Custom Patch for Disabling (pairip)Google Protection

[BEGIN]
[use_fake_modified_apk_archive]
[CLASSES]
{"class name":"Lcom/pairip/SignatureCheck;"}
{"method name":"verifyIntegrity"}
{"return type":"V"}
{"replaced":"0E 00"}
{"class name":"Lcom/pairip/licensecheck3/LicenseClientV3;"}
{"method name":"onActivityCreate"}
{"return type":"V"}
{"replaced":"0E 00"}
[END]

How to use:
1. Download and install LuckyPatcher from:
https://www.luckypatchers.com/download
2. Create a new .txt file with the package name of your target app.
3. Copy the snippet of our patch and paste it in the .txt file.
4. If you have other patches to apply, put your patches after [BEGIN] or before [END]; otherwise, skip this step.
5. Save the file.
6. Move the .txt file to the CustomPatches path of LuckyPatcher.
7. Open LuckyPatcher and select your target app.
8. Click on "Menu of Patches."
9. Select "CustomPatch-applied APK."
10. Click on "Rebuild The App."
11. After applying the patch, click on "Go to file."
12. Finally, click on "Uninstall and install."

Note: Sometimes, if the LicenseClientV3 class is not found, a red alert may appear. If this happens, there's no need to worry.

👉 How To Create Custom Patches for LuckyPatcher
https://www.tgoop.com/TDOhex_Discussion/12509

👉 3 in 1 Tutorial on lib Patching
1. How to dump il2cpp and find out offset
2. How to patch lib with radare2
3. How to make custom patches for lucky patcher
https://www.tgoop.com/TDOhex/396

👉 Custom Patches:
https://www.tgoop.com/TDOhex_Discussion/11608

#pairip #patch #LuckyPatcher
💥💥💥💥💥💥💥💥💥💥
💡 Patch by @TDOhex
♻️ Join us for more Info
💥💥💥💥💥💥💥💥💥💥

Please reshare this post again.
👉 Custom Patch for Disabling (pairip)Google Protection
https://www.tgoop.com/TDOhex/422

We have clarified all the steps and added a video tutorial.

Thanks ❤ to @Qbtaumai to make video tutorial.

This article is off-topic; feel free to skip it if you wish.

We recently banned a person from our channel and group for offending religious sentiments with their profile picture. They argued that they had the freedom of expression.

Freedom of expression allows individuals to freely express their opinions and ideas without infringing on the fundamental rights of others. This means that one is free within their own domain but must respect the rights of others when encroaching into their sphere. Under the guise of freedom of expression, religious sentiments cannot be hurt.

Freedom of expression may allow you to put whatever you want in your profile picture, but if you enter our group or channel with the same picture, you must also respect the rights of others. It is just like whether you stay naked in your room or wear clothes with obscene pictures on them, but as soon as you step out of your room in that state, even your family will not tolerate you.

Therefore, one of the conditions for joining our groups and channels is to refrain from offending any religious sentiments or desecrating holy places through your name, username, or profile picture.

We have a large number of members, and it's not possible for us to analyze each one individually. If any of you report someone, we welcome it.
[Enhanced by AI]

❤️ Owner of @TDOhex ❤️

Powerful Android APKEditor

https://github.com/REAndroid/APKEditor

This tool has six main features
1- Decompile
2- Build
3- Merge
4- Refactor
5- Protect
6- Info (⭐NEW⭐)

How to Use:
👉 For Anti-Split and Merge
1. Download latest release from:
https://github.com/REAndroid/APKEditor/releases
2. Execute Command
java -jar path/to/APKEditor.jar m -i "path/to/input.(xapk,apkm,apks...)" -o "path/to/output.apk"
For Example:
java -jar /storage/emulated/0/Download/APKEditor.jar m -i "/storage/emulated/0/Download/temp.apks" -o "/storage/emulated/0/Download/temp.apk"

We apologize for the delay in our next update, which is caused by a recurring issue identified in the Redmi and POCO sub-brands of Xiaomi. Specifically, the motherboards of these devices tend to malfunction and become unusable after 2-3 years.

