Thread: iGO Navigation 9.35.2.250945 (2021.02.02) - "WORLD"

@Boki, I think tamper with the check that accept the license file.
@Roedi perhaps, it's not to this thread
The serach made is from 1D04F24 licennse/d_fingerprint.txt
1E94A96 license/
In IOS the string was license/%s. The more similar in the apk saw is license/%d. It is a "l" 00 00 00 "i" 00 00 00 "c" 00 00 00 and so on string. The size on IOS version tampered was 15mb and armv7.

__text:004EAE90 ADD R5, SP, #0x28+var_20
__text:004EAE94 MOV R4, R1
__text:004EAE98 MOV R1, #0xCB066C <= ref "l" 00 00 00 "i" 00 00 00 "c" 00 00 00 "e" 00 00 00 "n" 00 00 00 "s" 00 00 00 "e"
__text:004EAEA0 MOV R0, R5
__text:004EAEA4 BFC R2, #0, #1
__text:004EAEA8 ADD R10, SP, #0x28+var_18
__text:004EAEAC BL sub_3A200
__text:004EAEB0 MOV R0, #0x8140

mine license/%s

the check is some several bytes after in

_text:004F3A80 loc_4F3A80 ; CODE XREF: sub_4F3590+4A4↑j
__text:004F3A80 MOV R0, R8 ; void *
__text:004F3A84 LDR R1, [SP,#0x80+var_6C] ; void *
__text:004F3A88 MOV R2, #0 ; size_t size word #10 before patching it
__text:004F3A8C BL _memcmp
__text:004F3A90 MOV R2, #0
__text:004F3A94 MOV R11, R0
__text:004F3A98 LDR R0, [SP,#0x80+var_54]

Send me a private mes
sage and we can get in contact. The main idea will be to have the armv7 version and armv8 but start with the v7