Android Hack Experience--Learn about the seven-month-old Big security public class for Android

The first lesson explains the configuration of the environment in the Android hack and the software needed to use it, the important software is Androidkiller, the Android reverse helper

The second lesson explains the relationship between Java and Smali, and analyzes a simple helloworld apk in detail from a smail perspective.

The third lesson explains the two-time break

For some cracked website, after downloading from its website after opening on the phone, there will be prompted, which requires us to install its app client in order to realize the crack, two times the hack can bypass this verification into the game

Go to install boxes, remove toast tips, remove background images

The apk that installs the box is placed in the asset folder, and when the user installs the game (the cracked version downloaded from the site), the box's apk is released on the SDcard, and then Enter the game through the Context.getPackage.getPackageInfo method (based on the package name in the obtained info, find returns True, if not found to return false), detect whether the current user phone is installed box, if not installed, is prompted to install, the user does not install is not to enter the game interface, the installation is to be released before, placed in the sdcard in the box apk

Lesson Four

The application class is to be loaded earlier than the entry class

Asset resource folders are often used to put some hidden things

Use a different app to encrypt

The jar opens with the JD of the Android reverse helper, and if it doesn't open, it might just be a jar call, or it's encrypted.

Open after discovery is an apk file directory, you can change its extension to apk for anti-compilation

Can be found that the toast is actually in the inside, we directly modified, after the back-up, after, if it is to the back of this apk to the jar again put into the previous apk, there is a great possibility of error, why? Because there might be a signature validation of this jar in the original apk, so let's move on to the Classdex in the original jar before putting the apk in the back, then put it

Crack to grasp the point, the use of fewer changes, so it is not easy to make mistakes

Remove banner ads

Delete the corresponding activity directly in the Androidmanifest, the search string delete can have the rice (Youmi) multi-tour (duoyou)

Delete activity is simply to remove, in fact, the app will still display the banner, need to do a thorough deletion, two methods, one is to go to the upper layer to remove the ad display method calls, the second is to empty the display method of the ad, remember to return (the search banner content to navigate to the display method)

But most of the ads are full-screen ads, not through the above method to achieve our goal, because the canvas is actually a imageview, is in the activity file dynamically generated layout, involving the layout of dynamic changes, so, We have to look for key statements in the Smail code to reach our goal.

Three points of internal purchase crack

Monitoring Class Listener

Key judgment function Onbillingfinish Payresult

Specific success cancellation failure function

Too many branches, not suitable for jumping, you can directly modify the value

Move P1,P2 assigns the value of P2 to P1

Android Hack Experience--Learn about the seven-month-old Big security public class for Android