After a busy week and finally having time to write something, we continue to introduce another way for Android APK to prevent anti-compilation technology. Top two we talked about Shell technology (http://my.oschina.net/u/2323218/blog/393372) and runtime modification bytecode (http://my.oschina.net/u/2323218/blog/396203) , if there is something you can see in the first two articles of my blog about both of these technologies. Next we will introduce another easy-to-use technology that prevents apk decompile-pseudo-encryption.
First, the principle of pseudo-encryption technology
We know that Android apk is essentially a zip-format tarball, and we will replace the Android app suffix. apk with a. zip to unzip the Android app with ease. In everyday life or work, we usually encrypt our files in order to protect our own. Such a method is also applicable for Android APK. The principle is very simple, in the zip file format has a bit to indicate whether the file in the zip compressed file is encrypted, we can only find the flag bit 1 to achieve our goal. And the Android Package installation Service (Packagemanagerservice) does not care about this encryption bit (which we call it for the time being) during APK installation, and does not affect the operation of the APK.
Two, zip file format
ZIP file format usually consists of three parts: compressed file source data, compressed directory source data, directory end identity. The three sections that are related to the encryption bits we're talking about are the compressed directory source data section, which we'll cover in detail next.
The compressed directory source data section records all the compressed directory source data. The structure is as follows:
Central Directory file header |
|
Offset |
Bytes |
Description [18] |
translation |
? 0 |
4 |
Central Directory file Header signature =0x02014b50 |
Core directory file Header id = (0X02014B50) |
? 4 |
2 |
Version made by |
PKWare version used for compression |
? 6 |
2 |
Version needed to extract (minimum) |
Extract the minimum required pkware version |
? 8 |
2 |
General purpose bit Flag |
Universal bit Mark |
10 |
2 |
Compression method |
Compression method |
12 |
2 |
File Last Modification time |
File Last Modified Time |
14 |
2 |
File Last Modification date |
File Last Modified Date |
16 |
4 |
CRC-32 |
CRC-32 algorithm |
20 |
4 |
Compressed size |
Size after compression |
24 |
4 |
Uncompressed size |
Uncompressed size |
28 |
2 |
File name Length (n) |
File name length |
30 |
2 |
Extra field Length (m) |
Extended domain length |
32 |
2 |
File Comment Length (k) |
File Comment length |
34 |
2 |
Disk number where file starts |
The disk number where the file starts |
36 |
2 |
Internal file attributes |
Internal file properties |
38 |
4 |
External file attributes |
External file properties |
42 |
4 |
Relative offset of the local file header. This is the number of bytes between the start of the first disk on which the file occurs, and the start of the local file Header. This allows software reading the central directory to locate the position of the file inside the ZIP file. |
Relative displacement of the local file header. |
46 |
N |
File Name |
Directory file name |
46+N |
m |
Extra Field |
Extended domain |
46+n+m |
k |
File Comment |
File Comment Content |
The No. 0 bit of the general purpose bit flag portion of the structure, if set to 1, identifies that the compressed package is encrypted, and that the compressed package is not encrypted by a 0 identity.
Third, the specific implementation
We can use the Zipcenop.jar jar package to encrypt and decrypt the APK (which is also useful for Python to implement this procedure).
(1) to encrypt the APK
After encryption, we use the decompression software to decrypt the following message:
Using Apktool to Decompile will prompt the following error message:
The APK can be installed and run normally after encryption.
(2) to decrypt the APK
Decryption is not much of a use for us, just a look.
According to the above, I believe you have a certain understanding of the APK's pseudo-encryption technology, but this method for Android 4.2.x version and later the system is not applicable it will refuse the installation of this encryption apk. Next we will explain another Android APK to prevent anti-compilation technology, looking forward to everyone's support.
Thank you for your reading and look forward to seeing you next time:
If you have any questions about this technology and want to get the tools for the technology that this article is talking about, get the article updated the first time, publish an original article of the technology Daniel Daily, and share more technical information .
Welcome to the personal public platform : programmer Interaction Alliance, sweep the QR code below or search number coder_online can pay attention to, Online to help you solve technical difficulties, to Daniel directly spot.
Android APK self-protection technology-encryption APK