dear community i hope everyone are doing fine, so am gonna go straight to the point
i have a Magisk on both mobile and emulator with all important plugins installed + Frida well installed + many http interceptors + installed the http interceptors certificates in the root ...
- now i have a game that i want to mod and i want to explore as well. the problem is i spent the last 4 days decompiling it and reading it's source code and i couldn't find any urls i even tried using frida to bypass the ssl pinning and i did bypass the ssl pinning and the root detection and still no links and when i use burpsuite the game show other links that has no relation to the game api.
also to mention that when i use this tool HTTP Toolkit and i setup the tool with adb to intercept the calls the game says that the connection to the server is lost and game freezes .
i tried every possible solution before coming here trust me and the last thing is i found these errors in the output from frida which i couldn't find in the source code because there is no functions named
HTTP.SecureProtocol.Org.BouncyCastle.X509.Store
BestHTTP.SecureProtocol.Org.BouncyCastle.Crypto.Tls
......................................
now my question is : can someone give me any idea on how to get the requests without letting the game freezes
another question : if the links aren't present in the apk source code from where the tool is getting those links to perform the api calls
third question : is this has any relation with libraries .so ?
-----------------------
Game Url : https://play.google.com/store/apps/details?id=com.lockwoodpublishing.avakinlife&hl=en&gl=US
------------------------
i hope i can get some help from your guys and thanks in advance ^^
up
Related
Hey all, I've had this issue for quite awhile and have looked around extensively on the internet before coming here. So if you don't wanna read what I've already found out, just skip to the last paragraph for a summary of my problem.
So I have a home automation system setup for my house and I'm loving everything about it. I already have an app on my Galaxy S that will let me control the devices. I took it a step farther and delved into how to send commands using the HTTP post commands. I've already created perl scripts that can activate and deactivate the devices, but as you know Android doesn't have perl inbuilt.
I want to be able to make a shortcut on my Android device to start the devices. The reason why I want to do this is simply because I want an alarm on my android device to trigger a shortcut which turns on everything I want in the morning without me having to actually touch my phone. I already have the Alarm app that can open the shortcut, but I need a script that will work.
I need a shortcut that would enable the devices. So my first thought would be a bash script (and make a shortcut using Gscript for the Alarm App). But there's the problem, because I don't know how to send a http command from the Android terminal. I know (and have tested) perl commands, but perl isn't available for Android. That was the only way I know how to do this. I know you can use java, but then you're creating other files and to me it seems too much of a hassle. I just need something that can access the http page without opening an internet browser or anything else.
Summary:
I need a shortcut on my android device that accesses an http page without opening an internet browser or any other program. The http page has a standard username/password prompt, but can be easily worked around.
What's the easiest way of going about this? If a shell script is needed, what would be the command to open the webpage without opening a browser?
Things to know:
- Weblink only needs to be opened (no interaction required) for the specific device to be turned on
- Website is password protected using standard http protocol (but can be worked around if there is a problem)
- In perl, all I would need to do is issue the following command to get the devices to turn on or off:
perl -u username : password h-t-t-p-whatever.com/device_3_on
Sorry for the drawn out post, but I really wanted to explain my situation as best as I could. I'm sure there is probably an easier way that I'm missing here, so I need help from any and all people that would know about these things. Any [helpful] advice is welcome
Hi everybody,
Im trying to fix my problem myself for about a week now, but seems like my nooby knowledge is not enough to get it done...
First of all the description of my problem:
I used to play Rage of Bahamut (in apps described as v2.0) on the Emulator-x86 (ICS 4.0.4 with gpu acceleration). Everything worked fine, but about 1 week ago the admins of the game made an update and my old version stucks at a "404 page not found" page directly after I enter username and password and press the login button.
What I have tried:
I tried several Android versions and app versions on the emulator. The main problem is that newest apk files contain a .so library and I'm not able to start the app after an installation by adb. I tried with libhoudini, but no success.
