Android software security and Reverse Analysis

Android software security and Reverse Analysis
Basic Information
Author: Feng Shengqiang [Translator's introduction]
Series name: Turing original
Press: People's post and telecommunications Press
ISBN: 9787115308153
Mounting time:
Published on: February 1, February 2013
Start: 16
Page number: 1
Version: 1-1
Category: Computer> Software and programming> mobile development> android

For more information, Android software security and Reverse Analysis
Introduction
Books
Computer books
Android software security and reverse analysis explains the software security, reverse analysis, and encryption and decryption technologies of the Android system step by step. Including the necessary knowledge and concepts of Android Reverse Analysis and system security, static analysis of Android software, dynamic debugging of Android software, and exploration of anti-cracking and anti-cracking technologies of Android software, and a comprehensive analysis of typical Android viruses.
Android software security and reverse analysis is suitable for all Android Application developers, Android system development engineers, and Android system security workers.
Directory
Android software security and Reverse Analysis
Chapter 2 Building an android Analysis Environment 1
1.1 windows analysis environment Setup 1
1.1.1 install JDK 1
1.1.2 install Android SDK 3
1.1.3 install Android ndk 5
1.1.4 eclipse integrated development environment 6
1.1.5 install CDT and ADT plug-in 6
1.1.6 create Android Virtual Device 8
1.1.7 tools used 9
1.2 Linux Analysis Environment setup 9
1.2.1 Linux environment of this book 9
1.2.2 install JDK 9
1.2.3 install Android SDK 10 on Ubuntu
1.2.4 install Android ndk 11 on Ubuntu
1.2.5 install the eclipse integrated development environment on Ubuntu 12
1.2.6 install the CDT and ADT plug-ins on Ubuntu 13
1.2.7 create Android Virtual Device 13
1.2.8 tools used 15
1.3 Chapter 15
Chapter 1 how to analyze Android program 16
2.1 write the first Android program 16
2.1.1 use eclipse to create an android Project 16
2.1.2 compile and generate APK file 19
2.2 crack the first program 20
2.2.1 how to do it? 20
2.2.2 decompile APK file 20
2.2.3 Analysis of APK file 21
2.2.4 modify the code of the smali file 26
2.2.5 re-compile the APK file and sign 26
2.2.6 installation and testing 27
2.3 Chapter 28
Chapter 29 go to Android Dalvik Virtual Machine 29
3.1 features of Dalvik virtual machines-understanding the operating principles of Android programs 29
3.1.1 Dalvik Virtual Machine overview 29
3.1.2 difference between Dalvik Virtual Machine and Java Virtual Machine 29
3.1.3 how the Dalvik virtual machine executes the program 34
3.1.4 about Dalvik Virtual Machine JIT (instant compilation) 36
3.2 Dalvik assembly language basics prepare for analyzing Android programs 37
3.2.1 Dalvik Command Format 37
3.2.2 Dex file Disassembly tool 39
3.2.3 understand Dalvik register 40
3.2.4 Two register Representation Methods -- V and P respectively
3.2.5 type, method, and field representation of Dalvik bytecode 43
3.3 Dalvik Instruction Set 44
3.3.1 Instructions 45
3.3.2 null Operation Command 45
3.3.3 data operation command 46
3.3.4 return command 46
3.3.5 data definition directive 46
3.3.6 lock command 47
3.3.7 instance Operation Command 47
3.3.8 Array Operation Command 48
3.3.9 exception command 48
3.3.10 jump command 48
3.3.11 comparison command 49
3.3.12 Field Operation Command 50
3.3.13 method call command 50
3.3.14 data conversion command 51
3.3.15 data operation command 51
3.4 Dalvik Instruction Set exercise-write a Dalvik version of Hello World 52
3.4.1 compile the smali file 52
3.4.2 compile the smali file 54
3.4.3 test run 54
3.5 summary 55
Chapter 1 Android Executable File 56
4.1 step 56 of Android Program Generation
4.2 Android installation process 59
