Jump to content
Community Announcements, Giveaways & More!

LIAPP Jailbreak Detection Bypass

marc726

By marc726
in Help & Support

 Share

17 posts in this topic

Recommended Posts

marc726 Apprentice

marc726 8
  •   iPhone X 
  •   14.3

    • Posted
    Posted (edited)

    Hi all. I was wondering what the best way to find and address the AppGuard/LiAPP detection on a certain app. I was using a decompiler on the UnityFramework file and I also tried using DNSpy for the Assembly file. My issue is:

     

    1. I can find a Class for “CheatDetector”  in DNSpy using the assembly file that has a method for LIAPP but im not sure how to address it in the Live Offset program. I tried to NOP the offsets of the functions but nada.

    2. I can also find instances in the UnityFramework file where it tries to find paths of common jailbroken thing such as Cydia. 

     

    I'm not understanding which I should be addressing given that both show points of interest for detecting JB. Any help would be appreciated. 

    Updated by marc726
    Format and Misspell fixes. 
    • Like 1
    lxdx Proficient

    lxdx 25.4k
  •   iPhone 14 
  •   18.1

    • Posted
    Posted (edited)
    On 12/17/2022 at 11:50 PM, marc726 said:

    Hi all. I was wondering what the best way to find and address the AppGuard/LiAPP detection on a certain app. I was using a decompiler on the UnityFramework file and I also tried using DNSpy for the Assembly file. My issue is:

     

    1. I can find a Class for “CheatDetector”  in DNSpy using the assembly file that has a method for LIAPP but im not sure how to address it in the Live Offset program. I tried to NOP the offsets of the functions but nada.

    2. I can also find instances in the UnityFramework file where it tries to find paths of common jailbroken thing such as Cydia. 

     

    I'm not understanding which I should be addressing given that both show points of interest for detecting JB. Any help would be appreciated. 

    Have you first tried FlyJb X ? 

    If you open the game, and enable FlyJb after its useless since the game will store that you are Jailbreak. 

    Steps :

    1) Delete the game. 

    2) Re install it BUT DON'T OPEN IT

    3) Open FlyJb and from there, enable ur app. you can use A-bypass if you want, i use FlyJB but use any good alternatives.

    4) Open your game 

     

    If that didn't work, you probably need to work with DnSpy...

    Afaik you can't NOP a class, try to look functions / methods, maybe bool functions store if you are jailbreak or no. 

    You can also search for function names containing "jailbreak", "root". 

     

    I think the first method should work tbh, but if not good luck for the second one, it's gonna be a lot of work to test them 

    Updated by ꞋꞌꞋꞌꞋꞌꞋꞌ
    • Like 1
    marc726 Apprentice

    marc726 8
  •   iPhone X 
  •   14.3

    • Posted
    • Author
    Posted (edited)
    10 hours ago, ꞋꞌꞋꞌꞋꞌꞋꞌ said:

    Have you first tried FlyJb X ? 

    If you open the game, and enable FlyJb after its useless since the game will store that you are Jailbreak. 

    Steps :

    1) Delete the game. 

    2) Re install it BUT DON'T OPEN IT

    3) Open FlyJb and from there, enable LIAPP. you can use A-bypass if you want, i use FlyJB but use any good alternatives.

    4) Open your game 

     

    If that didn't work, you probably need to work with DnSpy...

    Afaik you can't NOP a class, try to look functions / methods, maybe bool functions store if you are jailbreak or no. 

    You can also search for function names containing "jailbreak", "root". 

     

    I think the first method should work tbh, but if not good luck for the second one, it's gonna be a lot of work to test them 

    Unfortunately no known public bypass tweaks works at the moment. The only known bypass is on this site but I wanted to try my hand at it. I think I was able to narrow down the function to something called "_fb_is_jailbroken" thanks to Frida. My problem now is looking at the assembly and figuring out what's what, if there are other calls, etc. 

    As for DNSpy, I have the feeling that it's not what I'm looking for. DNSpy does show a class "CheatingDetector"  and it does have a function labeled "onDetectedThreatWithLIAPP()" but it doesn't help me outside of that. 

