App minutes are pirated legitimate rights and interests who to protect?

Source: Internet
Author: User
Keywords Minutes
Android app piracy Process!  Piracy has been a cancer that restricts the healthy development of mobile Internet, the hack in the pirate application embedded malicious code, once users download the use of these applications, will be without the knowledge of the deduction of charges, consumption of traffic and even disclose privacy, not only affect the developer's earnings, but also seriously damage its brand image. Do not assume that piracy is far away from us, in fact, because of the openness of Android, this operation is not a profound technical job. The cracker takes a few simple steps and can tamper with one app and pack it two times in minutes.  360 Reinforcement for everyone to uncover the app is two times the whole process of packaging.  Typically, the two-time package steps are: Unpack (decompile)--> Insert/Tamper code--> generate new packages--> re-sign--> run.     You can start by using the Apktool, Jeb, Baksmali/smali, and other decompile tools to decompile apk installation package, Figure 1 is a screenshot of the call Baksmali file.     Figure 1 after the call Baksmali file unpack, you can see all the file lists, find the Smali file that needs to be modified, here is Mainactivity.smali, as shown in Figure 2.     Figure 2 After modifying Mainactivity.smali to unlock the Mainactivity.smali file, insert a tamper code inside it, modify the text on the "button" button in the login interface, and Figure 3 and Figure 4 are the code in the Smali file before and after the modification.     Figure 3 The modified Smali file, Figure 4, after the modified Smali file is modified to invoke the Smali.jar file and repackage Smali into a Dex file, as shown in Figure 5. Figure 5 Repackaging Smali The next step is to replace the newly generated Classes.dex file with the Classes.dex in the original installation package and re-sign, creating a pirated application.     When you run the pirate application, you will find that the login button for the login interface is modified to replace the "Fake Btn", as shown in Figure 6, Figure 7. Fig. 6 Interface Figure 7 before tampering with a few simple steps, an unprotected app is pirated, and a team of work a year is easily stolen within minutes.  In general, pirated applications will generate advertising revenue by inserting/replacing the ad SDK, modifying payment channels to intercept developer revenue, inserting virus/Trojan programs to steal user information, and so on, which are similar to those described above, seriously infringing the interests of developers and users. To protect mobile app, to avoid being pirated, it is necessary to strengthen the protection from the source, so that the crack to start. Fig. 8 is the contrast between the reinforcement of the app and the reinforcement by using 360 reinforcementAfter the call to Baksmali.jar, you can see the code files are all hidden, exposing just some of the reinforcement program code, the cracked person can no longer tamper with the source program. Fig. 8 The code shown after strengthening 360 reinforcement based on 360 core encryption technology, the application of Android to strengthen protection, can effectively avoid the application of malicious cracking, decompile, two packaging, memory crawl and so on. At the same time, the application provides data encryption, signature verification, memory modification, integrity verification, piracy monitoring and other protection functions, to give Android application of the strongest protection from the source to eliminate malicious piracy applications. As the leader of the mobile Internet Security Service industry, 360 reinforcement will continue to pay attention to the development of mobile phone application security, continuously improve the reinforcement guarantee service and protect the developer's income and rights.
Related Article

Contact Us

The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion; products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the content of the page makes you feel confusing, please write us an email, we will handle the problem within 5 days after receiving your email.

If you find any instances of plagiarism from the community, please send an email to: info-contact@alibabacloud.com and provide relevant evidence. A staff member will contact you within 5 working days.

A Free Trial That Lets You Build Big!

Start building with 50+ products and up to 12 months usage for Elastic Compute Service

  • Sales Support

    1 on 1 presale consultation

  • After-Sales Support

    24/7 Technical Support 6 Free Tickets per Quarter Faster Response

  • Alibaba Cloud offers highly flexible support services tailored to meet your exact needs.