hijack okhttp3 @aantik_mods.zip
2.4 KB
Api response hijack
🐛 watcher
🐛 overwriter
Tutorial soon 😁👍
Modded by @RevDex
Dev - @aantik_mods
https://www.youtube.com/watch?v=s3O8Ek50Bu0
🐛 watcher
🐛 overwriter
Tutorial soon 😁👍
Modded by @RevDex
Dev - @aantik_mods
https://www.youtube.com/watch?v=s3O8Ek50Bu0
❤12
MenaVpn hijack system injected mod.apk
58.9 MB
Modded by @RevDex
Tutorial: https://www.youtube.com/watch?v=s3O8Ek50Bu0
This is a React Native app, but the OkHttp3 system says I don’t care, bro. 😁🤡🤦
Tutorial: https://www.youtube.com/watch?v=s3O8Ek50Bu0
This is a React Native app, but the OkHttp3 system says I don’t care, bro. 😁🤡🤦
❤6🤯5🤓1
When I checked the app, first I saw it was making a PHP request. But after that request finished, I noticed more PHP requests happening, like
So I tried
After that, I opened Android Studio and loaded
Then, using a special technique, I bypassed the iframe restriction and successfully injected my own JavaScript.
I changed
free → pro
false → true
And premium got fully unlocked. No ads, all pro features activated.
Finally, I created my own custom Android app, loaded their original WebView, injected custom JS, and completely bypassed their premium system
https://play.google.com/store/apps/details?id=com.pixta.thumbnailmaker 😐
getaccount_V15.php. I searched the whole APK, every folder, every smali file, but I couldn’t find these PHP request URLs anywhere. Then I understood something was fishy in their main system.So I tried
index_v15.php. Inside that, I found a hidden schema which was connected with the app. I opened it using the browser developer tools, and then I was shocked— all the premium features, account login, account check, everything was fully controlled from one JavaScript file. At that moment, everything became clear to me.After that, I opened Android Studio and loaded
index_v15.php inside a WebView. I tried to hook the JavaScript and change some values to unlock premium. But then I understood the real problem: the JS was running inside an iframe. When JavaScript runs inside an iframe, you cannot directly hook or modify it using normal JS injection. So my injected noscript was not working.Then, using a special technique, I bypassed the iframe restriction and successfully injected my own JavaScript.
free/431075/PIXTA FREE ACTIVE/false/
pro/431075/PIXTA PRO ACTIVE/true/
I changed
free → pro
false → true
And premium got fully unlocked. No ads, all pro features activated.
Finally, I created my own custom Android app, loaded their original WebView, injected custom JS, and completely bypassed their premium system
https://play.google.com/store/apps/details?id=com.pixta.thumbnailmaker 😐
❤6🤯3😍3
Forwarded from Android Security & Malware
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-noscripts-fail-bd3d04489088
https://m4kr0x.medium.com/flutter-tls-bypass-how-to-intercept-https-traffic-when-all-other-frida-noscripts-fail-bd3d04489088
Medium
Flutter SSL Bypass: How to Intercept HTTPS Traffic When all other Frida Scripts Fail
In this article, I’ll walk you through my journey in intercepting HTTPS traffic from a APK based on Flutter during a pentesting engagement…
❤8
Antik Emulator Bypass UID FF.zip
6.7 KB
Emulator Bypass Free Fire ( Redirect Api)
Reverse Engineering ( Online Game)
adb push mitmproxy-ca-cert.crt /system/etc/security/cacerts/9a5ba575.0
adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0
settings get global http_proxy
settings put global http_proxy 127.0.0.1:20010
adb shell settings put global http_proxy ""
http://mitm.it
Must need adb enable BlueStacks or others emulator
Reverse Engineering ( Online Game)
adb push mitmproxy-ca-cert.crt /system/etc/security/cacerts/9a5ba575.0
adb shell chmod 644 /system/etc/security/cacerts/9a5ba575.0
settings get global http_proxy
settings put global http_proxy 127.0.0.1:20010
adb shell settings put global http_proxy ""
http://mitm.it
Must need adb enable BlueStacks or others emulator
❤7🤯4
Forwarded from jige li
https://github.com/mawo95/pairip
兄弟,你可以试试看这个项目吗😁
兄弟,你可以试试看这个项目吗😁
GitHub
GitHub - mawo95/pairip: Google Pairip protection bypass newest update 2026
Google Pairip protection bypass newest update 2026 - mawo95/pairip
❤11🤓1
Mod-Menu-Survival Simulator.7z
2.8 MB
Mod Menu for Survival Simulator project
✔️ Aimbot
✔️ ESP
✔️ Telekill
✔️ Mask Kill
✔️ 360° Auto-Aim
✔️ Fly Mode
✔️KickPlayer
✔️KickRPC
no java fully imGUI ESP
C++ HOOK BY - @aantik_mods
Survival Simulator 0.2.3
✔️ Aimbot
✔️ ESP
✔️ Telekill
✔️ Mask Kill
✔️ 360° Auto-Aim
✔️ Fly Mode
✔️KickPlayer
✔️KickRPC
no java fully imGUI ESP
C++ HOOK BY - @aantik_mods
Survival Simulator 0.2.3
❤8🤯2❤🔥1
Can anyone help me? After using a modded kernel, I am facing a bit flip problem. When I play games, my phone overheats, and instantly the memory changes. It feels like my RAM flips bits or changes values automatically. Because of this, my game account gets banned
Is there any solution to bit flipping on a modded kernel? I am using Android 16🥺 my roblox account gone
Is there any solution to bit flipping on a modded kernel? I am using Android 16
Please open Telegram to view this post
VIEW IN TELEGRAM
1❤13🤯1👀1
Random Signature Fix SDK.apk
8 MB
NP Manager ( VIP F**k) Random Signature Any Apk
Dev - @aantik_mods
Dev - @aantik_mods
❤12👀8🤓3
ImGui RevDex Android 16 No Touch Problem.zip
3.4 MB
ImGui RevDex Android 16 No Touch Problem
I will try to fix the touch issue.