I checked the http requests and responses to the game server to find out why the older version stucks after the login and I realized that the server denies my "device". I cant figure out what phone information would be needed to cheat their server.
Please dont tell me to use Bluestacks. I know the game works on it, but its not really playable. I would like to use my speedy Emulator-x86.
Anybody out there who knows about my problem or simply needs a challenge? Please help me to run Rage of Bahamut on a emulator x86.
Thanks and Regards
DaShyGuy
Hello guys.
I friend of mine is challenging me to hack his application but I ve a little problem. I think it should be easy to do for you guys but I m noob and I need more informations.
In the application when I click a button a Webview is opened and a link is loaded. In this link I should put some informations. If the informations are correct the website loaded in the webview (or the server in which is hosted) comunicates to the applications that the informations are correct and the application unlock some cool functions I can use. My task is to find where the application retrieve these informations from the webview in order to change the verification method orin order to find where the application unlock the cool functions (but I m sure that if I find where the application is getting data from the webview I can find the rest). The problem is that I can't find nothing that is comunicating with the webview.
Can you suggest me if there is some functions or classes that are able to comunicate with webview or website?? Or if there is a fast way to find the function used ??
Hi everyone!
im just new here.
I would like to ask for your help about an app called Http Injector. we use this in our country (Philippines)
to access internet via vpn for free.
to use this app, you have to register to sites that offers free ssh acount such as createssh.com, then create a payload (which has to be a freesite from our isp) and a remote proxy. then we you are connected, you can create a config file ( with an extention ".ehi") and share it to others.
the problem is, some .ehi files that is being shared are locked to prevent others to copy their config.
I hope you can help me sniff through these locked .ehi files guys...
thanks and more power.
bugz88 said:
Hi everyone!
im just new here.
I would like to ask for your help about an app called Http Injector. we use this in our country (Philippines)
to access internet via vpn for free.
to use this app, you have to register to sites that offers free ssh acount such as createssh.com, then create a payload (which has to be a freesite from our isp) and a remote proxy. then we you are connected, you can create a config file ( with an extention ".ehi") and share it to others.
the problem is, some .ehi files that is being shared are locked to prevent others to copy their config.
I hope you can help me sniff through these locked .ehi files guys...
thanks and more power.
Click to expand...
Click to collapse
Don't know if you still going to need this.
Install Xposed, go to Framework => Install/Update => Restart
Install Ehiopener. Open Xposed, go to modules if you already installed Ehiopener you'll see it there click it and activate than restart.
Congratz', you can sniff EHI now it wiill not help with root protected ehi.
ehi opener not compatible apps
hi Sir is there a latest version in ehi opener...i tried to install ehi opener 0.4.3 its said not compatible using the latest http injector hope there someone who can help me about this matter many thanks guyz...
Hello to all
it would be very useful if it is possible to:
When connected to WIFI, HTTP injector service stops
When connected to any mobile network and not connected to WIFI, service auto starts
also it is annoying that when rebooting phone i have to manually start the service
anyway to avoid that?
thanks
Hi i've been browsing the forum trying to find a solution but however i'm limited by my knowledge.
Basicly there is an Game/app made built by GameMaker but the target system was not meant to support AndroidTV. I'm trying to run this game on my nvidia shield.
I sideloaded the app and whenever i launch it i see the background of the game as if it was going to work and then the app crash and i get the following error message :
Incorrect android target. This executable targets android TV devices. This build is for android".
I've download Apk Studio / Apk tool and i tried to find out in the code where would that check happen and how i can allow AndroidTv devices to run this app. However i don't see much in the manifest file that would stop the app from running in AndroidTv.
Anyone out there with more knowledge can chime in and give some ideas ?
Here is a link to the app i'm trying to modify.
https://drive.google.com/open?id=1LrddBPcAK9Ufs9Eo8Jl5Z_zTTDvKzzHO
Thank you