    It's quite the headache for someone who doesn't have experience in assembly or reverse engineering 😪

    Here's the list from DNSpy in case you were interested:
      

    using System;
using Il2CppDummyDll;

// Token: 0x02000A35 RID: 2613
[Token(Token = "0x2000A35")]
public class CheatingDetector : ManagerSingleton<CheatingDetector>
{
	// Token: 0x06004895 RID: 18581 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004895")]
	[Address(RVA = "0x1D67DFC", Offset = "0x1D67DFC", VA = "0x1D67DFC", Slot = "10")]
	protected override void Awake()
	{
	}

	// Token: 0x06004896 RID: 18582 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004896")]
	[Address(RVA = "0x1D67E50", Offset = "0x1D67E50", VA = "0x1D67E50")]
	public void onDetectedThreatWithLIAPP()
	{
	}

	// Token: 0x06004897 RID: 18583 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004897")]
	[Address(RVA = "0x1D67E58", Offset = "0x1D67E58", VA = "0x1D67E58")]
	public void OnCheaterDetected(int DBBABCBBDCBDBCDDBDDBCCB)
	{
	}

	// Token: 0x06004898 RID: 18584 RVA: 0x00010A10 File Offset: 0x0000EC10
	[Token(Token = "0x6004898")]
	[Address(RVA = "0x1D6808C", Offset = "0x1D6808C", VA = "0x1D6808C")]
	public ValueTuple<bool, string> CheckCheat()
	{
		return default(ValueTuple<bool, string>);
	}

	// Token: 0x06004899 RID: 18585 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004899")]
	[Address(RVA = "0x1D68804", Offset = "0x1D68804", VA = "0x1D68804")]
	public void SaveChatBlockTime(string ACDABDBDABCCACBABDCDCDC, int BBDBBBDCBBDCCABCAACAABC)
	{
	}

	// Token: 0x0600489A RID: 18586 RVA: 0x00010A28 File Offset: 0x0000EC28
	[Token(Token = "0x600489A")]
	[Address(RVA = "0x1D6839C", Offset = "0x1D6839C", VA = "0x1D6839C")]
	public ValueTuple<bool, bool> CheckReport(string ACDABDBDABCCACBABDCDCDC)
	{
		return default(ValueTuple<bool, bool>);
	}

	// Token: 0x0600489B RID: 18587 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x600489B")]
	[Address(RVA = "0x1D68970", Offset = "0x1D68970", VA = "0x1D68970")]
	public CheatingDetector()
	{
	}
}

     

    Updated by marc726
    • Informative 1
    lxdx Proficient

    lxdx 25.4k
  •   iPhone 14 
  •   18.1

    • Posted
    Posted
    3 hours ago, marc726 said:

    Unfortunately no known public bypass tweaks works at the moment. The only known bypass is on this site but I wanted to try my hand at it. I think I was able to narrow down the function to something called "_fb_is_jailbroken" thanks to Frida. My problem now is looking at the assembly and figuring out what's what, if there are other calls, etc. 

    As for DNSpy, I have the feeling that it's not what I'm looking for. DNSpy does show a class "CheatingDetector"  and it does have a function labeled "onDetectedThreatWithLIAPP()" but it doesn't help me outside of that. 

    It's quite the headache for someone who doesn't have experience in assembly or reverse engineering 😪

    Here's the list from DNSpy in case you were interested:
      

    using System;
using Il2CppDummyDll;

// Token: 0x02000A35 RID: 2613
[Token(Token = "0x2000A35")]
public class CheatingDetector : ManagerSingleton<CheatingDetector>
{
	// Token: 0x06004895 RID: 18581 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004895")]
	[Address(RVA = "0x1D67DFC", Offset = "0x1D67DFC", VA = "0x1D67DFC", Slot = "10")]
	protected override void Awake()
	{
	}

	// Token: 0x06004896 RID: 18582 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004896")]
	[Address(RVA = "0x1D67E50", Offset = "0x1D67E50", VA = "0x1D67E50")]
	public void onDetectedThreatWithLIAPP()
	{
	}

