Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

3.0,目前还是能被NP管理器一键解密.. #61

Closed
gaoyuoppa opened this issue Feb 16, 2022 · 8 comments
Closed

3.0,目前还是能被NP管理器一键解密.. #61

gaoyuoppa opened this issue Feb 16, 2022 · 8 comments

Comments

@gaoyuoppa
Copy link

NP管理器,就是类似MT管理器的软件.
我猜测他的解密就是只要 String类型的变量或者函数,都会被这些软件调用.
有没有什么好的思路,防止被这些管理器一键反混淆呢...
@MegatronKing
Copy link
Owner

MegatronKing commented Feb 16, 2022
edited
Loading

可以,反编译工具无非就是运行的时候执行了自动StringFogImpl.decrypt而已,但是他们的运行环境和真实应用的执行环境肯定是不一样的。你可以在decrypt函数里面加一些真实应用环境的判断,例如用Class.forName检查某些类是否能加载;反之,也可以检查某些是不是虚拟环境,返回个null啥的。这种自定义加密实现,可以参考sample2。

@MegatronKing
Copy link
Owner

如果有结论了,麻烦回复下,我看看能不能集成进去。

@gaoyuoppa
Copy link
Author

抱歉,我目前的技术不支持我有此类操作 .........

@gaoyuoppa
Copy link
Author

如果有结论了,麻烦回复下,我看看能不能集成进去。

通过自定义方法,简单的加了函数判断是可以阻止 类MT管理器的一键解密的. 测试了两款应用,均未被一键解密.

@Caij
Copy link

Caij commented Jul 11, 2022

@gaoyuoppa 请教一下函数判断是什么逻辑

@fh2002
Copy link

fh2002 commented Jul 11, 2022
edited
Loading

我通过2种方法实现了让它解密不了。第一种解密函数在so中,修改StringFog插件中直接把decrypt方法给抹除掉,存到其它地方,再通过热加载decrypt方法

@ak47king
Copy link

ak47king commented Nov 4, 2022

这个我解决了,魔改了下stringfog,考虑到性能原因直接把解密函数放到so里边了,so加载的时候校验签名,目前能防止一键脱壳

@MegatronKing
Copy link
Owner

防止解密的讨论移至 #88

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@ak47king @Caij @MegatronKing @fh2002 @gaoyuoppa