Interview with Jasi2169
Hello.
Today, this Saturday evening, I want to offer to read an interview with Jaspreet Singh (also known as Jasi2169) - a member of the URET team of reversers.
')
The interview took place a couple of days ago.
I hope that this material will be of interest to the IT community, perhaps someone will want to ask questions, which we will then send to Jasi.
Write questions in the comments. A set of questions will be made until the end of January, after which I will try to bring them together and send them to the addressee.
But it will already be a completely different publication (if there will be).
So…
I
Hi, Jasi! If you do not mind, I would like to ask you some questions for all readers of the resource Habrahabr.
Jaspreet singh
Come on.
I
We now communicate with you through Hangouts - are you worried about a possible leak of your identity? By the way, you have a Google+ account. Nowadays, all paranoid - but not you. Why - because taking into account your activities, do you have all the rights to worry about anonymity?
Jaspreet singh
I don't care about all this, I know that Google knows where I come from. I just don't want anyone to know my face. In general, it is better to stay away from the USA if you want freedom.
I
That is, nobody bothers you about hacking software? It seems that Indian laws are very tolerable!
Jaspreet singh
I do not break the Indian laws, and I do not break the Indian software, except for the modification of the games - and this is private hacking for educational purposes.
In addition, I stopped publishing hacked software since October 2016, now I’m mostly busy working on the URET Patcher and do not physically hack the software. True, I released two - it was the MX Player at the request of the user ositkp from the forum w3bsit3-dns.com - he wrote to me that the new version crashes on launch. And there was also rivacy remium - the developer simply blocked his application for India, and by the way he was aware of this hacking. I'm not going to release hacked releases anymore, unless there is a particular reason for that.
It is better to make patches, keygens or publish serial numbers than to hack software - in this case, you give the user the choice to click PATCH / GENERATE or not - and in this case it is his responsibility to violate possible laws. So, by the way, Lucky Patcher works: it does not hack software, but gives the user a choice whether to do it or not. We just hone our ability to reverse and we like it, because knowledge is power. Well, by the way it improves the development skills of the software manufacturer.
I
Can you tell us a little about yourself? All I know is that your name is Jaspreet Singh, you are from India and you are a member of the URET (United Reverse Engineering Team) team.
Jaspreet singh
Yeah, well then, a little about me.
Yes, this is true - I am from India, and there was a time when I wanted to leave for the USA, but did not receive proper grades on the SAT exam, haha, no luck, yes.
I
SAT exam? What is it?
Jaspreet singh
Exam for studying in the USA.
Well, and when I bought my first Android phone - it was the end of 2011 and the Samsung Galaxy Y. I was in 12th grade then - well, this is graduation class by US standards.
The first thing I installed was a media player.
I downloaded PowerAmp. He stopped working after 15 days, and I had neither a bank account, nor money — nothing, but the player did not work, as though I did not want to.
Well, I started digging into Google, I had no idea what patches were, I was completely new in this world. By the way, now I have quite a lot of legally acquired software and two different legal licenses for PowerAmp. And I really think that we should support the developers of good software, because who, if not for me, do not know that development is really not easy.
I
Well, in the end you built your casino with blackjack and whores? )))
Jaspreet singh
No, buddy, this is just the beginning of the story.
So, I was looking for something like “poweramp music player version full blablabla” - damn, I still remember that! - and I found the chelpa player patcher (developer Lucky Patcher - note). In general, I watched the video, understood how it was done, patched the player and started looking for this chelpa guy.
I found it on xda, well, I write to him: “I want to be like you,” haha, I still remember that too! Well, it all started ...
I asked him how such things are done, well, and he replied that special tools are needed, he told me about IDA Pr. I was curious, I again found various educational videos - and it started!
I must say that this disassembler from HexRays is very complicated at first. Nevertheless, it is the best tool for static analysis of applications.
I once asked chelpa why he does it? And he replied: "It enhances my knowledge, sometimes the user simply does not have the Internet or it is simply impossible to make online purchases, and in general, developers often inflate their users." In general, I have always believed and believe that chelpa is my mentor.
Well, that's how it all started - chelpa prompted me to compare the original PowerAmp file and the patched one, and showed a couple of other applications and told how he patches them.
Those patches were so nonsense, then I started to learn Java and Visual Basic - everything is on the Internet! In 2014, I began to understand the basic algorithms, started to make patches for Windows, some loaders. And once I published a simple single-byte patch for WinCHM on the URET site - and here on the forum some guy named Jaspreet Singh writes: “Well, you and lamer, then you have to keygenit!” That's how I started to make keygens, mostly they .Net, well, there are some on the native.
