Hi every1,
Important threads:
- https://www.thecobraden.com/posts/unblocking_firebase_ids/
Explanation:
I've been messing, for some time now, with android tampering/reverse engineering. But, there is a problem that I can't seem to overcome, neither find any solution for it on any foruns, that is "Signing In with Google" on the app after modifying it (decompiling/recompiling).
The process I follow is as simple as:
Pulling the APK file from my android using adb;
Opening the APK file using jadx-gui to see the contents and search for what I want to change;
Decompiling the APK using APKEasyTool and searching for the .smali file I previously wanted to change;
Changing the file and recompiling the APK with APKEasyTool;
(optional) In case the APK file is splitted, installing it on my device using SAI.
Results:
After this process the app works fine, but as mentioned, I can't no longer sign in on the app with Google. As far as I know, when you click the sign-in button, an HTTP request is made to Google Servers, asking for a token, than can later be used to sign-in on the app (this is made by integrating Firebase in the android project). And, it's in this process that it fails, because on this request it is also sent the SHA-1 fingerprint as a Request Header, which was changed when signing the APK file.
Using a tool like MITMProxy I was able to repeat this request with the APK original SHA-1 (retrieved with keytool -printcert -jarfile <original.apk>), but this requires moving traffic through, for instance, my computer - as a proxy server. (And for some reason it didn't always worked).
Question:
Does anyone have any thoughts on this, or have successfully been able to decompile/recompile an apk and still be able to use Google Sign In option? How can I modify an apk file and still be able to sign in on it with my Google account?
i mean if your device is rooter, you can login in origin apk and use lucky patcher backup data ,install modified apk then do a restore data in to app
Play Services will not allow it unless the apk is signed by Google. The solution is to set the public key for the modified apk and patch Android Framework's signature check to make the system think it's valid.
The yellow smiley face app mentioned above does this, as well as microg.
Related
You will find here the new Unreleased Gmail 4.2.apk - Thanks to Android Police for this news
The Gmail 4.2 APK is signed by Google, but with a different key than the one in the Play Store (we checked the signatures - they differ). One is probably the test key and the other the production key. For this reason, you can't simply install it as an update and therefore need to be rooted with the ability to mount the /system directory for writing in order to remove the existing Gmail APK.
Important: Once Google updates Gmail in the Play Store, you will want to revert this process or at the very least delete the Gmail 4.2 APK you installed here if you want to update it from the Play Store.
OK, let's get down to it. You'll probably need ADB installed on your computer (here's an easy way that doesn't require downloading the Android SDK). There is a chance that this might work without ADB by just removing the APKs mentioned below and installing the new one, but it didn't seem to work reliably for everyone. This should, though:
- Download Gmail 4.2 from the download link above.
- Rename it to Gmail2.apk.(already renamed )
- Make a Nandroid backup in case something goes wrong (this is always a good thing to do before messing with your device).
- Remount /system for writing (via your favorite root-aware file explorer).
- Delete (or move if you want to save the APKs) all other versions of Gmail.
- Update: We've seen multiple successful reports of simply uninstalling Gmail using Titanium Backup or ROM Toolbox instead of performing this and the next step. If that works for you, go directly to step 7. If not, proceed below.
- Usually there are 2 or 3 copies. One will be in /system/app (that's the original Gmail that was pre-installed on the device) and there may be a few in /data/app (these are the updates installed from the Play Store). They'll be called "Gmail.apk," or "com.google.android.gm-[number].apk," An easy way to tell is to look for the Gmail icon.
- You may need to delete the .odex files matching the APKs in step 5 too, if you have them. Neither I nor Artem had to do this, but there are many different ROMs out there, and we're trying to cover all bases. Ignore this step and only come back to it if something doesn't work later.
- Reboot. Once you do, you should have no Gmail as far as Android is concerned.
- You can try to install the Gmail 4.2 APK you downloaded at this point by tapping it in your favorite file explorer (move the APK to your device first, of course). If that doesn't work, or if you prefer ADB, fire up a command line and type adb install Gmail2.apk.
