Considerations during Android anti-compilation obfuscation

This article originates from the PPT shared by the members of the group, and the other Members ' documents are not disclosed because they are not authorized.

This article command is a Windows 7 environment, if not specifically noted.

This article only touches on the approximate knowledge point, does not involve the concrete detail, needs to pay attention.

Anti-compilation

Apktool

Can decompile resource file (XML, point Nine) and code Smali code

Use command: Apktool d xxx.apk Output_filepath

Dex2jar

Anti-compile Dex file (extract apk obtained classes.dex) as Jar

Use command: Dex2jar xxx.dex

Jd-gui

View the jar file code

Using the method, open the jar file directly to

AXMLPrinter2 a single XML file

Java-jar Axmlprinter2.jar Xxx.xml >output.xml

The Counter-compilation response

• Code obfuscation

• Increase the code that will cause the anti-compiler exception

• Key code uses NDK

• Software Packers (e.g. UPX)

• Test simulator, debugger against dynamic commissioning

• Check signature, verify protection (classes.dex hash value) to prevent recompilation

Confuse

• Confusion principle

The application keeps the statement meaning unchanged from program p to P '.

Obfuscation refers to the semantic transformation of the application to be published, so that the transformed program and the original program are functionally identical or similar, but more difficult to be attacked by reverse engineering.

• Common methods

Code shape Confusion (renaming)

Control command Confusion (change the program's judging conditions or add controllable conditions and other adjustments to the program's structure and process)

Internal data obfuscation (transformations of data structures, splitting and merging of variables, data structure transformations, dynamic generation of static data, class inheritance conversions)

Prevent confusion (add code that will be faulted for some specific anti-compilation decompile)

• Evaluation indicators

Intensity, obfuscation algorithm adds complexity to the program

Resilient, confusing program anti-machine attack capability

Overhead, additional overhead from code conversion

Proguard

• Code Shape Confusion

Sdkpath\tools\proguard \proguard-android.txt

• Project Proguard-project.txt

　　　　# This was a configuration file for Proguard.# http://proguard.sourceforge.net/index.html#manual/usage.html
-dontusemixedcaseclassnames #包明不混合大小写-dontskipnonpubliclibraryclasses #不去忽略非公共的库类-verbose
# optimization is turned off by default. Dex does not like code run# through the Proguard optimize and preverify steps (and performs some# of these optimizations on its own).-dontoptimize #优化-dontpreverify #预校验# Note If you want to enable optimization, you cannot just# include optimization flags in your own project configuration file;# instead you'll need to the# "Proguard-android-optimize.txt" file instead of this one from your# project.properties file.
-keepattributes *annotation* #保护注解-keep public class Com.google.vending.licensing.ILicensingService #保护指定的类-keep public class Com.android.vending.licensing.ILicensingService
# for native methods, see Http://proguard.sourceforge.net/manual/examples.html#native#不混淆jni方法-keepclasseswithmembernames class * {native <methods>;}
# Keep setters in animations can still work.# See Http://proguard.sourceforge.net/manual/examples.html#beans-keepclassmembers public class * extends Android.view.View {void set* (* * *);* * * get* ();}
# We want to keep methods in Activity that could is used in the XML attribute OnClick-keepclassmembers class * extends Android.app.Activity {Public void * (Android.view.View);}
# For enumeration classes, see Http://proguard.sourceforge.net/manual/examples.html#enumerations-keepclassmembers enum * {Public static **[] values ();Public Static * * VALUEOF (java.lang.String);}#不混淆Parcelable的子类 to prevent android.os.BadParcelableException-keep class * Implements Android.os.Parcelable {Public static Final Android.os.parcelable$creator *;}#不混淆资源类-keepclassmembers class * *. r$* {Public static <fields>;}
# The Support library contains references to newer platform versions.# Don ' t warn about those in case this app is linking against an older# Platform version. We know about them, and they is safe.-dontwarn android.support.**

Schematic, compression------------pre-check for obfuscation---4 steps, default optimizations and pre-check are not open

• Confusion Considerations

Avoid confusion generics (Fastjson)

-keepattributes Signature

Exclude reflection, serialization-related classes

Exclude the native method, and the class that Androidmanifest.xml mentions

Ignore warnings

-ignorewarnings

-dontwarn android.support.**

Keep a full package

-keep class com.sogou.appmall.**{*;}

• Debug and Bug tracking

The internal structure of all classes within the 1.dump.txt APK package

Mapping before and after 2.mapping.txt confusion

3.seeds.txt classes and members that are not confused

4.usage.txt listing the code removed from the APK

• Restore Logs

retrace.bat|retrace.sh [-verbose] mapping.txt [<stacktrace_file>]

For example: Retrace.bat-verbose mapping.txt obfuscated_trace.txt

If you need to output a log with a line number, you need to add

-renamesourcefileattribute sourcefile

-keepattributes sourcefile,linenumbertable #输出错误信息行号

More

1. http://proguard.sourceforge.net/

2.http://developer.android.com/tools/help/proguard.html

3.proguard Brief Grammar Handbook

4.android Common anti-compilation tools