It was the time when the software maker started attacking me, if this happened - well, I stopped updating my patches and keygens, but nevertheless, over time, my blog, where I published all this, was removed by Google because of DMCA complaints. That's how I moved to Wordpress.
I
Do you even study IT (well, I mean college, university, etc.) or is it just a hobby?
Jaspreet singh
Yes, I got a bachelor's degree in college, but after that I don't want to study anymore.
I
Why? Why don't you want a higher degree?
Jaspreet singh
No, enough! In India, all these degrees do not matter, it is a simple formality. We have a caste system, it determines whether you will get to work or not.
I
Yes, it looks silly.
You spend so much time on your activities: a bunch of posts on jasi2169.wordpress.com, write on the w3bsit3-dns.com forum, on URET.in - there you are generally in moderator status. Do you even have time for personal life?
Jaspreet singh
I had a job at the Wipro multinational company - I remember coming to two interviews at IBM and Wipro, and then I was invited to work. But then Winpro wanted me to get a master’s degree for 4 years under contract (they paid for tuition), but I don’t want any more training. In general, I left.
Well, as I said, Google deleted www.jasi2169.blogspot.com , where I published 2-3 patches every day for different software, I moved to Wordpress, and to be honest, I’m not as active there as I was before .
In short, now I am unemployed and somehow I’m not looking yet, because at work they bind you to do the things that you don’t like. I wrote one application for the market, now it brings me about $ 100 a month. I basically have enough - I am a young bachelor and live with my parents.
Yes, I look at a couple of forums, but not so much - basically, I track down problems with the URET Patcher and the URET Android Reverser Toolkit, so since 2017 I have enough time.
I
Is $ 100 a month enough for a bachelor in India?
Jaspreet singh
Honestly, yes. Well, besides, my father is a former military man, he gets a pension, and we have enough. Maybe once I get married and I will not be enough. I understand that now money is important, but destined to be so.
I
So hacking programs is your hobby. Have the manufacturers of the hacked software contacted you and offered you a job?
Jaspreet singh
No, nobody. I once wrote to the developers of Mini Militia that I could close several vulnerabilities, but this did not interest them.
I am still doing web design at night, well, it's a type of freelancing. Well, I sleep during the day. I like working at night.
I
And what are your plans for the future?
Jaspreet singh
Well, in general, it would be nice to get a good job at Google - they pay well and have a good atmosphere, even though mom doesn't yell :) Private work is poorly paid, and it is clear that sooner or later it will be necessary to take on the mind and it will be very difficult. Now large companies come to large universities and hire workers from there, they are not interested in graduates of small educational organizations. Well, the caste system, I have already said.
I
Clear.
By the way, www.URET.in is registered in India. You have no problems with complaints about the resource?
Jaspreet singh
Honestly, I don’t personally know these guys at all. Different people from different places participate in the team, even administrators come from India, but live in different countries. This is a regular team of reversers, I know and really respect other teams - Core, lz0, arteam, at4re, SnD - talented guys in different countries who live their simple lives.
I
So you do not communicate at all? Each release is the result of the labor of one person, you do not have general releases?
Jaspreet singh
Well, my releases are the result of my work only. I release them on behalf of the team, they provided me with a platform, but in general I have my own blog and my own platform too.
I
Interestingly, that is, in the team you have no communication - just a common platform?
Jaspreet singh
No, well, we communicate, but no more - all are anonymous, although which country we know from.
I
Except you.
Jaspreet singh
Well, I, too, are anonymous - no one knows where I live in India and how I look.
I
Well, taking into account that in India a billion people are yes.
Jaspreet singh
Yes, a lot of people.
I
Well, so why did you choose URET?
Jaspreet singh
I don’t know, quite by chance, I was on the forum of the SnD team, well, I heard that there was some kind of team expanding the club of Indian reversers, I talked to them, and then Phoenix offered me to join the team, I agreed.
I
Clear.
And what do you think about the development in Android OS and applications for it? Has it become harder to crack?
Jaspreet singh
No, not harder. Google servers both worked and work, I can bypass the checks as before. All you need is Xposed. With his appearance, there is no need to change the code at all.
I
But it seems that Xposed for new versions of Android has not yet come out?
Jaspreet singh
No, under Android 8 already came out, two weeks ago.
True, still beta.
I
Clear.
Let's talk about the URET Patcher. Is this howling an idea or did someone help from the team? I know chelpa helped, right?
