Logo Questions Linux Laravel Mysql Ubuntu Git Menu
HTML CSS JAVASCRIPT SQL PYTHON PHP BOOTSTRAP JAVA JQUERY R React Kotlin
 

Android In-App Purchase Freedom Hack - How does it work? [closed]

Tags:

android

in-app-purchase

Check out this video: http://www.youtube.com/watch?v=Z8sBSQh2kaE

Does anyone know how this hack is implemented?

From what I can see, the app is using the PackageManager to query all apps on the device that require android.vending.BILLING permission to list out all the apps that support in-app purchases and then goes ahead and does something before launching the app that somehow displays a FAKE credit card when an in-app purchase is attempted on Play.

Since this hack requires the device to be rooted, I'm guessing it's somehow patching the Play client at runtime (?) to do its thing.

This no longer seem to work with most of the apps I've tried - including the one I just implemented using in-app billing v3.0 (consuming the purchase fails, which is a good thing).

I'm still interested in knowing how this used to work (or if it works at all) purely for academic interest.

like image 826
Jay Sidri Avatar asked Mar 11 '13 16:03

Jay Sidri

People also ask

Does freedom app still work?

Does Freedom App Work? In short, yes, it's a useful website blocker that will prevent you from accessing anything from YouTube to Facebook to the New York Times, assuming that's what you want. If you really need access to a critical website during a session, you can stop Freedom by quitting the app.

What is FreeCore?

FreeCore courses are just what they sound like — free online classes! FreeCore courses are supported by USG eCampus and are delivered in an open online course format. They are tuition-free, and there is no hidden cost. FreeCore classes are non-credit courses.

How do you use freedom on Android?

To get started, first download the Freedom app via Google Play. Once you install it, log in with your Freedom account email and password. Your Android device will then be added to your account. The Freedom for Android app works by blocking both phone apps and websites of your choice.

1 Answers

In-app Google engine is so primitive... even not worth to spend time. The original samples for API 1/2 and API 3 are the basis for many real implementations. But those samples are bad. Really bad. Actually a potential hacker needs to hack a couple of functions which easily done in Java.

The good implementation involves a 3rd party (yours) server which verifies actual purchases vs Google In-app server.

like image 117
OGP Avatar answered Nov 09 '22 21:11

OGP
Sign in to Comment

Related questions

Text align problem when using Arabic font
Signature pad is slow on android
Fragments Within Fragment Tabs
Android 2.3 emulator blank screen after build
Video clarity with my code is bit low as compared to recording with Android camera
COCOS 2D screen shot is black in Android
Generate minimized jar with only used classes
Constructing a WifiConfiguration from a ScanResult or: Interpreting ScanResult's 'capabilities' String
How can I detect if an Android app is being used in Korea?
Simulate Slow Internet Connection on a REAL device? [duplicate]
Parallax XY and rotation - tile calculation
Implementing Google Play Application Silent Install Feature On Android
When static resources are killed, are they all killed or can some remain in rare edge cases?
How to handle memory limitation of GPU for high resolution image processing on GPU?
Toggling A2DP Device (Android)
GreenDAO support multiple relations between tables
Android Using only ViewPager from Support Library
Display Direction of Place with Arrow in Android ListView
Implementing android as a server (receiver) in airplay
How to load a Picasa image from URI?

Donate For Us

If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!