My google billing hack

Andreas · August 25, 2025, 11:31am

Add Details about what you want to discuss..

Block Images(if Any)

AIA OR APK(if Any)

hacked by lucky pacher or somethingsame, not firebase but bypass billing, what sould ii do with this,for strong securty billing for callback from google,not lokal calbbak like this block if user succes pay then do something

BharatTech · August 25, 2025, 12:17pm

make sure what is hacked…billing or firebase

Andreas · August 25, 2025, 1:42pm

bypass billing

BharatTech · August 25, 2025, 4:23pm

How did you know about hacking? & What is inside levelup?

Andreas · August 25, 2025, 8:52pm

from console no one purchesed , but user get vip

abhijith · August 25, 2025, 10:49pm

Well you’re just doing client side validation which is basically in your app, What you should be doing is looking into server side play purchase validation and update the database server side.

Whatever you do in your app is client sided and a knowledgeable user can “hack” it.

Apps like LuckyPatcher can trigger Purchase Successful events but most apps nowadays make sure the purchase is legit server side.

BharatTech · August 26, 2025, 4:28am

You should provide vip after verifying play billing purchase token on client side & server side if your firebase db rules are read:true, write:true (open database) then anybody can hack your fbdb.

Andreas · August 26, 2025, 7:41am

can you solve this, with block or else?