Jaspreet singh
This is my idea and only I worked on it, but yes - chelpa helped. We talked, especially regarding changes in Android 8, including in relation to the work of Lucky Patcher in this OS. Well, you know Lucky Patcher - he patches the code and dalvik, his chelp has been invented and supported.
Chelpa helped me a lot with dalvik, especially with Lollipop patching and CRC checking, and then all the changes went away with every reboot of the device.
Chelpa is generally very cool.
I
But in new versions of Android, Dalvik has changed to ART.
Jaspreet singh
Well, yes, but it is even easier. Dalvik required more edits, it is not just replacing or adding bytes, as in Windows, in Android even replacing one byte requires patching md5, crc32, adler32 - otherwise the system will not accept the file.
I
That is, with the transition to ART has become even easier?
Jaspreet singh
Not simpler, too, there are nuances, but it took fewer steps in patching than with Dalvik. Yes, the algorithms have become a bit more complicated, there is a need to determine the processor and bit depth, determine the position of the system, and only then work - it was not in Dalvik, but there were more steps in editing signatures and so on.
Well, everywhere their nuances.
I
I know that you previously released quite a few patches for specific Android applications. Then the URET Patcher appeared - an “all-in-one” solution, and now you are trying to make some kind of generic generic that will work for any application - without creating individual patches. I set everything right?
Jaspreet singh
Well, yes, in principle, this has already been done - called emulation of licenses and billing. This approach is an offline substitution of Google server responses. Thus, the application will consider itself licensed forever.
So far, the online check has not been fooled, but I have a few ideas this way. When I implement it, it will be a plague. Developers will not be able to get around this, but for now these are just plans.
I
What difference does the URET Patcher from Lucky Patcher, Freedom, and all other solutions that “emulate” Google’s response to a license request?
Jaspreet singh
Freedom and LP are similar in this, and the URET Patcher is different. I made an actual clone of Google servers, which sends the correct response to a request calculated by the correct algorithm with a complete crawl of all Google libraries in the application.
I
You mentioned cheating online checking. So these are your plans for future development? Why I ask - the last update of the URET Patcher was October 31, 2017, and your other development, the URET Android Reverser Toolkit, was June 20, 2017. After that there were releases for programs under Windows, and in general there were rumors that you were tired of Android, and you switched to Windows.
Jaspreet singh
No, those releases are just some of my close people asked me, so I released a couple under Windows.
I
Well then - briefly - what are the plans for the development of the URET Patcher?
Jaspreet singh
Well, I need to complete the list of everything that needs to be done and changed in the URET Patcher, and then I need to drop out of the life of days like 4-5. Just when I update this patcher, I usually need exactly so much time, with what for 16-18 hours of work every day. You need to check the work on each version of Android in the emulators, check all possible situations to eliminate errors and malfunctions.
Now I am waiting for an update to Android 8 on my device, and then I will start working. I have already made some corrections in patches for Android 8, and one user even tested them on my device, but before the general release I want to check everything myself.
Now I plan mainly some edits, adding a couple of additional features, updating patches of some programs - and of course the online check, which I have already mentioned.
I
I bet that your device is OnePlus 5.
In general, it looks like a very hard work. I hope someone appreciates such efforts and offers you a really good robot!
Jaspreet singh
No, I have a Galaxy S7.
What does b / y)
I
Damn, I blew a bet!
Jaspreet singh
Haha, yes.
Now S9 will be released and sales of cheap S8 will begin, then I will sell S7 and switch to S8. I basically do this all the time, it allows me to get the latest Android updates. Because Samsung’s overall policy is two major updates, after which support virtually stops.
In principle, this is how I found out that the URET Patcher and Lucky Patcher patches on Android 7 on Samsung phones caused the device to reboot.
I saw it on S7, after many users wrote to me about it. It turned out that this was caused by Knox - I solved the problem and unsubscribed from chelpa, he corrected it in Lucky Patcher.
I
Why Samsung? Do different manufacturers have different protections?
Jaspreet singh
Well, I prefer Samsung, because the most problems with them. And besides, there are more of them in the world. Yes, and I like Samsung!
I
Clear.
I think that Habrahabr readers may have another question for you, after reading this material. Can I bring them together, and then ask you?
Jaspreet singh
No problem, ask!
Until!
Upon request - the original in English under the spoiler.
Gray jack
Hi, Jasi! Habrahabr readers if you don’t mind.
Jaspreet singh
Yes ask go ahead
Gray jack
We are talking about your identity? By the way. It becomes paranoid - but not you. Why?
Jaspreet singh
I dont care if I’m liking
Gray jack
So nobody you The laws in India looks very tolerant! ))))
Jaspreet singh
I dont break the rules for games / learning.
