欢迎来到 黑吧安全网 聚焦网络安全前沿资讯,精华内容,交流技术心得!

安卓应用程序的逆向工程

来源:本站整理 作者:佚名 时间:2017-09-20 TAG: 我要投稿
    {
        MessageDigest md = MessageDigest.getInstance("MD5");
        md.update(secret.getBytes());
        byte[] digest = md.digest();
        StringBuilder sb = new StringBuilder();
        for (byte b : digest) {
            sb.append(String.format("%02x", (0xFF & b)));
        }
        return new SecretKeySpec(sb.toString().substring(0,16).getBytes(), "AES");
    }
 
    static byte[] a(String message, SecretKey secret)
            throws NoSuchAlgorithmException, NoSuchPaddingException, InvalidKeyException, InvalidParameterSpecException, IllegalBlockSizeException, BadPaddingException, UnsupportedEncodingException
    {
        Cipher cipher = null;
        cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.ENCRYPT_MODE, secret);
        return cipher.doFinal(message.getBytes("UTF-8"));
    }
 
    static String a(byte[] cipherText, SecretKey secret)
            throws NoSuchPaddingException, NoSuchAlgorithmException, InvalidParameterSpecException, InvalidAlgorithmParameterException, InvalidKeyException, BadPaddingException, IllegalBlockSizeException, UnsupportedEncodingException
    {
        Cipher cipher = null;
        cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
        cipher.init(Cipher.DECRYPT_MODE, secret);
        return new String(cipher.doFinal(cipherText), "UTF-8");
    }
}
你可以或许下载曾经编译好的APK From -> CrackMe
在咱们停止下一步的操纵以前,先枚举阐发所需的配景常识:
一个曾经root的安卓装备或许虚构机(固然并非一切的阐发办法都必要root权限,然则有一个root的装备是不错的)。
Frida
Python
Inspeckage
Xposed Framework
APKTool
APKStudio
ByteCodeViewer
Dex2Jar
JarSigner(Java JDK)
JD-JUI
Brain
咱们将会应用的三种阐发办法:
静态阐发和Hooking.
二进制文件Patch(byte code改动).
静态阐发和代码复制.
静态/运转时情况 阐发和函数Hooking:
咱们必要应用的阐发工具: Frida, dex2jar, JD-GUI.
用 Frida阐发:
究竟甚么是Frida ?

It's Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, Linux, iOS, Android, and QNX. Frida also provides you with some simple tools built on top of the Frida API. These can be used as-is, tweaked to your needs, or serve as examples of how to use the API.
用简略的术语来讲,它可以或许被用来Hook函数挪用,注入你自己的代码将来可以或许来改动应用自己的履行流程。咱们将会应用它来经由过程检测和来辨认分歧的变量。
为了可以或许装置Frida,咱们可以或许将手机开启USB调试以后用数据线衔接电脑,而且在电脑端运转
# check adb devices whether connected or not
adb devices
# push/copy the latest frida server to phone
adb push frida-server-10.4.0-android-arm /data/local/tmp/frida
# set permissions for frida, grant SU permissions if prompted
adb shell su -c "chmod 755 /data/local/tmp/frida"
# start frida server on android device
adb shell su -c "./data/local/tmp/frida &"
# install frida-python on your Windows/Mac/Linux device
pip install --user frida
运转了下面的敕令以后,咱们的Frida Server就曾经运转在了咱们的电脑上,让咱们来查验一下,关上终端,运转python:
Python 2.7.10 (default, Feb  7 2017, 00:08:15)
Type "help", "copyright", "credits" or "license" for more information.
>>> import frida
>>> frida.get_usb_device()
Device(id="802b7421", name="LG SCH-XXXX", type='tether')
为了便利以后的阐发,如今让咱们创立一个python剧本:
import frida, sys, time
 
encrypted = None
 
def on_message(message, data):
    global encrypted
    try:
        if not encrypted:
          encrypted = message['payload']['encrypted']
          print('[+] Received str : ' + encrypted)

上一页  [1] [2] [3] [4] [5] [6] [7] [8] [9]  下一页

【声明】:黑吧安全网(http://www.myhack58.com)登载此文出于传递更多信息之目的,并不代表本站赞同其观点和对其真实性负责,仅适于网络安全技术爱好者学习研究使用,学习中请遵循国家相关法律法规。如有问题请联系我们,联系邮箱admin@myhack58.com,我们会在最短的时间内进行处理。
  • 最新更新
    • 相关阅读
      • 本类热门
        • 最近下载