Jasi2169 Posted February 4, 2017 Posted February 4, 2017 Difficulty : 0 - 5Language : Android StudioPlatform : AndroidOS Version : JellyBean+Packer / Protector : None Description : Here are couple of crackmes and keygenmes i coded for android any beginner or want to test can test their hand in :- 1. App :- Android_Crackme1_TeamURET , Difficulty :- 0/10 2. App :- Android_Crackme2_TeamURET , Difficulty :- 1/10 3. App :- AndroidKeygenMe_1-URET , Difficulty :- 2/10 4. App :- URET Android Official KeygenMe 01 , Difficulty :- 5/10 (This Is Official KeygemMe Only Defeated By One Guy Yet) Enjoy.... Files are attached URET_Android_crackmes_Keygenmes.rar 3
CodeExplorer Posted February 21, 2017 Posted February 21, 2017 1. App :- Android_Crackme1_TeamURET , Difficulty :- 0/10 package acm.jasi2169.acm1; public class Acm extends Activity { String a = "2169"; 2169 is the key. I will check 2 son. 1
Jasi2169 Posted February 24, 2017 Author Posted February 24, 2017 On 2/22/2017 at 2:37 AM, CodeCracker said: 1. App :- Android_Crackme1_TeamURET , Difficulty :- 0/10 package acm.jasi2169.acm1; public class Acm extends Activity { String a = "2169"; 2169 is the key. I will check 2 son. great ,looking forward for Official Uret ANdroid Keygenme solution from you
CodeExplorer Posted March 22, 2017 Posted March 22, 2017 (edited) Patching Android_Crackme2_TeamURET.apk class acm.jasi2169.acm2.AA String b = "Application Is Not Licensed"; String c = "Application Is Licensed"; I've used ApkAnayser to get from where are used: and both are used from: acm.jasi2169.acm2.Aa.Aa() @ 5 This was just the constructor class method! b ( "Application Is Not Licensed") is also used from: acm.jasi2169.acm2.Aa.c() @ 3 public void c() { d(); b.a(this, this.b, this.d); } c() method is the bad boy! Local graph for c() method: class b run() void class Aa b() void class Aa c() void public void b() { if (!a(this)) { // bad boy 1 if (!this.f.getBoolean("a", false)) { this.g.putBoolean("a", true); this.g.commit(); } c(); } for (;;) { return; if (!a(this)) { d(); moveTaskToBack(true); finish(); i(); } else if (!android.support.a.a.a.a(this)) { this.g.putBoolean("a", true); // bad boy 2 this.g.commit(); c(); } } } public void m6b() { if (!m1a((Context) this)) { if (!this.f5f.getBoolean("a", false)) { this.f6g.putBoolean("a", true); this.f6g.commit(); } m7c(); // call bad boy! } else if (!m1a((Context) this)) { m8d(); moveTaskToBack(true); finish(); m13i(); } else if (!C0007a.m17a(this)) { this.f6g.putBoolean("a", true); this.f6g.commit(); m7c(); // call bad boy! } } classType = Lacm/jasi2169/acm2/Aa; Method Size: 3 Method Code Offset: 37516 Method: a(Landroid/content/Context;)Z { const-string v0 "playstore is not installed means chinese user ?" const-string v0 "playstore is required to check license :)" invoke-virtual {v2} Landroid/content/Context;->getPackageManager()Landroid/content/pm/PackageManager; move-result-object v0 invoke-virtual {v2} Landroid/content/Context;->getPackageName()Ljava/lang/String; move-result-object v1 invoke-virtual {v0,v1} Landroid/content/pm/PackageManager;->getInstallerPackageName(Ljava/lang/String;)Ljava/lang/String; move-result-object v0 if-eqz v0 :label_28 const-string v1 "com.android.vending" invoke-virtual {v0,v1} Ljava/lang/String;->startsWith(Ljava/lang/String;)Z move-result v0 if-eqz v0 :label_28 const/4 v0 1 label_27: return v0 label_28: const/4 v0 0 ; to replace 1200 with 1210 - to always return true goto :label_27 } 929C is the body address! android.support.a.a method a classType = Landroid/support/a/a/a; Method Code Offset: 39764 Real body start: 9B64 Same changes as before: replace 1200 with 1210 - to always return true ApkEditor - to be able to install the apk: Select an Apk File, choose "Common Edit" option, as "Internal Location" choose "Internal Only" APK is stored on: /storage/sdcard/ApkEditor/tmp/gen_signed.apk Link download of solved crackme:http://www33.zippyshare.com/v/BUSak2ZA/file.html Edited March 22, 2017 by CodeCracker 3
Jasi2169 Posted April 9, 2017 Author Posted April 9, 2017 @CodeCracker great work on second one,change at right place rather then modifying the string by some users who tried before. looking for official keygenme thats the real challenge
CodeExplorer Posted April 9, 2017 Posted April 9, 2017 @Jasi2169: I've noticed that your crackmes are very small (great job), how you did it? What android developer you use? (If I may know) As for me solving the keygen me, that for sure require (android) coding skills, which currently I don't poses, I am a beginner with android development.