	// Token: 0x06004897 RID: 18583 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004897")]
	[Address(RVA = "0x1D67E58", Offset = "0x1D67E58", VA = "0x1D67E58")]
	public void OnCheaterDetected(int DBBABCBBDCBDBCDDBDDBCCB)
	{
	}

	// Token: 0x06004898 RID: 18584 RVA: 0x00010A10 File Offset: 0x0000EC10
	[Token(Token = "0x6004898")]
	[Address(RVA = "0x1D6808C", Offset = "0x1D6808C", VA = "0x1D6808C")]
	public ValueTuple<bool, string> CheckCheat()
	{
		return default(ValueTuple<bool, string>);
	}

	// Token: 0x06004899 RID: 18585 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x6004899")]
	[Address(RVA = "0x1D68804", Offset = "0x1D68804", VA = "0x1D68804")]
	public void SaveChatBlockTime(string ACDABDBDABCCACBABDCDCDC, int BBDBBBDCBBDCCABCAACAABC)
	{
	}

	// Token: 0x0600489A RID: 18586 RVA: 0x00010A28 File Offset: 0x0000EC28
	[Token(Token = "0x600489A")]
	[Address(RVA = "0x1D6839C", Offset = "0x1D6839C", VA = "0x1D6839C")]
	public ValueTuple<bool, bool> CheckReport(string ACDABDBDABCCACBABDCDCDC)
	{
		return default(ValueTuple<bool, bool>);
	}

	// Token: 0x0600489B RID: 18587 RVA: 0x00002050 File Offset: 0x00000250
	[Token(Token = "0x600489B")]
	[Address(RVA = "0x1D68970", Offset = "0x1D68970", VA = "0x1D68970")]
	public CheatingDetector()
	{
	}
}

     

    Mhhh i am not sure that this class is usefull for JB détection...

    It seems dealing with "real cheat" but, if it's whatever dealing with JB, i would NOP / RET all of theses meth/functions.

    All of them have obfuscated parameters, it's hard to know with what it's dealing. and also, ive search for this class online and it seems to be private, there is no documentation from Unity3D about it...

    • Informative 1
    marc726 Apprentice

    marc726 8
  •   iPhone X 
  •   14.3

    • Posted
    • Author
    Posted
    1 hour ago, ꞋꞌꞋꞌꞋꞌꞋꞌ said:

    Mhhh i am not sure that this class is usefull for JB détection...

    It seems dealing with "real cheat" but, if it's whatever dealing with JB, i would NOP / RET all of theses meth/functions.

    All of them have obfuscated parameters, it's hard to know with what it's dealing. and also, ive search for this class online and it seems to be private, there is no documentation from Unity3D about it...

    Yea, NOP RET all functions in that class still gets LIAPP called on me. I'm honestly stumped. I'm guessing the check lies in the UnityFramework file somewhere. Frida points to fb_is_jailbroken

      

    C:\Users\%%%%\AppData\Local\Programs\Python\Python311\Scripts>frida-trace -U -i "*jail*" -n "Random Dice"
Instrumenting...
fb_is_jailbroken: Loaded handler at "C:\\Users\\%%%%\\AppData\\Local\\Programs\\Python\\Python311\\Scripts\\__handlers__\\UnityFramework\\fb_is_jailbroken.js"
_Z24replaced_jailbreakStatusP11objc_objectP13objc_selectori: Loaded handler at "C:\\Users\\%%%%%\\AppData\\Local\\Programs\\Python\\Python311\\Scripts\\__handlers__\\zzzzzLiberty.dylib\\_Z24replaced_jailbreakStatusP11o_658fd25a.js"
Started tracing 2 functions. Press Ctrl+C to stop.
Process terminated

     

    and Ghidra shows 

      