I’m not patched by the patcher since I’m in the 2016 Do you need to click on it? Do you need to click on it? unless user wants it to be. It is up to you to know how to do it. you see it from me since 2016? It’s a little bit different. did.
It is better to make it easier to make it.
Gray jack
Could you tell us a little about you. It was a URET (United Reverse Engineering Team) crackers team.
Jaspreet singh
Yup ouk lemme tell you some of the infos
Yea thats true i am india and there i didn’t get
Gray jack
SAT exam? What is it?
Jaspreet singh
Exam for graduation to study in USA
Anyway when i bought the first android phone galaxy y 2011 it came in 4th qut. I was in 12th class / class == major in US.
Audio video player
I downloaded poweamp thats the start
I stopped it after badly.
I’m not a badass player, but I’m not able to go go.
(Now i have many apps purchased and have 2 diff. License for poweramp as well ;-)
Gray jack
So you built your own casino - with black jack and whores? )))))
Jaspreet singh
Not yet bro still start
I’ve been searching for the music player version of the video player now I’ve seen the patches of the music player.
If you’re hahah
I’m looking at what I’ve seen.
It was very complicated
It is a tool to analyze the app statically.
I’ve been able to give you a little bit of help.
So thats how it was started he told me to look for original app and patched poweramp and couple of apps he patched and told me what he did.
That was hit/run type of patching and then i started learning language from internet java and visual basic all learnt from net made me clear now when it was start of 2014 i was good in developing & understanding the algos ,then i started making windows apps patches,loaders and there was time on URET i released a single byte patch for winchm and one guy named jaspreet singh came & said its lame it should be keygenned then i started making keygens. Thats a diff. Story
Then i started making keygens thats how it came mostly Dot Net, few native.
It was time devs used to message me its his app so i never release updates for that app,my blog was removed by google due to so many dmca that's why i made wordpress
Gray Jack
Have you studied IT (I mean college, university etc) or it's just a hobby?
Jaspreet Singh
Yes i took Bachelor in IT in college i am done with graduation now.
Gray Jack
Why? You don't want to get higher degree?
Jaspreet Singh
Nope its enough, degree are just a formality here ,in india to be honest skills have no value,they need numbers to get jobs n there is caste system so even if low caste guy get 30/100 he is passed & general category guys gets 70/100 he is failed,bad stuff.
Gray Jack
Yeah, look ridiculous.
It looks like a lot of time is spent for your cracking activity: lot of posts at jasi2169.wordpress.com, activity at 4pda forum, activity at uret.in — by the way your moderator there. Do you have a free time for private life at all?
Jaspreet Singh
I got job in multinational company named wipro i gave 2 interviews for ibm n wipro then i was selected in wipro but they wanted me to have masters for 4 years which was in their bond they were paying but i never wanted to study anymore
Google also removed blog www.jasi2169.blogspot.com which had everyday 2 or 3 cracks,patches either for windows or android released, i was so inside cracking and then due to so many dmcas google removed that blog so i made wordpress and i dont add that much cracks neither i do now a days.
So at this time i have no job and never tried either cus they bound you to do what you dont like and i made one app and added on play store it pays me around 6k indian rupees per month close to 100$ per month its not that much but enough for me as i am single & i live with mom n dad.
Now i do spend time ,before i was busy though,i only glance couple of forums only but not do that much,i just glance whats new n what are issues people getting in URET Patcher or Uret Android Reverser Toolkit 'thats all,since 2017 start i do have time but not that much for RCE.
Gray Jack
$100 per month is enough for single guy in India?
Jaspreet Singh
Its enough to be honest if you are single and you live with your parents,cus dad was in army so he gets pension and its enough to live,maybe it wont be enough when i be married ;-) though i see money is important nowdays but god knows whats written living life with the way it's going.
Gray Jack
So cracking for you was just a hobby and fun. Did some of developers of the programs you have cracked contact you trying to propose a good job? ;)
Jaspreet Singh
Nope no one did ,there was time i told mini militia devs to fix couple of simple loopholes if they can pay but they were not interested
Now in night i design website in freetime of someone pays kind of freelancing
In morning i am sleeping :-D mind works great in night.
Gray Jack
And do you have any future plans?
Jaspreet Singh
I wish i get some good jobs in google cus it pays good & have better environment atleast mom wont yell at me,private jobs here pay very less and now its easy cuz i live with parents n single but i knw it will be too hard in future and here big companies come in big universities like IIT they come in college and hire them and they dont look for other small universities guys,and to be honest in IIT you can get admission with that caste system i talked above.
