This article originates from the PPT shared by the members of the group, and the other Members ' documents are not disclosed because they are not authorized.
This article command is a Windows 7 environment, if not specifically noted.
This article only touches on the approximate knowledge point, does not involve the concrete detail, needs to pay attention.
Anti-compilation
Apktool
Can decompile resource file (XML, point Nine) and code Smali code
Use command: Apktool d xxx.apk Output_filepath
Dex2jar
Anti-compile Dex file (extract apk obtained classes.dex) as Jar
Use command: Dex2jar xxx.dex
Jd-gui
View the jar file code
Using the method, open the jar file directly to
AXMLPrinter2 a single XML file
Java-jar Axmlprinter2.jar Xxx.xml >output.xml
The Counter-compilation response
• Code obfuscation
• Increase the code that will cause the anti-compiler exception
• Key code uses NDK
• Software Packers (e.g. UPX)
• Test simulator, debugger against dynamic commissioning
• Check signature, verify protection (classes.dex hash value) to prevent recompilation
Confuse
• Confusion principle
The application keeps the statement meaning unchanged from program p to P '.
Obfuscation refers to the semantic transformation of the application to be published, so that the transformed program and the original program are functionally identical or similar, but more difficult to be attacked by reverse engineering.
• Common methods
Code shape Confusion (renaming)
Control command Confusion (change the program's judging conditions or add controllable conditions and other adjustments to the program's structure and process)
Internal data obfuscation (transformations of data structures, splitting and merging of variables, data structure transformations, dynamic generation of static data, class inheritance conversions)
Prevent confusion (add code that will be faulted for some specific anti-compilation decompile)
• Evaluation indicators
Intensity, obfuscation algorithm adds complexity to the program
Resilient, confusing program anti-machine attack capability
Overhead, additional overhead from code conversion
Proguard
• Code Shape Confusion
Sdkpath\tools\proguard \proguard-android.txt
• Project Proguard-project.txt
# This was a configuration file for Proguard.# http://proguard.sourceforge.net/index.html#manual/usage.html
-dontusemixedcaseclassnames #包明不混合大小写-dontskipnonpubliclibraryclasses #不去忽略非公共的库类-verbose
# optimization is turned off by default. Dex does not like code run# through the Proguard optimize and preverify steps (and performs some# of these optimizations on its own).-dontoptimize #优化-dontpreverify #预校验# Note If you want to enable optimization, you cannot just# include optimization flags in your own project configuration file;# instead you'll need to the# "Proguard-android-optimize.txt" file instead of this one from your# project.properties file.
-keepattributes *annotation* #保护注解-keep public class Com.google.vending.licensing.ILicensingService #保护指定的类-keep public class Com.android.vending.licensing.ILicensingService
# for native methods, see Http://proguard.sourceforge.net/manual/examples.html#native#不混淆jni方法-keepclasseswithmembernames class * {native <methods>;}
# Keep setters in animations can still work.# See Http://proguard.sourceforge.net/manual/examples.html#beans-keepclassmembers public class * extends Android.view.View {void set* (* * *);* * * get* ();}
# We want to keep methods in Activity that could is used in the XML attribute OnClick-keepclassmembers class * extends Android.app.Activity {Public void * (Android.view.View);}
# For enumeration classes, see Http://proguard.sourceforge.net/manual/examples.html#enumerations-keepclassmembers enum * {Public static **[] values ();Public Static * * VALUEOF (java.lang.String);}#不混淆Parcelable的子类 to prevent android.os.BadParcelableException-keep class * Implements Android.os.Parcelable {Public static Final Android.os.parcelable$creator *;}#不混淆资源类-keepclassmembers class * *. r$* {Public static <fields>;}
# The Support library contains references to newer platform versions.# Don ' t warn about those in case this app is linking against an older# Platform version. We know about them, and they is safe.-dontwarn android.support.**
Schematic, compression------------pre-check for obfuscation---4 steps, default optimizations and pre-check are not open
• Confusion Considerations
Avoid confusion generics (Fastjson)
-keepattributes Signature
Exclude reflection, serialization-related classes
Exclude the native method, and the class that Androidmanifest.xml mentions
Ignore warnings
-ignorewarnings
-dontwarn android.support.**
Keep a full package
-keep class com.sogou.appmall.**{*;}
• Debug and Bug tracking
The internal structure of all classes within the 1.dump.txt APK package
Mapping before and after 2.mapping.txt confusion
3.seeds.txt classes and members that are not confused
4.usage.txt listing the code removed from the APK
• Restore Logs
retrace.bat|retrace.sh [-verbose] mapping.txt [<stacktrace_file>]
For example: Retrace.bat-verbose mapping.txt obfuscated_trace.txt
If you need to output a log with a line number, you need to add
-renamesourcefileattribute sourcefile
-keepattributes sourcefile,linenumbertable #输出错误信息行号
More
1. http://proguard.sourceforge.net/
2.http://developer.android.com/tools/help/proguard.html
3.proguard Brief Grammar Handbook
4.android Common anti-compilation tools