CN105278954A - Anti-cracking Android APP and operation mode thereof - Google Patents

Anti-cracking Android APP and operation mode thereof Download PDF

Info

Publication number
CN105278954A
CN105278954A CN201510619550.6A CN201510619550A CN105278954A CN 105278954 A CN105278954 A CN 105278954A CN 201510619550 A CN201510619550 A CN 201510619550A CN 105278954 A CN105278954 A CN 105278954A
Authority
CN
China
Prior art keywords
code
file
cracking
dexclassloader
source code
Prior art date
Legal status (The legal status is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the status listed.)
Pending
Application number
CN201510619550.6A
Other languages
Chinese (zh)
Inventor
卢锡合
翟惠林
姚伟涛
Current Assignee (The listed assignees may be inaccurate. Google has not performed a legal analysis and makes no representation or warranty as to the accuracy of the list.)
Hangzhou Zhexin Information Technology Co Ltd
Original Assignee
Hangzhou Zhexin Information Technology Co Ltd
Priority date (The priority date is an assumption and is not a legal conclusion. Google has not performed a legal analysis and makes no representation as to the accuracy of the date listed.)
Filing date
Publication date
Application filed by Hangzhou Zhexin Information Technology Co Ltd filed Critical Hangzhou Zhexin Information Technology Co Ltd
Priority to CN201510619550.6A priority Critical patent/CN105278954A/en
Publication of CN105278954A publication Critical patent/CN105278954A/en
Pending legal-status Critical Current

Links

Landscapes

  • Stored Programmes (AREA)
  • Storage Device Security (AREA)

Abstract

The invention designs an anti-cracking Android APP and an operation mode thereof. Firstly, the cracking difficulty is increased by a mode of character string encryption; secondly, a JAVA code is put into an SO file to strengthen the protection on the JAVA layer code; finally an important encryption algorithm is put in the server terminal to be issued, and then the encryption algorithm is deleted after the decryption is finished, so that the protection on the encryption algorithm is reinforced to greatly improve the cracking difficulty and the cracking cost; and the anti-cracking Android APP can be used for protecting the safety of an Android APK code. In addition, a core decipherment algorithm can be downloaded through the server, so that the step of server verification cannot be skipped, and the cracking solution by direct skipping the server verification for changing code is avoided.

