Patch for Overriding SharedPreferences
━━━━━━━━━━━━━━━━━━━━━━
Usage:
👉 1. Copy snippet and paste into onCreate method of Launcher Activity
(It would be better if you create new method and paste snippet then call it in onCreate of Launcher Activity)
👉 2. Increase 4 digits in registers of that method in which you put this snippet
and increase 5 digits if you want to use snippet of long data
👉 For Video Tutorial
https://t.me/TDOhex/387
━━━━━━━━━━━━━━━━━━━━━━
👉 1. For Storing Boolean Data

const-string v0, "yourSPName" # Put the name of that SharedPreferences which you want to edit.

    const/4 v1, 0x0

    invoke-virtual {p0, v0, v1}, Landroid/content/Context;->getSharedPreferences(Ljava/lang/String;I)Landroid/content/SharedPreferences;

    move-result-object p0

    invoke-interface {p0}, Landroid/content/SharedPreferences;->edit()Landroid/content/SharedPreferences$Editor;

    move-result-object p0

    const/4 v2, 0x1 # Boolean value, put the value as your requirement.

    const-string v3, "isAppBought" # Boolean key, put your keyword that you find out.

    invoke-interface {p0, v3, v2}, Landroid/content/SharedPreferences$Editor;->putBoolean(Ljava/lang/String;Z)Landroid/content/SharedPreferences$Editor;

    invoke-interface {p0}, Landroid/content/SharedPreferences$Editor;->apply()V
━━━━━━━━━━━━━━━━━━━━━━
👉 For Storing Integer Data

const-string v0, "yourSPName" # Put the name of that SharedPreferences which you want to edit.

    const/4 v1, 0x0

    invoke-virtual {p0, v0, v1}, Landroid/content/Context;->getSharedPreferences(Ljava/lang/String;I)Landroid/content/SharedPreferences;

    move-result-object p0

    invoke-interface {p0}, Landroid/content/SharedPreferences;->edit()Landroid/content/SharedPreferences$Editor;

    move-result-object p0

    const v2, 0x7fffffff # Integer value, put the value as your requirement.

    const-string v3, "userDiamonds" # Integer key, put your keyword that you find out.

    invoke-interface {p0, v3, v2}, Landroid/content/SharedPreferences$Editor;->putInt(Ljava/lang/String;I)Landroid/content/SharedPreferences$Editor;

    invoke-interface {p0}, Landroid/content/SharedPreferences$Editor;->apply()V
━━━━━━━━━━━━━━━━━━━━━━
👉 For Storing String Data

const-string v0, "yourSPName" # Put the name of that SharedPreferences which you want to edit.

    const/4 v1, 0x0

    invoke-virtual {p0, v0, v1}, Landroid/content/Context;->getSharedPreferences(Ljava/lang/String;I)Landroid/content/SharedPreferences;

    move-result-object p0

    invoke-interface {p0}, Landroid/content/SharedPreferences;->edit()Landroid/content/SharedPreferences$Editor;

    move-result-object p0

    const-string v2, "active" # String value, put the value as your requirement.

    const-string v3, "subStatus" # String key, put your keyword that you find out.

    invoke-interface {p0, v3, v2}, Landroid/content/SharedPreferences$Editor;->putString(Ljava/lang/String;Ljava/lang/String;)Landroid/content/SharedPreferences$Editor;

    invoke-interface {p0}, Landroid/content/SharedPreferences$Editor;->apply()V
━━━━━━━━━━━━━━━━━━━━━━
👉 For Storing Long Data

const-string v0, "yourSPName" # Put the name of that SharedPreferences which you want to edit.

    const/4 v1, 0x0

    invoke-virtual {p0, v0, v1}, Landroid/content/Context;->getSharedPreferences(Ljava/lang/String;I)Landroid/content/SharedPreferences;

    move-result-object p0

    invoke-interface {p0}, Landroid/content/SharedPreferences;->edit()Landroid/content/SharedPreferences$Editor;

    move-result-object p0

    const-wide v3, 0x7fffffffffffffffL # Long value, put the value as your requirement.

