1. Testing the Debugger
Detecting the debugger's dynamic debugging in code
First set the android:debuggable= "false" in the Androidmainfest.xml file so that the program is not debugged. In this way, when others want to debug dynamically, it is necessary to modify its value, and then we detect in the dynamic whether its value has been modified, the code is as follows
if ((Getapplicationinfo (). Flag &=applicationinfo.flag_debuggable)!=0) { android.os.Process.killProcess ( Android.os.Process.myPid ()); }
2. Check the signature
Software is published with a unique key file signed by the developer, so you can use the signature file to judge the legality of the program
Public intgetsignature () {Packagemanager pm= This. Getpackagemanager (); PackageInfo Pi=NULL; intsig = 0; Try{pi=Pm.getpackageinfo (Getpackagename (), packagemanager.get_signatures); Signatures[] s=Pi.signatures; Sig= S[0].hashcode (); }Catch(Exception E1) {sig= 0; E1.printstacktrace (); }returnSig;}
Then compare it with the hashcode of the signature that you obtained beforehand
3. Dex Check Protection
The essence of the anti-compilation software is to decompile the Classes.dex file, so you can also detect the legitimacy by verifying the file.
Because the Classes.dex file is in the zip file of the installation package, it can be compared by a zip CRC checksum, which can be saved in the code or compared to the network with the obtained checksum.
Private BooleanCHECKCRC () {BooleanBemodified =false; LongCRC =xxxx; The CRC value you obtained in advance ZipFile ZF; Try{ZF=NewZipFile (Getapplicationcontext (). Getpackagecodepath ()); ZipEntry ze= Zf.getentry ("Class.dex"); if(ZE.GETCRC () = =CRC) {bemodified=true; } }Catch(IOException e) {bemodified=false; } returnbemodified;}
The above is from Android software security and reverse analysis
These are weaker implementations in the Java layer, and you can put the code in the native method to increase the strength
Anti-reverse methods for some Android programs