Infamous-Ash

Really

um lets see

Naeem on fire wd homie

REQUIREMENTS: 1. CHARLES 2. SOME BRAIN From their website: About Charles Charles is a web proxy (HTTP Proxy / HTTP Monitor) that runs on your own computer. Your web browser (or any other Internet application) is then configured to access the Internet through Charles, and Charles is then able to record and display for you all of the data that is sent and received. In Web and Internet development you are unable to see what is being sent and received between your web browser / client and the server. Without this visibility it is difficult and time-consuming to determine exactly where the fault is. Charles makes it easy to see what is happening, so you can quickly diagnose and fix problems. Simply translated, this program allows you to see the "hidden" communication between your browser and the target server. "Big Deal I can get that information off Firefox/Chrome etc. already" Well the key difference is how the information is displayed and what you can do with it. Looking at a few of the key features: SSL Proxying – view SSL requests and responses in plain text AJAX debugging – view XML and JSON requests and responses as a tree or as text Repeat requests to test back-end changes Edit requests to test different inputs (Only partial list of key features, the ones that we will put to use) As you can see, this will allow us to not only read and understand the severs response from a HTTPS game server (or most web pages using SSL), its able to easily modify requests sent to the server as a MITM application. Ok Let's get started, for this PoC hack I will be using a completely unedited game from the Play store, Prince Billy Bob (Playstore Link: Game. Lastly, the Android phone I have the game installed on normally, which will have to be run on wifi to connect to the proxy computer. 1st Step: Setup Charles Install Charles following its standard direction, if you can't get that far without needing more detailed help, please exit stage right Start up the program and setup the SSL web proxy. Here's how (DISCLAIMER: I have seen a few different versions of the toolbars in Charles, here is my version, just find the same information if you have a diff version): Go to Proxy > Proxy Settings In the Proxies tab enter "8888" in the HTTP Proxy Port field In same window, Go to SSL tab Check enable SSL and ensure under locations, it has a checkbox with * next to it and the checkbox is checked. Example: Check your computer's ipv4 address, if on the same LAN with your computer use the internal ip address before the router, should start with 192.168... or 10.0... assuming standard LAN setup. save this number for later. If not on the LAN with the computer, get on it (or setup an external proxy which is beyond the scope of this tutorial, as LAN setup will allow SSL responses in plaintext, you'll have to figure out your proper configuration to use an external proxy). Lastly, prep your two SSL certificates. Go to Help > Install Charles CA SSL Certificate. You are going to install on both your PC, and your android. PC installation easy, simply hit Install Certificate and let it select its certificate store, save and done. Next for Android, after hitting the menu item Install Charles CA SSL Certificate, choose the details tab, then copy to file. Save as a DER encoded binary X.509 (CER file) name it whatever and after choosing its destination, send it to your android phone via usb, wifi, sd card, NFC, bluetooth, aliens, IDGAF just send it onto your phone then use any decent file explorer to select and install it. Alright leave Charles open and now setup the target phone 2nd Step: Setup Android (if not already done) Install the game from Play store link above (or Gapps/sideload obv fine, just stating the point that the game itself remains untouched with this method, no version conflict to worry about, achievements are available, etc.) Change your LAN wifi settings. I believe its pretty universal among android versions on how to do this. Go to Settings >Wifi. Long press your network name, and select modify network.. Check the advanced options. Change Proxy settings to manual, scroll down the menu to proxy hostname, change to the LAN ipv4 address you saved from your PC. change proxy port to 8888 to match your settings above. You can leave the rest of the settings alone. Scroll back up and enter wifi password so you can save settings. Provided you did all that correctly, you should now be set. Test by going on Charles to verify the button that looks like a white circle with a smaller red circle is depressed, then going on your browser on your phone and search something on google, or go to homepage, etc. The second you tap any of those on your phone, Charles should come to life, populating its structure/sequence windows with all sorts of neat data. All right you're all setup. Next post I'll have up shortly to detail what kind of details you want to focus on, how to get the server to throw you a bone to work with and not just Facebook tracking data, etc. Lastly I'll show my specific exploit I used for Billy Bob . Now back to how to do the hack. 1. Start Billy Bob game. Its going to load up a bunch of folders and info that if you try to figure out where anything useful is you may get lost, so sit tight and let the game start, load up google plus, etc. once its all done and it looks like Charles is done loading new folders constantly, we are going to 2. Stop the recording session (press white/red button). This info is mostly useless unless you want to dig for app api keys, hashes, fun stuff for more complex hacks, but this is a beginners tut to show the benefits of Charles at all levels. Personally I saved this session before I clear it for study later, but you may either save it or just clear it, its not needed for this hack. 3. Now that Charles is clear, restart the recording session. With all the junk out the way, its more likely to only call the server based on your input, thus easier to track what you want. So here is what i did. I started looking for things that you do that trigger a call to the games main server. Things to try include checking daily rewards, in app purchases, buying premium items in game using premium in game currency(read: currency they expect you to pay real money to get any decent quantity), or as I found for my example, the cloud save sent to https://billybobglobal.mafrpgserver.net/google_game/save . This one was the jackpot which game me completely clear (thanks to Charles SSL credentials) JSON string the developer used in this save. Heres the string you can find by checking the request we sent to the server, easiest to read in Form view, it will look a lot like this [Hidden Content] Doesn't look like much up front, but you'll notice a lot of number match your details, for simplicity sake, heres a easy translation for most the variables, haven't played with all of them yet [Hidden Content] So in conclusion what I decided to do, was alter the numbers being VERY carefulk not to delete any delimiters like ,\": etc (in a file editor was easier for me to c/p but you can edit charles inline) and resend the save request with the altered numbers from Charles. You wont get a confirmation about your svae from that, but its ok, once you get a 200 response from the server, you can hit load game from the app directly, and it will load the numbers you put in. Play around with it to see what you can do, and dont forget to go into your android wifi setting to disable the proxy when done or you wont be able to use the network properly unless your PC is on, etc. Charles stops when shut down so no need to do anything there.

