Android Secure Communications (i)

Source: Internet
Author: User

Recently in the mobile-side Android communication problems, summarized down, mainly divided into three aspects of protection, today first record 1th: Prevent malicious code injection.

"Android app two Pack" is pirated regular Android app, cracked after the implant malicious code repackaged. No matter from performance, user experience, appearance it is the same as the regular app but behind it really quietly run a terrible program, it will unknowingly waste mobile phone power, traffic, malicious charges, peeping privacy and so on.

To implement the code to prevent the app from being packaged two times first to understand the APK machine recognition principle, the only identification of the APK is to rely on the package name and signature to do identification, similar to the Pea folder wash white, 360 mobile phone defender and other security software on the APK's cottage recognition, They are relying on the package name to determine if the APK is then signed to determine whether it is a cottage. So the inside of your program can be started by getting the APK signature and then comparing it to the correct signature to see if it's been packaged two times.


The Packagemanag object can get the APK itself signature 650) this.width=650; "Src=" http://s3.51cto.com/wyfs02/M02/89/1D/ Wkiol1gid5gjricwaacgygp89uq920.png-wh_500x0-wm_3-wmp_4-s_1944800041.png "title=" image 1.png "alt=" Wkiol1gid5gjricwaacgygp89uq920.png-wh_50 "/>

A string of around 20 is obtained by decomposing the code of the signature, which is the MD5 value of the APK signature, and the MD5 value of the signature is compared with the correct MD5 value to identify whether the apk is pirated.

650) this.width=650; "Src=" Http://s3.51cto.com/wyfs02/M01/89/1D/wKioL1gId7fQDhOlAACN_iiYYko204.png-wh_500x0-wm_3 -wmp_4-s_3086113814.png "title=" image 2.png "alt=" Wkiol1gid7fqdholaacn_iiyyko204.png-wh_50 "/>


After the comparison, if the MD5 value is not the same, it can be judged as two packaging, you can exit the program and other processing.


This article is from the "Mobile Platform Development" blog, make sure to keep this source http://liuxudong1001.blog.51cto.com/10877072/1863910

Android Secure Communications (i)

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.