July 2015 Android Taipei - Anti-Decompiler by SUKI
-
Upload
huang-ssu-chi -
Category
Software
-
view
872 -
download
3
Transcript of July 2015 Android Taipei - Anti-Decompiler by SUKI
反 逆 向 工 程A n t i - D e c o m p i l e r
黃 思 齊 Suki Huang H O L I E S T A R S T U D I O
VoiceTube – Android Engineer
NUTC – Information Management
Gogolook – Android Intern
Microsoft Student Partner
[ _____________ ] 專業版 去廣告破解下載
[ _____________ ] 無廣告 金錢道具無限破解版下載
從前從前有支 APP 進入大陸地區後
出現了各種變形版本
盜版充斥
Manifest 修改權限抽換廣告
無廣告版本 公開原始碼
Server API 安全性
你的 APK 安全嗎 ?
敏感資料
程式碼廣告 ID
分析平台 ID
Server API 接口驗證碼
基礎保護混淆 (Proguard)
底層 (NDK)
加密服務
基礎保護
基礎保護
Package Name
權限偵錯模式
模擬器
混淆P r o g u a r d
public class MyClass { private boolean isRain=false; private int typhoonLevel=5; private int priceVegetable=10;
private String getAction(){ if(isRain && typhoonLevel>=5){ priceVegetable++; String action="Go white water rafting"; return action; } }}
Before Proguard
After Proguard
public class a { private boolean a=false; private int b=5; private int c=10;
private String a(){ if(a && b>=5){ c++; String d="Go white water rafting"; return d; } }}
Proguard
Class Name
Method
Variables
buildTypes {
release { //minifyEnabled false minifyEnabled true proguardFiles getDefaultProguardFile
('proguard-android.txt'),'proguard-rules.pro' }
}
優 化混 淆壓 縮
P r o g u a r d
C r a s h
try { //May throw exceptions} catch (Exception e) { //Report crash info to ……}
底層(Native Development Kit, NDK)
After Proguard
public class a { private boolean a=false; private int b=5; private int c=10;
private String a(){ if(a && b>=5){ c++; String d="Go white water rafting"; return d; } }}
Android NDK
The Android NDK is a toolset that lets you implement
parts of your app using native-code languages such as C
and C++. For certain types of apps, this can help you
reuse existing code libraries written in those
languages.
public class MyActivity extends Activity { /** * Native method implemented in C/C++ */ public native void computeFoo();}
NDKNormal
public class NativeMethod { static { System.loadLibrary("HelloWorld"); } public native static String getkey();}
JNIEXPORT jstring Java_com_test_constants_NativeMethod_getKey(JNIEnv* env,jobject obj) { return env->NewStringUTF("ABCD");}
com.test.constants.NativeMethod.java
HelloWorld.cpp
Ke y S t o r e
if(isKeyStorePassed(context)){ return env->NewStringUTF("ABCD");}else{ return env->NewStringUTF("-----")}
Java_com_test_constants_NativeMthod_getKey
ABCD
ASCII Code
A n d r o i d T a i p e i
65 110 100 114 111 105 100 84 97 105 112 101 105
66 111 101 115 112 106 101 85 98 106 113 102 106
B o e s p j e U b j q f j
Java_com_test_constants_NativeMthod_getKey
com.test.constants.NativeMethod.java
public class NativeMethod { static { System.loadLibrary("HelloWorld"); } public native static String getKey();
}
Java_com_test_constants_NativeMthod_a_____
com.test.constants.NativeMethod.java
public class NativMethod { static { System.loadLibrary("HelloWorld"); } public native static String a(); public static String getKey(){ return a(); }}
Java_com_test_constants_NativeMthod_a_____
Java_com_test_constants_NativeMthod_b_____
Java_com_test_constants_NativeMthod_c_____
Java_com_test_constants_NativeMthod_d_____
Java_com_test_constants_NativeMthod_e____
After Proguard
public class a { private boolean a=false; private int b=5; private int c=10;
private String a(){ if(a && b>=5){ c++; String d=NativeMethod.a(); return d; } }}
加密服務
Core
Apk
Shell
沒 有 絕 對 防 禦
只 有 增 加 破 解 成 本
Thanks for your attention
反 逆 向 工 程