Hey all!
I'm looking to download an app that isn't available in my region. I've found it online but I want to make sure it hasn't been injected or tampered with. How do I accomplish this?
Printable View
Hey all!
I'm looking to download an app that isn't available in my region. I've found it online but I want to make sure it hasn't been injected or tampered with. How do I accomplish this?
For out of region/beta/old version/non-Playstore countries use APKMirror. If they don't have it then its probably a dodgy site that does.
I appreciate your suggestion but I'm wondering if I could check for myself. Or is there a way I can trick the Play Store into thinking I'm in the required country?
You could get the hash of the file and compare it to what's on APKMirror for that app, version and variant, if the APK you have has been uploaded there already (in which case, why not just get it from there). Otherwise, if it's an update to an app you have installed already, only an app signed with the same signature as the previous version can install, so if it installs successfully you've got the genuine article. As for checking which country you're in a VPN might work, but I haven't needed to try it.
Which app is it, if I may ask?
Try not to judge me too hard haha. https://play.google.com/store/apps/d...arksoulscamera
My friends and I are huge Dark Souls fans and I thought this would be fun to fool around with. Unfortunately a VPN won't fool the Play Store.
That app appears to be region restricted to Asia. I can't search for it directly from my region. What I'd do is download from a source that lists the hash, APKPure has this file. Then upload the APK to https://apkscan.nviso.be/ or if you want to use an app :HashDroid, and see if the hash checks out.
The other way is to use a VPN, switch to Japan, then use an APK downloader like Yalp (found in F-droid) and get the file directly from the Playstore. then you don't have worry about if the hash matches.
Thanks. I got it from APKPure. Gonna hope it's not infected.
Also virustotal app (google company) is a good way to check if app is known evil.
https://www.virustotal.com/de/docume...-applications/
Or even check by upload BEFORE install:
https://www.virustotal.com
If I think about it's quite funny to circumvent Google store and then let an Google app scan this app then for legitimacy :D - but hey I guess it works.
EDIT: NM I goofed it up. I was mistakenly comparing the hash of a previous version (extracted from my phone) with a new version (downloaded from APKmirror). I rechecked and the previous version available on APKmirror also matches the extracted version on my phone.
I'm experimenting with this also. I wanted to confirm if an APK downloaded from APKmirror has the same Hashs as a file installed from Google Play, but then extracted using a tool like APK Extractor Lite or Lucky Patcher
I tried both apps, and while both show the same results for their hashs when I check them on my laptop, neither match the same file downloaded from APK Mirror.
Can you explain how its supposed to work? I would have thought they should be the same.
Thanks