july 2015 android taipei - anti-decompiler by suki
TRANSCRIPT
![Page 1: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/1.jpg)
反 逆 向 工 程A n t i - D e c o m p i l e r
![Page 2: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/2.jpg)
黃 思 齊 Suki Huang H O L I E S T A R S T U D I O
VoiceTube – Android Engineer
NUTC – Information Management
Gogolook – Android Intern
Microsoft Student Partner
![Page 3: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/3.jpg)
[ _____________ ] 專業版 去廣告破解下載
[ _____________ ] 無廣告 金錢道具無限破解版下載
![Page 4: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/4.jpg)
從前從前有支 APP 進入大陸地區後
出現了各種變形版本
![Page 5: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/5.jpg)
盜版充斥
Manifest 修改權限抽換廣告
無廣告版本 公開原始碼
Server API 安全性
![Page 6: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/6.jpg)
你的 APK 安全嗎 ?
![Page 7: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/7.jpg)
敏感資料
程式碼廣告 ID
分析平台 ID
Server API 接口驗證碼
![Page 8: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/8.jpg)
基礎保護混淆 (Proguard)
底層 (NDK)
加密服務
![Page 9: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/9.jpg)
基礎保護
![Page 10: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/10.jpg)
基礎保護
Package Name
權限偵錯模式
模擬器
![Page 11: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/11.jpg)
混淆P r o g u a r d
![Page 12: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/12.jpg)
public class MyClass { private boolean isRain=false; private int typhoonLevel=5; private int priceVegetable=10;
private String getAction(){ if(isRain && typhoonLevel>=5){ priceVegetable++; String action="Go white water rafting"; return action; } }}
Before Proguard
![Page 13: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/13.jpg)
After Proguard
public class a { private boolean a=false; private int b=5; private int c=10;
private String a(){ if(a && b>=5){ c++; String d="Go white water rafting"; return d; } }}
![Page 14: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/14.jpg)
Proguard
Class Name
Method
Variables
![Page 15: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/15.jpg)
![Page 16: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/16.jpg)
buildTypes {
release { //minifyEnabled false minifyEnabled true proguardFiles getDefaultProguardFile
('proguard-android.txt'),'proguard-rules.pro' }
}
![Page 17: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/17.jpg)
優 化混 淆壓 縮
P r o g u a r d
C r a s h
try { //May throw exceptions} catch (Exception e) { //Report crash info to ……}
![Page 18: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/18.jpg)
底層(Native Development Kit, NDK)
![Page 19: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/19.jpg)
After Proguard
public class a { private boolean a=false; private int b=5; private int c=10;
private String a(){ if(a && b>=5){ c++; String d="Go white water rafting"; return d; } }}
![Page 20: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/20.jpg)
Android NDK
The Android NDK is a toolset that lets you implement
parts of your app using native-code languages such as C
and C++. For certain types of apps, this can help you
reuse existing code libraries written in those
languages.
public class MyActivity extends Activity { /** * Native method implemented in C/C++ */ public native void computeFoo();}
![Page 21: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/21.jpg)
NDKNormal
![Page 22: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/22.jpg)
public class NativeMethod { static { System.loadLibrary("HelloWorld"); } public native static String getkey();}
JNIEXPORT jstring Java_com_test_constants_NativeMethod_getKey(JNIEnv* env,jobject obj) { return env->NewStringUTF("ABCD");}
com.test.constants.NativeMethod.java
HelloWorld.cpp
![Page 23: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/23.jpg)
Ke y S t o r e
![Page 24: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/24.jpg)
if(isKeyStorePassed(context)){ return env->NewStringUTF("ABCD");}else{ return env->NewStringUTF("-----")}
![Page 25: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/25.jpg)
![Page 26: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/26.jpg)
Java_com_test_constants_NativeMthod_getKey
ABCD
![Page 27: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/27.jpg)
ASCII Code
A n d r o i d T a i p e i
65 110 100 114 111 105 100 84 97 105 112 101 105
66 111 101 115 112 106 101 85 98 106 113 102 106
B o e s p j e U b j q f j
![Page 28: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/28.jpg)
Java_com_test_constants_NativeMthod_getKey
com.test.constants.NativeMethod.java
public class NativeMethod { static { System.loadLibrary("HelloWorld"); } public native static String getKey();
}
![Page 29: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/29.jpg)
Java_com_test_constants_NativeMthod_a_____
com.test.constants.NativeMethod.java
public class NativMethod { static { System.loadLibrary("HelloWorld"); } public native static String a(); public static String getKey(){ return a(); }}
![Page 30: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/30.jpg)
Java_com_test_constants_NativeMthod_a_____
Java_com_test_constants_NativeMthod_b_____
Java_com_test_constants_NativeMthod_c_____
Java_com_test_constants_NativeMthod_d_____
Java_com_test_constants_NativeMthod_e____
![Page 31: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/31.jpg)
After Proguard
public class a { private boolean a=false; private int b=5; private int c=10;
private String a(){ if(a && b>=5){ c++; String d=NativeMethod.a(); return d; } }}
![Page 32: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/32.jpg)
加密服務
![Page 33: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/33.jpg)
![Page 34: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/34.jpg)
Core
Apk
Shell
![Page 35: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/35.jpg)
沒 有 絕 對 防 禦
只 有 增 加 破 解 成 本
![Page 36: July 2015 Android Taipei - Anti-Decompiler by SUKI](https://reader034.vdocuments.pub/reader034/viewer/2022051113/55cebbf4bb61eba82f8b4638/html5/thumbnails/36.jpg)
Thanks for your attention
反 逆 向 工 程