Jasi2169 Posted April 10, 2017 Author Posted April 10, 2017 hi ,i used old sdk build tools i do not remember maybe they are of jellybean sdks 16 or 17 i guess,also they were built on Eclipse IDE now the sdk tools is v25 nougat,even if you use v21 lollipop build tools your size will be more why ? because the AppCompat support library is automatically added by android studio which takes 1.5-1.9mb space. this is the reason uret patcher is 2.5mb,patcher is only 1mb 1.5 mb is taken by this support n design library added by sdk tools when compiling the debug or release build i would suggest you keep using android studio as its easy and simple ,eclipse was good but nothing compare to Android studio built on modules of intelij idea or try changing your Extends AppCompatActivity to Activity in all the activity and try removing extra libraries in dependancies of your build gradle module 1
CodeExplorer Posted April 10, 2017 Posted April 10, 2017 (edited) Finded here a list of old android studio:http://ady.my/viewer/android-studio/ And here somw download link:http://v1248.com/index.htm?kw=Alesso_Studio.zip&pn=257&ca=&ft=&fd= https://androidsdkoffline.blogspot.ro/p/android-sdk-41-api-16-jelly-bean-direct.html Also finded this:https://androidsdkoffline.blogspot.ro/2016/06/how-to-install-android-sdk-offline.html Edited April 10, 2017 by CodeCracker
Jasi2169 Posted April 10, 2017 Author Posted April 10, 2017 Old android studios hanges.freezes and crashes alot i use v2.1.2 i did not updated to latest as it works great for me so use latest Android studio but download old android sdk and push it to C:\Users\JASI\AppData\Local\Android\sdk (this is default location) ,make android folder in Local and put sdk folder there in username and then go to android studio and in settings locate android studio folder and click apply and restart we just need android build tools old and support library old for example in android sdk downloader download jellybean api 16 stuff and use that to compile the apk i would suggest compatibility is most important over size
CodeExplorer Posted April 22, 2017 Posted April 22, 2017 Just finded a better replacer (for AndroidStudio):https://pirateproxybay.info/torrent/8729618/Complete_android_SDK_with_eclipse_ADT_and_JDK_JRE_(Windows) Resulted apk - simple hello world application has only 14 KB! But I am too lazy to convert my already made programs on AndroidStudio! 1
zAWS! Posted May 10, 2018 Posted May 10, 2018 App :- URET Android Official KeygenMe 01 , Difficulty :- 5/10 : include a mistake in coding ... are you update this version?or it is the last!? Jasi2169 i will post key generator for two keygenme's (5/10 & 2/10) under Android platform! and explain what the wrong in this official version! thx for this challenging.
zAWS! Posted May 10, 2018 Posted May 10, 2018 (edited) attachment : for 2/10 ... for 5/10 ..is any update or repaired version? uretkgme1_zAWS!.apk Edited May 10, 2018 by zAWS! insert attach..