4.3 Dex file format 66
4.3.1 Data Structure in Dex file 66
4.3.2 Dex file structure 68
4.3.3 Dex file structure analysis 71
4.4 odex file format 80
4.4.1 how to generate odex file 80
4.4.2 odex file structure 81
4.4.3 odex file structure analysis 83
4.5 Dex file verification and optimization tool dexopt working process 88
4.6 alternative Android Application Cracking Method 91
4.7 Chapter 93
Chapter 4 static analysis Android app 94
5.1 What is static analysis 94
5.2 quick positioning of key code for Android 94
5.2.1 decompile APK program 94
5.2.2 main activity 95 of the program
5.2.3 application class 95
5.2.4 how to locate key code-Six Methods 96
5.3 smali File Format 97
5.4 classes in Android 100
5.4.1 internal class 100
5.4.2 listen 102
5.4.3 annotation 105
5.4.4 automatically generated class 108
5.5 read the decompiled smali code 110
5.5.1 loop statement 110
5.5.2 switch branching statement 115
5.5.3 try/catch statement 121
5.6 using IDA pro for static analysis Android 127
5.6.1 Ida pro 127 support for Android
5.6.2 operations 128
5.6.3 locate the key code-use IDA pro to crack instance 132
5.7 malware analysis toolkit-androguard 135
5.7.1 install and configure androguard 135
5.7.2 how to use androguard 137
5.7.3 use androguard with gephi for static analysis 144
5.7.4 use androlyze. py for static analysis 148
5.8 Other static analysis tools 152
5.9 read the decompiled Java code 152
5.9.1 use dex2jar to generate JAR file 152
5.9.2 use JD-Gui to view the source code 153 of the JAR File
5.10 Integrated Analysis Environment-santoku 154
5.11 summary of this Chapter 156
Chapter 2 Android-based arm assembly language basics-reverse native! 157
6.1 Android and arm processors 157
6.1.1 ARM Processor Architecture Overview 157
6.1.2 ARM processor family 158
6.1.3 Android-supported processor architecture 159
6.2 native programs and arm assembly language-reversing your native Hello arm 160
6.2.1 native program inverse preliminary 160
6.2.2 native Program Generation 162
6.2.3 knowledge about arm 164
6.3 arm assembly language program structure 166
6.3.1 complete arm assembler 166
6.3.2 definition of the processor architecture 167
Section 6.3.3 definition 168
6.3.4 notes and labels 169
6.3.5 assembler instruction 169
6.3.6 subroutine and parameter transfer 170
6.4 ARM processor addressing mode 170
6.4.1 addressing now 170
6.4.2 register addressing 171
6.4.3 register shift addressing 171
6.4.4 register indirect addressing 171
6.4.5 base address addressing 171
6.4.6 multi-register addressing 171
6.4.7 stack addressing 172
6.4.8 copy addressing 172
6.4.9 relative addressing 172
6.5 arm and thumb Instruction Set 173
6.5.1 instruction Format 173
6.5.2 jump command 174
6.5.3 Memory Access Directive 175
6.5.4 Data Processing Instruction 177
6.5.5 other commands 184
6.6 neon and VFP instruction sets for multimedia programming and floating point computing 185
6.7 summary of this Chapter 186
Chapter 2 Reverse Analysis of Android ndk program 7th
7.1 native program 187 in Android
7.1.1 compile an example program 187
7.1.2 how to compile native program 188
7.2 native program Startup Process Analysis 194
7.2.1 native program entry function 194
7.2.2 when the main function is executed 198
7.3 native file format 199
7.4 native C program reverse analysis 200
7.4.1 native Program Analysis Method 200
7.4.2 for loop statement disassembly code features 204
7.4.3 If... else branch statement disassembly code 208
7.4.4 features of while loop statement disassembly code 211
7.4.5 features of switch branch statement disassembly code 215
7.4.6 native program compilation optimized by 218
7.5 native C ++ program reverse analysis 222
7.5.1 reverse 222 of C ++ class
7.5.2 Android ndk supports C ++ 225
7.5.3 differences between static link STL and dynamic link STL code 227
7.6 Android ndk jni api reverse analysis 232
