Android Reverse Analysis first experience

<span id="Label3"></p>first, the preparation of knowledge<p><p></p></p> <blockquote> 1. Understand Java Android Development. <p><p>2. Understand ndk, C-language Android dynamic Link library. So Developed.</p></p> <p><p>3. Understand Android Anti-compilation Smali Syntax.</p></p> <p><p>4. Understand the ADB and jdb and other tools Used.</p></p> <p><p>5. Understand IDA Debugging (remote dynamic Debug apk and local static Debug. so File)</p></p> <p><p>6. Understand arm assembler syntax (because The mobile device chip is arm architecture, not Intel chip, not x86 assembly, is arm assembler).</p></p> <p><p>7. Understand the package unpacking process of APK.</p></p> <p><p>8. Other tools to use (change, Apk killer,android simulator) and so On.</p></p> <p><p>9. Understand file format similar to PE format, for example: ELF, and Android file format and so On.</p></p> <p><p></p></p> <p><p>The above are the basic conditions of Android reverse, want to learn the children's shoes, can follow the above learning, you can also find yourself!</p></p> </blockquote><p><p></p></p> <blockquote> <blockquote> <p>The above content where not only to supplement their knowledge, too much, can not finish!!!</p> </blockquote> </blockquote>second, the introduction of reverse analysis because we are introductory analysis, so the above preparation knowledge, first understand some on the line, do not need to understand, knowledge is slowly accumulated, slowly learn!!! 1) First Look at our apk Demo (no packers).<p align="center"><p align="center"></p></p>2) Random input Prompt error, We can unzip this apk look.<p><p></p></p><p align="left"><p align="left">right mouse button decompression to .... you do not need to modify the suffix Name.</p></p><p align="left"><p align="left"></p></p><p align="left"><p align="left">Extract it Out is this look, this is the Android file directory, specific each folder is what the role can be found on its own, see no lib similar directory description No. So such a dynamic link library, then this software is relatively easy to reverse analysis, because it is Smali and Java code is relatively easy to read.</p></p>3) Open the APK with a change of Reason.<p><p></p></p><p><p>Open as Shown.</p></p><p><p></p></p>4) Find the key place.<p align="left"><p align="left">such as searching for a string to hack the Apk.</p></p><p><p></p></p><p><p></p></p>5) Continue searching for keywords<p><p>Because this is an XML format text, successed corresponding to congratulate you, so there may be a breach, so continue to search Successed.</p></p><p><p></p></p><p><p>Find an id, because this is how the Android program is allocated, so we look for the value of the ID that is 0X7F05000C.</p></p><p><p></p></p><p><p>Find a const v1, 0x7f05000c this is Smali syntax, and the assembly is similar, is to put 0x7f05000c into the V1 register inside, so v1 to congratulate you this sentence.</p></p>6) the same method, look for unsuccessed, make annotations as Well.<p><p></p></p>7) after you find it, use the # comment for easy viewing.<p><p>If the If-nez by name can know what he means if v0 this register is not equal to 0 jump. Jump to cond_0 this position, just to congratulate your position, so we let this jump to achieve it, the method is Many. We can also combine the source code Analysis.</p></p><p><p>Click the button (for example).</p></p><p><p></p></p><p><p>will appear source code, can be combined Analysis.</p></p><p><p></p></p>8) Code Modification.<p><p></p></p><p><p>Just change the If-nez to If-eqz.</p></p>9) then compile, install and Execute.<p><p></p></p><p><p></p></p><p><p>Display has been registered, successfully cracked.</p></p><p><p></p></p>Iii. Summary<p><p>Android Reverse Analysis Get started, This is relatively simple, easy to Learn.</p></p><p><p>Because there is no shell. So easy to analyze, suitable for getting started.</p></p><p><p>Get started: Learn to Smali grammar first, Learn to change the use of the rationale, it is best to write Android Program.</p></p><p><p></p></p><p><p>Android Reverse Analysis first experience</p></p></span>