CN105278954A - Anti-cracking Android APP and operation mode thereof - Google Patents
Anti-cracking Android APP and operation mode thereof Download PDFInfo
- Publication number
- CN105278954A CN105278954A CN201510619550.6A CN201510619550A CN105278954A CN 105278954 A CN105278954 A CN 105278954A CN 201510619550 A CN201510619550 A CN 201510619550A CN 105278954 A CN105278954 A CN 105278954A
- Authority
- CN
- China
- Prior art keywords
- code
- file
- cracking
- dexclassloader
- source code
- Prior art date
- Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
- Pending
Links
Landscapes
- Storage Device Security (AREA)
- Stored Programmes (AREA)
Abstract
The invention designs an anti-cracking Android APP and an operation mode thereof. Firstly, the cracking difficulty is increased by a mode of character string encryption; secondly, a JAVA code is put into an SO file to strengthen the protection on the JAVA layer code; finally an important encryption algorithm is put in the server terminal to be issued, and then the encryption algorithm is deleted after the decryption is finished, so that the protection on the encryption algorithm is reinforced to greatly improve the cracking difficulty and the cracking cost; and the anti-cracking Android APP can be used for protecting the safety of an Android APK code. In addition, a core decipherment algorithm can be downloaded through the server, so that the step of server verification cannot be skipped, and the cracking solution by direct skipping the server verification for changing code is avoided.
Description
Technical field
The present invention relates to a kind of APP based on Android, particularly a kind ofly instead crack Android APP and the method for operation thereof.
Background technology
The anti-crack method of existing common Android is divided into following several:
1, Code obfuscation.In order to strengthen the difficulty that decompiling post code is analyzed, code is obscured.Shortcoming is, cures the symptoms, not the disease, and can revise equally.
2, on-line signature compares.When program initialization, networking signs the official standard on the signature of the program of operation and server compares, thus reaches the effect that the program after decompiling cannot normally be run.Shortcoming is, skips, then a whole set of mechanism failure if the code of this interconnecting segment inspection is tampered.
3, core code is write in SO file by JNI; due to SO file decompiling and counter to crack difficulty higher; anti-disintegration effect in this way pretty good, but shortcoming to be JAVA layer identification code not protected, can be tampered or call the simulation of SO method equally and crack.
Summary of the invention
In order to solve the problem, the invention provides a kind of protection JAVA bottom code, and avoid skipping the counter of server end verification and crack Android APP and the method for operation thereof.
In order to achieve the above object, counter designed by the present invention cracks Android APP, comprise JAVA source code encryption compile obtain encryption source code, SO file, authentication check module, code decryption release module, decipherment algorithm download module, dlm (dynamic loading module) DexClassLoader and start Application, wherein encrypt source code be stored in SO file.Wherein said encryption source code is the string variable in source code.
A kind of above-mentioned anti-method of operation cracking Android APP, comprise following steps: a. first APK starts, load SO file, by the program that code decryption release module is once deciphered, b.SO file interconnection network is by authentication check module and server end signature verification, verification is by rear download JAVA bis-decipherment algorithms, c. load DEX cryptographic algorithm secondary by DexClassLoader and decipher the program of once deciphering obtained from SO file, run Android program eventually through DexClassLoader load and execution code.And during final DexClassLoader load and execution code working procedure, program deletes JAVA bis-decipherment algorithms downloaded from server end automatically.
What the present invention obtained gone out new scheme has a little following:
1, for increase cracks difficulty, the string variable in institute's source code in code is made into encrypted characters string mode
2, preserve after the code encryption of most of java with bytewise in SO file, operationally by code decryption out, then the content decrypted in SO again deciphered by secondary deciphering, last APK loads dex file by DexClassLoader to be continued to run.
3, by SO interconnection network, core code is downloaded from server end, then the signing messages of server end verification APK, verifies by issuing core decrypted code and secondary decryption method afterwards again, and APK loads dex running paper by DexClassLoader afterwards.
First this programme is added by character string cipher mode and cracks difficulty; next JAVA code is put in SO file; strengthen the protection to JAVA layer identification code; finally important cryptographic algorithm is put into server end to issue; then it is deleted after having deciphered; strengthen the protection to cryptographic algorithm, make to crack difficulty and cost improves greatly, can in order to protect the code security of Android APK.On the other hand, because needs download core decipherment algorithm by server, server checking procedure cannot be skipped, avoid direct existing change code with what skip server verification and crack means.
Accompanying drawing explanation
Fig. 1 is the process flow diagram of the APK startup that the present invention designs.
Embodiment
Below by embodiment, the invention will be further described by reference to the accompanying drawings.
embodiment 1.