Description

Instead crack Android APP and the method for operation thereof
Technical field
The present invention relates to a kind of APP based on Android, particularly a kind ofly instead crack Android APP and the method for operation thereof.
Background technology
The anti-crack method of existing common Android is divided into following several:
1, Code obfuscation.In order to strengthen the difficulty that decompiling post code is analyzed, code is obscured.Shortcoming is, cures the symptoms, not the disease, and can revise equally.
2, on-line signature compares.When program initialization, networking signs the official standard on the signature of the program of operation and server compares, thus reaches the effect that the program after decompiling cannot normally be run.Shortcoming is, skips, then a whole set of mechanism failure if the code of this interconnecting segment inspection is tampered.
3, core code is write in SO file by JNI; due to SO file decompiling and counter to crack difficulty higher; anti-disintegration effect in this way pretty good, but shortcoming to be JAVA layer identification code not protected, can be tampered or call the simulation of SO method equally and crack.
Summary of the invention
In order to solve the problem, the invention provides a kind of protection JAVA bottom code, and avoid skipping the counter of server end verification and crack Android APP and the method for operation thereof.
In order to achieve the above object, counter designed by the present invention cracks Android APP, comprise JAVA source code encryption compile obtain encryption source code, SO file, authentication check module, code decryption release module, decipherment algorithm download module, dlm (dynamic loading module) DexClassLoader and start Application, wherein encrypt source code be stored in SO file.Wherein said encryption source code is the string variable in source code.
A kind of above-mentioned anti-method of operation cracking Android APP, comprise following steps: a. first APK starts, load SO file, by the program that code decryption release module is once deciphered, b.SO file interconnection network is by authentication check module and server end signature verification, verification is by rear download JAVA bis-decipherment algorithms, c. load DEX cryptographic algorithm secondary by DexClassLoader and decipher the program of once deciphering obtained from SO file, run Android program eventually through DexClassLoader load and execution code.And during final DexClassLoader load and execution code working procedure, program deletes JAVA bis-decipherment algorithms downloaded from server end automatically.
What the present invention obtained gone out new scheme has a little following:
1, for increase cracks difficulty, the string variable in institute's source code in code is made into encrypted characters string mode
2, preserve after the code encryption of most of java with bytewise in SO file, operationally by code decryption out, then the content decrypted in SO again deciphered by secondary deciphering, last APK loads dex file by DexClassLoader to be continued to run.
3, by SO interconnection network, core code is downloaded from server end, then the signing messages of server end verification APK, verifies by issuing core decrypted code and secondary decryption method afterwards again, and APK loads dex running paper by DexClassLoader afterwards.
First this programme is added by character string cipher mode and cracks difficulty; next JAVA code is put in SO file; strengthen the protection to JAVA layer identification code; finally important cryptographic algorithm is put into server end to issue; then it is deleted after having deciphered; strengthen the protection to cryptographic algorithm, make to crack difficulty and cost improves greatly, can in order to protect the code security of Android APK.On the other hand, because needs download core decipherment algorithm by server, server checking procedure cannot be skipped, avoid direct existing change code with what skip server verification and crack means.
Accompanying drawing explanation
Fig. 1 is the process flow diagram of the APK startup that the present invention designs.
Embodiment
Below by embodiment, the invention will be further described by reference to the accompanying drawings.
embodiment 1.
As shown in Figure 1, the counter of the present embodiment description cracks Android APP, comprise the encryption of JAVA source code and compile the encryption source code obtained, SO file, authentication check module, code decryption release module, decipherment algorithm download module, dlm (dynamic loading module) DexClassLoader and the Application started, wherein encrypt source code and be stored in SO file.Wherein, described encryption source code is the string variable in source code.
The above-mentioned anti-method of operation cracking Android APP, comprise following steps: a. first APK starts, load SO file, by the program that code decryption release module is once deciphered, b.SO file interconnection network is by authentication check module and server end signature verification, verification is by rear download JAVA bis-decipherment algorithms, c. load DEX cryptographic algorithm secondary by DexClassLoader and decipher the program of once deciphering obtained from SO file, run Android program eventually through DexClassLoader load and execution code.And during final DexClassLoader load and execution code working procedure, program deletes JAVA bis-decipherment algorithms downloaded from server end automatically.
Realize the program, first APK code be divide into several ingredient by us:
1, the Application started
2, DexClassLoader dlm (dynamic loading module) (plug-in unitization mechanism)
3, code decryption release module (completing in SO file)
4, decipherment algorithm download module (completing in SO file)
5, the resource file preserved after the encryption of Dex execute file
In addition, in order to the scheme of fit end, we are also supporting develops several instrument and a backstage:
1, JAVASourceEncoder(JAVA source code Encryption Tool)
2, client signature correction verification module
3, APK signature management function module
1, JAVASourceEncoder (JAVA source code Encryption Tool):
Increase to make to crack work difficulty, compile again after string variable in source code is encrypted to byte array, but such scheme can cause development cumbersome, so be developed particularly a SourceEncoder instrument, for after exploitation, source code is encrypted, and then perform, so, developer does not need code security problem when paying close attention to exploitation, and code can source code after the packing stage is transformed into encryption automatically; Cracker, when decompiling, finds that the character string constant in all codes all becomes byte arrays, cannot understand code implication the very first time, considerably increase the difficulty of decompiling.
Special instruction: this instrument is not in order to real is encrypted protection, but by reducing the readability of decompiling code (smali code etc.), increasing and cracking cost.
2, code decryption release module
This part is fairly simple, and APK program calls the decipherment algorithm in SO file by JNI mode, the deciphering of the encrypt file of the dex in resource bag is discharged, and backspace file path.
3, decipherment algorithm download module
First need to obtain the various parameters such as the signing messages of Android APK, application version number, channel number by JNI, then HTTP request POST is passed through to server end, verified according to backstage configuration by server end, and issue the dex file of corresponding decipherment algorithm.
4, DexClassLoader dlm (dynamic loading module) (plug-in unitization mechanism)
Dalvik virtual machine due to Android system is not familiar with the bytecode of the JAR bag that java is up to, needing to carry out transformation by dx instrument becomes Dalvikbytecode just passable, so in Android dynamic load java code, need to use DexClassLoader or PathClassLoader, but PathClassLoader can only load the APK file in the system of being installed to, and DexClassLoader can load jar, dex and apk file, and these files can be loaded from SD card, so select DexClassLoader.This mode is also the major way realizing Android plug-in unit mechanism.
5, the Application started
The arrangements are complete for all instruments and module, remaining builds service logic exactly in main Activity, first two SO files are loaded, then the method for the code decryption release module in SO is called by JNI, the Dex execute file of the application after first release encryption, and then call decipherment algorithm download module in another SO by JNI, download each game or apply different deciphering Dex execute files, then plug-in unit mechanism is used to call deciphering Dex execute file deciphering application Dex file, plug-in unitization mechanism is finally used to start the Dex file of application, application start completes, the all Dex execute files having completed historic mission of SO file erase can be called of course simultaneously.