7.6.1 functions provided by Android ndk 232
7.6.2 Static Analysis of Android ndk program 233
7.7 Summary of this Chapter 235
Chapter 2 dynamic debugging of Android 8th
8.1 Android dynamic debugging supports 236
8.2 ddms usage 237
8.2.1 how to start ddms 237
8.2.2 use logcat to view debugging information 238
8.3 locate key code 240
8.3.1 code injection method -- let the program spit out the registration code 240
8.3.2 stack tracing 244
8.3.3 method profiling 247
8.4 use andbug to debug Android 250
8.4.1 installing andbug 251
8.4.2 use andbug 251
8.5 use IDA pro to debug Android native program 254
8.5.1 debug Android native 255
8.5.2 debug Android native dynamic link library 256
8.6 use GDB to debug Android native program 260
8.6.1 compile GDB and gdbserver 260
8.6.2 how to debug 262
8.7 summary of this chapter 264
Chapter 2 Android software cracking technology 9th
9.1 trial software 265
9.1.1 type of trial software 265
9.1.2 instance cracking-cracking 265 for authorization key
9.2 serial number protection 271
9.3 network verification 272
9.3.1 network verification and protection ideas 272
9.3.2 instance cracking-cracking 273 for network authentication methods
9.4 In-app billing (in-app payment) 277
9.4.1 principles of In-app billing 277
9.4.2 in-app billing method 280
9.5 Google Play license protection 281
9.5.1 Google Play license protection mechanism 281
9.5.2 instance cracking-Google Play license cracking 283
9.6 restart verification 284
9.6.1 reboot verification protection ideas 285
9.6.2 instance cracking-285 for restart Verification
9.7 how to crack other types of Android programs 296
9.7.1 mono for Android programs and their cracking methods 296
9.7.2 applications developed by QT for Android and Their cracking methods 301
9.8 summary of this Chapter 309
Chapter 2 anti-cracking technology for Android 10th
10.1 vs decompilation 310
10.1.1 how to combat decompilation tool 310
10.1.2 fight against dex2jar 311
10.2 vs static analysis 312
10.2.1 code obfuscation technology 312
10.2.2 protection of ndk 315
10.2.3 shell protection 316
10.3 vs dynamic debugging 316
10.3.1 check the debugger 316
10.3.2 detecting simulator 317
10.4 prevent recompilation 318
10.4.1 check the signature 318
10.4.2 verification protection 319
10.5 summary of this Chapter 320
Chapter 2 Android system attacks and Prevention 11th
11.1 Android system security overview 321
11.2 harm of mobile phone root 321
11.2.1 why do you need the root phone 321?
11.2.2 security risks caused by mobile root: 322
11.2.3 Android mobile phone root principle 322
11.3 Android permission attack 329
11.3.1 Android permission check 329
11.3.2 cyberattack 333
11.3.3 access attack detection 336
11.4 Android component security 339
11.4.1 activity security and activity hijacking demonstration 340
11.4.2 broadcast receiver security 343
11.4.3 Service Security 345
11.4.4 content provider Security 346
11.5 Data Security 347
11.5.1 External Storage Security 347
11.5.2 Internal Storage Security 348
11.5.3 Data Communication Security 350
11.6 Rom Security 351
11.6.1 category of Rom 352
11.6.2 Rom customization 352
11.6.3 security risks of custom Rom 359
11.6.4 how to prevent 360
11.7 summary of this chapter 361
Chapter 2 droidkongfu Virus Variant instance analysis 12th
12.1 droidkongfu virus introduction 362
12.2 configure the virus Analysis Environment 363
12.3 virus execution Status Analysis 364
12.3.1 use apimonitor for preliminary analysis 365
12.3.2 use droidbox dynamic analysis 369
12.3.3 other dynamic analysis tools 373
12.4 Reverse Analysis of virus code 376
12.4.1 Java layer startup code analysis 376
12.4.2 native-layer startup code analysis 381
12.4.3 native layer virus core analysis 393
12.5 droidkongfu virus framework summary 404
12.6 virus prevention 406
12.7 summary of this Chapter 406

Source of this book: China Interactive publishing network