    const-string v2, "userCoins" # Long key, put your keyword that you find out.

    invoke-interface {p0, v2, v3, v4}, Landroid/content/SharedPreferences$Editor;->putLong(Ljava/lang/String;J)Landroid/content/SharedPreferences$Editor;

    invoke-interface {p0}, Landroid/content/SharedPreferences$Editor;->apply()V
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

Index:
👉 Useful Notes On Data types
With Patches of arm32/64
https://t.me/Android_Patches/18

👉 Notes on android.view setVisibility
https://t.me/Android_Patches/19

👉 1. High-level Patch for Disabling Ads from Android Apps and Games
https://t.me/Android_Patches/20

👉 2. Moderate-level Patch for Disabling Ads from Android Apps and Games
https://t.me/Android_Patches/21

👉 3. Low-level Patch for Disabling Ads from Android Apps and Games
https://t.me/Android_Patches/22

👉 Patch for Overriding SharedPreferences
https://t.me/Android_Patches/24

👉 How to Fix Google Maps in Mod Apps
https://t.me/Android_Patches/26

👉 Patch to Inject Fake Build Prop into Any App/Game
https://t.me/Android_Patches/27

━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

How to Fix Google Maps in Mod Apps
━━━━━━━━━━━━━━━━━━━━━━
☛ 1. Create a new Google Cloud project in the Cloud Console

● For creating new project:
https://console.cloud.google.com/projectcreate
━━━━━━━━━━━━━━━━━━━━━━
☛ 2. To use Google Maps Platform, you must enable the APIs or SDKs you plan to use with your project

● For enabling Maps SDK for Android:
https://console.cloud.google.com/apis/library/maps-android-backend.googleapis.com

● For enabling Geocoding API:
https://console.cloud.google.com/apis/library/geocoding-backend.googleapis.com

● For enabling Places API:
https://console.cloud.google.com/apis/library/places-backend.googleapis.com
━━━━━━━━━━━━━━━━━━━━━━
☛ 3. Go to the credentials page and create new api key

● For creating new api key:
A. Go to the Google Maps Platform > Credentials page.
https://console.cloud.google.com/apis/credentials

B. On the Credentials page, click Create credentials > API key.
The API key created dialog displays your newly created API key.

C. Click Close.

The new API key is listed on the Credentials page under API keys.
(Remember to restrict the API key before using it in production.)
━━━━━━━━━━━━━━━━━━━━━━
☛ 4. To restrict an API key:

A. Go to the Google Maps Platform > Credentials page.
https://console.cloud.google.com/project/_/google/maps-apis/credentials

B. Select the API key that you want to set a restriction on. The API key property page appears.

C. Under Key restrictions, set the following restrictions:

● Application restrictions:
-- Select Android apps.

● API restrictions:
-- Click Restrict key
-- Select Maps SDK for Android, Geocoding API, Place API from Select APIs dropdown
-- To finalize your changes, click Save
━━━━━━━━━━━━━━━━━━━━━━
☛ 5. Go to Manifest or Resources of the target mod and find key of
com.google.android.geo.API_KEY
OR
com.google.android.maps.v2.API_KEY
Then replace with your api key.
━━━━━━━━━━━━━━━━━━━━━━
👉 For Practical Tutorial
https://t.me/TDOhex/389

Documentations:
https://developers.google.com/maps/documentation/android-sdk/cloud-setup#enabling-apis

https://developers.google.com/maps/documentation/android-sdk/get-api-key#restrict_key
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

