Android apk How to harden to prevent being cracked (prevent reverse compilation)

Source: Internet
Author: User

Now the main tool is to contact the SDK, in order to prevent the game pack to be cracked compiled, as well as find the encryption string, I would share the following points:
There are four main ways to implement anti-cracking technology:
1. Code obfuscation (Proguard) technology
2. Signature Alignment Technology
3.NDK. So dynamic Library technology
4. Dynamic Loading Technology
5. Third-party platform encryption and detection vulnerabilities

This article also mentions the relevant knowledge points in the anti-compilation and encryption APK package for Android security.

    • The first: Code obfuscation Technology (Proguard) This technology is mainly for code obfuscation, reducing the readability of the code after the reverse compilation, but the technology can not prevent Shell technology shell (added to the charge, advertising, viruses and other code), and as long as the careful person, still can the code can still reverse analysis of code, So the technology does not solve the problem from the root, but increases the difficulty of cracking.
    • The second type: Signature comparison technology This technology mainly prevents shell technology, but the risk of code reverse analysis still exists. And the technology does not fundamentally solve the problem of Packers, if the cracker will be signed than the code comments off, and then compiled back, the technology has been cracked.
    • Third: NDK. So dynamic Library technology, the implementation of this technology is to put all the important core code in the C file, the use of NDK technology, the core code compiled into a. So dynamic library, and then called by JNI. Although the technology can protect the core code, the risk of being Packers still exists.
    • Fourth: Dynamic loading technology, which is a relatively mature technology in Java, and the technology has not been fully exploited in Android.
    • Fifth: Use of third-party platforms

      The fourth method, the technology can effectively prevent reverse analysis, cracked, shell and other problems, dynamic loading technology is divided into the following steps:

    • The jar package that compiles the core code into a DEX file

    • Encrypt the jar package
    • Decryption using the NDK at the main entrance of the program
    • Then use ClassLoader to dynamically load the jar package
    • The ClassLoader is set to the ClassLoader of the system using reflection technology.

The main advantages are:
? ???? 1. The core code in the jar is encrypted, so the cracker cannot extract the class file, if the encryption key by the cracker to get, it will be another level of security issues.
????? 2. The technology can also effectively prevent the shell technology, the code is dynamically loaded up, the shell of the cracker can not be added to the encrypted jar package, timely cracker injected shell program entrance, shell program because not in the jar package ClassLoader, so also can not be executed, Unless the cracker replaces the ClassLoader jar package, turn off the NDK decryption code. But this installation to the mobile phone, is no longer our application, users will certainly uninstall it.

Therefore, a comprehensive comparison, the fourth dynamic loading technology is the safest, but the efficiency of the problem, I did not do a rigorous test, a rough experiment, the efficiency has not been significantly reduced.

//1.Jar packet encryption encryption decryption file// Public StaticBooleanEnordecryptfile(byte[] paramarrayofbyte, String Sourcefilepath, String Destfilepath,intmode) {File sourcefile =NewFile (Sourcefilepath); File DestFile =NewFile (Destfilepath); CipherOutputStream cout =NULL; FileInputStreaminch=NULL; FileOutputStream out=NULL;if(Sourcefile.exists () && sourcefile.isfile ()) {if(!destfile.getparentfile (). exists ())          {Destfile.getparentfile (). Mkdirs (); }Try{Destfile.createnewfile ();inch=NewFileInputStream (sourcefile); out=NewFileOutputStream (DestFile);//Get key//Init (); Secretkeyspec Secretkeyspec =NewSecretkeyspec (Defpassword,"AES");              Cipher Cipher; cipher = Cipher.getinstance ("AES");              Cipher.init (mode, SECRETKEYSPEC); cout =NewCipherOutputStream ( out, cipher);byte[] Cache =New byte[Cache_size];intNread =0; while((Nread =inch. Read (cache))! =-1) {Cout.write (cache,0, nread);              Cout.flush (); }          }Catch(IOException e) {E.printstacktrace ();return false; }Catch(NoSuchAlgorithmException e) {E.printstacktrace ();return false; }Catch(Nosuchpaddingexception e) {E.printstacktrace ();return false; }Catch(InvalidKeyException e) {E.printstacktrace ();return false; }finally{if(cout! =NULL){Try{Cout.close (); }Catch(IOException e)                      {E.printstacktrace (); }                  }if( out!=NULL){Try{ out. Close (); }Catch(IOException e)                      {E.printstacktrace (); }                  }if(inch!=NULL){Try{inch. Close (); }Catch(IOException e)                      {E.printstacktrace (); }                  }          }return true; }return false; }

The jar is converted in DEX format using the DX command under Sdk\platform-tools\

dx   - - dex  - -     output= the address (absolute path) of the generated target file                         the jar file (absolute path) that needs to be converted   For example: DX  - - dex  - - output=h:\classdex       jar  h:\dujinyang  - karl   jar   

Then use the encryption tool to encrypt the generated jar file

Finally, dynamic loading via code:

File File = new file ("/data/data/"+ Base. Getpackagename() +"/.cache/"); if (!file. Exists()) {file. Mkdirs(); } try {Runtime. GetRuntime(). exec("chmod 755"+ File. GetAbsolutePath()). WaitFor(); } catch (Interruptedexception E1) {//TODO auto-generated Catch block E1. Printstacktrace(); } catch (IOException E1) {//TODO auto-generated Catch block E1. Printstacktrace(); } Util. Copyjarfile(this); Object Currentactivitythread = Refinvoke. Invokestaticmethod("","Currentactivitythread", new class[] {}, new object[] {}); String PackageName = Getpackagename (); HashMap mpackages = (HASHMAP) refinvoke. Getfieldojbect("", Currentactivitythread,"Mpackages"); WeakReference WR = (weakreference) mpackages. Get(PackageName); Myclassloader Dloader = new Myclassloader ("/data/data/"+ Base. Getpackagename() +"/.cache/classdex.jar","/data/data/"+ Base. Getpackagename() +"/.cache","/data/data/"+ Base. Getpackagename() +"/.cache/", base. getClassLoader()); try {class<?> Class1 = Dloader. LoadClass("Com.example.test.TestActivity"); Log. I("b364","----------->class1:"+CLASS1); } catch (ClassNotFoundException e) {Log. I("b364","----------->class not found exception!"); E. Printstacktrace(); } Log. I("b364","------>packageinfo:"+wr. Get()); Dexclassloader Dloader = new Dexclassloader (Apkfilename, Odexpath,//LibPath, (ClassLoader) Refinvoke. Getfieldojbect(          //"ANDROID.APP.LOADEDAPK", WR. Get(),"Mclassloader")); Refinvoke. Setfieldojbect("ANDROID.APP.LOADEDAPK","Mclassloader", WR. Get(), Dloader); 

Processing is done, and it is possible to do special treatment in application. Some people have analyzed the encryption of love encryption, but there is no elaboration, interested can be discussed together.

In the next article we'll talk about how to reverse the APK dynamic library

Android apk How to harden to prevent being cracked (prevent reverse compilation)

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.