Android anti-cracking is a very important issue to consider when releasing an app. The common practice is to add obfuscation interference to the Code to increase the difficulty of cracking. Even so, Java code after obfuscation operations can still be cracked through various methods. Android based on ndk contains the corresponding main. CPP is used as the entry to the application. Therefore, it is easier to perform some anti-cracking tests here (compared with Java code ).
During the entire android export process. the Dex stage is the basis for the entire packaging and publishing operation, including the corresponding Java source code and external library files. dex file, and any changes to the Code are generated again. dex, which will be different from the original file, so you can. the Dex file performs MD5 verification to determine whether the app is cracked.
Basic Process:
Phase 1:Calculate the MD5 String Of The. Dex file and write it to the corresponding main. cpp. The ant operations are roughly as follows (incomplete ).
Generate the MD5 value corresponding to Dex and store it in a file:
<target name="predexmd5"depends="dex"> <exe cexecutable="${dexmd5tool}" failonerror="true"> <arg value="${dexmd5tempfile}" /> <arg value="${dex-ospath}"/> </exec></target>
Read the corresponding MD5 string from the external file and store it to an ant variable:
<target name="dexmd5" depends="predexmd5"> <loadfile srcfile="${dexmd5tempfile}"property="dexmd5sign"/></target>
Write the MD5 String Of The. Dex file to main. cpp:
<targetname="setmaincpp" depends="dexmd5"> <replace file="${maincppfile}"token="Ant_DexMD5Sign" value="${dexmd5sign}"/></target>
The dexmd5tool is a self-implemented external EXE, which is used to calculate the MD5 of any file and save the string value to a specified file. Here, the MD5 string needs to be saved as a file. It is mainly used to type the file in ant and read the string into the ant variable. (no other method is found to write the corresponding MD5 Code directly. go to the ant variable, to achieve this ). Writing an MD5 string to main. cpp is implemented by ant's string replacement mechanism.
After updating main. cpp, you need to re-compile the project using ndk (mainly re-compile the C ++ code modified here, this stepRequired)
Call ndkbuikd to complete the corresponding re-Compilation:
<targetname="ndkbuild" depends="setmaincpp"> <exec executable="${basedir}/ndkbuild.bat" failonerror="true"> </exec></target>
The content in ndkbuild. bat is the same as the compilation parameters configured in Eclipse:
X:/cygwin/bin/bash.exe -- login-c "CD/cygdrive/XXX/Android/JNI & $ ndk/ndk-build"
Phase 2:Calculate the MD5 value of DEX and compare it when starting in Main. cpp.
Here, the. Dex file in the current APK package needs to be dynamically obtained during each app startup and run, and MD5 calculation and comparison are performed. The direct implementation here is not too easy, so with the help of a third-party package libzip (https://github.com/julienr/libzip-android), it can take. the so format is linked to the ndk project, and the specified zip package (APK package) is decompressed to return all the files in binary format. In this way, you can obtain the DEX binary stream of the current APK package during running. You can add the MD5 code of the binary computing to the project to complete the process in main. dynamic verification during CPP startup. the MD5 value of Dex.
If. dex file MD5 code and Main. the MD5 code stored in CPP (obtained in phase 1) matches and the program runs properly. Otherwise, the program exits directly if it is deemed that it has been modified because it fails verification.
Start building with 50+ products and up to 12 months usage for Elastic Compute Service
1 on 1 presale consultation
24/7 Technical Support 6 Free Tickets per Quarter Faster Response
Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.
A comprehensive suite of global cloud computing services to power your business
Payment Methods We Support