Gray Jack
OK, clear.
By the way www.uret.in is registered in India. Do you have any issues with abuses?
Jaspreet Singh
I dont knw these guys personally to be honest,different places & people in team are from diff. countries even the admins are from india but they live in diff. countries.
It's a reverse engineering team,to be honest i respect teams like Core,lz0,arteam,at4re,SnD and many rce teams many talented guys in different countries living simple life.
Gray Jack
So you have no connection at all? Are you working as a separate crackers or some releases are made in cooperation of several crackers?
Jaspreet Singh
Nope the cracks or patches i release are cracked by me only though i release it on behalf of team URET,they provided me platform but i had platform before as blog as well.
Gray Jack
It's interesting, so there is no team chemistry inside — just a general platform.
Jaspreet Singh
We knw many guys we talk with them ,there is chemistry but everybody is anonymous though country is known.
Gray Jack
Except of you ;-)
Jaspreet Singh
I am still anonymous nobody knows where i live in india & how i look ;-)
Gray Jack
Taking into account 1 bln people in India — yeah, it makes sense ;-)
Jaspreet Singh
Yea so many people
Gray Jack
OK, so how did you come to URET and why URET?
Jaspreet Singh
D0nt knw it was random,i was on SnD team forum and then heard about team irec which expands indian reverse engi. Club so INDIAN guys so wanted to talk to them, then i got to knw about it and i got offer from Phoenix (Admin) to join and then joined it.
Gray Jack
OK, clear.
What do you think about progress in Android OS and applications for it? Is it harder to crack it now than before?
Jaspreet Singh
Yup
Its not hard i have a way same as google server how they works i can make them work even whatever the protection is used what it need is xposed,i guess it is so easy since xposed came in no modification required.
Gray Jack
But for newer version of Android Xposed is not released yet, correct?
Jaspreet Singh
Its released for android 8 ,2 weeks back
In beta
Gray Jack
OK.
Let's talk about URET Patcher. Is it only your idea and product or somebody else from your team involved? I know chelpa helped you also, correct?
Jaspreet Singh
It's my idea and i only single handedly worked on it but bro chelpa helped me & i used to give some info to bro chelpa like support for android 8 i fixed it first n told bro chelpa couple of new stuff in android 8 then LP, as you knw dalvik patch n code patch are basically a odex type patch in LP invented by bro chelpa.
Bro chelpa helped me in dalvik patch and with lollipop instruction patch/CRC fix else before patch was gone on every reboot for some firmwares on lollipop
Chelpa is master.
Gray Jack
But ART replaced Dalvik in newer Android.
Jaspreet Singh
Yeah i knw but art patch is simple whereas dalvik needs more fixes,its not like you replaced or added bytes and patch done like in windows ,in android even a single byte change makes file corrupt then you need to patch md5,sig and crc32,adler32 and make system think the changes are made by android system.
Gray Jack
So moving from Dalvik to ART makes patching more simple?
Jaspreet Singh
Not simple but tricky but it took me less steps to patch then dalvik,it required couple of more steps n algos to patch, its tricky cus from art u need to detect cpu and 32/64bit and then check system location n then start the work,on dalvik was simple but fixes required more steps fixing timestamp native C time n other dalvik fixes it loops more.
From android 6 loops are less ,android 8 had more loops the way i patch
Gray Jack
I know you have released a lot of standalone patches, then it moves to «all-in-one» URET Patcher and now it looks like you are trying to build a general approach — without generating cracks for single applications? Is it true?
Jaspreet Singh
Yea its already done,its called emulation, license & billing emulation is general simple approach works like google servers but offline,so if app doesnot have online authorization billing n license will work offline lifetime.
Online cant be patched,i do had online check idea to patch but i did not implemented yet n it will be beast then it will be hard for devs to save cus i will make offline server authorization if everything went as plan but god knows.
Gray Jack
And what is difference from Lucky Patcher, Freedom and everything else that «emulates» Google respond on license?
Jaspreet Singh
Freedom n LP has same approach for emulation,UP emulation is clone of google server send legit stuff not random stuff everything is properly calculated with proper algos and it totally bypass libs of google inside the app with its own.
Gray Jack
You told about online check bypassing. So you have future plans in this field? I am asking because last update of URET Patcher was in 31/Oct/2017. As for another your product — Uret Android Reverser Toolkit — last update was in 20/Jun/2017. After that we can see mainly Windows software cracks from you. So somebody starts talking you are tired with Android moving to Windows.
Jaspreet Singh
Nope windows patches was due to someone close asked only 2 patches done for windows
Gray Jack
So — briefly — what are future plans for URET Patcher?
