文章目錄
- 1.移動端主流加固
- 2. 移動端加固的詳細分析
- 2.1 愛加密加固
- 2.2梆梆加固
- 2.3 騰訊樂固
- 2.4 網易易盾加固
- 2.5 360加固
- 2.6 阿里云加固
- 2.7 百度加固
- 2.8娜迦加固
- 2.9頂象加固
- 3.識別移動端加固
- 3.1 識別檢測的方法
- 3.2代碼實作
1.移動端主流加固
按照市場使用及推廣目前市面上已經成型并進行銷售的移動端加固主要有:
1.愛加密加固
2.梆梆加固:
3.騰訊樂固
4.網易易盾
5.360加固
6.阿里云加固
7.百度加固
8.娜迦加固
9.頂象加固
2. 移動端加固的詳細分析
2.1 愛加密加固
1. 愛加密加固后會出現兩個的Application的入口類,分別為SuperApplication和NativeApplication,
2.APK加固后的入口點會變成 com.shell.SuperApplication
3.加固后會在assets目錄下新增三個檔案分別為:ijiami.dat、ijiami2.dat、ijiami.ajm,
4.加固后悔增加兩個so檔案分別為libexec.so和libexecmain.so,
2.2梆梆加固
1.加固后會在Assets的目錄下新增secData0.jar檔案
2.加固后會新增幾個so檔案:libSecShell.so、libSecShell_x86.so、libSecShell_art.so等,
3.加固后apk的入口類變成com.secshell.shellwrapper.SecAppWrapper,
2.3 騰訊樂固
1.加固后APK的入口變成com.tencent.StubShell.TxAppEntry
2.加固后lib檔案會新增幾個檔案:liblegudb.so、libshella-2.10.2.3.so、mix.dex,
2.4 網易易盾加固
1.加固后libs目錄下會新增個so檔案:libnesec,
2.5 360加固
1.加固后apk 的入口點變成:com.stub.StubApp
2.Assets目錄下會新增幾個so檔案分別誒:libjiagu.so,libjiagu_ls.so,libjiagu_x86.so,libjiagu_art.so,
2.6 阿里云加固
1.殼的入口點還是為原apk的入口點,不過方法都是被抽取并native的,
2.加固后Assets目錄下會新增一個檔案:libdemolishdata.so
3.加固后libs目錄下會新增一個檔案:libdemolish.so
2.7 百度加固
1.加固后apk的入口點變成com.baidu.protect.StubApplication
2.assets目錄和libs目錄會新增幾個檔案分別為:libbaiduprotect.so、libbaiduprotect_x86.so、libbaiduprotect_art.so、baiduprotect1.jar,
2.8娜迦加固
1.加固后libs目錄會新增幾個so檔案分別為:libddog.so、libcdog.so、libfdog.so
2.9頂象加固
1.加固后apk的入口點還是原來的入口點,但是全部都變成native的,而且全是在so檔案里,并利用arm撰寫了對應方法,
2.加固后libs目錄下回新增so檔案分別為:libjni.so,libsec.so
3.識別移動端加固
3.1 識別檢測的方法
通過直接讀取apk檔案里面的檔案特征屬性并進行比對,只要apk里面有對應的加固特征屬性,那么就證明該apk被加固了,
3.2代碼實作
以下是用C++實作了讀取apk檔案(apk檔案其實就是個zip檔案)并進行比對的實作代碼
CString CApkScanToolDlg::IsAndroidApkProtect()
{
CString EncryptType;
vector<CString>::iterator it;
UpdateData(FALSE);
ZipFileData m_zipFiledata;
m_zipFiledata.GetZipFileData(m_filePath.GetBuffer(m_filePath.GetLength()));
for(it= m_zipFiledata.m_fileInfo.begin(); it != m_zipFiledata.m_fileInfo.end();it++)
{
CString ExtenName = GetFileExtenName(*it);
if("so" == ExtenName || "dex" == ExtenName || "dat" == ExtenName)
{
CString temp =GetFileName(*it);
if("libtup.so" == temp || "libexec.so" == temp || "libshell.so" == temp || "mix.dex" == temp)
{
EncryptType = "騰訊";
return EncryptType;
}
else if("libsgmain.so" == temp || "aliprotect.dat" == temp || "libsgsecuritybody.so" == temp || "libmobisec.so" == temp)
{
EncryptType = "阿里聚安全";
return EncryptType;
}
else if("libchaosvmp.so" == temp || "libddog.so" == temp || "libfdog.so" == temp )
{
EncryptType = "娜迦";
return EncryptType;
}
else if("libkwscmm.so" == temp || "libkwscr.so" == temp || "libkwslinker.so" == temp)
{
EncryptType = "幾維安全";
return EncryptType;
}
else if("libtosprotection.x86.so"== temp || "libtosprotection.armeabi-v7a.so" == temp || "libtosprotection.armeabi.so" == temp)
{
EncryptType = "騰訊御安全";
return EncryptType;
}
else if("libsecexe.so" == temp || "libtosprotection.armeabi-v7a.so" == temp || "libtosprotection.armeabi.so" == temp)
{
EncryptType = "梆梆免費版";
return EncryptType;
}
else if("libDexHelper.so" == temp || "libDexHelper-x86.so" == temp )
{
EncryptType = "梆梆企業版";
return EncryptType;
}
else if("libexec.so" == temp || "libexecmain.so" == temp || "ijiami.dat" == temp )
{
EncryptType = "愛加密免費版";
return EncryptType;
}
else if("libprotectClass.so" == temp || "libjiagu.so" == temp || "libjiagu_art.so" == temp || "libjiagu_x86.so" == temp)
{
EncryptType = "360";
return EncryptType;
}
else if("libegis.so" == temp || "libNSaferOnly.so" == temp )
{
EncryptType = "通付盾";
return EncryptType;
}
else if("ijiami.ajm" == temp )
{
EncryptType = "愛加密企業版";
return EncryptType;
}
else if("libedog.so" == temp )
{
EncryptType = "娜迦企業版";
return EncryptType;
}
else if("libnqshield.so" == temp )
{
EncryptType = "網秦";
return EncryptType;
}
else if("librsprotect.so" == temp )
{
EncryptType = "瑞星";
return EncryptType;
}
else if("libbaiduprotect.so" == temp )
{
EncryptType = "百度";
return EncryptType;
}
else if("libapssec.so" == temp )
{
EncryptType = "盛大加密";
return EncryptType;
}
else if("libx3g.so" == temp )
{
EncryptType = "頂像科技";
return EncryptType;
}
else if("libAPKProtect.so" == temp )
{
EncryptType = "APKProtect";
return EncryptType;
}
else if("libnesec.so" == temp )
{
EncryptType = "網易易盾";
return EncryptType;
}
}
}
EncryptType = "恭喜你這apk檔案沒被加固";
return EncryptType;
}
轉載請註明出處,本文鏈接:https://www.uj5u.com/qita/265859.html
標籤:其他
上一篇:【進擊面試_03】Java 并發
下一篇:電子門鎖沒電的解決辦法