
In an application without a license,
changing 0 × 1 ->: sswitch_de in 0 × 1 ->: sswitch_d3
the library will show the application
that the license is valid .
Finally, just reassemble everything.
If any of you chew a little 'programming,
has already realized that automate the process
by means of a script is not that difficult.
It runs the tool Anti-LVL ,
that with a single command performs the whole procedure,
ie, an oversimplification:
disassembles, edit the file LicenseValidator and reassembled.
Crack an application
We start Astro File Manager ,
press Menu -> Tools -> Application Manager
Select the application you want to crack (Shazam Encore in my example),
press Backup
Will be used to dump the application folder: .. \ backups \ apps then We connect the device to the PC, and move the application on the desktop.
Unpack the file AntiLVL-1.4.0-win downloaded previously,
and put the application in the folder.
We initiate the command prompt in Windows ,
and posizionamoci inside the folder AntiLVL-1.4.0-win .
If we have the files on the Desktop proceed as follows:
There are several commands, see the main one, that we are interested in:
java-jar antilvl.jar applicazione.apk
The application that we want to crack in this example is called com.shazam.encore.android-1.apk , in the command prompt, simply write:
java-jar antilvl.jar com.shazam.encore.android-1.apk
Then press Enter to execute the command.
In a few seconds the tool will create a modified version of the original
that will also work on other terminals.
Since the original digital signature is not present
(this is because the application has been disassembled and riasssemblata),
we will be unable to perform updates from the Market Journal.
I remind you that an application
after purchase can be returned only once,
riacquistandola will no longer appear on the button reimbursement .
also I want to clarify that the procedure does not need to turn
a version free version pro ,
but only and exclusively to remove the protection LVL .
If we have a single terminal and want to verify the correct application
of the patch on an application of our knowledge, previously purchased on the official Market,
can download the ' Android SDK Manager that includes
several tools and a Virtual Device ,
useful for testing, simulating terminals with different versions of Android.
Lucky Patcher
There is another tool, bootable directly from the device,
very good and frequently updated,
I'm talking about Lucky Patcher .
The only requirement for use: root privileges .
It's really simple, let's see how to do ..
We download and install Lucky Patcher ,
we start it,
select the application you are interested in,
and click on Create APK changed .
This will create a modified version of the original in the folder .. \ LuckyPatcher \ Modified will also work on other terminals.
Lucky Patcher has other useful features,
such as ad blockers: Rimuvi Ads by Google!
Note
There is a growing number of applications with additional protection
submitted by the developers themselves (and not Google),
such as the control of the manipulation of fle APK ,
or a review of the additional license, Prepaid Card , Shark Dash , Widget Locker , SPB Shell , are just some of the applications in their latest versions do not work if you do not regularly purchased. In these cases, these methods are ineffective.
App Testing Guide
I attach a file for those who want to try using this guide,
inside you will find an application in two variants,
with protection LVL present and removed.
If you have any questions or you need help please do not hesitate to ask.
Have fun!
Notes