Android cracked video app remove advertising features and solutions summary _android

-->

Android cracked video app to remove advertising features

As a cock-Silk program Apes also have the time to play, but when you open the video app, those super long ads have made me this cock silk unbearable, as a program ape watching video also want to appear ads that is to hit my face, but I have no money to buy members, can only rely on the life of the skills to play to remove ads. Here is a description of how to do video advertising removal.

The principle of video advertising playback

The first thing we need to know is that advertising is also a video, so he definitely has a request address and a playback address. Then our ideas come, if we can get these addresses, we can remove ads, why? Because we know all the network requests will eventually go to the hosts file of the system, in this file recorded a lot of IP address and Domain name Mapping relationship, the system every time the network request will first go to find the system Hosts file, if found the requested domain name here, is the corresponding IP address of the domain name to visit the , so you can see that the hosts file actually corresponds to a simple local DNS feature file. If we have a video advertisement request address, then can modify Hosts file, the advertisement request address domain Name Mapping cost machine address 127.0.0.1, then this will certainly appear the advertisement request error, the local broadcast advertisement error, will skip the advertisement directly. Of course, there are three kinds of specific ways:

The first way: After device root, modify the Hosts file of the device

Disadvantage: The device requires root

Advantages: A modification, lifelong benefit, a machine in hand, the world I have!

The second way: the device without root, you can set up a computer as a proxy, modify the computer's Hosts file

Disadvantage: Equipment Playback video must rely on the computer agent, inconvenient

Benefits: No need for device root

The Third way: Modify the Router filtering rules, add address screen rules

Disadvantage: The device playback video must rely on the router's LAN, inconvenient

Benefits: No need for device root

But this way can benefit many people to use, generally this way uses in the family local area network, such family person watches the video to have no advertisement.

Second, to crack the app to obtain advertising domain name

The above analysis of the technical principle, then the following is to start to crack, because see the above principle found that the most important thing is how to get the video ads address? In just a few ways I know:

The first type: grasping the bag with the grasping bag tool

The difficulty in this way is to analyze the request information for each address

The second: Crack specific video app

It costs too much and takes a long time.

The third: Find an app that can filter ads from the market to crack

This is the most convenient and reliable way to do it.

Below we go to the market to search the video Ads filter app, the results found a app named: NET NET Master

Here is an analysis of the app's principle of removing advertising:

when there is a video advertising playback address, the way is still a lot of, one is the device root after the change Hosts file or interception network request for filtering, a non-root device using Vpnservice function for network request interception .

From his interface it seems that he used a second way, and for Android VPN development is not familiar with the students can go to the Internet to search some information, that is, to register a vpnservice, and then get to the system VPN permissions, and then the network of equipment requests will be through this service, Just do the processing in this service. So there's definitely a filter in the app that holds all the video ads on the market, and that's the gateway we're cracking. So here's the crack operation.

The first is to use the Apktool tool to decompile, fortunately he did not do application hardening, decompile very smooth. But here's the best use of a JADX tool, he is a visual decompile tool, more convenient to view his androidmanifest.xml file, find Vpnservice statement:

Then go to see the Vpnrouterservice class implementation:

You can then search the builder name globally because building a VPN must use this class:

This code is the beginning of building vpnservice. The following continues in depth, eventually to the Run method:

And then look at the Starttunnel method:

OK, this is a native method, and continue to analyze the so file:

Open using the IDA tool to view the contents of this so file:

Discover that this method has done some initialization work, then guess that the video ad address should be stored in an encrypted file, and most likely a database file, and this filter address can support server update, because now the video advertising address has changed, the app is also need to feel. What you can see is a portal that can update the filtering rules:

Through the above code can be analyzed to filter rules file encryption, then you can enter the encryption method to see, here using Ida's F5 function key to compile the corresponding C code:

Here you can see clearly, in the application of the sandbox has a TXT file, this file saved the path of the database file:

Then we export this file, remember him in order to deceive, the DB suffix name deleted, we need to manually add suffix name: v_0.0.32.db file, unfortunately, open the file after the error is found:

Because the database file is encrypted, the encryption algorithm is AES:

See here, we may think, need dynamic debugging so get this encrypted password, but here do not do so, because I am lazy, dynamic debugging feeling old laborious, so found a shortcut, my idea is this:

The first analysis of this app filter ads is the principle of using VPN to intercept requests, then the interception to the request to get the specified domain name is definitely to go and filter the rules of comparison to judge, because these rules are placed in the database, so it is not possible to query the database each time to compare the records, so the efficiency will be very low, So here's thinking about him. To improve efficiency, a cache pool should be used to store the domain name address of the hit. Then it is good to do, if the buffer pool, the domain name address is some string value, from the other hand in the local he should also have some default string address, to prevent the update filter rule failed as a standby, from these two can know that there should be some local advertising domain name string content.

