Http://www.ijiami.cn/Video?v=4
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M00/6B/7E/wKiom1UvIovR3BytAAJFLlp5hwo638.jpg "title=" 1.png " alt= "Wkiom1uviovr3bytaajfllp5hwo638.jpg"/>
The openness and the free nature of Android are a big rush for developers and users, who are getting used to the free lunch of Android apps, but there's a huge security shadow behind the free.
"Android app two Pack" is pirated regular Android app, cracked after the implant malicious code repackaged. No matter from performance, user experience, appearance it is the same as the regular app but behind it really quietly run a terrible program, it will unknowingly waste mobile phone power, traffic, malicious charges, peeping privacy and so on.
Face two times packaging a lot of companies have their own precautions, well-known companies almost all of their apps have done within the program to prevent its app was packaged two times, once packaged and re-run the program automatically quit. Next, I'll explain how to prevent the app from being packaged two times.
To implement the code to prevent the app from being packaged two times first to understand the APK machine recognition principle, the only identification of the APK is to rely on the package name and signature to do identification, similar to the Pea folder wash white, 360 mobile phone defender and other security software on the APK's cottage recognition, They are relying on the package name to determine if the APK is then signed to determine whether it is a cottage. So the inside of your program can be started by getting the APK signature and then comparing it to the correct signature to see if it's been packaged two times.
650) this.width=650; "src=" http://s3.51cto.com/wyfs02/M01/6B/7E/wKiom1UvIp-Ab_syAAD_krmqwRg073.jpg "title=" 1.png " alt= "Wkiom1uvip-ab_syaad_krmqwrg073.jpg"/>
The Packagemanag object allows you to get the signature of the APK itself.
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/6B/79/wKioL1UvJAmwwhWtAAElOlv-dAk246.jpg "title=" 08091120-2e70fa9f18a1478dbbc79aaa27cafa7e.png "alt=" Wkiol1uvjamwwhwtaaelolv-dak246.jpg "/>
A string of around 20 is obtained by decomposing the code of the signature, which is the MD5 value of the APK signature, and the MD5 value of the signature is compared with the correct MD5 value to identify whether the apk is pirated.
is a code block analysis of some of the apps that have been protected:
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M02/6B/7E/wKiom1UvIsmA6WFvAAFElyHYv5w832.jpg "title=" 08091241-f30b63f317f2415594dc47dec59e050a.png "alt=" Wkiom1uvisma6wfvaafelyhyv5w832.jpg "/>
Is "xx province electric King" to prevent two times the key code of packaging
650) this.width=650; "src=" Http://s3.51cto.com/wyfs02/M00/6B/79/wKioL1UvJCqxXWzgAAK1xINWkj0606.jpg "title=" 08091419-97023d1e3b054dea963dd3773d7f59d7.png "alt=" Wkiol1uvjcqxxwzgaak1xinwkj0606.jpg "/>
is the "XX battery steward" to prevent two times the key code of packaging
The above two is the Smali layer of code, the above 2 code is the download of the very high-volume app to prevent two times the processing of packaging, its processing code will certainly use the key code is
Landroid/content/pm/packageinfo;->signatures:[landroid/content/pm/signature.
This method can play a certain role in security, the general packaging party face It is helpless, if you understand some Smali grammar its role is equal to 0.
App two-pack technology cracked Demo