This problem has resulted in data loss, particularly when we provided a universal solution to disable ads from Android apps and games. Recently, we've faced significant losses in both projects and data. Consequently, we find ourselves compelled to start anew, potentially causing a delay in the next update.

For users of these devices, we strongly recommend saving your data to a cloud storage after one year as a precautionary measure.

It's crucial to emphasize that our next update will introduce a comprehensive solution for patching. This includes the latest patching notes, a dedicated calculation tool, and a tool specifically designed for ARM Assembler and disassembler.

-- From the team owner

We have decided to hide the members' list in the discussion group, prioritizing the privacy of celebrities. We hope you will respect this decision made for user privacy.

If you need to reach out to us regarding any of these concerns:
1. Copyright Infringement 🚫
2. Legal Actions ⚖️
3. Privacy Regulations 🔐
4. Private Conversations 🤐
Please ping our bot:
@TDOhexSupportBot

We're here to address any issues and ensure a safe and respectful environment.

❤️ Thank you. 🙏

[Thread] How to Run Frida Hooks Through JsHook Without Root
━━━━━━━━━━━━━━━━━━━
There are several options to run the Frida hook without root or a PC, and we are discussing one of them. But before that, it's essential to introduce Shizuku, LsPatch, and JsHook.
------------------------------------------------
1.1.1 Introduction of Shizuku:
Shizuku can help normal apps uses system APIs directly with adb/root privileges with a Java process started with app_process.
Website: https://shizuku.rikka.app

1.1.2 Start via wireless debugging:
https://shizuku.rikka.app/guide/setup/#start-via-wireless-debugging

1.1.3 How to grant adb permissions using Shizuku in a terminal (optional):
If you want to use Shizuku in a terminal environment on Android, follow the in-app instructions by tapping Use Shizuku in terminal apps. It asks you to export and edit two files with the package name of your terminal app. Move them to a place where the terminal can find them. This is an advanced feature for people who like working with a command-line interface.

1.1.4 Uninstall any app without root! Powered by Shizuku:
https://www.tgoop.com/TDOhex/421
------------------------------------------------
1.2.0 Introduction of LSPatch Framework:
LSPatch: A non-root Xposed framework extending from LSPosed
Website: https://github.com/LSPosed/LSPatch
Telegram Channel: @LSPatchArchives
------------------------------------------------
1.3.0 Introduction of JsHook:
JSHook is a tool for injecting Rhino/Frida into applications, allowing you to quickly implement hooks using JavaScript. It supports both Java and native layers.
Website: https://doc.jshook.org
Telegram Channel: @jshookapp
Telegram Group: @jshookgroup
━━━━━━━━━━━━━━━━━━━
2.1.0 Simple steps to run JsHook:
https://www.tgoop.com/TDOhex_Discussion/12705

2.2.1 Video on running JsHook using sandbox extension:
https://www.tgoop.com/TDOhex_Discussion/17554

2.2.2 Video on running JsHook using LsPatch:
https://www.tgoop.com/TDOhex_Discussion/17558
━━━━━━━━━━━━━━━━━━━
3.1.0 Test to change android_id through Frida Hook
https://www.tgoop.com/TDOhex_Discussion/12731

3.2.0 Test to unlock premium features of Router Chef_2.1.4:
https://www.tgoop.com/TDOhex_Discussion/12749
━━━━━━━━━━━━━━━━━━━
💥💥💥💥💥💥💥💥💥💥
💡 Tech&Info by @TDOhex
♻️ Join us for more Info
💥💥💥💥💥💥💥💥💥💥

About:
Hermes Bytecode Reverse Engineering Tool (Assemble/Disassemble Hermes Bytecode)

