HackProtect Extension. No Permissions Needed


#1

Description

This light weight extension helps you limit how your users can hack your application. 4 critical elements are detected.

  1. Is the System User running the application,
  2. Is ADB Debugging enabled,
  3. Is the application running on an emulator, and
  4. Is the device rooted.

When you handle these elements properly, you can shut your app down before people can logcat, or intercept network traffic, thereby protecting things like API credentials, passwords, proxies, etc.

Blocks

Example Use Case

LInk

Dropbox

HackProof.aix

Shared with Dropbox


#2

boom! another brain works. Thanks mate! create a donation button for ur future work


#3

Thanks mate. Very kind words.


#4

Wow, well, you’ve been waiting for a long time. But if you hack with Lucky Patcher to buy from the app it does not work


#5

Well LuckyPatcher is a different story.

I will see if I can add a little protection. We can check to see if the certificate has changed. However watching for the the patching of code modifications, is a different story.


#6

Thanks, anyway your extension protects against hacking of removing advertisements with LuckyPatcher and this is the most important for me


#7

Two things you can do.

  1. Check is luckpatcher is installed, and then refuse to open the application.
  2. Store the package name of your app on firebase, Then we can compare it to the package name of the actual app. Once luckypatcher patches an app it changes the package name.

Thanks for bringing this up.


#8

I’m not sure LuckyPatcher renames the package


#9

I am 80% sure it does… but we will test and find out.


#10

You can use this extension to check which apps are installed.
https://puravidaapps.com/packagemanager.php


#11

But it takes a lot of time to load all applications


#12

You can use this method: https://community.appybuilder.com/t/hacking-problems/16452/53


#13

That topic is unlisted on the appybuilder forum so posting the link doesn’t help.


#14

unlisted means invisible, but it is still there, if you follow that link
just try it in a browser without being logged in…
Taifun


#15

Oops, but now it’s gone :sunglasses:


#16

is there any way to block users who use apps like url sniffer,url snoper etc? im looking something to block seeing my url’s.


#17

The only way I think you ca do that is to setup your own proxy, with your own domain, however that wont work for any HTTPS sites


#18

thnx for your answer but im not an expert.


#19

I think we can make a list of dodgy applications and then have an extension that looks if those packages are installed. Kinda like the way they detected spam email way back in the day.


#20

thats a great idea