[Tutorial] How to bypass Xigncode Mobile

[Kuroyama]

Things Needed:
- APK Easy Tool
- Reverse Engineering Knowledge

This method only works on some games

Steps:
1. Decompile the apk using APK Easy Tool without "Don't decode classes.dex" option checked

Spoiler: Screenshot

2. Head into Decompiled APK Directory, I'm using Point Blank Strike for this test so for example I will go to:

Spoiler: File Path

C:\Users\<username>\Documents\APK Easy Tool\1-Decompiled APKs\Point Blank Strike\

3. Open smali folder, and locate "XigncodeClient.smali", usually the file is here:

Spoiler: XigncodeClient.smali Default Path

...\com\wellbia\xigncode\

4. Open the file with any text editor, and find

Spoiler: Code

.method public initialize(Landroid/app/Activity;Ljava/lang/String;Ljava/lang/String;Lcom/wellbia/xigncode/XigncodeClientSystem$CallbackI

Spoiler: Screenshot

5. Now, Add this code after .prologue line, so the code should looks like this:

Spoiler: Code

.prologue
const/4 v0, 0x1
return v0

What do we exactly modify here?
A function that starts Xigncode protection function that imported from libxigncode.so and set this function to always return 1 / return true without calling the protection function

Last thing you need to do is recompile the app and you are ready to go.

Credit: Me

 

[Alex]

Best Cracker Award 2018 !

 

[Dogboy69]

Lol. This works really well as long as the Devs have not implemented xigncode properly. If you think just telling the APK to just not run the protection will work for every game you are seriously delusional

 

[Kuroyama]

Lol. This works really well as long as the Devs have not implemented xigncode properly. If you think just telling the APK to just not run the protection will work for every game you are seriously delusional

Some of developers are start the xigncode function from .dll (especially for game that runs unity engine) and if they are smart enough, they could just obfuscate the dll with their own way so no way modder could reverse it using dnSpy or any c# dll editor.
Unfortunately I noticed that many games run their xigncode function from their java entry point or smali or whatever you want to call it so It will be easy to bypass it unless they do checks if xigncode is running from another thread.

 

[Kuroyama]

Just some screenshots that proof some games call the XignCode initialization from app entry point, Both games are made by unity and the dll are decompileable, I have checked both dll with dnSpy and there is no function that calls function from libxigncode.lib.

 

[Alex]

If you wanna see the real xigncode3 go search for other games using it and try
those which use the cookies =)

 

[Valos]

crashed

 

[SonX]

Nice work my friend

 

[NERONZ]

Good work

 

[Mikejolli]

nice work!

 

[fallen_13]

Very useful info. Thanks!

 

[Razer]

Makek vidio plis on yt

 

[RadenVJ]

Hi kuroyama,
I really appreciate the tutorial you gave (How to bypass xigncode)
but when I tried it, the application remained forceclose when loading.
what because the developer has tightened its security?
but other modder still update with the mod they make.
Can you help me ? maybe you can check / try to bypass SAOIF again.
if you succeed, please let me know.
Watashi o tasuketekudasai

 

[detect777]

Thank bro, nice tut

 

[Raikuharies]

sya akan mendukung untuk game toram online. kerja semoga

 

[Raikuharies]

can u send me tutorial ? i need tutorial bypass xigncode toram onlline

 

[m01ses]

Just some screenshots that proof some games call the XignCode initialization from app entry point, Both games are made by unity and the dll are decompileable, I have checked both dll with dnSpy and there is no function that calls function from libxigncode.lib.[Attachment removed from Quotes][Attachment removed from Quotes]

She's right where we can find that if don't have xigncode.lib

 

[0x90]

Guys, this is a thread from 2018, this method is likely not to work anymore since it works only in deprecated versions of xigncode, the anticheat has evolved and its been updated several times.

If anyone is curious about xigncode bypassing i'd recommend to forget trying to bypass it by making the xigncode lib not to load, i am pretty sure xigncode mobile uses heartbeat packets now to check wheter the anticheat loaded correctly or not plus games nowadays must have crc checks for this as well.

 

[AzuraKey]

You know xingcode Toram Online?

 

[Shared Object]

Nice tutorial, but

.prologe

isn't necessary. And this method is very old, as @iAlex told, xigncode with cookie works diferent, and requires hooking methods.