Talking about the Android Market Environment, non-encrypted apps will die, androidapps

Source: Internet
Author: User

Talking about the Android Market Environment, non-encrypted apps will die, androidapps

My questions are a little eye-catching, and of course some people think that I am alarmist. Then, let's hear if I have a bit of truth.

The APP in the title should exclude the small developers who only want to push advertisements by the APP. It is true that these developers do not have a high starting point, I just want to earn two small advertising dollars (including myself, of course) by using the simple and easy-to-use APP development on the Android platform ), their goal is not to develop a high-quality, creative, and painstaking APP, if an APP is developed by entrepreneurial teams, companies, or individuals who are passionate about starting a business and setting up countless painstaking efforts, I am responsible for telling you that if your APP is not encrypted, there are only three outcomes:

The first outcome: although your APP is developed day and night, the quality is not high, there is no new idea, or the homogeneity is very serious, then you put this APP on the market, just like a stone thrown out of the sea. There is no much return. It doesn't matter if encryption is not encrypted. The so-called "No regrets.

The second outcome: innovative, creative, almost no similar products in the software market, and can be quickly accepted by the public. If you do not encrypt or apply for a patent, the unencrypted APP will die.

Because people are in the country of shanzhai, a small team solution is either acquired or directly killed by an identical alternative !!!

If you prefer not to be acquired, and do not want to be killed by an identical alternative, your APP must be encrypted because your APP is not encrypted, well, you don't need to spend more days discovering your good idea.

Third, there is no need to copy your APP, but I am very interested in the services you provide. If it is not necessary to register? It would be nice to share all the resources you provided ~~ Oh, by the way, I will crack it ~~ If it is not encrypted, it will cause serious consequences. You must be careful when using the content-based APP.

Let's talk about the services provided by love encryption: Love encryption www.ijiami.cn launches the "APK source code security protection" platform. The current three-layer encryption protection: DEX shelling protection and DEX command dynamic loading protection, advanced obfuscation protection. It can effectively prevent dynamic and static cracking of apps, and hackers will not be able to crack anything. Love encryption introduced SO Library Protection a few years ago, SO that C ++-level code is also protected.

Let's talk about the three protection points with examples. If not, what will happen: the DEX command is rewritten and your program is cracked.

The DEX commands of Android (the Dalvik command is more suitable) are similar to the smali file format. You can use baksmali and smail to directly rewrite your Android:

Here we use the helloourandroid.apk program as the sample. We can use baksmali to decompile the dex file to generate the smali file, as shown below:

1walfred @ ubuntu: reserve $ unzip-q HelloOurAndroid.apk-d HelloOurAndroid

2walfred @ ubuntu: reserve $ java-jar baksmali-1.4.2.jar HelloOurAndroid/classes. dex

In this way, an out directory is generated under the current directory. The out directory is:

1walfred @ ubuntu: reserve $ ls out/org/ourunix/helloourandroid/

2BuildConfig. smali R$ attr. smali R$ id. smali R$ menu. smali R$ string. smali

3MainActivity. smali R$ drawable. smali R$ layout. smali R. smali R$ style. smali

Of course, if you are familiar with the smali syntax rules, you can freely modify these smali files, and then re-generate the dex file using the smali tool:

1walfred @ ubuntu: reserve $ java-jar smali-1.4.2.jar out/-o classes. dex

As long as you know something about the smali format, it is really not discussed to crack your program:

Here is an apktool integrated with smali and baksmail. If you already have an Android development environment, you can use apktool quickly. Here we assume you can use apktool directly.

Decompile decode

1walfred @ ubuntu :~ /Lab/apktool $ apktool d HelloOurAndroid.apk

 

 

Now we can see that the HelloOurAndroid/folder has been generated in the current directory. Let's check the decompiled AndroidManifest. xml file and strings. xml file:

 

After the AndroidManifest. xml file is decompiled, it is almost the same as that in the project, so we can check all permissions of the Android application.

 

 

You can also view the content of these hardcodes:

 

 

 

 

Rebuild repackaging

 

Re-package the modified helloourandroid.apk, and modify "hello" in the strings. xml directory to "Hello, OurUnix!

 

 

Then use apktoo to re-package. The command is as follows:

1walfred @ ubuntu :~ /Lab/apktool $ apktool B HelloOurAndroid

 

Finally, the re-compiled APK can be signed to run. After DEX is cracked, it will be possible

1. Modify the advertising code in the AndroidManifest. xml file;

2. Modify the registration conditions and enable logon.

Dex2jar your dex is at a glance

If the dex of the program is not protected by shell, your dex has not been obfuscated, and your dex will be at a glance, your logic, your idea, Your painstaking efforts, dear God, it will be exposed to others!

Dex2jar I think Android Developers all know about it. I am proud to be the developer of this tool and I am a colleague.

SO library is not protected, you are doing wedding dresses for others

Dex is too risky. Many people have switched to using native code to write key code. It is not restricted by the memory to improve the performance when so is hard to crack, tools such as ida and elf cannot easily view the code, so is the best strategy. However, I think that once your jni has been attacked by someone else, congratulations, so, I will use it directly !!

I have cracked one of the most popular anti-virus software. The code is highly obfuscated and the key code uses so. But I don't know the JNI interface information, but I found it. With these interfaces, your so is mine, and I can also copy a program like yours!

The above three Android programs are commonly used for cracking. I think love encryption has been mentioned, but I don't know what their treatment effect is, so I really want to have a good experience.

I also raised the topic of Dynamic Cracking. After all, this method is more advanced and easier to crack. It is used to run your APP, your behavior, and your debug log (haha, if you want to obtain network resources, use tcpdump and wireshark to capture and analyze Android applications. So easy.



How can android programs be encrypted to prevent decompilation?

Check your project

Select priject. properties to open the file,

I don't know how to encrypt xml files. I have to learn more.



Android Development Environment failed

The landlord, especially when there are different versions of the platform environment, sometimes there will be similar installation errors, sometimes it will take a long time, this is a normal phenomenon, in general, even if you solve one, the next installation error occurs immediately. The cause is obviously sometimes unknown. In this case, the most effective method is to reinstall the system. Try another tutorial and try again, generally, a beginner will install the installation package for one or two days for the first time (including downloading the installation package through the Internet). He is familiar with it. The next time he needs to install the environment, the installation can be completed in just a few hours. In the case of no guidance, reinstallation is the best strategy.

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.