thank you

hey

Server sideded

um lets see this

hope i can win

Um really

Thanks

Um really

Nice

Um really lets see Um really lets see

that means it has some problem or its gonna be updated soon And HI

its not my work i just edited some stuff and posted. the credits goes to orginal owner which i have kept down below

Welcome

Requirements: 1) Have the .apk file you want to hack. 2) Have WinRar installed on your PC. ( Download WinRar 32bit | Download WinRar 64bit ) 3) Have .NET Reflector. ( Download .NET Reflector 9.0 ) 4) Have "Reflexil", a required Plugin to hack files with .NET Reflector. ( Download Reflexil Plugin for .NET Reflector ) 5) Have an APK SIGNER. I personally use the one-click signer. ( Download one click apk signer ) Get Ready Let's prepare our workspace: 1) The first step is to look inside our .apk file, in order to be sure it can be hacked with this method. What we will do is to rename the apk from .apk to .zip; 2) Double click on the .zip file and you should be able to open it with WinRar. If not, make right-click and select "Open With..." and then chose "WinRar"; 3) Try to go to the following location: assets/bin/Data/Managed/. If you reached it succesfully, and if you see lots of .dll files inside it then YES, you can hack this game (or you can TRY hacking it) using .NET Reflector! 4) Now, extract the whole "Managed" folder wherever you like (I personally have a folder on my Desktop I exclusively use to hack games, where I put all the softwares I need to hack them). 5) Open ".NET Reflector", move ALL THE .DLL FILES from the "Managed" folder inside it (move them in the LEFT box of Reflector). 6) Press F3, then press Ctrl+M. This will enable the Search box and set it properly for our scopes. Please note this must be done EVERY TIME you open .NET Reflector. 7) Launch Reflector (if you read the "ReadMe.txt" into the Reflexil folder of my download link above, you already know how to launch it. Otherwise, well, click on the Gear icon or go to Tools -> Reflexil and click on it) Ok, we managed to set up everything properly and we can finally start hacking! Let's start So, let's read what I'll write below very carefully, since it's easy to understand if you spend enough time reading, ok? 1) The first step, after you grabbed your .apk file is to open it with WinRar (I personally rename the extension to .zip in order to open it automatically with WinRar, but you can simply do Right Click on the .apk file and select "Open With..." -> WinRar). 2) Browse to the following path, inside the WinRar window: assets/bin/data/Managed/, like the screenshot below: 3) Extract (you can simply drag them) all the .dll files of this archive into your desired folder (or, to be faster, just drag the entire "Managed" folder of the archive out of it. 4) Now, Open NET Reflector, press F3 and Ctrl+M (this must be done every time, to quickly set up NET Reflector for our usage), load the "Reflexil" plugin by clicking on the Gear icon and move all the .dll files inside .NET Reflector's window (at the left, like in the screenshot below): Now we're ready to search, so input your desired keyword in the Search Box and edit the desired code, like in the Screenshot below. Watch it carefully: 6) To edit the code, you need to right-click on the desired instruction you want to modify and select "Edit". When you're done with edits, click on Update, like in the screenshot below: 7) Now, let's save our code. To do this, in the Left panel of .NET Reflector, scroll up until you find the name of the Assembly you modified, then do Right Click -> Reflexil -> Save, like in the screenshot below: 8) It'll add ".Patched" to the original name the of the .dll file, so you know which one is the modified and which one is the original .dll file. Now, to be sure we modified the right code, let's load again the Assembly into .NET Reflector, to see how it does look now. (this step is optional, but recommended if you're not 100% sure the hack is properly