                                 **************************************************************
                             *                          FUNCTION                          *
                             **************************************************************
                             bool __cdecl _fb_is_jailbroken(ID param_1, SEL param_2)
             bool              w0:4           <RETURN>
             ID                x0:8           param_1
             SEL               x1:8           param_2
             undefined8        Stack[-0x10]:8 local_10                                XREF[2]:     006adce8(W), 
                                                                                                   006add08(*)  
                             _fb_is_jailbroken                               XREF[2]:     Entry Point(*), 
                                                                                          isJailBrokenDevice:005966fc(T), 
                                                                                          isJailBrokenDevice:005966fc(j)  
        006adce8 fd 7b bf a9     stp        x29,x30,[sp, #local_10]!
        006adcec fd 03 00 91     mov        x29,sp
        006adcf0 68 4d 02 d0     adrp       x8,0x505b000
        006adcf4 08 31 45 f9     ldr        x8,[x8, #0xa60]=>DAT_0505ba60                    = ??
        006adcf8 1f 05 00 b1     cmn        x8,#0x1
        006adcfc a1 00 00 54     b.ne       LAB_006add10
                             LAB_006add00                                    XREF[1]:     006add24(j)  
        006add00 68 4d 02 d0     adrp       x8,0x505b000
        006add04 00 61 69 39     ldrb       param_1,[x8, #0xa58]=>DAT_0505ba58               = ??
        006add08 fd 7b c1 a8     ldp        x29=>local_10,x30,[sp], #0x10
        006add0c c0 03 5f d6     ret
                             LAB_006add10                                    XREF[1]:     006adcfc(j)  
        006add10 60 4d 02 d0     adrp       param_1,0x505b000
        006add14 00 80 29 91     add        param_1=>DAT_0505ba60,param_1,#0xa60             = ??
        006add18 41 20 02 f0     adrp       param_2,0x4ab8000
        006add1c 21 40 02 91     add        param_2=>PTR_LOOP_04ab8090,param_2,#0x90         = 048a0778
        006add20 74 32 e3 94     bl         __stubs::_dispatch_once                          undefined _dispatch_once()
        006add24 f7 ff ff 17     b          LAB_006add00


    Decomplier shows 

      

    bool _fb_is_jailbroken(ID param_1,SEL param_2)

{
  if (DAT_0505ba60 != -1) {
    __stubs::_dispatch_once(&DAT_0505ba60,&PTR_LOOP_04ab8090);
  }
  return (bool)DAT_0505ba58;
}

     

    which represents the entire function. 

    • Informative 1
    lxdx Proficient

    lxdx 25.4k
  •   iPhone 14 
  •   18.1

    • Posted
    Posted (edited)

    Mhh it seems to be acting like this : 

    bool _fb_is_jailbroken(ID param_1,SEL param_2) {
  if (the check has determine that your device is JB) {
    alert("your device is JB");
    return true;
  }
  return false;
}

    (my analysis only)

    I would return false. As i said, i think the class CheatDetection is useless, i think it uses other thing to determine if jailbreak or not. Have you checked method names containing Jaibreak/root keywords ?

    Updated by ꞋꞌꞋꞌꞋꞌꞋꞌ
    • Agree 1
    marc726 Apprentice

    marc726 8
  •   iPhone X 
  •   14.3

    • Posted
    • Author
    Posted (edited)
    On 12/22/2022 at 6:43 AM, ꞋꞌꞋꞌꞋꞌꞋꞌ said:

    Mhh it seems to be acting like this : 

    bool _fb_is_jailbroken(ID param_1,SEL param_2) {
  if (the check has determine that your device is JB) {
    alert("your device is JB");
    return true;
  }
  return false;
}

    (my analysis only)

    I would return false. As i said, i think the class CheatDetection is useless, i think it uses other thing to determine if jailbreak or not. Have you checked method names containing Jaibreak/root keywords ?

    I'm so sorry I didn't see your reply! 

    I tried to change address 006add08 to:

    mov x30,#0x0
    ret
     

    since the complier showed no arguments for the ret function at 006add0c, I assume it returns the register at x30. As told here https://developer.arm.com/documentation/dui0802/a/A64-General-Instructions/RET
    I am still met with the LIAPP screen after about 15 seconds. 

    I agree with the CheatDetection class and I'm going to eliminate any chance DNSpy can show me the answer. Also the game is Random Dice Defense. 

    Updated by marc726
    • Like 1
    lxdx Proficient

    lxdx 25.4k
  •   iPhone 14 
  •   18.1

    • Posted
    Posted
    25 minutes ago, marc726 said:

    I'm so sorry I didn't see your reply! 

