Android cracking experiences-seven months of study: Large android security open classes and seven months of Android

Android cracking experiences-seven months of study: Large android security open classes and seven months of Android

 

The first lesson explains how to configure and use the software in the environment for Android cracking. The important software is Androidkiller and Android reverse assistant.

The second lesson explains the relationship between java and smali, and analyzes a simple HelloWorld apk from the perspective of smail.

Lesson 3 explains the second attack

For some cracked websites, after being downloaded from their websites and opened on their mobile phones, there will be a prompt, which requires us to install their app client to implement the cracking, the second cracking can bypass this verification to enter the game

Install the box, remove the toast prompt, and remove the background image.

The apk of the installation box is placed in the asset folder. When you install the game (the cracked version downloaded from the website), the apk of the box will be released on the sdcard, enter the game through context. getPackage. getPackageInfo, the system prompts you to install the SDK. If you do not install the SDK, you do not need to enter the game interface. After installing the SDK, you need to release the apk In the SDK.

Lesson 4

The application class is loaded in advance than the entry class.

Asset resource folders are often used to store hidden things.

Encryption using other apps

Jar is opened using jd of Android reverse assistant. If it cannot be opened, it may be called using jar or encrypted.

After opening the file directory of an apk, you can change its extension to apk for decompilation.

It can be found that toast is actually in it. After we modify it directly, re-compile it. Then, if we change the apk we re-compile to jar and put it into the previous apk again, an error is very likely. Why? Because there may be signature verification for this jar in the original apk, let's Replace the idea and put the classdex In The Back apk into the previous jar, and then put it in the original apk.

The key points of cracking should be grasped and the method with less modification should be adopted, so that it is not prone to errors.

Remove banner ads

You can directly Delete the corresponding activity in AndroidManiFest and search for the string to delete duoyou)

Deleting an activity is just a simple removal. In fact, banners are still displayed in the app and need to be completely deleted. One of the two methods is to remove the call to the ad display method from the upper layer, the second method is to clear the ad display method. Remember to return the result (search for the content in the banner to locate the display method)

 

However, most advertisements are full-screen advertisements and cannot achieve our goal through the above method, because full-screen advertisements are actually an ImageView and dynamically generated layout in the activity file, when it comes to dynamic layout changes, we have to find key statements in the smail code to achieve our goal.

Three inner-order cracking points

Listener type listener

Key judgment function onBillingfinish payresult

The specific failed function is successfully canceled.

Too many branches, not suitable for jump, you can directly modify the value

Move p1, p2 assign the p2 value to p1