I have successfully fixed it.
If you want better performance and compatibility, use a combo of EGL + Vulkan.
You will need to add Vulkan engine support yourself, okay
#nojava
#fullcppgui
I will try to fix the touch issue.
I have successfully fixed it.
If you want better performance and compatibility, use a combo of EGL + Vulkan.
You will need to add Vulkan engine support yourself, okay
#nojava
#fullcppgui
❤9😍1
Today, I spent a significant amount of time experimenting with and debugging the Android SDK, and during this process, I discovered a powerful exploit. This exploit makes it possible to bypass SSL pinning in any Android application, whether it is built with Flutter, React Native, or native Java.
The exploit operates at the Android SDK level, which means it is not limited to a specific framework or implementation. The next step is to transform this discovery into a practical and reliable hook.
I strongly believe that this work will be highly beneficial for the next generation of modders and security researchers, opening new possibilities for analysis, testing, and reverse engineering.
Exploit - Android SDK
The exploit operates at the Android SDK level, which means it is not limited to a specific framework or implementation. The next step is to transform this discovery into a practical and reliable hook.
I strongly believe that this work will be highly beneficial for the next generation of modders and security researchers, opening new possibilities for analysis, testing, and reverse engineering.
Exploit - Android SDK
1❤🔥27👀5😍1
Sigmaker Radare2 R1.zip
2.2 MB
Sigmaker Radare2.zip
Developed - @aantik_mods
///------ Sigmaker R2 ------///
Credit - https://github.com/radareorg/radare2
Credit - https://github.com/capstone-engine/capstone
Credit - https://github.com/Enlightenment/efl
Credit - https://github.com/cubicdaiya/dtl
-- how to use --
radare2 command
Final offset - 0x001FD348
With every update, just decrease it a little and you can find the same function without any problem
Pattern Signature Assembly
Developed - @aantik_mods
///------ Sigmaker R2 ------///
Credit - https://github.com/radareorg/radare2
Credit - https://github.com/capstone-engine/capstone
Credit - https://github.com/Enlightenment/efl
Credit - https://github.com/cubicdaiya/dtl
-- how to use --
./Sigmaker libapp.so 0x1FD348 10
[*_*] ready
.. .. .. .. e1 03 16 aa .. .. .. .. .. .. .. .. .. .. .. .. 10 72 42 f9 10 f0 00 b8 a1 0b 40 f9 01 30 01 b8 e0 01 00 f9
#2
radare2 command
r2 -w libapp.so
[0x678333] > /x .. .. .. .. e1 03 16 aa .. .. .. .. .. .. .. .. .. .. .. .. 10 72 42 f9 10 f0 00 b8 a1 0b 40 f9 01 30 01 b8 e0 01 00 f9
0x0001FD348
hit0_0
210b0034e10316aa820080d2717e2294709f4091107242f910f000b8a10b40f9013001b8e00100f9
Final offset - 0x001FD348
With every update, just decrease it a little and you can find the same function without any problem
Pattern Signature Assembly
❤10
Media is too big
VIEW IN TELEGRAM
Chorki App Reverse Engineering & How to Create Assembly Signature Patterns for Flutter Apps
Stay on RevDex
Stay on RevDex
🤯13👌7❤5
In 80% of modder cases, it’s hard, and sometimes XML editing doesn’t work 🙂
But if you use the method shown in this video, it works 100% every time
https://youtube.com/shorts/eTV03aiRIhE?si=3J0SAF-81OsO-9P4
But if you use the method shown in this video, it works 100% every time
https://youtube.com/shorts/eTV03aiRIhE?si=3J0SAF-81OsO-9P4
YouTube
Android PAIRIP Check Bypass Without Manifest Edit | Simple & Latest Technique
Enjoy the videos and music you love, upload original content, and share it all with friends, family, and the world on YouTube.
❤13🤯2👀1
Framework.jar hooking soon you’ll be able to intercept any system‑level dialog or hook system level Java easily. Internal hooking will be uploaded soon, guys. No root needed. Dialog sellers, are you ready?
❤19❤🔥2