    I tried to change address 006add08 to:

    mov x30,#0x0
    ret
     

    since the complier showed no arguments for the ret function at 006add0c, I assume it returns the register at x30. As told here https://developer.arm.com/documentation/dui0802/a/A64-General-Instructions/RET
    I am still met with the LIAPP screen after about 15 seconds. 

    I agree with the CheatDetection class and I'm going to eliminate any chance DNSpy can show me the answer. Also the game is Random Dice Defense. 

    have you tried to search for the strings that the pop up shows inside iDA string view ?

     

    • Like 1
    marc726 Apprentice

    marc726 8
  •   iPhone X 
  •   14.3

    • Posted
    • Author
    Posted
    2 hours ago, ꞋꞌꞋꞌꞋꞌꞋꞌ said:

    have you tried to search for the strings that the pop up shows inside iDA string view ?

     

    M1qiVoz.jpg

    This is the message I get. I search for instances of "JP1" "Appguard" "shut down" "security policy" but no results except irrelevant results for the last two.

    • Like 1
    lxdx Proficient

    lxdx 25.4k
  •   iPhone 14 
  •   18.1

    • Posted
    Posted (edited)
    10 hours ago, marc726 said:

    /cdn-cgi/mirage/41ff1f68243607f4e9ea12c2548c6d54d43598dd57117816f22e2d670dcc8f0b/1280/https://i.imgur.com/M1qiVoz.jpg

    This is the message I get. I search for instances of "JP1" "Appguard" "shut down" "security policy" but no results except irrelevant results for the last two.

    mhhh then they encrypted the strings... well i have no idear about what you try atm... :sad:

    maybe in this case just navigate to all namespaces and classes trough the .dll using DnSpy, but this takes a lot of time 

    Updated by ꞋꞌꞋꞌꞋꞌꞋꞌ
    • Like 1

    Create an account or sign in to comment

    You need to be a member in order to leave a comment

    Create an account

    Sign up for a new account in our community. It's easy!

    Register a new account

    Sign in

    Already have an account? Sign in here.

    Sign In Now
     Share
    Go to topic listing

    • Our picks

      • Gossip Harbor®: Merge & Story v3.81.0 [+2 Jailed Cheats]

        Gossip Harbor®: Merge & Story v3.81.0 [+2 Jailed Cheats]

        Cashlaz posted a topic in ViP Non-Jailbroken Hacks & Cheats,

        Modded/Hacked App: Gossip Harbor®: Merge & Story By Microfun Limited
        Bundle ID: com.mergegame.icookie
        App Store Link: https://apps.apple.com/us/app/gossip-harbor-merge-story/id1623318294?uo=4



        🤩 Hack Features

        - Unlimited Energy
        - Freeze Currency (Never Decrease)
          • Agree
          • Winner
          • Like
        • 67 replies
        Cashlaz

        Picked By

        Cashlaz,
      • Gossip Harbor®: Merge & Story v3.81.0 [+2 Cheats]

        Gossip Harbor®: Merge & Story v3.81.0 [+2 Cheats]

        Cashlaz posted a topic in ViP Jailbreak Cheats,

        Modded/Hacked App: Gossip Harbor®: Merge & Story By Microfun Limited
        Bundle ID: com.mergegame.icookie
        App Store Link: https://apps.apple.com/us/app/gossip-harbor-merge-story/id1623318294?uo=4



        🤩 Hack Features

        - Unlimited Energy
        - Freeze Currency (Never Decrease)
         
          • Like
        • 28 replies
        Cashlaz

        Picked By

        Cashlaz,
      • Knight Maidens: Idle RPG v1.7 Jailed Cheats +6

        Knight Maidens: Idle RPG v1.7 Jailed Cheats +6

        Laxus posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Knight Maidens: Idle RPG By Yes Games Co., Ltd.
        Bundle ID: com.yesgames.knightmaidens
        App Store Link: https://apps.apple.com/us/app/knight-maidens-idle-rpg/id6755811996?uo=4

         

        📌 Mod Requirements

        - Non-Jailbroken/Jailed or Jailbroken iPhone or iPad.
        - Sideloadly or alternatives.
        - Computer running Windows/macOS/Linux with iTunes installed.