Patch to Inject Fake Build Prop into Any App/Game
━━━━━━━━━━━━━━━━━━━
☛ For description of this patch
https://t.me/TDOhex/391
━━━━━━━━━━━━━━━━━━━
Build Property
Information about the current build, extracted from system properties
Documentation:
https://developer.android.com/reference/android/os/Build
━━━━━━━━━━━━━━━━━━━
❰ Manufacturer ❱
The manufacturer of the product/hardware.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->MANUFACTURER:Ljava/lang/String;
Replace:
const-string $1, "Xiaomi"
━━━━━━━━━━━━━━━━━━━
❰ Brand ❱
The consumer-visible brand with which the product/hardware will be associated, if any.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->BRAND:Ljava/lang/String;
Replace:
const-string $1, "Xiaomi"
━━━━━━━━━━━━━━━━━━━
❰ Model ❱
The end-user-visible name for the end product.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->MODEL:Ljava/lang/String;
Replace:
const-string $1, "Redmi K20 Pro"
━━━━━━━━━━━━━━━━━━━
❰ Product ❱
The name of the overall product.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->PRODUCT:Ljava/lang/String;
Replace:
const-string $1, "raphael"
━━━━━━━━━━━━━━━━━━━
❰ Device ❱
The name of the industrial design.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->DEVICE:Ljava/lang/String;
Replace:
const-string $1, "raphael"
━━━━━━━━━━━━━━━━━━━
❰ Board ❱
The name of the underlying board, like "goldfish".

Search:
sget-object ([pv]\d+), Landroid/os/Build;->BOARD:Ljava/lang/String;
Replace:
const-string $1, "raphael"
━━━━━━━━━━━━━━━━━━━
❰ Radio ❱
The radio firmware version number.

Search:
invoke-static \{\}, Landroid/os/Build;->getRadioVersion\(\)Ljava/lang/String;\n\n    move-result-object ([pv]\d+)

Or
Search:
sget-object ([pv]\d+), Landroid/os/Build;->RADIO:Ljava/lang/String;

Replace:
const-string $1, "Unknown"
━━━━━━━━━━━━━━━━━━━
❰ Hardware ❱
The name of the hardware (from the kernel command line or /proc).

Search:
sget-object ([pv]\d+), Landroid/os/Build;->HARDWARE:Ljava/lang/String;
Replace:
const-string $1, "qcom"
━━━━━━━━━━━━━━━━━━━
❰ Bootloader ❱
The system bootloader version number.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->BOOTLOADER:Ljava/lang/String;
Replace:
const-string $1, "Unknown"
━━━━━━━━━━━━━━━━━━━
❰ Fingerprint ❱
A string that uniquely identifies this build. Do not attempt to parse this value.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->FINGERPRINT:Ljava/lang/String;
Replace:
const-string $1, "Xiaomi/raphael/raphael:11/RKQ1.200826.002/V12.5.4.0.RFKCNXM:user/release-keys"
━━━━━━━━━━━━━━━━━━━
❰ ID ❱
Either a changelist number, or a label like "M4-rc20".

Search:
sget-object ([pv]\d+), Landroid/os/Build;->ID:Ljava/lang/String;
Replace:
const-string $1, "RKQ1.200826.002"
━━━━━━━━━━━━━━━━━━━
❰ Serial ❱
A hardware serial number, if available. Alphanumeric only, case-insensitive. This field is always set to Build#UNKNOWN.

Search:
sget-object ([pv]\d+), Landroid/os/Build;->SERIAL:Ljava/lang/String;
Replace:
const-string $1, "Unknown"
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

How to Reach Place to Patch Trough revenuecat
━━━━━━━━━━━━━━━━━━━
Points:
1. Determining the subscription status of a user can be done using the CustomerInfo (Also known an PurchaserInfo)  and EntitlementInfo objects.
2. The EntitlementInfo object gives you access to all of the information about the status of a user's entitlements.
3. "pro" access will be granted if user has active entitlement.
4. CustomerInfo will be empty if no purchases have been made and no transactions have been synced.
━━━━━━━━━━━━━━━━━━━
Codes:
// Check if the specified entitlement is active
        if (customerInfo.getEntitlements().get(<my_entitlement_identifier>).isActive()) {
           
            // Grant user "pro" access

            // We can reach the actual location through the code flow here, where we can apply our patch.
       