Recommended:
https://www.tgoop.com/TDOhex/436

For installation:
pip install --force-reinstall hbctool-0.1.5-py3-none-any.whl

Official Repo:
https://github.com/bongtrop/hbctool

Supported hbc90:
https://github.com/bongtrop/hbctool/pull/38

Usage:
https://github.com/bongtrop/hbctool#usage

Guide for Add_New_Version:
https://github.com/cyfinoid/hbctool/blob/main/ADD_NEW_VERSION.md

hbclabel by kirlif':
hbclabel injects branch label as comments into Hermes byte code disassemby produced by hbctool.
https://github.com/Kirlif/Python-Stuff/blob/main/hbclabel.py

To Download hbclabel:
wget https://raw.githubusercontent.com/Kirlif/Python-Stuff/main/hbclabel.py

Usage of hbclabel:
python hbclabel.py path/to/instruction.hasm
If instruction.hasm file is in the current dir, just:
python hbclabel.py

👉 Tutorial on Practice to Reverse HBC
https://www.tgoop.com/TDOhex/435

Join Channel: @TDOhex
Join Group: @TDOhex_Discussion

About:
A reverse engineering tool for decompiling and disassembling the React Native Hermes bytecode

# Recommended for analyzing HBC

For installation:
pip install --force-reinstall hermes_dec-0.0.1-py3-none-any.whl

Official Repo:
https://github.com/P1sec/hermes-dec

Usage:
https://github.com/P1sec/hermes-dec#usage

👉 Tutorial on Practice to Reverse HBC
https://www.tgoop.com/TDOhex/435

Join Channel: @TDOhex
Join Group: @TDOhex_Discussion

Basic Practice to Reverse Hermes ByteCode HBC

What's in this Tutorial:
  ⦁ Disassemble and Assemble index.android.bundle optimised in HBC.
  ⦁ Analysis of HBC based on basics.
  ⦁ Reverse HBC in two ways.
  ⦁ Reverse HBC using hbctool, hermes-dec and radare2.

1⃣ First Example:
App: Learn Python_2.0.7(20007)
Link: https://play.google.com/store/apps/details?id=com.codeliber.python

2⃣ Second Example:
App: Evolve_1.2.22(181)
Link: https://play.google.com/store/apps/details?id=in.evolve.android

3⃣ Third Example:
App: Notesnook Secure Private Notes_2.6.15(4196378)
Link:
https://play.google.com/store/apps/details?id=com.streetwriters.notesnook

👉 To Install hbctool:
https://www.tgoop.com/TDOhex/436

👉 To Install hermes-dec:
https://www.tgoop.com/TDOhex/434

👉 For Opcodes Table:
https://p1sec.github.io/hermes-dec/opcodes_table.html

👉 Hasm Assembly Docs:
https://lucasbaizer2.github.io/hasmer/hasm/

👉 For Index of Other Tutorials:
https://www.tgoop.com/TDOhex/376

💥💥💥💥💥💥💥💥💥💥
🎥 Tutorial by @TDOhex
♻️ Join us for more Info

About hbctool:
Hermes Bytecode Reverse Engineering Tool (Assemble/Disassemble Hermes Bytecode)

To install:
1. Download whl from here
Or download whl from official release:
https://github.com/Kirlif/HBC-Tool/releases/download/96/hbctool-0.1.5-96-py3-none-any.whl

2. Go to the location where the wheel file has been downloaded.

3. Enter this command to install:
pip install --force-reinstall hbctool-0.1.5-96-py3-none-any.whl

Supported:
hbc 59, 62, 74, 76, 83-96

hbclabel by kirlif':
hbclabel injects branch label as comments into Hermes byte code disassemby produced by hbctool.
https://github.com/Kirlif/Python-Stuff/blob/main/hbclabel.py

To Download hbclabel:
wget https://raw.githubusercontent.com/Kirlif/Python-Stuff/main/hbclabel.py

Usage of hbclabel:
python hbclabel.py path/to/instruction.hasm
If instruction.hasm file is in the current dir, just:
python hbclabel.py