As shown in Figure 1, the counter of the present embodiment description cracks Android APP, comprise the encryption of JAVA source code and compile the encryption source code obtained, SO file, authentication check module, code decryption release module, decipherment algorithm download module, dlm (dynamic loading module) DexClassLoader and the Application started, wherein encrypt source code and be stored in SO file.Wherein, described encryption source code is the string variable in source code.
The above-mentioned anti-method of operation cracking Android APP, comprise following steps: a. first APK starts, load SO file, by the program that code decryption release module is once deciphered, b.SO file interconnection network is by authentication check module and server end signature verification, verification is by rear download JAVA bis-decipherment algorithms, c. load DEX cryptographic algorithm secondary by DexClassLoader and decipher the program of once deciphering obtained from SO file, run Android program eventually through DexClassLoader load and execution code.And during final DexClassLoader load and execution code working procedure, program deletes JAVA bis-decipherment algorithms downloaded from server end automatically.
Realize the program, first APK code be divide into several ingredient by us:
1, the Application started
2, DexClassLoader dlm (dynamic loading module) (plug-in unitization mechanism)
3, code decryption release module (completing in SO file)
4, decipherment algorithm download module (completing in SO file)
5, the resource file preserved after the encryption of Dex execute file
In addition, in order to the scheme of fit end, we are also supporting develops several instrument and a backstage:
1, JAVASourceEncoder(JAVA source code Encryption Tool)
2, client signature correction verification module
3, APK signature management function module
1, JAVASourceEncoder (JAVA source code Encryption Tool):
Increase to make to crack work difficulty, compile again after string variable in source code is encrypted to byte array, but such scheme can cause development cumbersome, so be developed particularly a SourceEncoder instrument, for after exploitation, source code is encrypted, and then perform, so, developer does not need code security problem when paying close attention to exploitation, and code can source code after the packing stage is transformed into encryption automatically; Cracker, when decompiling, finds that the character string constant in all codes all becomes byte arrays, cannot understand code implication the very first time, considerably increase the difficulty of decompiling.
Special instruction: this instrument is not in order to real is encrypted protection, but by reducing the readability of decompiling code (smali code etc.), increasing and cracking cost.
2, code decryption release module
This part is fairly simple, and APK program calls the decipherment algorithm in SO file by JNI mode, the deciphering of the encrypt file of the dex in resource bag is discharged, and backspace file path.
3, decipherment algorithm download module
First need to obtain the various parameters such as the signing messages of Android APK, application version number, channel number by JNI, then HTTP request POST is passed through to server end, verified according to backstage configuration by server end, and issue the dex file of corresponding decipherment algorithm.
4, DexClassLoader dlm (dynamic loading module) (plug-in unitization mechanism)
Dalvik virtual machine due to Android system is not familiar with the bytecode of the JAR bag that java is up to, needing to carry out transformation by dx instrument becomes Dalvikbytecode just passable, so in Android dynamic load java code, need to use DexClassLoader or PathClassLoader, but PathClassLoader can only load the APK file in the system of being installed to, and DexClassLoader can load jar, dex and apk file, and these files can be loaded from SD card, so select DexClassLoader.This mode is also the major way realizing Android plug-in unit mechanism.
5, the Application started
The arrangements are complete for all instruments and module, remaining builds service logic exactly in main Activity, first two SO files are loaded, then the method for the code decryption release module in SO is called by JNI, the Dex execute file of the application after first release encryption, and then call decipherment algorithm download module in another SO by JNI, download each game or apply different deciphering Dex execute files, then plug-in unit mechanism is used to call deciphering Dex execute file deciphering application Dex file, plug-in unitization mechanism is finally used to start the Dex file of application, application start completes, the all Dex execute files having completed historic mission of SO file erase can be called of course simultaneously.
Claims (4)
1. one kind is instead cracked Android APP, it is characterized in that comprising the encryption of JAVA source code compiles the encryption source code obtained, SO file, authentication check module, code decryption release module, decipherment algorithm download module, dlm (dynamic loading module) DexClassLoader and the Application started, wherein encrypt source code and be stored in SO file.
2. according to claim 1 instead crack Android APP, it is characterized in that described encryption source code is the string variable in source code.
3. one kind as claim 1 the anti-method of operation cracking Android APP, it is characterized in that comprising following steps: a. first APK starts, load SO file, by the program that code decryption release module is once deciphered, b.SO file interconnection network is by authentication check module and server end signature verification, verification is by rear download JAVA bis-decipherment algorithms, c. load DEX cryptographic algorithm secondary by DexClassLoader and decipher the program of once deciphering obtained from SO file, run Android program eventually through DexClassLoader load and execution code.
4. the anti-method of operation cracking Android APP according to claim 1, is characterized in that when final DexClassLoader load and execution code working procedure, and program deletes JAVA bis-decipherment algorithms downloaded from server end automatically.