        }
━━━━━━━━━━━━━━━━━━━
Documentations:
1. https://www.revenuecat.com/docs/making-purchases
2. https://www.revenuecat.com/docs/customer-info#checking-if-a-user-is-subscribed
3. https://www.revenuecat.com/docs/getting-started#%EF%B8%8F-check-subscription-status
4. https://www.revenuecat.com/docs/purchaserinfo#section-get-entitlement-information
━━━━━━━━━━━━━━━━━━━
Class
Lcom/revenuecat/purchases/CustomerInfo;
Or
Lcom/revenuecat/purchases/PurchaserInfo;

Method
getEntitlements()

Regex to Search:
invoke-virtual \{([pv]\d+)\}, Lcom/revenuecat/purchases/(CustomerInfo|PurchaserInfo);->getEntitlements\(\)Lcom/revenuecat/purchases/EntitlementInfos;([\w\W])*?move-result-object ([pv]\d+)

Note: Sometime it will be obfuscated. So, that time this keyword will help you.

Keyword: activeEntitlements: .

👉 For Practical Video on this Method
https://t.me/TDOhex/415
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

🚀 Introducing SigTool: APK Signature Analyzer Pro 

SigTool is an open-source tool designed for developers and security analysts to perform in-depth APK signature analysis. It offers:

- Signature Extraction & Hash Calculation
- Java-style HashCode Calculation
- PEM Certificate Generation

🔗 GitHub Repository:
https://github.com/muhammadrizwan87/sigtool
✅ Requirements: pkg install python aapt openssl-tool
📦 Install: pip install sigtool
💡 Usage: sigtool -h

Your feedback and contributions are welcome! If you find it helpful, don’t forget to star ⭐ the repo and share it with your peers.
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

Step-by-Step Guidelines to Loading Complex Immediate Values in ARM64

1. Instruction Alignment and Address Incrementation:
- In the ARM64 instruction set, each instruction is 4 bytes in size. Consequently, the Program Counter (PC) increments by 4 bytes after each instruction. For example:

0x00001000 // First instruction
0x00001004 // Second instruction
0x00001008 // Third instruction
0x0000100C // Fourth instruction

2. Loading 16-bit Immediate Values:
- When using an ldr instruction to load a value from memory into a register, This can be done using the mov instruction if the value is 16 bits or less.

Original: Using ldr to Load a Value from Memory:

0x00001000 ldr x0, [x1] ; Load the value from x1 into register x0
0x00001004 ret

Patched: Manually Setting a 16-bit Immediate Value:

0x00001000 mov x0, 0x1234 ; Load the 16-bit immediate value 0x1234 into x0
0x00001004 ret ; Will return 4660 in decimal

3. Loading 32-bit Immediate Values:
- When dealing with 32-bit immediate values, the mov instruction alone is insufficient for loading arbitrary 32-bit values due to ARM64’s encoding constraints. Instead, a combination of mov and movk instructions is required to construct the full value if more than 4 bytes of instruction space is available.

Original: Using ldr to Load a Value from Memory:

0x00001000 add x1, x27, 90, lsl 12
0x00001004 ldr x0, [x1, 0xabc] ; Load value from pool 0x90abc into x0
0x00001008 ret

Patched: Manually Setting a 32-bit Immediate Value Using mov and movk:

0x00001000 mov x0, 0x5678 ; Load lower 16 bits (0x5678) into x0
0x00001004 movk x0, 0x1234, lsl #16 ; Load upper 16 bits (0x1234), shifting them into place
0x00001008 ret ; Will return 0x12345678 (305419896 in decimal)

- This sequence constructs the 32-bit value 0x12345678 in the x0 register.

