An Android Malicious lock screen Program analysis

An Android Malicious lock screen Program analysis

"Article title": An Android Malicious lock screen Program analysis
"article author": Ericky
"Author blog": http://blog.csdn.net/hk9259
"": Download not available due to malicious program
"Protection method": None
"Author statement": My level is limited, if there are deficiencies in the wrong place please correct me

0x1 Software Interface:

0x2 analysis

After the anti-compilation apk class file directory is as follows:

Enter the lockactivity to locate the following places:

The red part of the figure is resetting your phone's power-on password.
MSPMM is the password that is set.
The JB decryption function is as follows:

 public  static  string descrption (String paramstring, int  paramint) {        String str  = ;        string[] arrayofstring = paramstring.split ( "2" ); for         (int  i = 1 ;; i++) {if  (i >= arrayofstring.length) retur          n  str ; str  = str  + (char        ) Integer.parseint (Arrayofstring[i], paramint); }      }

To know the real password is:

To complete the unlock.
0x3 Summary
Overall, this program is relatively simple, if you want to strengthen, you should set up n branches, according to the user's behavior (in this case, according to the user selected options) to set different passwords, this can increase the difficulty of static analysis. But then again, this can only pit small white type, in fact, as long as the computer, clear the phone unlock password is very simple thing.
by Erikcy
2015.7.14

Copyright NOTICE: This article for Bo Master original article, without Bo Master permission not reproduced.

An Android Malicious lock screen Program analysis