In Ida we can use Shift+f12 to view the string values in an so file:

We can see that there are a lot of string values, you can look down, we are concerned about the domain name string, then the value of the domain name string is a feature of the. com end, so we can do so, to copy the content into a TXT file:

Then write a simple program to do it, forget the Python script, can only rely on the old line of the Java language to write:

The code is very simple, is read every line of content, and then the string filter, get the domain name, because after we get this domain name is also to add to the Hosts file, so directly here constructs an IP address and domain name Mapping relationship. After running the program, the resulting file contents are as follows:

It feels a bit like the domain address of each video ad request.

Third, modify the Hosts file for verification

So here we have the static way to crack the net net Master got the market video app play advertising domain name address, the following is a quick operation to see the effect, here in order to facilitate, there is just a root of the mobile phone, so directly to the above generated rules added to the equipment of the Hosts file, The Hosts file in Android resides in the directory under the root directory /etc/hosts

Then after we add success, we immediately come to experience, here selected Archie art and Tencent Video as a case to operate:

First of all, look at the advertising filter Effect of Archie Art:

See, here are two popular videos are not ads, and then look at the Tencent Video:

See, there is no advertising, it seems to be successful, there are other video app, the feelings of the students can go to try their own. This is not a demo.

Description

Some students are curious, since this app can do filter ads, that also cracked why, direct use can be, in fact, it is to the program ape insult, followed by this app uses the VPN function, how to say, individual on this function and app is not how to rest assured, It's a terrible thing that all the network requests for sensory devices can be intercepted by him. The most important point is that this article uses the root device to modify the Hosts file, if the day you want to modify the router to add rules, computer hook Agent mode of operation that is not nonsense, you have no domain name how to do, So no matter how kind all have to crack this app to get the final domain name, so just insurance, follow oneself want how to do how to engage!

Iv. Summary and review of knowledge

Here we are the perfect filter on the market all the advertising logic of the app, in the process we can see most of the conjecture, have a guess and then go to practice logic, so say in the reverse field sometimes need rich experience, sometimes dare bold conjecture. Here is a summary of our operation process:

The first step: understand the current video advertising broadcast principle

Now mobile-end app advertising is the principle of advertising clips and video content separate, then the ad short film should also be online request a play address, if you can get the playback address can be completed culling work.

The second step: How to filter ads with the advertising domain name

This needs to understand how the system works when it requests a network, in fact, first to find the local hosts file, to see if the requested domain name has a corresponding IP address, if there is a direct use of IP address as the request address, then the idea here is to be able to modify the hosts file to do the advertising domain name request interception work, That is, in the Hosts file to add advertising request Domain Name Mapping relationship, the domain name point to the local IP address: 127.0.0.1 can

Step three: How to obtain the request domain name of the video advertisement

In fact, there are many ways: one is to carry out the network grab bag, one is through the crack video app, one is the use of other home app. This article is the use of Third-party app called Net Net Master to obtain the domain name, this time need to crack net Network Master app, and this is a focus of this article. In the process of cracking we are part of the use of reverse experience is part of the use of bold conjecture, such as guessing that his domain name will certainly have a string pool in the local save, this is the key step of the break.

Fourth step: How to filter ads with the domain name

Here, because we know the principle of system request, then there can be three ways: one is to modify the equipment of the Hosts file, if the device needs to be root; one is to modify the agent machine's hosts file by hanging Agent, one is to modify the router's filtering rules, each of these three ways have their advantages and disadvantages.

Serious statement: The knowledge points introduced in this article are entirely from a technical sharing point of view, and are not used for any commercial activities and purposes, if any legal issues involved will be the operator's own responsibility. The author of this article will not be responsible for any legal liability! Students are also invited to adhere to the principle of technical point of view, do not use in business!

Video app How to circumvent this operation: as a video app advertising is its survival, so for users of this operation, because they also need to do some protection strategy, you can start a local background service, ping command to detect the current advertising domain name corresponding to the IP address, If you find that is not their own domain name corresponding to the IP address, then do not let it see the video content, but this way is not feasible yet to be verified!

Vi. Summary

This article mainly introduces the content or crack the relevant knowledge points, and this article in the process of cracking the use of a lot of conjecture, and then through the practice to prove conjecture, sometimes more speculation will make the process more convenient to break, at the same time through this article, small series after watching the video is also not to see ads.

Thank you for reading, I hope to help you, thank you for your support for this site!