Jasi2169 Posted May 11, 2018 Author Posted May 11, 2018 (edited) please explain @zAWS! the mistake ? those extra digits needs brute forcing is that what you talking about ? PS i dont have source code left anymore by mistake i deleted the wrong folders and my source code was gone as well but i remember the idea not full but yes how key was generated i will check out your results soon at home! good work,also could you share your views here to make it better and feedbacks ? EDIT :- first keygen works,second doesnot work for me PS it creates only one serial if you know it does not accept the same again,but anyway serial not working also now days the root can cause problem which adds boolean in serial,sometime phone is rooted systemless but binaries are not present in system <- you mean this mistake ? you could do like add boolean to user to say if your phone rooted add 1 or not rooted add 2 and generate serial sometime on new android OS keygenme wont detect root as systemless for example and boolean stays false in this case so asking for user is good option Edited May 11, 2018 by Jasi2169
zAWS! Posted May 12, 2018 Posted May 12, 2018 Hi jasi2169 Quote “PS i dont have source code left anymore by mistake i deleted the wrong folders and my source code was gone as well but i remember the idea not full but yes how key was generated” Please read Pdf file ..it is a quick Guide charts to remember what’s going inside your keygen. Quote “please explain the mistake ? those extra digits needs brute forcing is that what you talking about ? “ 1- yes ..that’s the point.. I wrote an external code to brute force this two digits and I generated these digits for values from(350 to 1500), I found strange thing Every hundred, there are an (8 to 9 values) that can’t be generated those digits!)-: Example: (if the SUM OF ASCII Numbers (without two digits) are from (589 to 596) or (from 688 to 695) ext.... WE CAN’T get these digits.. And in some cases I generated the fives keys(MD5-SHA-1, SHA-256, SHA-384, SHA-512) for the same username and got the SUM between those magic numbers(BAD LUCK) and I can’t generate the two digits, so for that reason I generated only one key based of (MD5) hash AND doesn’t care with other keys So We can easily generated other hash values..and add its to keygen. Quote “sometime on new android OS keygenme wont detect root as systemless for example and boolean stays false in this case so asking for user is good option “ No ..i do not agree with you ..it’s weak point for keygener to ask the customer input special Expression ..maybe he – she did not know what the meaning of root?! I think developer must get it by code.. and don't let anyone know what's going inside keygen. Quote “PS it creates only one serial if you know it does not accept the same again,but anyway serial not working “ AS I explain I generated only one key (Based on MD5 hash) and that key only work with First check, or you must click multi check button to re write MD5 value again IN(億.xml) file. (億 – Billion in English)and got good boy message again. So ..If serial not working ..maybe there is a problem of detecting device rooting.. i did not test on new devices.. I test my root detected code on (Emulator,lolliopop OS ,KTKAT OS) and works great .. Now on my case: Root value : 2 BRAND : Samsung Serial :dbe26236 If we apply the routine we got view result as screen shots! Uert offical keygen me charts analysis.pdf 1
Jasi2169 Posted May 12, 2018 Author Posted May 12, 2018 Hi ,i can see that i got the idea but the two guys https://www.uret.in/topic/2910-uret-android-official-keygenme-01/ bruteforced with every single hash properly when i coded the keygen i also made the keygen which bruteforced properly i didnot remember the trick i used but i brute forced the 2 characters within freeze of 5seconds max with any serial, also the way niko and djmen bruteforced i liked that but i dont have their keygenme solution anymore either my bad but yes you analyzed it the algo and i see use used b4a android to develop the application 1
zAWS! Posted May 12, 2018 Posted May 12, 2018 thx.. the link above need a special access permission.. i think website need an invitation code to register!😀
Jasi2169 Posted May 12, 2018 Author Posted May 12, 2018 12 minutes ago, zAWS! said: thx.. the link above need a special access permission.. i think website need an invitation code to register!😀 i will send you invitation,send me PM with the email and username you want to register with
Recommended Posts
Create an account or sign in to comment
You need to be a member in order to leave a comment
Create an account
Sign up for a new account in our community. It's easy!
Register a new accountSign in
Already have an account? Sign in here.
Sign In Now