         

        🤩 Hack Features

        - God Mode
        - Multiply Attack
        - One Hit Kill
        - Freeze Gold when Pray
        - Freeze Gems
        - PREMIUM

         

        ⬇️ iOS Hack Download IPA Link: https://iosgods.com/topic/204353-knight-maidens-idle-rpg-v17-jailed-cheats-6/
        • 2 replies
        Laxus

        Picked By

        Laxus ,
      • Project Makeover v2.130.1 +4 Jailed Cheats [ Unlimited Currencies ]

        Project Makeover v2.130.1 +4 Jailed Cheats [ Unlimited Currencies ]

        Puddin posted a topic in ViP Non-Jailbroken Hacks & Cheats,

        Modded/Hacked App: Project Makeover By Magic Tavern, Inc.
        Bundle ID: com.bgg.jump
        App Store Link: https://apps.apple.com/us/app/project-makeover/id1483058899?uo=4

         
         

        🤩 Hack Features

        - Unlimited Cash
        - Unlimited Coins
        - Unlimited Gems
        - Unlimited Lives

        This hack was made by @Cashlaz. Give him all your love & appreciation! ❤️
          • Like
        • 44 replies
        Puddin

        Picked By

        Puddin,
      • Dawn of Zombies: Survival Game v2.274.3032 +8 Jailed Cheats [ Damage & Defence ]

        Dawn of Zombies: Survival Game v2.274.3032 +8 Jailed Cheats [ Damage & Defence ]

        Puddin posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Dawn of Zombies: Survival Game By VISTREX LIMITED
        Bundle ID: com.survival.dawn
        iTunes Store Link: https://apps.apple.com/us/app/dawn-of-zombies-survival-game/id1465954247?uo=4


        Hack Features:
        - Damage Multiplier
        - Defence Multiplier
        - Speed Multiplier
        - Split Hack
        - No Energy Cost
        - Max Level -> Earn some XP.


        Jailbreak required hack(s): [Mod Menu Hack] Dawn of Zombies: Survival Game v2.250 +6 Cheats [ Damage & Defence ] - Free Jailbroken Cydia Cheats - iOSGods
        Modded Android APK(s): https://iosgods.com/forum/68-android-section/
        For more fun, check out the Club(s): https://iosgods.com/clubs/
        • 317 replies
        Puddin

        Picked By

        Puddin,
      • Lost Sword v1.448.1 +1 Jailed Cheat [ Auto Win ]

        Lost Sword v1.448.1 +1 Jailed Cheat [ Auto Win ]

        Puddin posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Lost Sword By Wemade Connect Co., Ltd.
        Bundle ID: com.wemadeconnect.ios.lostdgl
        App Store Link: https://apps.apple.com/us/app/lost-sword/id6482099823?uo=4

         
         

        🤩 Hack Features

        - Auto Win
        • 18 replies
        Puddin

        Picked By

        Puddin,
      • Zerowake GATES : BL RPG v1.5.1 +3 Jailed Cheats [ Damage & Defence ]

        Zerowake GATES : BL RPG v1.5.1 +3 Jailed Cheats [ Damage & Defence ]

        Puddin posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Zerowake GATES : BL RPG By Storytaco.inc
        Bundle ID: com.storytaco.p33client
        App Store Link: https://apps.apple.com/us/app/zerowake-gates-bl-rpg/id6747482230?uo=4

         


        🤩 Hack Features

        - Damage Multiplier
        - Defence Multiplier
        - God Mode
          • Agree
        • 10 replies
        Puddin

        Picked By

        Puddin,
      • (Heaven Burns Red Japan) ヘブンバーンズレッド v6.0.1 +2 Cheats

        (Heaven Burns Red Japan) ヘブンバーンズレッド v6.0.1 +2 Cheats

        AlyssaX64 posted a topic in Free Android Modded APKs,

        Mod APK Game Name: ヘブンバーンズレッド By WFS, Inc.
        Rooted Device: Not Required.
        Google Play Store Link: https://play.google.com/store/apps/details?id=com.heavenburnsred

