【爱加密】Android APP利用无效字节码防止工具逆向破解(一)
【爱加密】Android APP利用无效字节码防止工具逆向破解(一)
由于大部分逆向工具都是线性读取字节码并解析,当遇到无效字节码时,就会引起反编译工具字节码解析失败。我们可以插入无效字节码到DEX文件,但要保证该无效字节码永远不会被执行(否则您的程序就会崩溃了~)。
用到的工具:
IDA、C32Asm、DexFixer、Ijiami signer(爱加密签名工具)、
(由于百度文档限制,使用的工具无法添加连接。请自行到网上下载,带来的不便请谅解~)
首先我们新建一个测试类。为了绕过Dalvik运行时代码验证,BadCode.java要保证不被调用。(否则运行app,会出现java.lang.verifyerror常)
然后生成apk,用ida打开classes.dex。并找到BadCode类的aaa方法。选中的三行代码对应”System.out.println("aaaa");”
located in the Tomb, Dong Shen Jia bang, defer the next day focused on the assassination. Linping, Zhejiang, 1 of which liquor wine masters (Wuzhen said information is Carpenter), who got A few bayonets, due to missed fatal, when night came
切换到HexView-a视图,记录下指令码 “62 00 02 04 1A 01 8E 07 6E 20 19 10 10 00” 和对应偏移“0003A2A4”
使用C32asm,以十六进制的方式打开dex文件。按快捷键“Ctrl + G”,定位到“0003A2A4” 把“62 00 02 04 1A 01 8E 07 6E 20 19 10 10 00”改为“12 01 38 01 03 00 FF FF 00 00 00 00 00
00”
Opcodes解释:
12 01 // const/4 v1, 0 //v1=0
38 01 03 00 // if-eqz v1, loc_3A2AC //if(v1==0) 跳转到 loc_3A2AC: FF FF // FFFF (Bad opcodes) //本行代码被跳过永远不会执行
// loc_3A2AC:
保存dex。把修改后的dex文件拖入DexFixer进行修复。
用修复后的dex覆盖原apk中的dex文件。
located in the Tomb, Dong Shen Jia bang, defer the next day focused on the assassination. Linping, Zhejiang, 1 of which liquor wine masters (Wuzhen said information is Carpenter), who got A few bayonets, due to missed fatal, when night came
删除META-INF签名文件
使用签名工具,对apk重新签名。
Apk安装到手机,运行成功
下面试试反逆向工具的效果
Apktool:(很遗憾,新版本已经修复了这个错误)
located in the Tomb, Dong Shen Jia bang, defer the next day focused on the assassination. Linping, Zhejiang, 1 of which liquor wine masters (Wuzhen said information is Carpenter), who got A few bayonets, due to missed fatal, when night came
Dex2jar:(反编译失败)
located in the Tomb, Dong Shen Jia bang, defer the next day focused on the assassination. Linping, Zhejiang, 1 of which liquor wine masters (Wuzhen said information is Carpenter), who got A few bayonets, due to missed fatal, when night came