Jaspreet Singh
Uret patcher needs ideas n stuff to be added in todo list then i need 4 or 5 days break totally off cus when i update UP it's last 5 days includes working 16 or 18 hours of work on it with testing on each n every build of android on emulators with all the possible inputs if it works perfect or issues
Right now i am waiting for android 8 on my device then i will work though i have fixed code n dalvik patch on android 8 with some user help who tested on his android 8 but when u have your own you can test as much u can
Right now fixes are in my mind n some couple of features excluding patching and then updating custom patches for some apps n then online stuff working
Gray Jack
I can bet your device is OnePlus 5 device ))))))
Looks like very dedicated work. I hope that someone will recognize it providing a good job for you!
Jaspreet Singh
Nope i have galaxy s7
Old device from someone
Gray Jack
Damn, I've lost my bet!
Jaspreet Singh
Haha yup you do
Jaspreet Singh
Now s9 is coming someone will sell s8 i will sell s7 n buy s8 it makes me to get update for latest android as samsung provide android 2 major updates
This is how i get to know on android 7 on samsung devices UP n LP used to makes device reboot
When i get s7 this is what i tested many people emailed me
Then someone tested for me and then i fixed n let chelpa know knox was issue which made laumching UP n LP reboot knox smasung devices n which is fixed now
Gray Jack
Personally I wished to buy new Huawei with latest Kirin — but now waiting for Snapdragon 845 this year. Till then — I have a pain-in-ass Galasy S3 ))))
And yes — sometime vendor-specific protection causes problems.
Knox is just an example, LG has it's own etc.
Jaspreet Singh
Well i prefer samsung devices for testing as it has many issues and used different approach and is in more quantity in the world so it should work on android OS released on samsung devices,PS i like SAMSUNG ;-)
Gray Jack
OK, I see.
I am pretty sure more questions to you can arise from everybody who will visit and discuss tis interview at Habrahabr. Can I combine them and ask you later after this interview will be published?
Jaspreet Singh
No problem feel free to ask
Bye see yeah!
Hi, Jasi! Habrahabr readers if you don’t mind.
Jaspreet singh
Yes ask go ahead
Gray jack
We are talking about your identity? By the way. It becomes paranoid - but not you. Why?
Jaspreet singh
I dont care if I’m liking
Gray jack
So nobody you The laws in India looks very tolerant! ))))
Jaspreet singh
I dont break the rules for games / learning.
I’m not patched by the patcher since I’m in the 2016 Do you need to click on it? Do you need to click on it? unless user wants it to be. It is up to you to know how to do it. you see it from me since 2016? It’s a little bit different. did.
It is better to make it easier to make it.
Gray jack
Could you tell us a little about you. It was a URET (United Reverse Engineering Team) crackers team.
Jaspreet singh
Yup ouk lemme tell you some of the infos
Yea thats true i am india and there i didn’t get
Gray jack
SAT exam? What is it?
Jaspreet singh
Exam for graduation to study in USA
Anyway when i bought the first android phone galaxy y 2011 it came in 4th qut. I was in 12th class / class == major in US.
Audio video player
I downloaded poweamp thats the start
I stopped it after badly.
I’m not a badass player, but I’m not able to go go.
(Now i have many apps purchased and have 2 diff. License for poweramp as well ;-)
Gray jack
So you built your own casino - with black jack and whores? )))))
Jaspreet singh
Not yet bro still start
I’ve been searching for the music player version of the video player now I’ve seen the patches of the music player.
If you’re hahah
I’m looking at what I’ve seen.
It was very complicated
It is a tool to analyze the app statically.
I’ve been able to give you a little bit of help.
So thats how it was started he told me to look for original app and patched poweramp and couple of apps he patched and told me what he did.
That was hit/run type of patching and then i started learning language from internet java and visual basic all learnt from net made me clear now when it was start of 2014 i was good in developing & understanding the algos ,then i started making windows apps patches,loaders and there was time on URET i released a single byte patch for winchm and one guy named jaspreet singh came & said its lame it should be keygenned then i started making keygens. Thats a diff. Story
Then i started making keygens thats how it came mostly Dot Net, few native.
It was time devs used to message me its his app so i never release updates for that app,my blog was removed by google due to so many dmca that's why i made wordpress
Gray Jack
Have you studied IT (I mean college, university etc) or it's just a hobby?
Jaspreet Singh
Yes i took Bachelor in IT in college i am done with graduation now.
Gray Jack
Why? You don't want to get higher degree?