👉 Tutorial on Practice to Reverse HBC
https://www.tgoop.com/TDOhex/435

👉 Channel of Kirlif':
@SaltSoupGarage

👉 Group of Kirlif':
@SaltSoupGarageGroup

How to Bypass SSLPinning and Inspect & rewrite HTTP(S) traffic Without Root

Recommended:
👉 How to Run Frida Hooks Through JsHook Without Root
https://www.tgoop.com/TDOhex/432

Requirements:
1. Install ProxyPin from official release:
https://github.com/wanghongenpin/network_proxy_flutter/releases

2. Install LsPatch from official release:
https://github.com/LSPosed/LSPatch/releases

3. Install JsHook from official release:
https://github.com/Xposed-Modules-Repo/me.jsonet.jshook/releases

4. Install Shizuku from official release:
https://github.com/RikkaApps/Shizuku/releases

5. Create frida script for SSLUnpinning or download from here:
https://github.com/apkunpacker/FridaScripts/blob/main/SSLUnpinning.js

Step 1: Run Shizuku.
Follow the inbuilt instructions of the Shizuku app.

Step 2: Patch your targeted app with module of JsHook using LsPatch.

Step 3: Open JsHook, configure your hook and run it.

👉 Video on running JsHook using LsPatch:
https://www.tgoop.com/TDOhex_Discussion/17558

Step 4: Capture packets through ProxyPin and manage them as per your requirements..

Tested on: Crunchyroll, Zedge, Hotstar, KUKU FM, etc...

Example of Zedge Premium:
https://www.tgoop.com/TDOhex_Discussion/19051

Telegram Groups to Discuss About ProxyPin: @proxypin_tg @proxypin_en

👉 For those members who are having trouble using Jshook, there is an alternative method available, but it's limited.

1. Install Meta Wolf from official release:
https://github.com/Katana-Official/SPatch-Update/releases

2. Download ASTools from official release and install it in Meta Wolf:
https://github.com/tin537/AStools/releases

3. Clone the application in Meta Wolf to capture packets
💥💥💥💥💥💥💥💥💥💥
💡 Tech&Info by @TDOhex
♻️ Join us for more Info
💥💥💥💥💥💥💥💥💥💥

Flutter Examples to Reach Place to Patch Through revenuecat

👉 blutter-termux
https://github.com/dedshit/blutter-termux.git
👉 blutter-termux Guide

What's in this Video:
👉 Practical Video on this Post
https://www.tgoop.com/Android_Patches/31

👉 In this video; Simple processes to unlock 4 flutter apps through RevenueCat.

1. App Name: MuscleWiki
Version: 2.3.6(307)
Play Store Link:
https://play.google.com/store/apps/details?id=com.musclewiki.macro

2. App Name: Liftbear - Workout Log
Version: 1.7.3(40)
Play Store Link:
https://play.google.com/store/apps/details?id=com.roehl.liftbear

3. App Name: Glyf AI
Version: 2.5.7(257)
Play Store Link:
https://play.google.com/store/apps/details?id=com.axndx.canvas

4. App Name: Video Compressor - ShrinkVid
Version: 1.1.114(101114)
Play Store Link:
https://play.google.com/store/apps/details?id=com.freeconvert.video_compressor

👉 Smali Examples
https://www.tgoop.com/TDOhex/415

👉 For Index of Other Tutorials:
https://www.tgoop.com/TDOhex/376

💥💥💥💥💥💥💥💥💥💥
🎥 Tutorial by @TDOhex
♻️ Join us for more Info

Advanced Guide to Reverse Engineering

What's in this PDF:
⦁ Explanation of patching Boolean functions to modify application behavior.
⦁ Step-by-step analysis of assembly code segments, understanding function calls, memory operations, and conditional instructions.
⦁ Deep understanding of conditional instructions such as "tbnz" and "csel".
⦁ Dive into machine codes

Example used in this pdf:
App Name: Automatic Subtitles & Captions
Version: 3.5.7(357)
Play Store Link:
https://play.google.com/store/apps/details?id=automatic.subtitles.closed.captions.generator.videos.transcribe.and.edit