         

        🤩 Hack Features

        - Damage Multiplier
        - Defense Multiplier

         

        ⬇️ Android Mod APK Download Link


        Hidden Content

        Download Modded APK







         

        📖 Android Installation Instructions

        STEP 1: Download the modded APK file from the link above using your preferred Android browser or download manager.
        STEP 2: Once the download is complete, open your file manager and locate the downloaded .apk file (usually in the Downloads folder).
        STEP 3: Tap the APK file, then select Install. If prompted, enable Install from Unknown Sources in your device settings.
        STEP 3A: If the mod includes an OBB file, extract it if it’s inside an archive. Then move the folder to: /Android/obb/
        STEP 3B: If the mod includes a DATA file, extract it if it’s archived. Then move the folder to: /Android/data/
        STEP 4: Once installed, open the game and toggle your desired cheats & features through the APK mod menu. Enjoy!

         

        NOTE: If you have any questions or issues, read our Frequently Asked Questions topic. If you still need help, post your issue below and we’ll assist you as soon as possible. If the mod works for you, please share your feedback to help other members!

         

        🙌 Credits

        - AlyssaX64

         

        📷 Cheat Video/Screenshots

        N/A

         

         iOS & iPadOS App Hacks
        If you’re looking for Non-Jailbroken & No Jailbreak required iOS IPA hacks, visit the iOS Game Cheats & Hacks or the iOSGods App for a variety of modded games and apps for non-jailbroken iOS devices.
        • 0 replies
        AlyssaX64

        Picked By

        AlyssaX64,
      • Legend of Avatar v1.11.1 Jailed Cheats +3

        Legend of Avatar v1.11.1 Jailed Cheats +3

        Puddin posted a topic in ViP Non-Jailbroken Hacks & Cheats,

        Modded/Hacked App: Legend of Avatar By billionairegames
        Bundle ID: com.billionairegames.serares
        App Store Link: https://apps.apple.com/us/app/legend-of-avatar/id6746192853?uo=4

         
         

        🤩 Hack Features

        - Damage Multiplier
        - Defence Multiplier
        - God Mode
          • Like
        • 173 replies
        Laxus

        Picked By

        Laxus ,
      • Disney Magic Kingdoms Cheats v11.2.0 +1

        Disney Magic Kingdoms Cheats v11.2.0 +1

        Laxus posted a topic in ViP Jailbreak Cheats,

        Modded/Hacked App: Disney Magic Kingdoms By Gameloft
        Bundle ID: com.gameloft.disneykingdom
        iTunes Store Link: https://apps.apple.com/us/app/disney-magic-kingdoms/id731592936?uo=4

         

        📌 Mod Requirements

        - Jailbroken iPhone or iPad.
        - iGameGod / Filza / iMazing.
        - Cydia Substrate, ElleKit, Substitute or libhooker depending on your jailbreak (from Sileo, Cydia or Zebra).

         

        🤩 Hack Features

        - Free Store ( not Free iAP )

         

        Non-Jailbroken Hack: https://iosgods.com/topic/184748-disney-magic-kingdoms-v1012-jailed-cheats-1/

         

        ⬇️ iOS Hack Download Link: https://iosgods.com/topic/147877-disney-magic-kingdoms-cheats-v1020-1/
          • Thanks
          • Like
        • 406 replies
        Laxus

        Picked By

        Laxus ,
      • Dark Tower:Tactical RPG v1.1.1 +2 Jailed Cheats

        Dark Tower:Tactical RPG v1.1.1 +2 Jailed Cheats

        AlyssaX64 posted a topic in Free Non-Jailbroken IPA Cheats,

        Modded/Hacked App: Dark Tower:Tactical RPG By Rawhand. Inc
        Bundle ID: com.rawhand.darktower
        App Store Link: https://apps.apple.com/us/app/dark-tower-tactical-rpg/id6748525811?uo=4

         

         

        📌 Mod Requirements

        - Non-Jailbroken/Jailed or Jailbroken iPhone or iPad.
        - Sideloadly or alternatives.
        - Computer running Windows/macOS/Linux with iTunes installed.

