Skip to content

samyk/crak

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

14 Commits

assets

assets

 
 

configs

configs

 
 

crak-app

crak-app

 
 

README.md

README.md

 
 

crakd

crakd

 
 

Repository files navigation

crak

Crash Royale Attack Kit

CRAK architecture

Installation

  • Install Nox Android emulator
  • Root Nox (System Settings -> Root -> On)
  • Point Android DNS to Proxy's IP (likely the IP of the machine running Nox)
    • On Android, open Settings -> Wi-Fi
    • Click and hold "WiredSSID"
    • Click Modify Network -> Show Advanced Options
    • Change "IP settings" to "Static"
    • Set "DNS 1" to IP of Proxy (eg, 192.168.0.104)
    • Click Save
    • Ensure "WiredSSID" is "Connected", otherwise connect
  • Install Samy's TwistedProxy
git clone https://github.com/samyk/TwistedProxy
cd TwistedProxy/TweetnaclMod
python3 setup.py build_ext -b ../TCP
cd ..
python3 -m pip install -r requirements.txt
cd ..
  • Configure TwistedProxy by adjusting config.json "Hostname" to a CR IP such as "54.201.206.14"
  • Install Samy's DNS spoofer
git clone https://github.com/samyk/usbdriveby
cd usbdriveby
sudo perl -MCPAN -e 'install Net::DNS'
# add *YOUR* local Proxy IP address to /etc/hosts, eg "192.168.0.104"
echo "192.168.0.104 game.clashroyaleapp.com" | sudo tee -a /etc/hosts
cd ..
  • Install xz if you don't already have it
# after downloading through annoying sourceforge links @ https://tukaani.org/xz/
tar -zxvf xz-5.2.4.tar.gz &&
cd xz-5.2.4 &&
./configure &&
make &&
sudo make install
cd ..
wget https://github.com/frida/frida/releases/download/12.2.25/frida-server-12.2.25-android-x86.xz
xz -d frida-server-12.2.25-android-x86.xz
'/Applications/Nox App Player.app/Contents/MacOS/adb' -e push frida-server-12.2.25-android-x86 /data/local/tmp/frida-server
cd ..

Running the Proxy

  • Run the DNS spoofer from Proxy server
    • sudo perl usbdriveby/dns_spoofer.pl
  • Run frida-server on Nox
    • '/Applications/Nox App Player.app/Contents/MacOS/adb' -e shell /data/local/tmp/frida-server -D
  • this may not be necessary, try without first Run reverse SSH tunnel for Frida on Nox to Proxy
    • '/Applications/Nox App Player.app/Contents/MacOS/adb' -e shell
    • Install SSHDroid through app store if ssh isn't available on the Android device
    • ssh -Nnf -R 27042:localhost:27042 remote@192.168.0.104 # adjust 192 IP to Proxy IP
  • Validate Frida is communicating properly
    • frida-ps -U OR frida-ps -H 127.0.0.1 (ensure at least one works)
  • Run TwistedProxy on Mac (which launches Clash Royale with custom key automaticaly)
    • cd TwistedProxy && python3 Main.py -a '/Applications/Nox App Player.app/Contents/MacOS/adb' -v -f -u
  • Run Crak daemon
    • perl crak/crakd -s

Inline Application Modifications

See the configs directory for direct modifications to CR files for additional features, e.g. viewing live opponent elixir in spectator view.

Opponent Elixir

About

Crash Royale Attack Kit

Resources

Readme
Activity

Stars

39 stars

Watchers

6 watching

Forks

5 forks
Report repository

Releases

No releases published

Packages

No packages published

Contributors 3

  •  
  •  
  •  

Languages