Jaspreet Singh
Nope its enough, degree are just a formality here ,in india to be honest skills have no value,they need numbers to get jobs n there is caste system so even if low caste guy get 30/100 he is passed & general category guys gets 70/100 he is failed,bad stuff.
Gray Jack
Yeah, look ridiculous.
It looks like a lot of time is spent for your cracking activity: lot of posts at jasi2169.wordpress.com, activity at 4pda forum, activity at uret.in — by the way your moderator there. Do you have a free time for private life at all?
Jaspreet Singh
I got job in multinational company named wipro i gave 2 interviews for ibm n wipro then i was selected in wipro but they wanted me to have masters for 4 years which was in their bond they were paying but i never wanted to study anymore
Google also removed blog www.jasi2169.blogspot.com which had everyday 2 or 3 cracks,patches either for windows or android released, i was so inside cracking and then due to so many dmcas google removed that blog so i made wordpress and i dont add that much cracks neither i do now a days.
So at this time i have no job and never tried either cus they bound you to do what you dont like and i made one app and added on play store it pays me around 6k indian rupees per month close to 100$ per month its not that much but enough for me as i am single & i live with mom n dad.
Now i do spend time ,before i was busy though,i only glance couple of forums only but not do that much,i just glance whats new n what are issues people getting in URET Patcher or Uret Android Reverser Toolkit 'thats all,since 2017 start i do have time but not that much for RCE.
Gray Jack
$100 per month is enough for single guy in India?
Jaspreet Singh
Its enough to be honest if you are single and you live with your parents,cus dad was in army so he gets pension and its enough to live,maybe it wont be enough when i be married ;-) though i see money is important nowdays but god knows whats written living life with the way it's going.
Gray Jack
So cracking for you was just a hobby and fun. Did some of developers of the programs you have cracked contact you trying to propose a good job? ;)
Jaspreet Singh
Nope no one did ,there was time i told mini militia devs to fix couple of simple loopholes if they can pay but they were not interested
Now in night i design website in freetime of someone pays kind of freelancing
In morning i am sleeping :-D mind works great in night.
Gray Jack
And do you have any future plans?
Jaspreet Singh
I wish i get some good jobs in google cus it pays good & have better environment atleast mom wont yell at me,private jobs here pay very less and now its easy cuz i live with parents n single but i knw it will be too hard in future and here big companies come in big universities like IIT they come in college and hire them and they dont look for other small universities guys,and to be honest in IIT you can get admission with that caste system i talked above.
Gray Jack
OK, clear.
By the way www.uret.in is registered in India. Do you have any issues with abuses?
Jaspreet Singh
I dont knw these guys personally to be honest,different places & people in team are from diff. countries even the admins are from india but they live in diff. countries.
It's a reverse engineering team,to be honest i respect teams like Core,lz0,arteam,at4re,SnD and many rce teams many talented guys in different countries living simple life.
Gray Jack
So you have no connection at all? Are you working as a separate crackers or some releases are made in cooperation of several crackers?
Jaspreet Singh
Nope the cracks or patches i release are cracked by me only though i release it on behalf of team URET,they provided me platform but i had platform before as blog as well.
Gray Jack
It's interesting, so there is no team chemistry inside — just a general platform.
Jaspreet Singh
We knw many guys we talk with them ,there is chemistry but everybody is anonymous though country is known.
Gray Jack
Except of you ;-)
Jaspreet Singh
I am still anonymous nobody knows where i live in india & how i look ;-)
Gray Jack
Taking into account 1 bln people in India — yeah, it makes sense ;-)
Jaspreet Singh
Yea so many people
Gray Jack
OK, so how did you come to URET and why URET?
Jaspreet Singh
D0nt knw it was random,i was on SnD team forum and then heard about team irec which expands indian reverse engi. Club so INDIAN guys so wanted to talk to them, then i got to knw about it and i got offer from Phoenix (Admin) to join and then joined it.
Gray Jack
OK, clear.
What do you think about progress in Android OS and applications for it? Is it harder to crack it now than before?
Jaspreet Singh
Yup
Its not hard i have a way same as google server how they works i can make them work even whatever the protection is used what it need is xposed,i guess it is so easy since xposed came in no modification required.
Gray Jack
But for newer version of Android Xposed is not released yet, correct?
Jaspreet Singh
Its released for android 8 ,2 weeks back
In beta
Gray Jack
OK.
Let's talk about URET Patcher. Is it only your idea and product or somebody else from your team involved? I know chelpa helped you also, correct?
