Identification of genuine and pirated Android apps

Identification of genuine and pirated Android apps

Android apps are mixed. According to a 360 survey by the 2014 Internet Security Center, "On average, each genuine app corresponds to 26.3 pirated apps and 4.8 pirated signatures ". How to identify piracy? In fact, it is very simple. The application package name and the application certificate can uniquely identify an application. After extracting an application, the certificate file with the RSA suffix under the META-INF directory, with the java built-in keytool can view the certificate details, and genuine certificate can be compared.

Take the subway parkour as an example:

Keytool-printcert-file ditiepaoku/META-INF/IDREAMSK. RSA
Owner: CN = iDreamSky, OU = iDreamSky, O = iDreamSky, L = Shenzhen, ST = Guangdong, C = CN Issuer: CN = iDreamSky, OU = iDreamSky, O = iDreamSky, L = Shenzhen, ST = Guangdong, C = CN
Serial number: 4df1_c0
Valid from: Fri Jun 10 11:34:24 CST 2011 until: Sun Jun 02 11:34:24 CST 2041
Certificate fingerprints:
MD5: 49: 2E: 1F: EF: AD: 99: 55: 34: E9: 56: 9B: E2: A0: E8: 89: DC
SHA1: 24: C0: F2: D7: A3: 17: 8A: 55: 31: C7: 3C: 09: 93: A4: 67: BE: 1A: 4A: F0: 94
SHA256: A1: FD: F9: F3: 21: EA: 50: B3: E2: 1A: AE: C5: 05: 59: C4: D1: 9D: 48: A2: 44: B7: 80: 81: 26: A4: 7F: E8: 6F: 2B: 61: AF: 12
Signature algorithm name: SHA1withRSA
Version: 3

The app's certificate shows the owner as iDreamSky, literally coming in Guangdong's happy tease http://idreamsky.com. As to whether it is really fun or fake, you can search for genuine certificates on some Android reinforcement software and Android anti-virus websites. Here, we will check the pirated services provided by zookeeper reinforcement. You can use the aapt command to check the package name.