Claims (4)

1. one kind is instead cracked Android APP, it is characterized in that comprising the encryption of JAVA source code compiles the encryption source code obtained, SO file, authentication check module, code decryption release module, decipherment algorithm download module, dlm (dynamic loading module) DexClassLoader and the Application started, wherein encrypt source code and be stored in SO file.
2. according to claim 1 instead crack Android APP, it is characterized in that described encryption source code is the string variable in source code.
3. one kind as claim 1 the anti-method of operation cracking Android APP, it is characterized in that comprising following steps: a. first APK starts, load SO file, by the program that code decryption release module is once deciphered, b.SO file interconnection network is by authentication check module and server end signature verification, verification is by rear download JAVA bis-decipherment algorithms, c. load DEX cryptographic algorithm secondary by DexClassLoader and decipher the program of once deciphering obtained from SO file, run Android program eventually through DexClassLoader load and execution code.
4. the anti-method of operation cracking Android APP according to claim 1, is characterized in that when final DexClassLoader load and execution code working procedure, and program deletes JAVA bis-decipherment algorithms downloaded from server end automatically.
CN201510619550.6A 2015-09-25 2015-09-25 Anti-cracking Android APP and operation mode thereof Pending CN105278954A (en)

Priority Applications (1)

Application Number Priority Date Filing Date Title
CN201510619550.6A CN105278954A (en) 2015-09-25 2015-09-25 Anti-cracking Android APP and operation mode thereof

Applications Claiming Priority (1)

Application Number Priority Date Filing Date Title
CN201510619550.6A CN105278954A (en) 2015-09-25 2015-09-25 Anti-cracking Android APP and operation mode thereof

Publications (1)

Publication Number Publication Date
CN105278954A true CN105278954A (en) 2016-01-27

Family

ID=55148012

Family Applications (1)

Application Number Title Priority Date Filing Date
CN201510619550.6A Pending CN105278954A (en) 2015-09-25 2015-09-25 Anti-cracking Android APP and operation mode thereof

Country Status (1)

Country Link
CN (1) CN105278954A (en)

Cited By (3)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109271759A (en) * 2018-09-26 2019-01-25 杭州凯米科技有限公司 So file security reinforcement technique method based on Android platform
CN109409038A (en) * 2018-09-30 2019-03-01 北京梆梆安全科技有限公司 A kind of dynamic link library file cracks risk checking method and device
CN112329035A (en) * 2020-11-02 2021-02-05 成都中科大旗软件股份有限公司 Method, system and storage medium for analyzing, encrypting and decrypting based on jar program

Cited By (4)

* Cited by examiner, † Cited by third party
Publication number Priority date Publication date Assignee Title
CN109271759A (en) * 2018-09-26 2019-01-25 杭州凯米科技有限公司 So file security reinforcement technique method based on Android platform
CN109409038A (en) * 2018-09-30 2019-03-01 北京梆梆安全科技有限公司 A kind of dynamic link library file cracks risk checking method and device
CN112329035A (en) * 2020-11-02 2021-02-05 成都中科大旗软件股份有限公司 Method, system and storage medium for analyzing, encrypting and decrypting based on jar program
CN112329035B (en) * 2020-11-02 2022-12-27 成都中科大旗软件股份有限公司 Method, system and storage medium for analyzing, encrypting and decrypting based on jar program

Similar Documents

Publication Publication Date Title
KR101471589B1 (en) Method for Providing Security for Common Intermediate Language Program
CN105683990B (en) Method and apparatus for protecting dynamic base
CN106778103B (en) Reinforcement method, system and decryption method for preventing reverse cracking of android application program
CN102760219B (en) A kind of Android platform software protection system, method and apparatus
KR101391982B1 (en) Encryption method for preventing decompile of andriod application
JP4729575B2 (en) Ensuring software security
CN104680039B (en) A kind of data guard method and device of application program installation kit
CN102576391B (en) Software license embedded in shell code
CN109992987B (en) Script file protection method and device based on Nginx and terminal equipment
CN104008342B (en) A kind of method that secure and trusted certification is realized by BIOS and kernel
KR20120032477A (en) Interlocked binary protection using whitebox cryptography
CN103577206A (en) Method and device for installing application software
CN105787357A (en) APK (Android Package) downloading method and system based on Android system
CN104866739A (en) Application program encryption method and application program encryption system in Android system
KR101695639B1 (en) Method and system for providing application security service based on cloud
CN106650330A (en) Android application software reinforcement protection method based on DexClassloader
CN104573490A (en) Method for protecting installed software on Android platform
CN111191195A (en) Method and device for protecting APK
CN108804913B (en) Application program running method and device
CN107273723A (en) A kind of Android platform applied software protection method based on so file shell addings
CN108595950A (en) A kind of safe Enhancement Methods of SGX of combination remote authentication
CN105278954A (en) Anti-cracking Android APP and operation mode thereof
Abrath et al. Code renewability for native software protection
CN108923910B (en) Mobile application APK tamper-proofing method
CN112134905B (en) Android system based signature method, device and equipment

Legal Events

Date Code Title Description
C06 Publication
PB01 Publication
C10 Entry into substantive examination
SE01 Entry into force of request for substantive examination
RJ01 Rejection of invention patent application after publication
RJ01 Rejection of invention patent application after publication

Application publication date: 20160127