If you get an error message, you probably didn't delete all copies of Gmail. If you don't feel like playing with ADB for Step 8, I've also gotten it to work by just copying the APK to /data/app, but that's not as fool proof as "ADB install".
Click to expand...
Click to collapse
Gmail 4.2.apk - download link - MD5 Sum: 2e5dbfccea5fca470d1e669fc0f431ba - Size: 2.77 MB (2906222 bytes)
Source [androidpolice]
I used apk tool to decompile and recompile uber to make some modifications to it. The problem that I am having is maps stopped working. I am assuming this is due to the maps api key being locked to the apps signature and when i recompile I select create new signature because otherwise the package wont install and android complains its corrupt.
So is their anyway to modify the uber apk and still have the maps working?
Is there a way you can add apk package names to a file so when a user tries to install any of them, it fails with an error message that the app couldn't be installed?
Here is a patch for Android 10 but I don't know how to feed an external file eg. system/etc/blocked.xml to it so only those apps are blocked or fail to install but all other apps can still install normally.
Is there another way too to add the package names to block from being installed to the Android code itself so there isn't a system/etc/*.xml file they can see and easily delete.
Patch
https://pastebin.com/L892ntMP
Hi ,
Your pastebin link is not working can you please share the patch or the link again
dewettie said:
Is there a way you can add apk package names to a file so when a user tries to install any of them, it fails with an error message that the app couldn't be installed?
Here is a patch for Android 10 but I don't know how to feed an external file eg. system/etc/blocked.xml to it so only those apps are blocked or fail to install but all other apps can still install normally.
Is there another way too to add the package names to block from being installed to the Android code itself so there isn't a system/etc/*.xml file they can see and easily delete.
Patch
https://pastebin.com/L892ntMP
Click to expand...
Click to collapse
Can you please share the patch or the link again
If I remember this correctly, the signature of apk to be installed has to be the same as before if apk has been removed keeping the data. Now, rewrite the signature of the apk and install it and then uninstall keeping the data. That might make it harder to install that app in future...
There is an app I have that wont backup to the Google cloud... I have many that do just fine. This app also creates a basically useless .ab file when using adb backup.
I pulled the apk file from google play, used apktool to unpack it and examined the manifest... and there it was... allow Backup set to "true". I have the most up to date version of the app... but I then pulled the apk off my phone and did the same thing and the manifest had allowbackup set to false!
Can someone help me understand this? I can't get the data off of my old phone because of this... and I'd really like to get that data transferred to my newer phone. (This app data did not transfer during the upgrade process either)
I'm not looking to solve the issue... only the app developer can do that. I simply want to understand what might be going on.
So in the just a little knowledge is dangerous departement:
After unpacking the apk (apktool d app.apk), I modified the android manifest which had backups:false to backups:true. I then just did:
apktool b app
I took the apk so produced in the dist folder and put it on my pixel 6, after first uninstalling the original app. I then tried to install the app and got:
"you cant install the app on your device".
I don't want to reverse engineer the app... I just want to force it to do backups... I can only assume the approach I took is far too simple-minded. Like I said, I would like to modify the behavior of the app not the function. what else must I do?
Is theres a way to modify and run this apks without unlocking secrecy or auth token? i pulled it from my oppo and when i run the app it'll update the existing app
norimee said:
Is theres a way to modify and run this apks without unlocking secrecy or auth token? i pulled it from my oppo and when i run the app it'll update the existing app
Click to expand...
Click to collapse
You can't modify an APK, as it's in binary. You could remove it though - Let me know if you need help.
An APK ( read: Android Application Package ) file by nature is a ZIP file - not a binray - what can get extracted with any zip utility (e.g. 7zip), you can view all resources correctly but all java files are not correctly decompiled.
Content of an APK file looks like
You can also see the contents of an APK file within the Android device itself, which helps a lot in debugging, using
https://play.google.com/store/apps/details?id=com.dasmic.android.apkpeek
All files including the manifest of an app can be viewed and also shared using email, cloud etc., no rooting required.