coded: 9) Ok, in my example the codes were right so we can proceed adding the modified .dll file to our original .apk file. So we open the .apk file again with WinRar and replace the original "Assembly-Csharp.dll" (or any other .dll files you modified) with the one containing ".Patched", but of course, you need to rename the file to its original name, or the game will not load. So, in my example, I renamed Assembly-Csharp.Patched.dll to Assembly-Csharp.dll in order to restore its original name. 10) Now it's time to sign it (or you can add toast before singning apk if you want, before signing the .apk file). So we move the modified .apk file in the same folder of the "one_click_signer.cmd" file (or, if you use another apk signer, use your method to sign it), then we open it by double-clicking it and a Command Prompt window will appear. All we need to do is to type: "name of the apk file.apk" and press Enter, like in the screenshot below (don't forget the "" symbols, they are part of the code you need to write!): 11) That's it! Our MOD APK file is ready! You'll find a new .apk file in this folder, starting with "signed-". This is the signed .apk file you can finally share! But first, of course, test the game and ensure it does properly work. If yes, it means you're a good hacker and you can finally upload the .apk file to share it with everyone! If the .apk file is not properly working, or if the codes you made aren't showing, well, don't lose hope! Just try again, modifying some other offsets! Good luck! FAQs: If you need help, as always, reply below and I'll be glad to add further details or to give you an helping hand! Do you have an Int32? You can return a value this way: ldc.i4 -> Int32 -> Your_Value (no limits) ret or ldc.i4.s -> SByte -> Your_Value (max 128) ret Do you have an Int64? You can return a value this way: ldc.i8 -> Int64 -> Your_Value ret Do you have a Single? You can return a value this way: ldc.r4 -> Single -> Your_Value ret Do you have a Double? You can return a value this way: ldc.r8 -> Double -> Your_Value ret Do you have a "Boolean"? I'm used to compare "Boolean" with a question. Basically, it "asks" something to the game, and the game will answer with True (yes) or False (no). For example: get_isVip will "ask" the game if the user is a VIP, and the game will probably answer "No, he's not a VIP!!!", so what can we do here? We have two ways. The first (easier, but you will not learn much..) is about returning always True (yes), while the second (not alwasy applicable, but it's the "pros" way) is about making the game thing you're a VIP for real. But first, let's explain how to return "True" or "False" in the game. True = ldc.i4.1 (or ldc.i4 -> Int32 -> 1) False = ldc.i4.0 (or ldc.i4 -> Int32 -> 0) Beware that you must always use ldc.i4 (and not ldc.r4, ldc.i8 and so on..) or the game will crash. So, the easiest way to always return True (or False) to a Boolean is to replace the whole function with: [TRUE] ldc.i4.1 ret [FALSE] ldc.i4.0 ret Now, let's talk about the pros' method. As we said above, it's all about making the game think you're a VIP for real, so the Boolean will naturally return a true value, even if we both know you're not a VIP for real in the game (of course I talk about VIP to make an example, you can replace the word "VIP" with anything. For example, "get_isUnlocked" or simply "IsUnlocked" is a boolean to unlock stuff in the game and so on.. it's up to you to find the right keyword to hack a value). Sometimes, there are some "checks" to ensure if you're a VIP or not. For example, the game checks you VIP level and, if it's equal to 0 returns a false, while if it's higher than 0, it returns true. It should look like this (very basic example) in NET Reflector decompilation window: get_isVip { if (this.Player.get_vipLevel) > 0 { return true } return false } And, in Reflexil (the plugin's window you have at the bottom) you should see something like: 0 ldarg.0 1 ldfld Player.get_vipLevel 