IDA tutorial - Bypassing fake update warning

By


Sometime you'll meet fake bugs in some games. This fake update warning didn't help much because it's easy to bypass. I'll show you how to bypass it easly

The game is The Evolution Sandbox.

You need:
- IDA Pro
- 7-zip or Winrar to open APK file
- Basic knowledge of IDA hacking

Video tutorial:


Start disassemble the ARM version libcocos2d.so file

Press CTRL+F, search UpdateWarningScreen and open up UpdateWarningScreen::Create(void)
Because I know this is the right function to look for right hehehe.

Highlight _ZN19UpdateWarningScreen… and press X to XREF to see which function are calling this function. There are 2 functions. Double-click to view the code.


Press F5 to view Pseudocode to understand the code easier

It looks very intersting. It checks for Lucky Patcher, signature or other hacking related stuff. I assume checkSignature detected tampered APK.



I'm too lazy to look deeper into it so I'll NOP the loc_xxxxxx instead. Highlight the loc_xxxxxx and press X to XREF. Hmm there is only 2 loc_xxxxx in one function and it's right here, highlighted in yellow


Go to the offsets you found and replace them with NOP (40 46 in THUMB) in hex editor. NOP means No Operation


When you re-disassemble the modified .so file, you'll see the changes.


The fake update warning won't appear anymore. Enjoy playing the modded game.

 Credit:
AndnixSH#

Popular Posts

[TOOL] Unity Assets Bundle Extractor

By
Image
Unity .assets and AssetBundle editor UABE is an editor for Unity 3.4+/4/5/2017/2018 .assets and AssetBundle files. It can create standalone mod installers from changes to .assets and/or bundles. Type information extracted from Unity is used in order to generate text representations of various asset types. Custom MonoBehaviour types also are supported. There are multiple plugins to convert Unity assets from/to common file formats : The Texture plugin can export and import .png and .tga files and decode&encode most texture formats used by Unity. The TextAsset plugin can export and import .txt files. The AudioClip plugin can export uncompressed .wav files from U5's AudioClip assets using FMOD, .m4a files from WebGL builds and Unity 4 sound files. The Mesh plugin can export .obj and .dae (Collada) files, also supporting rigged SkinnedMeshRenderers. The MovieTexture plugin can export and import .ogv (Ogg Theora) files.
Read more

Il2CppDumper GUI Android App

By
Image
This is @Perfare’s Modified version of il2cppDumper (GUI) for Android Supported Versions Android 5 - Android 13 API Level 21 - API Level 33 Tested Tested in Android 6, 10, 11, 12L physical device Download Download: Releases · Poko-Apps/Il2cppDumpDroidGUI Before Downloading the apk file , you should know this app may have one or multiple bugs maybe your device not compatible for this app Installation While installation process , play protect might warn you . Like this : If so then click ‘Install Anyway’. If installation failed for any reason, uninstall the previous version and try again !! Notes Protected Target’s can’t be dump by this dumper (same as @Perfare’s one) If you find any bug or problem then please kindly report it with proper information, I’ll try my best to resolve it. In low-end devices it take a while to dump . Output files directory is under ‘DumpDroid’ folder App is on active devlopment Often Asked Question Does it supports dumping w
Read more