4. Loading 32-bit Immediate Values with Limited Instruction Space:
- If only 4 bytes of instruction space are available, you cannot use the mov + movk combination. In this cases, you must ensure the immediate value conforms to the ARM64 encoding scheme. If not, alternative methods (like storing constants in null bytes and load using ldr instruction) or multiple instructions are required.

Original: Using ldr to Load a Value from Memory:

0x00001000 ldr x0, [x1] ; Load the value from x1 into register x0
0x00001004 ret

Patched: Manually Setting an Immediate Value with mov:

0x00001000 mov x0, 0x7fffffff ; or 0x12340000. Valid due to encoding scheme
0x00001004 ret

- However, attempting to load a more complex 32-bit value that doesn’t conform to ARM64’s immediate encoding scheme, such as 0x12345678, will result in an error:

0x00001000 mov x0, 0x12345678 ; Error: This cannot be encoded directly
0x00001004 ret

Conclusion:
- ARM64 instructions are fixed at 32 bits, and the Program Counter increments by 4 bytes with each instruction.
- For 16-bit immediate values, the mov instruction can directly load the value within a single 4-byte instruction.
- For 32-bit values, 8 bytes of instruction space are typically needed to use a combination of mov and movk.
- If restricted to 4 bytes, ensure the immediate value fits within ARM64's encoding scheme (like 0x7fffffff, 0x12340000). If it doesn't, the value cannot be loaded directly, and alternative methods must be used.

How to set a 64-bit Immediate Value Using mov and movk:

0x00001000 mov x0, 0xcdef ; Load lower 16 bits (0xcdef) into x0
0x00001004 movk x0, 0x90ab, lsl 16 ; Load next 16 bits (0x90ab), shifting them into place
0x00001008 movk x0, 0x5678, lsl 32 ; Load next 16 bits (0x5678), shifting them into place
0x0000100C movk x0, 0x1234, lsl 48 ; Load upper 16 bits (0x1234), shifting them into place
0x00001010 ret ; Will return 0x1234567890abcdef (1311768467294899695 in decimal)

━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

Exploring Null Bytes: How to Patch Functions Using Unused Memory

In low-level programming, direct memory manipulation plays a crucial role. You often deal with situations where you need to modify the memory directly to change a program’s behavior. This might involve taking advantage of null (unused) memory regions to store values or patching instructions to load specific data into registers.

1. The Original Function

Here’s a simple function in assembly that loads a value from memory into a register and then returns.

Assembly Code:

0x00001000: 200040f9 ldr x0, [x1]  ; Load value from x1 into x0
0x00001004: c0035fd6 ret
0x00001008: 00000000 invalid ; Null bytes (unused memory)

2. Modifying (Patching) the Function

The task now is to patch this function so that it loads a specific value, 0x12345678, into the x0 register, without using the address stored in x1. We can achieve this by using the unused memory at address 0x1008 to store the value and changing the ldr instruction to load from that location.

Steps for Patching:

1. Write the Value to Memory:
We will store the value 0x12345678 in little-endian format into the null memory at 0x1008.

Using a tool like radare2, you would write this value with the following command:

wx 78563412 @ 0x1008

2. Modify the ldr Instruction:
We change the instruction from ldr x0, [x1] to ldr x0, 0x1008, so that it loads the value directly from the memory address 0x1008.

In radare2, you could modify the instruction using the following command:

wx 40000058 @ 0x1000

Patched Assembly Code:

0x00001000: 40000058 ldr x0, 0x1008 
0x00001004: c0035fd6 ret
0x00001008: 78563412 and w24, w19, 0xfffff003

After patching, the function performs the following steps:
ldr x0, 0x1008: Loads the memory data stored at 0x1008 into the x0 register.
ret: The function then returns, with x0 now holding the value 0x12345678 from memory.

How to Identify Unused Bytes:

unused bytes might be padding, null bytes (0x00), or reserved space that you can use for your modifications. Before modifying memory or patching code, it's crucial to identify these unused bytes to avoid overwriting critical program data or instructions.