Priority Applications (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510619550.6A CN105278954A (en) | 2015-09-25 | 2015-09-25 | Anti-cracking Android APP and operation mode thereof |
Applications Claiming Priority (1)
| Application Number | Priority Date | Filing Date | Title |
|---|---|---|---|
| CN201510619550.6A CN105278954A (en) | 2015-09-25 | 2015-09-25 | Anti-cracking Android APP and operation mode thereof |
Publications (1)
| Publication Number | Publication Date |
|---|---|
| CN105278954A true CN105278954A (en) | 2016-01-27 |
Family
ID=55148012
Family Applications (1)
| Application Number | Title | Priority Date | Filing Date |
|---|---|---|---|
| CN201510619550.6A Pending CN105278954A (en) | 2015-09-25 | 2015-09-25 | Anti-cracking Android APP and operation mode thereof |
Country Status (1)
| Country | Link |
|---|---|
| CN (1) | CN105278954A (en) |
Cited By (3)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109271759A (en) * | 2018-09-26 | 2019-01-25 | 杭州凯米科技有限公司 | So file security reinforcement technique method based on Android platform |
| CN109409038A (en) * | 2018-09-30 | 2019-03-01 | 北京梆梆安全科技有限公司 | A kind of dynamic link library file cracks risk checking method and device |
| CN112329035A (en) * | 2020-11-02 | 2021-02-05 | 成都中科大旗软件股份有限公司 | Method, system and storage medium for analyzing, encrypting and decrypting based on jar program |
-
2015
- 2015-09-25 CN CN201510619550.6A patent/CN105278954A/en active Pending
Cited By (4)
| Publication number | Priority date | Publication date | Assignee | Title |
|---|---|---|---|---|
| CN109271759A (en) * | 2018-09-26 | 2019-01-25 | 杭州凯米科技有限公司 | So file security reinforcement technique method based on Android platform |
| CN109409038A (en) * | 2018-09-30 | 2019-03-01 | 北京梆梆安全科技有限公司 | A kind of dynamic link library file cracks risk checking method and device |
| CN112329035A (en) * | 2020-11-02 | 2021-02-05 | 成都中科大旗软件股份有限公司 | Method, system and storage medium for analyzing, encrypting and decrypting based on jar program |
| CN112329035B (en) * | 2020-11-02 | 2022-12-27 | 成都中科大旗软件股份有限公司 | Method, system and storage medium for analyzing, encrypting and decrypting based on jar program |
Similar Documents
| Publication | Publication Date | Title |
|---|---|---|
| KR101471589B1 (en) | Method for Providing Security for Common Intermediate Language Program | |
| CN105683990B (en) | Method and apparatus for protecting dynamic base | |
| CN102760219B (en) | A kind of Android platform software protection system, method and apparatus | |
| KR101391982B1 (en) | Encryption method for preventing decompile of andriod application | |
| JP4729575B2 (en) | Ensuring software security | |
| JP5808019B2 (en) | Interlocked binary protection using white-box encryption technology | |
| CN104680039B (en) | A kind of data guard method and device of application program installation kit | |
| CN102576391B (en) | Software license embedded in shell code | |
| CN109992987B (en) | Script file protection method and device based on Nginx and terminal equipment | |
| CN103577206A (en) | Method and device for installing application software | |
| CN105787357A (en) | APK (Android Package) downloading method and system based on Android system | |
| CN104866739A (en) | Application program encryption method and application program encryption system in Android system | |
| KR101695639B1 (en) | Method and system for providing application security service based on cloud | |
| CN104573490A (en) | Method for protecting installed software on Android platform | |
| CN104008342A (en) | Method for achieving safe and trusted authentication through BIOS and kernel | |
| CN106650330A (en) | Android application software reinforcement protection method based on DexClassloader | |
| CN111191195A (en) | Method and device for protecting APK | |
| CN108804913B (en) | Application program running method and device | |
| CN107273723A (en) | A kind of Android platform applied software protection method based on so file shell addings | |
| CN108595950A (en) | A kind of safe Enhancement Methods of SGX of combination remote authentication | |
| CN105278954A (en) | Anti-cracking Android APP and operation mode thereof | |
| CN110502874B (en) | Android App reinforcement method based on file self-modification | |
| CN108923910B (en) | Mobile application APK tamper-proofing method | |
| CN112134905B (en) | Android system based signature method, device and equipment | |
| CN103530169B (en) | Method for protecting virtual machine files and user terminal |
Legal Events
| Date | Code | Title | Description |
|---|---|---|---|
| C06 | Publication | ||
| PB01 | Publication | ||
| C10 | Entry into substantive examination | ||
| SE01 | Entry into force of request for substantive examination | ||
| RJ01 | Rejection of invention patent application after publication | ||
| RJ01 | Rejection of invention patent application after publication |
Application publication date: 20160127 |