2 ldc.i4 0 3 bge (6 -> ldc.i4.1) 4 ldc.i4.0 5 br (7 -> ret) 6 ldc.i4.1 7 ret Now, it's not that hard to understand what Reflexil says. Let's compare the text with the NET Reflector's decompiled code: ldarg.0 -> "this." ldfld -> loads the value, in particular, the one about the Player's vip Level ldc.i4 0 -> it means 0, referring to the player's vip level bge (6 -> ldc.i4.1) -> it means "branch if greather than". This means, if the Player's vip Level (ldarg.0 + ldfld) is greather than 0 (ldc.i4 0), the function will jump to the sixth function (ldc.i4.1 which means true) ldc.i4.0 -> which means false. If the function didn't jump to the ldc.i4.1, the game will return this value (false) so the player will not be a VIP br (7 -> ret) -> this will jump to the 7th function, which is the "ret". Of course, after returning the false, the function needs to close itself, so it'll jump to the "ret" at the end of it. ldc.i4.1 -> this means true and it's called by the "bge" we've seen above. This is the only way this value is called so, if the player value is higher than 0, this will be the next value returned = the Player IS a VIP. ret -> You know better than me that "ret" ends the function. Remember EVERY function in the game must end with "ret" or the game will not work properly. So, after this long and boring lesson, what's the pros' way to hack this? The answer is in your brain. If the player vip level is higher than 0, the player will be a VIP so what will we do? Of course, we'll hack the player vip level! How? Simply look for "get_vipLevel" (please note this is just an example, it doesn't apply to any particular games and the keyword could change) and it'll probably be an Int32 so you'll simply replace its whole function to: ldc.i4 -> Int32 -> 15 (for example, as most games with the VIP interface caps the VIP level at 15, while some other have got 10 as VIP level's cap) ret This will not only automatically enable your VIP membership, but it will also give you a VIP level = 15. Please note, even if we manage to hack the VIP level in particular, some online games will still NOT give you the privileges of the VIP membership, or you will get only some of them. Why? Because sometimes the vip level in online games is managed by the server, so you could be the only one seeing you're a VIP member, while all the other people will see you're NOT a VIP member, because you're not a VIP for the server. So, if this value is server-sided, you may still not be able to get your vip privileges with this hack. How to multiply a value? Easy, you have to add the number you want to multiply the value with followed by "mul", before the "ret" or, to be more precise, after the function returns the value you want to hack. Example: ldarg.0 (which means "this.") ldfld Player::get_money ldc.i4 (or ldc.i8, or ldc.r4, or ldc.r8. Which one? See my above examples) -> Int32 (or Int64, or Single, or Double. Which one? See my above examples) -> Your_Value mul ret Sometimes the function returns different values if different events occur, so it could be necessary to multiply more values. How to divide/subtract/add a value? It's the same as before, you just need to use "div" (or "sub" or "add") and not "mul" (div = divide, mul = multiply, sub = subtract, add = add). What's the difference between multiplying something and simply returning 9999999? The main difference is that returning 9999999 will give a STATIC value. It will never decrease/increase, while multiplying (or adding) a value will give a DYNAMIC value, so you can run out of money, but you theorically also have a lower ban chance. Don't think about 9999999 only when talking about money. This could be HP or Damage or XP and so on.. (All the Credits goes to Sbenny)

0

check his bio 2015

Its smokey .Its the date when he join may 2015.And i think the link is https://iosgods.com/user/107857-smokey/ Have a great life smokey.Woulkd be awesome to see you again in the site again. @

wewll done

um