You can use a tool like radare2 to find these unused bytes in your binary. Here's how:

1. Open the Binary in radare2:

r2 -w <your-binary>

2. Analyze the Binary Sections:
Use the iS command in radare2 to view the memory sections in the binary:

iS

This will display details of the various sections in the binary, including their physical and virtual addresses and sizes.

3. Look for Gaps:
Examine the output to find gaps between the sections. For example, if one section ends at a specific address and the next section starts a few bytes later, the space between them is likely unused. Here’s what to look for:
End of Section = paddr + size (0x00000200 + 0x24 = 0x00000224)
Start of Next Section = paddr (0x00000228)
Gaps = 0x4

4. Using Gaps for Modifications:
Once you’ve identified unused bytes, you can modify them safely to store values, as done in the example in this post. This avoids disrupting any active code or data within the binary.

Notes:
1: null (unused) bytes do not lie within critical function boundaries or instruction sequences. In this case, since 0x1008 is outside of the active function body, it's safe to use.
2: When modifying instructions to load from a particular memory location, ensure the address is stable and won't change at runtime.
3: null bytes must be aligned based on the instruction size. ARM A64 typically requires 4-byte alignment for a single instruction.
4: In ARM, the pool can span ±1MB from the base address. For example, if the base address is 0x00000000, the literal pool could range from 0x00000000 to 0x00100000 (1MB forward) or from 0xff000000 to 0xfffffff (1MB backward).
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

🚀 Introducing KeySigner: The Ultimate Keystore Management & APK Signing Tool!

🧑‍💻 Tired of complex keystore management and APK signing and looking for a seamless way to perform theses tasks? Check out KeySigner!

✨ KeySigner: A useful command-line tool for developers! Manage your keystores and sign APKs with ease using KeySigner’s developer-friendly interface.

🔑 Key features:
- Generate JKS, BKS, and PKCS12 keystores
- Migrate and convert keystore formats
- Extract certificates and private keys
- Sign APKs with custom keystores (v1, v2, v3)

✅ Requirements:

pkg install python openjdk-17 apksigner openssl-tool

📦 Installation:

pip install keysigner

🔗 GitHub Repository:
https://github.com/muhammadrizwan87/keysigner

📱 Get started today and boost your development process!

🤝 Your feedback and contributions are welcome! If you find it helpful, don’t forget to star ⭐ the repo and share it with your peers.
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

🔥 Big Update Alert: SigTool - APK Signature and Keystore Analyzer Pro! 🔥

SigTool just got supercharged! This open-source tool isn’t just for analyzing APK signatures anymore. We’ve added TWO new features to help developers and reverse engineers get even more out of their projects.

✨ For Developers: Perform in-depth analysis of X.509 certificates with SigTool to seamlessly integrate signature verification into your projects. To extract an X.509 certificate from your keystore, be sure to check out our second tool, KeySigner.
KeySigner: https://github.com/muhammadrizwan87/keysigner

🕵️ For Reverse Engineers: Need a hook to bypass APK signature checks? SigTool now can help you to generate those hooks, you can check out the MT VIP hook template in our demo.

🔗 GitHub Repo: https://github.com/muhammadrizwan87/sigtool

✅ Requirements:
pkg install python openjdk-17 aapt openssl-tool

📦 Installation:
pip install --force-reinstall sigtool

💡 Usage: sigtool -h

Your feedback and contributions are welcome! If you find it helpful, don’t forget to star ⭐ the repo and share it with your peers.
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

✨ New Update for SigTool ✨

- We’ve enhanced mthook with obfuscation to bypass the hook detection, which often flagged it due to superclass or library names.

