Ted2

Heyy, Yesterday someone tried to hack a game & he needed to see .smali files but I couldn't exactly find a tutorial from this form to link to him. There are tools etc, but yea that's why I'm writing one . What you need first, are the correct files & installation How? https://ibotpeaches.github.io/Apktool/install/ Better tutorial for mac: http://macappstore.org/apktool/ Also you will need JRE installed; http://www.oracle.com/technetwork/java/javase/downloads/index.html After that it'll look something like this: (SignApk folder is something I created by my own) As you can see, I already did put a .apk in there: dtm.apk That's the one we'll decompile What we have to do now, is locate to this folder on Terminal or CMD CMD: SHIFT + right mouse button --> Open command promt here or you can 'cd' to it, not sure how on windows. Terminal: cd /whereyoulocated the apktool folder, mine = cd /users/joey/desktop/apktool After you located to your apktool folder. There are only 2 simple commands you need to know: apktool d 'nameofapk'.apk ---> decompiling apktool b nameofapkyoudecompiledasfolder ---> recompiling In my case: apktool d dtm.apk apktool b dtm lemme show you how it will looks like after decompiling: (redline is decompiled .apk) So, imagine you did some changes in the smali files or png files or whatever , you wanna recompile it back to .apk ofcourse, how? well in my case i type in terminal: apktool b dtm It will look like this: What you have to do now: Openup the decompiled .apk folder, in my case 'dtm' & go to 'dist' Here you'll find the recompiled .apk, you only need to sign the .apk... That's why I created a SignApk folder in my apktool folder, but you can also download 'Zipsigner' from playstore. How do I sign the .apk? This is my SignApk folder, unzip it in your apktool folder: http://www73.zippyshare.com/v/lRQPtsWK/file.html After you've unzipped it, copy apktool + apktool.jar from your apktool folder into the SignApk folder. I copy the recompiled apk to my SignApk folder In my SignApk folder I created a .txt doc with the command to sign .apk It's this command: java -jar SignApk.jar testkey.x509.pem testkey.pk8 apkname.apk newapkname.apk I'll have to locate using Terminal first: In my case: cd /users/joey/desktop/apktool/signapk Then I run this command: java -jar SignApk.jar testkey.x509.pem testkey.pk8 dtm.apk dtm_signed.apk It will look like this: (red line is signed apk) Hope it's a bit clear! Goodluck! PS: If you need any help with some smali hacking, you can pm me & I'll try to help!

https://iosgods.com/topic/30893-advanced-apktool-windows-download-link/ https://iosgods.com/topic/30387-android-multitool-for-decompilingrecompilingsigning/ see this man

trying

You need to decompile the .apk after that it's in the smali folder

GameData.smali

nice man, it's simple to hack. good for practicing smali hacking! If you need any help, I could make a tutorial for you on this game if you want?

Yep, smali. I just hacked the weapons & coins. It's easy, goodluck!

Not every android game get hacked in the same way. You can hack a .dll You can hack a .lib Or you can mod a smali file We can not tell you 'how' to hack the game if we don't know the game, so link me the game please? If this is the game you're trying: https://play.google.com/store/apps/details?id=com.fungamesforfree.snipershooter.free&hl=nl it's neither unity hacking or ida hacking, bcs both files don't exist in the files, that means you have to hack it somewhere in the smali files, the smali files are inside the classes.dex so you'll have to decompile it, i'm sure there are tutorials on how to do that. After it's decompiled, you wanna search in the smali files. goodluck

great tut bud

true shit

lemme seee

Hmm, it seems pretty intresting to me, but couldn't find exacttly how they're made . I'm really curious

Intresting, so if you're jailbroken, it's possible to add the dylib you made in the .ipa & release it for non jailbroken phones? Or am I wrong about that

Yo, Just curious, might be a stupid question either.. I've been seen allot .ipa hacks for non jailbroken phones like these: https://iosgods.com/forum/78-vip-non-jailbroken-hacks-cheats/ I think they're just made by modding the binary of the game, but I'm not sure so that's why I ask it.. How are they made? Thankssss

