2. maj 2017

Bypass signature check in Assembly-Csharp.dll


Well that's pretty easy, just search IsGenuine, GetSignature or InstalledFromRightLocation and return it to TRUE. They are all boolean.

Use dnSpy, it's much easier to edit code. Right click inside method code, select "Edit Method (C#)..." and replace it with "return true;"


Tip: Dump source code from dll and search keywords in files using Notepad++ and analize them. It's much easier for me because i can search string, url string, excat code etc.

Keywords to search: Integrity, Check, Genuine, Signature, Installed, Location etc.

How i found IsGenuine?
First, i was analizing ShowInvalidBuildError() but i was unable to locate the check, so i just just dump the entire source code and search "signature" in files using Notepad++ because it's much easier for me to find the useful code. My former friend told me that trick.

How i found InstalledFromRightLocation?
I recorded a logcat using Matlog app to find an error, and i already found interesting function ReceiveInstallFromWrongLocationError()
[​IMG]
so i took a look in dnSpy. I analized it , look InitOnStart() and there is a code
bool flag2 = AndroidUnityUtilWrapper.InstalledFromRightLocation();

InstalledFromRightLocation() is also an interesting method. It was a boolead so I returned it true and it worked!

Credits:
iAndroHacker


0 kommentarer:

Send en kommentar