Skip to main content
The Cookie menu provides two root-powered tools for managing Roblox account cookies directly on your device. You can inject a .ROBLOSECURITY cookie into one or all Roblox packages to log in instantly, or export every package’s active cookie to a file for backup or bulk use.
Both items in this menu require root access. If root is not granted, the client shows an error and asks you to grant root and retry.

Login via Cookie

Injects a .ROBLOSECURITY cookie into one or all Roblox packages, then relaunches them already logged in.

Save Cookie

Extracts and verifies cookies from every detected package and exports them to a file in your Downloads folder.

At least one Roblox package must be installed and detected on your device. If none are found, install and open Roblox first, then retry.
1

Pick a target package

Choose a single detected Roblox package to inject into, or select All Packages (cookies.txt) for bulk injection across all packages at once.
2

Provide the cookie(s)

Paste your .ROBLOSECURITY cookie directly into the prompt. The client validates the cookie format before proceeding — malformed cookies are rejected immediately.
3

Verify and inject

Each cookie is verified against the Roblox API before injection. Invalid cookies are rejected with an error message — only verified cookies are written to their target packages.
4

Relaunch packages

All targeted packages are killed and re-launched already logged in to the injected accounts. In bulk mode, relaunches are staggered by 2 seconds per package to avoid conflicts.
If Auto Arrange Windows is enabled in your settings, the client rearranges app windows after relaunching.

Save Cookie extracts the active .ROBLOSECURITY cookie from every detected Roblox package on your device, verifies each one against the Roblox API to capture the associated username, and writes the results to:
/storage/emulated/0/Download/saved_cookies.txt
Each line in the output file uses the format:
username:cookie
The Phantom API rejoin method uses saved_cookies.txt as a fallback. If it cannot extract a cookie directly from a package’s database, it reads from this file automatically — so keeping it up to date improves Phantom API reliability.