Solved it, you were right about them

Thanks worked & sorry then.. I really couldn't find it.. my bad I guess

yoo still trying to get theos working, i think i'm pretty close now.. But I'm getting the error ' Nothing can be done for internal-bundle-compile' So I searched on the forum, but nothing fixed it. So I did make package messages=yes & I got this: iPhone-van-Joey:/var/mobile/brp root# make package me ssages=yes Making all for tweak brp... make -f Makefile --no-print-directory --no-keep-going \ internal-library-compile \ _THEOS_CURRENT_TYPE=tweak THEOS_CURRENT_INSTANCE=brp _THEOS_CURRENT_OPERATION=compile \ THEOS_BUILD_DIR="." _THEOS_MAKE_PARALLEL=yes make[2]: Nothing to be done for `internal-library-compile'. Making all in brp... make[1]: Entering directory `/private/var/mobile/brp/brp' Making all for bundle brp... mkdir -p "obj/brp.bundle/" mkdir -p "obj/brp.bundle/" mkdir -p "obj/brp.bundle/" for d in Resources; do \ if [ -d "$d" ]; then \ rsync -a "$d/" "./obj/brp.bundle/" --exclude "_MTN" --exclude ".git" --exclude ".svn" --exclude ".DS_Store" --exclude "._*"; \ else \ echo "Warning: ignoring missing bundle resource directory $d."; \ fi; \ done make -f Makefile --no-print-directory --no-keep-going \ internal-bundle-compile \ _THEOS_CURRENT_TYPE=bundle THEOS_CURRENT_INSTANCE=brp _THEOS_CURRENT_OPERATION=compile \ THEOS_BUILD_DIR="." _THEOS_MAKE_PARALLEL=yes make[3]: Nothing to be done for `internal-bundle-compile'. make[1]: Leaving directory `/private/var/mobile/brp/brp' rm -rf "/private/var/mobile/brp/_" /var/mobile/brp/theos/bin/fakeroot.sh -p "/private/var/mobile/brp/.theos/fakeroot" -c mkdir -p "/private/var/mobile/brp/_" [ -d layout ] && rsync -a "layout/" "/private/var/mobile/brp/_" --exclude "DEBIAN" --exclude "_MTN" --exclude ".git" --exclude ".svn" --exclude ".DS_Store" --exclude "._*" || true Making stage for tweak brp... mkdir -p "/private/var/mobile/brp/_/Library/MobileSubstrate/DynamicLibraries/" cp ./obj/brp.dylib "/private/var/mobile/brp/_/Library/MobileSubstrate/DynamicLibraries/" if [ -f brp.plist ]; then cp brp.plist "/private/var/mobile/brp/_/Library/MobileSubstrate/DynamicLibraries/"; fi Making stage in brp... make[1]: Entering directory `/private/var/mobile/brp/brp' [ -d layout ] && rsync -a "layout/" "/private/var/mobile/brp/_" --exclude "DEBIAN" --exclude "_MTN" --exclude ".git" --exclude ".svn" --exclude ".DS_Store" --exclude "._*" || true Making stage for bundle brp... mkdir -p "/private/var/mobile/brp/_/Library/PreferenceBundles/brp.bundle" rsync -a "./obj/brp.bundle/" "/private/var/mobile/brp/_/Library/PreferenceBundles/brp.bundle" mkdir -p /private/var/mobile/brp/_/Library/PreferenceLoader/Preferences cp entry.plist /private/var/mobile/brp/_/Library/PreferenceLoader/Preferences/brp.plist make[1]: Leaving directory `/private/var/mobile/brp/brp' mkdir -p "/private/var/mobile/brp/_/DEBIAN" sed -e '/^[Vv]ersion:/d' "/private/var/mobile/brp/control" > "/private/var/mobile/brp/_/DEBIAN/control" echo "Version: 1.0.0-3" >> "/private/var/mobile/brp/_/DEBIAN/control" echo "Installed-Size: 328" >> "/private/var/mobile/brp/_/DEBIAN/control" COPYFILE_DISABLE=1 /var/mobile/brp/theos/bin/fakeroot.sh -p "/private/var/mobile/brp/.theos/fakeroot" -r dpkg-deb -b "/private/var/mobile/brp/_" "./com.ted.brp_1.0.0-3_iphoneos-arm.deb" dyld: could not load inserted library '/var/mobile/brp/theos/bin/libfauxsu.dylib' because no suitable image found. Did find: /var/mobile/brp/theos/bin/libfauxsu.dylib: can't map segments into 16KB pages /var/mobile/brp/theos/bin/fauxsu: line 43: 3893 Trace/BPT trap: 5 "$@" make: *** [internal-package] Error 133 iPhone-van-Joey:/var/mobile/brp root# Any help? Would be great, I'm getting tired of this pff

Yea that's what they tell me, I downloaded all the headers you guys have posted here but none of them worked. It's so anoying

Sooo, I finally got a iPhone which I could jailbreak again & I wanted to setup theos.. I got a shitloads of errors while compiling it & I fixed most of them by searching on the forum but I can't with this one... https://www.dropbox.com/s/nou0he3vsks51am/Foto%2003-01-17%2009%2005%2041.png?dl=0 Help would be great! Thankyouuu EDIT: Fixed it, got 'logos.h not found' now.. the error I had in the beginning too.. what's this mann..

down for me too, I suggest not to upgrade. site will probably be up soon there are probably somewhere links for the tool tho

thankkkks

isLevelUnlocked isWorldUnlocked isUnlocked hasLevelUnlocked hasWorldUnlocked usefull too, sometimes

Yea, I loaded another game & saw something usefull. But now I get it, I had no clue where you got it from lol. Thankyou

Hey, Shmoo wrote a very nice tutorial with a new way of making a MShook tweak: https://iosgods.com/topic/4295-tutorial-how-to-hack-with-mshook-new-way/ I get the most part, except one thing. This is the code I am not getting: %ctor{ MSHookFunction(((void*)MSFindSymbol(NULL, "__ZN10Characters5Money8GetValueEv")),(void*)getMoney, NULL); } Where does he get the function called 'getMoney' from? I never saw it somewhere in his tutorial... Do I miss something? See I something over my head? Help would be awesome

will ya update?