Share: Android in the use of machine code registration mechanism to prevent cracking (turn)

Transferred from: http://blog.csdn.net/huzgd/article/details/6684094

Recently made an Android application encountered this problem, the customer requires the function must be registered to use, and the program itself is not connected online use, it is necessary to add machine code registration code mechanism in the program.

It is known that Android applications are based on Java development, if not done, the direct anti-compilation apk can see the source code algorithm, to crack is no difficulty.

About Android anti-hack, online valuable content is less. I collected some fragmentary information, summed up probably the following several anti-cracking thinking way:

1. Code obfuscation. The 2.3 Android SDK already supports direct obfuscation of the build apk. Confusion can increase the difficulty of anti-compilation cracking, but light confusion does not solve the problem, for experienced people, in the confusion code to find the registration check code to force crack is not difficult.

2. Signature alignment. The APK can be processed using a signature, but the signature of the APK does not prevent decompile, except that the same signature cannot be used after the decompile. Although you can perform a comparison of the signatures in your code, the code itself may be modified. So the signature has little effect.

3. Networking registration. After the program starts, it automatically connects to the server for registration verification, and puts a subset of the core functions on the service side. This way is the safest, but for a standalone program is not appropriate, always can not be in a Notepad program also requires users to log on to the server bar.

4.dex or class dynamic loading. This is a good theory, a small number of core algorithms into the Dex or class file, encrypted as a resource file, the registration is successful before decrypting and loading into memory. But this approach is very difficult to achieve, I do not seem to find the implementation of the article on the Internet, the implementation of maintenance code cost is also high. In addition, if the program is completely anti-compiled after debugging, you can still be able to lower the breakpoint to decrypt the Dex or class file to the guide.

5. Use the NDK (or JNI) Local C + + dynamic library. This is a better solution for stand-alone applications. The NDK compiled native C + + program debugging cracking is more difficult, code maintenance is also convenient.

To increase the difficulty of cracking, there are other things to note: The key content or algorithm can be encrypted, the detection algorithm is decomposed into fragmented fragments of multiple calls, and registration of sensitive strings (such as "Registration failed" message) are not in clear text, and so on.

My final choice of registration mechanism scheme is: Code obfuscation +NDK Library + content encryption. A brief description is as follows:

1. Confuse all Java code. I previously wrote the program is Android2.2, does not support direct confusion; later I downloaded the latest SDK, set the Program SDK version number target to 13, add proguard.cfg in Default.properties, and then right-click Tools in the project to export the signed APK complete Confusing the packaging process.

2. Use the NDK C language to achieve machine code generation, registration code detection and content decryption. In the Java interface, only the display of the machine code, registration code input and decryption interface, and the core of the machine Code registration code encryption and decryption is completed in the C program. Machine code to be combined with hardware ID, a little to note is not directly with the WiFi MAC address, because WiFi MAC address easy to be modified, preferably with the CPU serial number, if not, consider using the device ID IMEI or USB mac code, But it is best not to get it in Java code, but to get it in the JNI C code to avoid being tampered with after it is recompiled. The generation process is not described here, there is time to write again later.

3. The partial resource file is added and decrypted. The program runs in order to use the resource files in the file system to run, so I encrypt these files on the PC beforehand and put the decryption key in the registration code. The decryption key is added to the generator registration code when the registration code is generated according to the machine code. Since the decrypted key is included in the registration code, the cracker will not be able to decrypt the file even if the registration detection is bypassed, and only one registration code can be obtained to perform the decryption. Because the registration code detection and decryption process is done in the NDK program, even if there is a registration code, it is difficult to obtain the decrypted key and algorithm.

Of course, to prevent the crack is relative, there is no completely absolutely impossible to crack the program, just so that the difficulty of the cost of cracking is not as good as the direct registration on the line. Conversely, if your program itself is of little value or not many people will use it, it is not necessary to hack it.

Share: Android in the use of machine code registration mechanism to prevent cracking (turn)