Preliminary Exploration of the Android Apk decryption Project (3) -- Analysis of serial number protection methods

The preceding (1) (2) is also a protection method of serial number. At present, many software protection methods still use this serial number protection method. This article will systematically describe this protection method. Most serial number protection requires the user name and serial number, or the machine code, and the serial number. This is the verification method used by apk in the last two articles. One difference is that in the actual software registration process, you generally need to enter the user name and serial number, or provide a machine code, and then enter the serial number. This serial number is generally calculated based on a fixed value in the machine. For example, the Windows platform usually uses the nic mac code, or the valid combination of other hardware codes to obtain the registration code. When registering, you feed back the machine code to the software author and complete the payment. The software author provides you with a corresponding serial number, and then you can complete the software registration. In Windows, the machine code-serial number registration mode is obvious. In general serial number verification, there is a one-to-one correspondence between the user name/machine code and the registration code. (1) User Name-serial number Mode 1: using the user name as the independent variable, the serial number is obtained through F function transformation. Using the formula is as follows: the serial number = F (User Name) mode has an obvious defect: F (user name) is actually the correct serial number during program operation, check whether the registration is successful by comparing the correct serial number with the entered serial number. In this case, we can find the plaintext of the serial number in the context of the program running. If the plaintext is found, it can be output to logcat or other controls by smali code injection. (2) username-serial number Mode 2: Use the input serial number as the independent variable, and use the F function to obtain a username. Then, compare the username with the input username to determine the username. F must be a reversible transformation. Username = F (serial number) or F-1 (username) = serial number Similarly, this mode also has a similar problem, through a serial number, we calculate a user name, to obtain a correct user name/serial number pair. (3) User Name-serial number Mode 3: If the same user name uses the F1 function and the serial number uses the F2 function, the user name/serial number is considered to be matched. In this mode, the formula is described as follows: F1 (User Name) = F2 (serial number), then the user name and serial number are considered to match. This mode is better than 2. Like 2, serial numbers are not generated in plaintext during the same operation. The design focuses on F1 and F2 functions. (4) machine code-serial number verification mode. F must be reversible transformation. Machine code = F (serial number) or F-1 (machine code) = serial number this algorithm benefits in the use of machine code-serial number verification, even if you get a serial number corresponding to the correct machine code, because most machine codes are fixed by hardware resources. So this mode will be better if you use the machine code-serial number. Of course, if the machine code-serial number method is used, it will naturally increase the extra burden on developers, because the user registration must send the machine code back to the software author, the software author calculates the correct serial number through f reversible transformation and sends it to the user to complete registration. We can also see from the formula that if the decrypted finds the reversible transformation of f, it can be written into the registration machine. Therefore, F function design is particularly important, because if F function can be easily reversed, then the hacker can easily write F's reversible transformation to complete this registration machine.