Android anti-compilation and two-time package combat

As an Android developer, there is no need to decompile other people's apk, of course, the main purpose is to learn more, take the long, to complement their own short. Let's summarize some of the knowledge of Android anti-compilation and two packaging today. First of all, the purpose of this article is to explain the principles and methods of anti-compilation and two-time packaging through examples, and then as a follow-up to prevent two packaging and app security basis, not to encourage people to repackage other people's app, steal other people's labor results.

This article first describes the use of several Android anti-compilation tools, and then implements If you do not need to know the source code, only The purpose of modifying the APK logic function is implemented by modifying the Smali file that is obtained by the decompile.

There are three commonly used anti-compilation tools in Android:Dex2jar,Jd-gui, and Apktool, and these three tools work as follows:

Dex2jar: Convert the Classes.dex file in the apk to a jar file.

Jd-gui: View a jar file converted from Dex2jar to display the compiled Java source code in the form of an interface.

Apktool: decompile generates Smali bytecode files and extracts the resource files from the APK.

to make the problem as clear as possible, let's implement a very simple example. First create a project Decompiledemo, define a layout in mainactivity with a button and click to print a log.

public class Mainactivity extends Appcompatactivity implements View.onclicklistener {    private static final String TAG = "Mainactivity";    Private Button btn;    @Override    protected void onCreate (Bundle savedinstancestate) {        super.oncreate (savedinstancestate);        Setcontentview (r.layout.activity_main);        BTN = (Button) Findviewbyid (R.ID.BTN);        Btn.setonclicklistener (this);    }    @Override public    void OnClick (View v) {        log.d (TAG, "button is clicked");}    }

unzip the APK generated by this project, remove the Classes.dex in the directory of the Dex2jar tool, and execute the command

The Class-dex2jar.jar file is generated in the current directory

Then open Jd-gui, Drag the Class-dex2jar.jar file in, you can see the anti-compiled source code.

You can see that the anti-compilation code and the original code are not very different, the main difference is that the original resource references have all become numbers.

Let's change the contents of this apk.

First we copy the APK into the Apktool tool directory and execute the command Apktool D app-release.apk.

The generated directory contains the Smali folder

Then find our main class Mainactivity.smali, the file content is as follows:

. class public lcom/viclee/decompiledemo/mainactivity;. Super landroid/support/v7/app/appcompatactivity;. SOURCE "Mainactivity.java" # interfaces.implements Landroid/view/view$onclicklistener;? # static Fields.field private static final tag:ljava/lang/string; = "Mainactivity" # instance Fields.field private btn:landroid/widget/button;# Direct Methods.method public Constructor & Lt;init> () v. Locals 0. Prologue. Line 9 Invoke-direct {p0}, landroid/support/v7/app/appcompatactivity;-> <init> () v return-void.end method# virtual Methods.method public OnClick (Landroid/view/view;) v. Locals 2. PA    Ram P1, "V" # Landroid/view/view; . Prologue Line Const-string V0, "mainactivity" const-string v1, "button is clicked" Invoke-static {v0, v1} , Landroid/util/log;->d (ljava/lang/string;    ljava/lang/string;) I. Line return-void.end Method.method protected onCreate (Landroid/os/bundle;) v. Locals 1 . param P1, "savedinstancestate" # Landroid/os/bunDle . Prologue line Invoke-super {p0, p1}, Landroid/support/v7/app/appcompatactivity;->oncreate (Landroid/os/Bundle ;) v. Line-Const V0, 0x7f040019 invoke-virtual {p0, v0}, Lcom/viclee/decompiledemo/mainactivity;->setcontent View (I) v. Line # Const V0, 0x7f0c0050 invoke-virtual {p0, v0}, LCOM/VICLEE/DECOMPILEDEMO/MAINACTIVITY;-&GT;FINDV    Iewbyid (I) Landroid/view/view;    Move-result-object v0 check-cast V0, Landroid/widget/button;    Iput-object V0, P0, lcom/viclee/decompiledemo/mainactivity;->btn:landroid/widget/button;    . Line Iget-object V0, P0, lcom/viclee/decompiledemo/mainactivity;->btn:landroid/widget/button; invoke-virtual {v0, p0}, Landroid/widget/button;->setonclicklistener (Landroid/view/view$onclicklistener;) v. Line Return-void.end method

36-40 of these lines are the location of the print log, the content of the file is clear, and each region has the following meanings:

. Class class Name

. Super Parent class name

. source file Name

. Implements interfaces implemented by this class

. field member Variable

. Method methods

Then create a new project to implement the code you want to replace in this project, where we want to replace the print log in the original project with the popup toast.

public class Mainactivity extends appcompatactivity{    @Override    protected void OnCreate (Bundle Savedinstancestate) {        super.oncreate (savedinstancestate);        Setcontentview (r.layout.activity_main);        Showtoast ();    }    public void Showtoast () {        Toast.maketext (this, "I am a modified post-compilation. ", Toast.length_long). Show ();    }}

Then execute the apktool command as before, and the resulting Smali file contents are as follows:

. class public lcom/viclee/decompiledemo/mainactivity;. Super landroid/support/v7/app/appcompatactivity;.    SOURCE "Mainactivity.java" # Direct Methods.method Public Constructor <init> () v. Locals 0. Prologue. Line 7 Invoke-direct {p0}, landroid/support/v7/app/appcompatactivity;-><init> () V return-void.end method# virtual m Ethods.method protected onCreate (Landroid/os/bundle;) v. Locals 1. param p1, "savedinstancestate" # Landroid/os/bu    Ndle; . Prologue line Invoke-super {p0, p1}, Landroid/support/v7/app/appcompatactivity;->oncreate (Landroid/os/Bundle ;) v. Line one const V0, 0x7f040019 invoke-virtual {p0, v0}, Lcom/viclee/decompiledemo/mainactivity;->setcontent View (I) v line invoke-virtual {p0}, Lcom/viclee/decompiledemo/mainactivity;->showtoast () v. Line retur N-void.end Method.method Public Showtoast () v. Locals 2. Prologue. Line const-string V0, "\u6211\u662f\u53cd \u7f16\u8bd1\u540e\u8fdb\u884c\u7684\u4fee\u6539\u3002 "CONST/4 v1, 0x1 invoke-static {p0, V0, v1}, Landroid/widget/toast;->maketext (Landroid/conte Nt/context;    Ljava/lang/charsequence;i) Landroid/widget/toast; Move-result-object v0 invoke-virtual {v0}, Landroid/widget/toast;->show () v. Line Return-void.end method

In the above code, lines 33 and 39-56 are the part of the code that pops up the toast. Copy the entire Showtoast method above to the original project's Smali file, here to pay special attention to modify the line number, this line number represents the code in the original Java file line number, need to refer to the two Smali file line number to modify. I think as long as the line numbers inside the method are not scrambled, and the line numbers between the methods do not conflict, you can. Then, you need to replace the code for the print log in the original project with the code that displays the toast, which is to modify the 36-40 lines in the original Smali file to the contents of the 33, 39-56 lines in the new project. The revised content is as follows, focusing mainly on the differences between 36 lines, 75-91 lines and the original Smali file in the following content.

. class public lcom/viclee/decompiledemo/mainactivity;. Super landroid/support/v7/app/appcompatactivity;. SOURCE "Mainactivity.java" # interfaces.implements landroid/view/view$onclicklistener;# static Fields.field private static final tag:ljava/lang/string; = "Mainactivity" # instance Fields.field private btn:landroid/widget/button;# Direct Methods.method public Constructor & Lt;init> () v. Locals 0. Prologue. Line 9 Invoke-direct {p0}, landroid/support/v7/app/appcompatactivity;-> <init> () v return-void.end method# virtual Methods.method public OnClick (Landroid/view/view;) v. Locals 2. PA    Ram P1, "V" # Landroid/view/view; . Prologue line Invoke-virtual {p0}, Lcom/viclee/decompiledemo/mainactivity;->showtoast () v. Line Retu Rn-void.end Method.method protected onCreate (Landroid/os/bundle;) v. Locals 1. param p1, "savedinstancestate" # La    Ndroid/os/bundle; . Prologue line Invoke-super {p0, p1}, landroid/support/v7/app/appcomPatactivity;->oncreate (landroid/os/bundle;) V line-Const V0, 0x7f040019 invoke-virtual {p0, v0}, Lcom/vicle E/decompiledemo/mainactivity;->setcontentview (I) v. Line # Const V0, 0x7f0c0050 invoke-virtual {p0, v0}, lcom/    Viclee/decompiledemo/mainactivity;->findviewbyid (I) Landroid/view/view;    Move-result-object v0 check-cast V0, Landroid/widget/button;    Iput-object V0, P0, lcom/viclee/decompiledemo/mainactivity;->btn:landroid/widget/button;    . Line Iget-object V0, P0, lcom/viclee/decompiledemo/mainactivity;->btn:landroid/widget/button; invoke-virtual {v0, p0}, Landroid/widget/button;->setonclicklistener (Landroid/view/view$onclicklistener;) v. Line return-void.end Method.method Public Showtoast () v. Locals 2. Prologue. Line const-string V0, "\u 6211\u662f\u53cd\u7f16\u8bd1\u540e\u8fdb\u884c\u7684\u4fee\u6539\u3002 "CONST/4 v1, 0x1 invoke-static {p0, V0, v1}, Landroid/widget/toast;->maketext (landroid/content/context;    Ljava/lang/charsequence;i) Landroid/widget/toast; Move-result-object v0 invoke-virtual {v0}, Landroid/widget/toast;->show () v. Line return-void

then we need to repackage the modified file directory, execute the command Apktool b app-release, will generate two folders in the App-releae directory: inside the build folder are some intermediate files (Classes.dex, etc.), The Dist folder contains a repackaged apk file.

Finally, remember to sign the generated apk, or you will get an error when installing. execute the following command line:

Jarsigner-verbose-keystore Viclee.keystore-signedjar app-release-signed.apk app-release.apk viclee.keystore

-verbose Output Signature Details
-keystore the storage path of the specified key pair
-signedjar The following three parameters are the aliases of the signed apk, the unsigned apk, and the key pair, respectively

After installing the signature apk, click on the button, indeed pop up the toast, the content and we set the same, indicating that our modification succeeded.

In addition, the APK can also be modified after the compilation of resources, the anti-compiled resource files to modify a pass, and then follow the previous method, re-packaging, signing, installation. The following two pages are the comparison chart before and after the modification.

here, the whole content of this article is explained, Welcome to comment on the Exchange ~

Android anti-compilation and two-time package combat