Google in-app billing exploit allowed all-you-can-eat consumable content for free


templerun2 purchase

An interesting exploit has recently been revealed by a developer who was tinkering around inside Google’s in-app billing libraries. Developer Dominik Schürmann discovered a method that would let people hijack the in-app billing method in such a way that would give them access to an app’s consumables without having to pay a dime.

By consumables, I’m referring to items like coins in Temple Run or power-ups in Candy Crush — stuff that you can buy over and over again. As you can see in the image above, Dominik was successfully able to purchase an extreme amount of gems and coins in Temple Run 2, items that would normally cost hundreds of dollars to get in this amount.


According to Dominik, the exploit affects “all Google Play Billing Library v3 versions before Oct, 8 distributed via Android SDK and marketbilling on Googlecode.” That means Google was able to patch this thing up before word got out, but not without a tad bit of controversy.

According to him, Google chose not to credit him for the discovery, and sent emails to developers with information about the exploit (along with instructions to use recently updated sample code that addresses the exploit):

If you previously used the In-app billing sample code to build your in-app billing system, please use the recently-updated sample code as it addresses an exploitable flaw we recently discovered (note that this only affects the helper sample code; the core system and in-app billing service itself was not affected).

Disputes about proper attribution aside, I think everyone is still thankful that this has been patched up, and that no one will be able to leech free consumables from developers (as long as said developers make quick work of updating their code to the latest available sample). Those folks have to make money too, you know.

If you’re interested in the nitty gritty details (including ready-to-compile code and instructions on how to test this exploit) you can find them at Dominik’s blog. We just beg that you don’t use whatever you happen to find for evil.

[via Google+]

Quentyn Kennemer
The "Google Phone" sounded too awesome to pass up, so I bought a G1. The rest is history. And yes, I know my name isn't Wilson.

Verizon HTC One’s Android 4.3 update delayed by a month

Previous article

KitKat posts “magical” Android animation video on YouTube; “one to enjoy whilst you’re waiting”

Next article

You may also like


  1. You can just download a modified apk or save data for just about any game that gives you everything you need.

    1. Generally have to be rooted or risk malware though, but yea, pirating is easy. Though if you truly enjoy the game, give teh developers some incentive (money) to developer more games or continue to support the one you enjoy.

      1. It’s people who say it’s okay to pirate (which is essentially what you’re saying – if you don’t like the game that much, just pirate it!) that make iOS games always happen before android.

        1. lol yeah because no one pirates games on IOS lol

        2. Lol, oh the anti pirating high and mighty. Yes, iOS user can and do pirate. It’s a benefit of jail breaking.

          I support what Alen said. If you enjoy the game, buy it. Can’t tell you how many times I couldn’t get a free version of a game to try. 15 min is not enough time to decide if a game is really worth the money.

          I’d say I’ve gone back and paid for a third of pirated games. The rest were uninstalled because they didn’t hold my interest.

          So note to developers out their, take a little extra time to let people try a game before buying. Most console games afford that luxury.

          1. Yeah the 15 min limit sucked. Google used to have a 24 hour period but all the developers of tiny little games that you could finish in a day complained. I don’t even download such games for free-not worth my time.

        3. I never said nor implied pirating was ok. Where did you get that? I said, simply, if you enjoy a freemium game, give the developers a buck or two to incentivize them, nothing more nothing less. Pirating is not good anywhere, but since we are talking about games given away for free with optional, (OPTIONAL) inap purchases. Hard to pirate something that is given away free there fella.

  2. I work for a software company and we never report who discovered any of our bugs. What does he expect? His picture on Google’s web site? Does he think he is the only person to find this bug? Really? Get a life!

    1. Maybe he wants attribution for his work. The same goes for bugs in Chrome, Windows, where everyone gets credited for finding bugs.

      1. attrition?

        1. Attribution*

          Damn Google Chrome autocorrect.

    2. I understand what you’re saying, but I hope you at least take the time to thank the person for giving you a heads up. Your comment make you sound like a d!ck.

      1. The other point you missed was that he may not have been the first person to find the bug. He is assuming he is. Google may have already been aware of the issue and working on a fix.

  3. There’s already a completely different method for doing this that appears to have gone unchecked for a while now.

  4. What’s the difference between this and freedom?

    1. You can’t in-app purchase freedom?

  5. I dont think im going to shed a tear over pay to win games that attempt to leech every dime out of us with every click that get ripped off. oh well

    1. Then don’t download them!

  6. Developers should feel shameful for even having a $100 option. LoL!!

Leave a reply

Your email address will not be published. Required fields are marked *

More in Apps