👉 Flutter Examples to Reach Place to Patch Through revenuecat
https://www.tgoop.com/TDOhex/439

👉 For Index of Other Tutorials:
https://www.tgoop.com/TDOhex/376

💥💥💥💥💥💥💥💥💥💥
📚 Guide by @TDOhex
♻️ Join us for more Info
💥💥💥💥💥💥💥💥💥💥

Hello Everyone! 👋

🚀 Don't miss out on the fascinating discussions in our group! Join @TDOhex_Discussion now to stay updated on cutting-edge topics.
Such as:

1. Exploring how SkuDetails can be used to alter the billing process.

Example 01:
👉 How to mod "Nice Mind Map - Mind mapping"
https://www.tgoop.com/TDOhex_Discussion/21441

Example 02:
👉 How to mod "Petralex Hearing Aid App"
https://www.tgoop.com/TDOhex_Discussion/21836

Example 03:
👉 How to mod "Gallery Vault-Hide Photo Video"
https://www.tgoop.com/TDOhex_Discussion/15137

2. Investigating methods to manipulate field references in Flutter.

Example:
👉 How to manipulate field values in Flutter
https://www.tgoop.com/TDOhex_Discussion/21874

3. Sharing custom patches.
👉 For Custom Patches:
https://www.tgoop.com/TDOhex_Discussion/11608

Join us for these engaging conversations and more! See you there! 🔥

📣 Main Channel: @TDOhex
📱Second Channel: @Android_Patches
💬 Discussion Group: @TDOhex_Discussion

Reverse Engineering Flutter: Patching armeabi-v7a

App Name: MuscleWiki
Version: 2.4.1(307)
Play Store Link:
https://play.google.com/store/apps/details?id=com.musclewiki.macro

Step 01:
Dump functions and classes using reFlutter:
https://github.com/Impact-I/reFlutter

👉 You can utilize it on your Termux of non-rooted device.

Step 02:
Go to dump.dart and locate the method named isPremium:

{"method_name":"isPremium","offset":"0x0000000000442ff4","library_url":"package:muscle_wiki\/feature\/iap\/repository\/iap_repository.dart","class_name":"IapRepository"}

Step 03:
Access libapp.so with radare2 and note the offset of _kDartIsolateSnapshotInstruction:

0x005428c0 _kDartIsolateSnapshotInstruction

Step 04:
Combine the offsets of isPremium and _kDartIsolateSnapshotInstruction:

0x5428c0 + 0x442ff4 = 0x9858b4

👉 You can use rax2.
rax2 - radare base converter
https://book.rada.re/tools/rax2/intro.html

Step 05:
Navigate to the calculated offset of the isPremium method:

0x9858b4 = isPremium

Step 06:
Go to offset 0x00985914 and apply the patch:

Original instructions:
ldr r0, [sl, 0x3c] = false

Revised Instructions:
ldr r0, [sl, 0x38] = true

👉 For the patch, refer to:
https://www.tgoop.com/TDOhex_Discussion/19429

Step 07 (Extra):
Analyze xrefs of the isPremium method:

aac @ 0x9858b4
axt @ 0x9858b4

Xrefs of the isPremium method:
fcn.00984640 0x984694 [CALL:--x] bl fcn.009858b4
fcn.009d38dc 0x9d3e4c [CALL:--x] bl fcn.009858b4
fcn.00ada3d4 0xada44c [CALL:--x] bl fcn.009858b4
fcn.00c5dba4 0xc5dc38 [CALL:--x] bl fcn.009858b4
fcn.00ca6cd0 0xca6d24 [CALL:--x] bl fcn.009858b4

👉 Flutter Examples to Reach Place to Patch Through revenuecat
https://www.tgoop.com/TDOhex/439

👉 Advanced Guide to Reverse Engineering
https://www.tgoop.com/TDOhex/440

💥💥💥💥💥💥💥💥💥💥
📚 Guide by @TDOhex
♻️ Join us for more Info
💥💥💥💥💥💥💥💥💥💥