Recent sudden efforts like the tide began to learn the Android hack, beginning, is to record the experience.
preparatory work:1, a login simple app
Before we crack, we need to do a simple login app, enter the corresponding account and password is the popup login successful dialog box, the account and password does not match the popup Login failed dialog box, such as
As I have already written a simple app to make the Login interface blog post, here is not much to say, please enter http://www.cnblogs.com/kexing/p/8000783.html, the picture is copied from that blog.
suggest that you follow my tutorial to do the app, and then the following I said the crack will have a deeper understanding
This is my previous article to do the login app, the address to everyone, everyone download, follow my steps below to start to crack
Link: https://pan.baidu.com/s/1dFew3y5 Password: 6666
2.android hack tool--androidkiller
Here to introduce the Android hack tool, Androidkiller, this software is famous, do not know the words can go to Baidu search to see
: Link: https://pan.baidu.com/s/1dET7ce1 Password: 6666
Start cracking:
Using Androidkiller to open the apk that needs to be cracked, after the anti-compilation success, click on the project manager, there will be an interface (the first run may appear to die, the workaround is to turn off the software, reopen, and then select Open in the project history)
Here, the original folder contains the original androidmainfest and related signatures, res folder is the relevant layout, color, pictures, music and other resources, Smail folder is to store all the Java files in the app
I am only a relatively rough explanation above, want to learn more about the students can refer to this blog post http://blog.csdn.net/bbzz100/article/details/51568616
Our focus is on the files in the Smail folder.
We can see that there is a mainactivity, this is the main interface of the Java file Smail file, because this is a simple login app, so there is not much interface, we can clear the main interface, but the general app is not only one interface, then, What do we do? The answer is simple, search by keyword, and navigate to the relevant Smail file. So, to crack an app, you have to use it to find the keyword in the process of using it.
As our simple login app, we can search for login failures to find the corresponding Smail
In the upper right corner of the search function box input login failed, click on the bottom right corner of the search all, you can see no results, this is why? Because the development tool will convert the relevant text in the APK to Unicode when the APK is generated, we can turn the login failure into Unicode, search again for the results, and the Androidkiller search box is the one with the ability to convert Unicode, as
we choose to Select Text to Unicodeand search again to see the results
we expand it, double-click on the second row, and you will jump to the Smail file where it resides.
Until now, we need to clarify the idea of the break, we need to enter a mismatch account password, so that it pops up a successful login dialog box.
We have found a popup login failed dialog, we need to do is to modify the condition is not satisfied when the code executed
Here we first add two Smali instructions one is IF-EQZ and the other is If-nez, and the two instructions are relative.
(1) If-eqz va, VB,: cond_** if VA equals vb jump to: cond_**, can be regarded as Boolean a = Va==vb,if-eqz A,: cond_** when A is true, that is, VA equals vb, execute Cond_ * *, otherwise, skip cond_** and execute the next line of code
(2) If-nez va, VB,: cond_** If VA is not equal to VB jump to: cond_**, ibid,boolean a = Va!=vb, If-nez a,:cond_** When A is true, that is, VA is not equal to VB, execute cond_**, otherwise, skip cond_** and execute the next line of code
Add: V5 is false, then the user name is not correct, so pop-up login failed, V5 is true, that is, the user name to, continue to determine whether the password is correct, password is incorrect, is also a popup login failed dialog box
How to hack:
Crack before emphasizing a problem after modifying the Smali code must be ctrl+s save The program or the original Smali code compiled
1. The above two to determine the user name and password judgment, that is, IF-EQZ modified to If-nez, then enter the wrong account name and password will skip cond_0, equivalent to not pop-up Login Failed dialog box, directly down, followed by a successful login dialog box
PS: If the input is the original correct username and password, it will eject the login failure
2. Delete these two if-eqz, regardless of input, even if the correct account name and password are pop-up login successful dialog box
3. Use the goto statement to skip these two IF-EQZ directly
When you're done modifying, click Compile
Then you can see the success of the compilation prompt, click on the red box that line, will jump to the explorer
after that, send the APK to the phone and install the test effect on the phone
Mention here, you can also use the ADB function to connect to the phone for testing, or connect to the Android emulator, install the APK into the simulator test
Android Hack learning Path (one)--Simple login hack