Sharing: APK advanced protection method analysis (1), sharing apk Protection Analysis

Sharing: APK advanced protection method analysis (1), sharing apk Protection Analysis

Weather check, food search, games, movie tickets, online shopping ...... After the APP is installed, the mobile phone is changed ". However, smartphones are becoming more and more "smart" and increasingly insecure. virus infection, spam messages, and privacy leaks are frequently related to the vital interests of mobile phone users. To protect mobile phone security, users not only need to download the APP on the official website, but more importantly, developers need to do a good job of APK security protection. Http://write.blog.csdn.net/postedit

The following editor will share the APK advanced protection method-runtime Verification

Runtime verification mainly refers to obtaining the signature information locally when the code is started, and then verifying the signature information to determine whether your application is genuine, if the signature information is not genuine, the system prompts piracy or crash.

Its principle: the only identification of APK is based on the package name + signature, and the package name information is written to the Android Manifest. but the signature is bound to the APK. Once the APK is decompiled, the signature will automatically disappear. The APK signature requires a signature file. The md5 value of the signature file is basically the same.

There are also three methods for Signature Verification:

1) Java layer Verification

The methods for obtaining signature information and verification are written in the java layer of android. This protection method does not make much sense, because after the source code is decompiled, you can quickly find the verification code block through keyword search. A slight modification to this verification protection will be completely ineffective.

2) server Verification

Obtain the signature information on the java layer of android. Upload the server to sign the information on the server and return the verification result. This protection is not as useful as pure java layer verification. Once there is no network authentication protection, it will be ineffective. The signature information obtained using the android method can also be obtained using the java method. The verification is stored on the server to protect the correct signature information value, but the protection does not actually have any effect, after the same cracking, you can search for keywords globally and forge a correct signature.

3) obtain signature and verification at the underlying layer of NDK Technology

By taking one of the four objects of Context, Activity, PackageManager, and PackageInfo as the parameter parameters, the signature information is obtained and verified at the underlying layer. Because the methods of obtaining and verifying are closed in a safer so library, it can play a protective role in a certain sense. However, this protection can be perfectly cracked using the java-layer hook Technology. However, compared with the first two methods, this protection has a greater significance and value.

Let's take a look at the APK protection method of www.ijiami.cn, which uses fingerprint verification to protect files in the APK. After encryption, all the files in the APK correspond to a unique fingerprint. During each operation, the APK generates another fingerprint. If the generated fingerprint is different from the original fingerprint, the program will automatically exit or crash if it is determined that the APK has been repackaged. This method can prevent operations such as resource files and master configuration files from being modified or deleted, ensuring the security of APK.

 

 

 

Android mobile game cracking is so rampant. How can I reinforce apk to prevent protection?

Yes, I have been looking for the apk reinforcement method.
The more advanced one is the code advanced obfuscation. The spending command reinforces the apk. The spending command contains some instructions in the program, which are specially conceived by the designer and may cause errors during disassembly, it makes it impossible for the attacker to clearly and correctly disassemble the content of the program and get lost. (Flower command) aims to exploit the decompilation tool vulnerability to make the tool unusable. Jd-gui has many bugs.
Many special code blocks or field sets can cause the code to crash and cannot decompile the source code.
However, commands are usually easy to crack. Later, I saw it in the snow Security Forum.
Love encryption app encryption platform, trial, I feel pretty good, has been in use. You can try.

How does Android prevent the apk program from being decompiled? Preventing mobile games from being cracked, except for the proguard code obfuscation method

DEX encryption protection !!!

It is the advanced encryption protection for the Android APK. Generally, obfuscation code and anti-Secondary packaging will not work. Therefore, I now use encryption to encrypt the primary Android APK files, such as DEX, RES, And SO libraries. (And free)