Android security-code security 3-dex file checksum

Android security-code security 3-dex file checksum

To recompile the APK is actually to recompile the Classes.dex file, after recompiling, the generated Classes.dex file hash value changed, so we can detect the installation after the Classes.dex file hash value to determine whether the APK has been re-packaged.

(1) Read the Classes.dex file in/data/app/xxx.apk in the application installation directory and compute its hash value, comparing that value to the Classes.dex hash value at the time of the software release to determine if the client has been tampered with.

(2) Read the application installation directory under/data/app/ The MANIFEST.MF file in the Meta-inf directory in xxx.apk, which details the hash value of all the files in the APK package, so that it can be read to get the hash value for the Classes.dex file, and compare that value to the Classes.dex hash when the software was published to determine Whether the client has been tampered with.

To prevent it from being cracked, the classes.dex hash at the time of the software release should be stored on the server side.

In addition, because the reverse C + + code is more difficult than the reverse Java code, so the key parts of the code should be written in native/C + +.

Classes.dex is basically responsible for all of the logic business on Android, so many apps for Android
The program is tampered with for classes.dex files. In the APK's self-protection, you can also consider the Classes.dex
File integrity check, simple can be completed by CRC check, or can be checked Hash value. Because just check
Classes.dex, so you can store the CRC value in a string resource file, or you can put it on your own server,
Gets the checksum value from the server at run time. The basic steps are as follows:

• First in the code to complete the checksum value of the logic, this part of the code can no longer change, otherwise CRC value
  be changed;
• Extract the Classes.dex file from the generated APK file, calculate its CRC value, and other hash values are similar;
• Put the calculated value in the Strings.xml file.

The core code is as follows:

Code:

1. String Apkpath = This.getpackagecodepath (); 2. Long DEXCRC = Long.parselong (this.getstring (R.STRING.DEX_CRC)); 3. try {4. ZipFile zipfile = new ZipFile (Apkpath); 5. ZipEntry dexentry = zipfile.getentry ("Classes.dex"); 6. if (DEXENTRY.GETCRC () = DEXCRC) {7. System.out.println ("Dex has been *modified!"); 8.}else{9. System.out.println ("Dex hasn ' t been modified!"); 10.}11. } catch (IOException e) {.//TODO auto-generated catch block13. E.printstacktrace (); 14.}

However, the above-mentioned protection methods are prone to brute force, and integrity checks are ultimately controlled by returning True/false.
Follow the direction of the code logic, if the attacker directly modifies the code logic, the integrity check always returns TRUE, then such a party
method is not valid, so similar file integrity checks need to be matched with some other method, or there are other more ingenious ways
Realize?

APK Integrity Check

While the main logic of the Android program is executed through the Classes.dex file, other files can also affect the entire
The logical direction of the program, taking the Dex file check above as an example, if the program relies on certain values in the Strings.xml file, the
Modifying these values will affect the operation of the program, so you can further complete the entire APK file for integrity checking. But as
The entire APK file, due to the inability to know the full apk when developing an Android application
Hash value, so the storage for this hash cannot be placed in the Strings.xml file like the Dex integrity check.
So consider putting the value on the server side. The core code is as follows:

Code:

1. MessageDigest msgdigest = null;2. try {3. msgdigest = Messagedigest.getinstance ("MD5") 4. byte[] bytes = new byte[8192];5. int bytecount;6. FileInputStream FIS = null;7. FIS = new FileInputStream (new File (Apkpath)); 8. while ((byteCount = fis.read (bytes)) > 0) 9. Msgdigest.update (bytes, 0, ByteCount); 10. BigInteger bi = new BigInteger (1, Msgdigest.digest ()); 11. String MD5 = bi.tostring (16); 12. Fis.close (); 13. /*14. Gets the stored Hash value from the server and compares it to 15. */16. } catch (Exception e) {. E.printstacktrace (); 18.}
Transferred from: http://bbs.pediy.com/showthread.php?t=183116

Android security-code security 3-dex file checksum