Android APK self-protection technology-encryption APK

Source: Internet
Author: User
Tags pkware

After a busy week and finally having time to write something, we continue to introduce another way for Android APK to prevent anti-compilation technology. Top two we talked about Shell technology (http://my.oschina.net/u/2323218/blog/393372) and runtime modification bytecode (http://my.oschina.net/u/2323218/blog/396203) , if there is something you can see in the first two articles of my blog about both of these technologies. Next we will introduce another easy-to-use technology that prevents apk decompile-pseudo-encryption.

First, the principle of pseudo-encryption technology

We know that Android apk is essentially a zip-format tarball, and we will replace the Android app suffix. apk with a. zip to unzip the Android app with ease. In everyday life or work, we usually encrypt our files in order to protect our own. Such a method is also applicable for Android APK. The principle is very simple, in the zip file format has a bit to indicate whether the file in the zip compressed file is encrypted, we can only find the flag bit 1 to achieve our goal. And the Android Package installation Service (Packagemanagerservice) does not care about this encryption bit (which we call it for the time being) during APK installation, and does not affect the operation of the APK.

Two, zip file format

ZIP file format usually consists of three parts: compressed file source data, compressed directory source data, directory end identity. The three sections that are related to the encryption bits we're talking about are the compressed directory source data section, which we'll cover in detail next.

The compressed directory source data section records all the compressed directory source data. The structure is as follows:

Central Directory file header

Offset

Bytes

Description [18]

Translated

? 0

4

Central Directory file header signature =0x02014b50

Core directory file Header id = (0X02014B50)

? 4

2

Version made by

PKWare version used for compression

? 6

2

Version needed to extract (minimum)

Extract the minimum required pkware version

? 8

2

General purpose bit Flag

Universal bit Mark

10

2

Compression method

Compression method

12

2

File Last Modification time

File Last Modified Time

14

2

File Last Modification date

File Last Modified Date

16

4

CRC-32

CRC-32 algorithm

20

4

Compressed size

Size after compression

24

4

Uncompressed size

Uncompressed size

28

2

File name Length (n)

File name length

30

2

Extra field Length (m)

Extended domain length

32

2

File Comment Length (k)

File Comment length

34

2

Disk number where file starts

The disk number where the file starts

36

2

Internal file attributes

Internal file properties

38

4

External file attributes

External file properties

42

4

Relative offset of the local file header. This is the number of bytes between the start of the first disk on which the file occurs, and the start of the local file Header. This allows software reading the central directory to locate the position of the file inside the ZIP file.

Relative displacement of the local file header.

46

N

File Name

Directory file name

46+N

M

Extra Field

Extended domain

46+n+m

K

File Comment

File Comment Content

The No. 0 bit of the general purpose bit flag portion of the structure, if set to 1, identifies that the compressed package is encrypted, and that the compressed package is not encrypted by a 0 identity.

Third, the specific implementation

We can use the Zipcenop.jar jar package to encrypt and decrypt the APK (which is also useful for Python to implement this procedure).

(1) to encrypt the APK

After encryption, we use the decompression software to decrypt the following message:

Using Apktool to Decompile will prompt the following error message:

The APK can be installed and run normally after encryption.

(2) to decrypt the APK

Decryption is not much of a use for us, just a look.

According to the above, I believe you have a certain understanding of the APK's pseudo-encryption technology, but this method for Android 4.2.x version and later the system is not applicable it will refuse the installation of this encryption apk. Next we will explain another Android APK to prevent anti-compilation technology, looking forward to everyone's support.

Thank you for your reading and look forward to seeing you next time:

If you have any questions about this technology and want to get the tools for the technology that this article is talking about, get the article updated the first time, publish an original article of the technology Daniel Daily, and share more technical information .

Welcome to the personal public platform : Programmer Interaction Alliance, sweep the QR code or search number below Coder_online can follow , Online to help you solve technical difficulties, to Daniel directly spot.

Android APK self-protection technology-encryption APK

Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.