🔗 GitHub Repo: https://github.com/muhammadrizwan87/sigtool

✅ Requirements:
pkg install python openjdk-17 aapt openssl-tool && pip install setuptools

📦 Installation:
pip install --force-reinstall sigtool

💡 Usage:

To help:
sigtool -h

To generate mthook:
sigtool /path/to/apk -hmt

To inject hook:
https://github.com/muhammadrizwan87/sigtool/tree/main/sigtool/sighooks/mt_enhanced_hook#to-inject-hook-on-target-apk
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

✨ New Update for KeySigner ✨

What's New:
🔄 Keystores Migration Added: Migrate between JKS, BKS, and PKCS12 keystores seamlessly.
💼 Import PEM to PKCS12: Import x509 certificates and private keys into a new PKCS12 keystore. PEM to PKCS12 conversion included.
📈 Enhanced Input Validation: Significant improvements in input validation. The utility module now smartly handles and validates user inputs.
🛠 Distinguished Names Fixed: DName have been fixed, and now any empty names will no longer be displayed

✅ Requirements:

pkg install python openjdk-17 apksigner openssl-tool

📦 Installation:

pip install --force-reinstall keysigner

🔗 GitHub Repository:
https://github.com/muhammadrizwan87/keysigner

🤝 Your feedback and contributions are welcome! If you find it helpful, don’t forget to star ⭐ the repo and share it with your peers.
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Second Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

🎉 NEW RELEASE: DexDumper is Live! 🎉

We're releasing DexDumper - A sophisticated memory analysis library that extracts DEX files from running Android applications without requiring root access.

🔍 Key benefits:
- Smart memory scanning
- Sandbox/VM compatible
- Lightweight resource usage

💡 Why You'll Love It:
- No Frida required
- No Xposed required
- No root required
- No adb required
- No GameGuardian required
- No extra tools, modules, or permissions required
- No need to break the target app’s integrity
- No PC needed — build directly on the device!
- Respects app boundaries — completely legal!
- Open source and community-driven!

🚀 Get Started:
- Check out the repo
- Star it to support the project
- Easy to set up, Easy to use
- Fork it, improve it, and let’s grow this project together

🔗 Github Repository:
https://github.com/muhammadrizwan87/dexdumper.git

🔗 How to Use DexDumper
https://t.me/TDOhex_Discussion/75820

📝 Notes:
1. DexDumper is currently in its development phase, so it may not work reliably on apps protected by advanced packers such as: DexProtect, Jiagu360, Ijami, Etc...

2. For Termux-based NDK builds, check out MrIkso’s AndroidIDE-NDK repo. Alternatively, use the GitHub Actions workflow to auto-compile the source — no manual setup needed, handles dependencies, and builds for all architectures.
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Main Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━

🚀 DexDumper v2.0.0 Released!

This update brings the biggest leap so far — full runtime configuration, smarter exclusions, and enhanced safety for DEX dumping operations.

✨ Highlights:

⚙️ Runtime Config System
DexDumper now supports a flexible runtime configuration system. You can tweak behavior instantly through a .conf file — all without recompiling. It’s perfect for debugging or testing different setups quickly.

Configurable Settings:
- Second Scan
- Scans Limit
- Region Filtering
- Exclusion List
- Output path

👉 For more info
https://github.com/muhammadrizwan87/dexdumper?tab=readme-ov-file#runtime-configuration-library_nameconf

🔒 SHA1 Exclusion Control
Added a clean way to skip known or unwanted DEX files using their SHA1 hashes. This helps avoid re-dumping system or placeholder files, keeping your output clean and relevant.

🧠 Duplicate Prevention
A new SHA1-based duplicate detector ensures that already dumped DEX files are not saved again. It saves both time and storage while maintaining accuracy in large dump sessions.

🧹 Safer Cleanup
The cleanup routine now deletes only valid DEX dump files (matching the precise filename pattern). This prevents accidental removal of other files in the output directory — safer and smarter cleanup.

🔗 Github Repository:
https://github.com/muhammadrizwan87/dexdumper.git
━━━━━━━━━━━━━━━━━━━
♻️ Join Channel: @Android_Patches
📣 Main Channel: @TDOhex
💬 Discussion Group: @TDOhex_Discussion
━━━━━━━━━━━━━━━━━━━