Share: Android uses the machine code registration mechanism to prevent cracking

This problem occurs recently when an android application is used. The customer requires that the function be registered before it can be used, and the program itself is not used online. Therefore, the machine code registration mechanism should be added to the program.

It is well known that android applications are developed based on Java. If no processing is performed, you can directly decompile the APK to see the source code algorithm. It is no longer difficult to crack it.

There is little valuable online content about Android anti-cracking. I have collected some fragmented information and summarized the following methods to prevent attacks:

1. code obfuscation. 2.3 Android SDK supports directly generating APK. Obfuscation can increase the difficulty of decompilation and cracking, but obfuscation alone cannot solve the problem. For experienced users, it is not difficult to find the registration check code in the obfuscation code for brute force cracking.

2. signature comparison. The APK can be processed using the signature. However, the APK signature cannot prevent decompilation, but the same signature cannot be used after decompilation. Although you can compare the signature in the Code, the comparison Code may also be modified. Therefore, the signature has little effect.

3. Online registration. After the program starts, it automatically connects to the server for registration verification and puts some core functions on the server. This method is the most secure, but it is not suitable for standalone programs. You cannot require users to log on to the server in a Notepad program.

4. DEX or class dynamic loading. This method has a good theory. It makes a small part of the core algorithm into a DEX or class file, encrypts it as a resource file, decrypts it after registration, and loads it into the memory. However, this method is very difficult to implement. I don't seem to have found any article on the Internet, and the code maintenance cost is high after implementation. In addition, if the program is fully decompiled for debugging, the decrypted DEX or class file can still be exported from the breakpoint.

5. Use the ndk (or JNI) Local C/C ++ dynamic library. This is a good solution for standalone applications. It is difficult to debug and crack native C/C ++ programs compiled by ndk, and the code maintenance is also convenient.

To increase the difficulty of cracking, there are other things to note: key content or algorithms can be encrypted; detection algorithms can be broken down into fragments for multiple calls; in addition, the registration of sensitive strings (such as "registration failed" messages) will not appear in plain text, and so on.

My final registration mechanism scheme is: code obfuscation + ndk library + content encryption. Simple Description:

1. obfuscation of all Java code. The program I wrote earlier was android2.2, which does not support direct obfuscation. Later I downloaded the latest SDK and set the SDK version number target to 13 in default. add proguard in properties. CFG, right-click the project and choose tools to export the signed APK to complete the obfuscation and packaging process.

2. Use the ndk C language to generate the machine code, detect the registration code, and decrypt the content. In the Java interface, only machine code display, registration code input, and the encryption and decryption interface are called. The core machine code registration code encryption and decryption are all completed in the C program. The machine code should be combined with the hardware ID. Note that the MAC address of wifi cannot be used directly, because the MAC address of wifi is easy to be modified. It is best to use the CPU serial number, if not, consider using the device id imei or usb mac code, but it is best not to get it in Java code, but in jni c code to avoid tampering after decompilation. The generation process will not be detailed here. I will try again later.

3. encrypt and decrypt some resource files. When running the program, you must use the resource files in the file system to run the program. Therefore, I encrypt these files on the PC in advance and put the decryption key in the registration code. Generates a registration code based on the machine code. When the generator's registration code is used, the decryption key is added. Since the decrypted key is included in the registration code, even if the hacker bypasses registration detection, the file cannot be decrypted. Only one registration code can be obtained for decryption. Because the registration code detection and decryption process is completed in the ndk program, even if there is a registration code, it is difficult to obtain the decryption key and algorithm.

Of course, the prevention of cracking is relative. There are no programs that cannot be cracked at all, but it is better to directly register the program to make the cracking difficult and costly. Conversely, if your program itself has no value or few people will use it, it is basically not necessary to defend against cracking.