Jaspreet Singh
It's my idea and i only single handedly worked on it but bro chelpa helped me & i used to give some info to bro chelpa like support for android 8 i fixed it first n told bro chelpa couple of new stuff in android 8 then LP, as you knw dalvik patch n code patch are basically a odex type patch in LP invented by bro chelpa.
Bro chelpa helped me in dalvik patch and with lollipop instruction patch/CRC fix else before patch was gone on every reboot for some firmwares on lollipop
Chelpa is master.
Gray Jack
But ART replaced Dalvik in newer Android.
Jaspreet Singh
Yeah i knw but art patch is simple whereas dalvik needs more fixes,its not like you replaced or added bytes and patch done like in windows ,in android even a single byte change makes file corrupt then you need to patch md5,sig and crc32,adler32 and make system think the changes are made by android system.
Gray Jack
So moving from Dalvik to ART makes patching more simple?
Jaspreet Singh
Not simple but tricky but it took me less steps to patch then dalvik,it required couple of more steps n algos to patch, its tricky cus from art u need to detect cpu and 32/64bit and then check system location n then start the work,on dalvik was simple but fixes required more steps fixing timestamp native C time n other dalvik fixes it loops more.
From android 6 loops are less ,android 8 had more loops the way i patch
Gray Jack
I know you have released a lot of standalone patches, then it moves to «all-in-one» URET Patcher and now it looks like you are trying to build a general approach — without generating cracks for single applications? Is it true?
Jaspreet Singh
Yea its already done,its called emulation, license & billing emulation is general simple approach works like google servers but offline,so if app doesnot have online authorization billing n license will work offline lifetime.
Online cant be patched,i do had online check idea to patch but i did not implemented yet n it will be beast then it will be hard for devs to save cus i will make offline server authorization if everything went as plan but god knows.
Gray Jack
And what is difference from Lucky Patcher, Freedom and everything else that «emulates» Google respond on license?
Jaspreet Singh
Freedom n LP has same approach for emulation,UP emulation is clone of google server send legit stuff not random stuff everything is properly calculated with proper algos and it totally bypass libs of google inside the app with its own.
Gray Jack
You told about online check bypassing. So you have future plans in this field? I am asking because last update of URET Patcher was in 31/Oct/2017. As for another your product — Uret Android Reverser Toolkit — last update was in 20/Jun/2017. After that we can see mainly Windows software cracks from you. So somebody starts talking you are tired with Android moving to Windows.
Jaspreet Singh
Nope windows patches was due to someone close asked only 2 patches done for windows
Gray Jack
So — briefly — what are future plans for URET Patcher?
Jaspreet Singh
Uret patcher needs ideas n stuff to be added in todo list then i need 4 or 5 days break totally off cus when i update UP it's last 5 days includes working 16 or 18 hours of work on it with testing on each n every build of android on emulators with all the possible inputs if it works perfect or issues
Right now i am waiting for android 8 on my device then i will work though i have fixed code n dalvik patch on android 8 with some user help who tested on his android 8 but when u have your own you can test as much u can
Right now fixes are in my mind n some couple of features excluding patching and then updating custom patches for some apps n then online stuff working
Gray Jack
I can bet your device is OnePlus 5 device ))))))
Looks like very dedicated work. I hope that someone will recognize it providing a good job for you!
Jaspreet Singh
Nope i have galaxy s7
Old device from someone
Gray Jack
Damn, I've lost my bet!
Jaspreet Singh
Haha yup you do
Jaspreet Singh
Now s9 is coming someone will sell s8 i will sell s7 n buy s8 it makes me to get update for latest android as samsung provide android 2 major updates
This is how i get to know on android 7 on samsung devices UP n LP used to makes device reboot
When i get s7 this is what i tested many people emailed me
Then someone tested for me and then i fixed n let chelpa know knox was issue which made laumching UP n LP reboot knox smasung devices n which is fixed now
Gray Jack
Personally I wished to buy new Huawei with latest Kirin — but now waiting for Snapdragon 845 this year. Till then — I have a pain-in-ass Galasy S3 ))))
And yes — sometime vendor-specific protection causes problems.
Knox is just an example, LG has it's own etc.
Jaspreet Singh
Well i prefer samsung devices for testing as it has many issues and used different approach and is in more quantity in the world so it should work on android OS released on samsung devices,PS i like SAMSUNG ;-)
Gray Jack
OK, I see.
I am pretty sure more questions to you can arise from everybody who will visit and discuss tis interview at Habrahabr. Can I combine them and ask you later after this interview will be published?
Jaspreet Singh
No problem feel free to ask
Bye see yeah!
Source: https://habr.com/ru/post/347680/
All Articles