         

        🤩 Hack Features

        - Damage Multiplier
        - Defense Multiplier

         

        ⬇️ iOS Hack Download IPA Link


        Hidden Content

        Download via the iOSGods App







         

        📖 PC Installation Instructions

        STEP 1: Download the pre-hacked .IPA file from the link above to your computer. To download from the iOSGods App, see our iOSGods App IPA Download Tutorial which includes a video example.
        STEP 2: Download Sideloadly and install it on your Windows or Mac.
        STEP 3: Open Sideloadly on your computer, connect your iOS device, and wait until your device name appears in Sideloadly.
        STEP 4: Once your iDevice is recognized, drag the modded .IPA file you downloaded and drop it into the Sideloadly application.
        STEP 5: Enter your Apple Account email, then press “Start.” You’ll then be asked to enter your password. Go ahead and provide the required information.
        STEP 6: Wait for Sideloadly to finish sideloading/installing the hacked IPA. If there are issues during installation, please read the note below.
        STEP 7: Once the installation is complete and you see the app on your Home Screen, you will need to go to Settings -> General -> Profiles / VPN & Device Management. Once there, tap on the email you entered from step 6, and then tap on 'Trust [email protected]'.
        STEP 8: Now go to your Home Screen and open the newly installed app and everything should work fine. You may need to follow further per app instructions inside the hack's popup in-game.

        NOTE: iOS/iPadOS 16 and later, you must enable Developer Mode. For free Apple Developer accounts, you will need to repeat this process every 7 days. If you have any questions or problems, read our Sideloadly FAQ section of the topic and if you don't find a solution, please post your issue below and we'll do our best to help! If the hack does work for you, post your feedback below and help out other fellow members that are encountering issues.

         

        🙌 Credits

        - AlyssaX64

         

        📷 Cheat Video/Screenshots

        N/A
          • Thanks
        • 28 replies
        AlyssaX64

        Picked By

        AlyssaX64,
      • Transcender : Idle RPG v1.9.9 +3 Cheats

        Transcender : Idle RPG v1.9.9 +3 Cheats

        AlyssaX64 posted a topic in Free Android Modded APKs,

        Mod APK Game Name: Transcender : Idle RPG By Rookie Project Co., Ltd.
        Rooted Device: Not Required.
        Google Play Store Link: https://play.google.com/store/apps/details?id=com.playgames.transcender

         

        🤩 Hack Features

        - Damage Multiplier
        - Never Die
        - Guest Login

         

        ⬇️ Android Mod APK Download Link


        Hidden Content

        Download Modded APK







         

        📖 Android Installation Instructions

        STEP 1: Download the modded APK file from the link above using your preferred Android browser or download manager.
        STEP 2: Once the download is complete, open your file manager and locate the downloaded .apk file (usually in the Downloads folder).
        STEP 3: Tap the APK file, then select Install. If prompted, enable Install from Unknown Sources in your device settings.
        STEP 3A: If the mod includes an OBB file, extract it if it’s inside an archive. Then move the folder to: /Android/obb/
        STEP 3B: If the mod includes a DATA file, extract it if it’s archived. Then move the folder to: /Android/data/
        STEP 4: Once installed, open the game and toggle your desired cheats & features through the APK mod menu. Enjoy!

         

        NOTE: If you have any questions or issues, read our Frequently Asked Questions topic. If you still need help, post your issue below and we’ll assist you as soon as possible. If the mod works for you, please share your feedback to help other members!

         

        🙌 Credits

        - AlyssaX64

         

        📷 Cheat Video/Screenshots

        N/A

         

         iOS & iPadOS App Hacks
        If you’re looking for Non-Jailbroken & No Jailbreak required iOS IPA hacks, visit the iOS Game Cheats & Hacks or the iOSGods App for a variety of modded games and apps for non-jailbroken iOS devices.
        • 9 replies
        AlyssaX64

        Picked By

        AlyssaX64,
      View All
    ×
    ×
    • Create New...

    Important Information

    We would like to place cookies on your device to help make this website better. The website cannot give you the best user experience without cookies. You can accept or decline our cookies. You may also adjust your cookie settings. Privacy Policy - Guidelines