Getting signature hash for spoofing #1038

AndnixSH · 2024-04-07T20:35:49Z

AndnixSH
Apr 7, 2024

How does developer get a signature hash for "spoofedPackageSignature", for example, Youtube's signature hash 24bb24c05e47e0aefa68a58a766179d9b613a600? I tried to get hash from youtube APK via apksigner.jar but there was no matching hash

Reference: https://github.com/ReVanced/revanced-patches/blob/main/src/main/kotlin/app/revanced/patches/youtube/misc/gms/GmsCoreSupportResourcePatch.kt

Answered by oSumAtrIX

Apr 10, 2024

It's the SHA-1 signature you can get with key tool from a JDK, It's also displayed online on APKMirror for example.

View full answer

oSumAtrIX · 2024-04-10T02:55:48Z

oSumAtrIX
Apr 10, 2024
Maintainer

It's the SHA-1 signature you can get with key tool from a JDK, It's also displayed online on APKMirror for example.

1 reply

AndnixSH Apr 10, 2024
Author

Oh, I didn't know it is displayed on APKMirror. Nevermind, I use the latest version of apksigner.jar and it does shown SHA1 correctly now. I can't use keytool if the APK didn't have RSA file

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

ReVanced

Getting signature hash for spoofing #1038

{{title}}

{{editor}}'s edit

{{editor}}'s edit

Replies: 1 comment 1 reply

{{title}}

{{title}}

Select a reply

ReVanced

Getting signature hash for spoofing #1038

AndnixSH Apr 7, 2024

Replies: 1 comment · 1 reply

oSumAtrIX Apr 10, 2024 Maintainer

AndnixSH Apr 10, 2024 Author

AndnixSH
Apr 7, 2024

Replies: 1 comment 1 reply

oSumAtrIX
Apr 10, 2024
Maintainer

AndnixSH Apr 10, 2024
Author