prevent /使其难以修补程序二进制大会 [英] Prevent/Make it difficult to patch Binary Assembly

问题描述

我不知道是什么code的做法，你可以用它来使它很难有人修改二进制/组件绕过检查的术语是正确的：

I am not sure if the terminology is correct what code practices can you use to make it difficult for someone to modify the binary/assembly to bypass a check:

例如，在源$ C ​​$ C。

eg in the source code.

bool verificationResult = verify();
if (verificationResult){
 allow_Something();
}else{
 prevent_Something();
} 

如果一个人看着上面的code反汇编版本可以修改跳运codeS（？）'跑allow_Something即使在验证结果是假的。

If a person looking at the disassembly version of the above code can modify the 'jump opcodes(?)' to run allow_Something even when the verification result is false.

类似的事情在这里盖 的http://www.$c$cproject.com/Articles/18961/Tamper-Aware-and-Self-Healing-$c$c#$p$p0

Something similar is covered here http://www.codeproject.com/Articles/18961/Tamper-Aware-and-Self-Healing-Code#pre0

请注意，我创建的二进制在C ++中它要通过NDK在Android上使用。

Note I am creating the binary in C++ for it to be used via NDK on Android.

推荐答案

由于普遍的共识是，到目前为止，它不可能prevent任何人在这样做破解你的APK死心塌地。混淆技术只会增加破解的APK一次所需的复杂性。后，它被上传到提供到主机的APK免费的网站无数，它只是谷歌搜索距离即使是小白-EST的Andr​​oid菜鸟的。

As the general consensus is so far, its impossible to prevent anyone hell-bent upon "cracking" your APK from doing so. Obfuscation techniques will only increase the complexity required to "crack" the APK once. After it gets uploaded to the myriad of the sites that offer to host APKs for free, its just a google search away from even the "noob-est" of Android noobs.

此外 安全透过朦胧 将<一href="http://stackoverflow.com/questions/533965/why-is-security-through-obscurity-a-bad-idea">NOT让你远 。

对于保护您的APK被黑客攻击，我建议下面的文章，讨论目前的状态<一href="http://www.digipom.com/how-the-android-license-verification-library-is-lulling-you-into-a-false-sense-of-security/">license的APK Android上验证 。它描述的技术应该给你常见的攻击向量，你需要防范的想法。

Regarding protecting your APK from being hacked, i would recommend the following article that discusses the current state of license validation of APKs on Android. The techniques described in it should give you an idea of the common attack-vectors that you need to safeguard against.

Proguard的 是一个良好的开端<一个href="http://android-developers.blogspot.tw/2010/09/proguard-android-and-licensing-server.html">obfuscating您的APK 。

在设法获得一个模糊APK，并不通过以下工具运行它，并观察去编译源。所有这些都是免费的，开源的工具非常受欢迎，一定会的第一件事情，任何像样的饼干会尝试：
 1. baksmali
 2. apktool
 3. Dex2Jar +的 JD-桂

After you manage to obtain an obfuscated APK, DO run it through the following tools and observe the de-compiled source. All these are free and open-source tools that are very popular and will surely be the first thing that any decent "cracker" will try :
1. baksmali
2. apktool
3. Dex2Jar + JD-Gui

请加入混淆层到code，直到您满意的上述工具的输出是相当复杂的意义。 （再次低估什么是本科毕业生手持焦炭，比萨饼和的 DVM运$ C $的知识CS 可以实现在一个周末）。

Keep adding layers of obfuscation to your code until you are satisfied that the output of the above tools is fairly complicated to make sense. (Again do NOT under-estimate what a college-grad armed with coke, pizza and the knowledge of DVM opcodes can accomplish over a weekend).

对于在链接你分享，我看不出他们如何可以实施，以保护在 .dex 在Android上。如果你最终实现验证逻辑，在一个单独的 的.so ，然后所有的饼干需要做的是打补丁呼叫你java的code里面的验证（）函数在 的.so

Regarding the techniques discussed in the link you shared, i fail to see how they can be implemented to protect the .dex on Android. And if you end up implementing the verification logic in a separate .so then all the "cracker" would need to do is patch the call in your java code to the verify() function inside the .so.

更新：

另外混淆步骤，以确保在 的.so

Additional obfuscation steps to secure the .so.

1。不要按照或多或少的线性路径。
添加额外的跳跃所有的地方作品，有这么多的这些需要单独修改，修补和验证，如果保护已经被忽视的潜在目标泛滥的饼干。

1. Do NOT follow a more or less linear path.
Adding additional jumps all over the place works by flooding the "cracker" with so many potential targets which need to be individually modified and patched and verified if the protection has been bypassed.

2。添加定时检查 这主要是通过使code遵循调试和实际运行时在不同的路径，以甩开饼干。如果两个点之间花费的时间是很多比平常那么它，你的程序正在调试一个明确的指示了。即时间跳进垃圾code表示部，其计算在世界钢琴的数目

2. Add timing checks This is mainly to throw off the "cracker" by making the code follow different paths during debug and actual run-time. If the time spent between two points is a lot more than usual then its a clear indication that your program is being debugged. i.e time to jump into that part of junk code that calculates the number of pianos in the world.

3。写自我修改code
同样，这阻挠静态分析。例如，如果你的跳的到验证功能不二进制存在，但到处打补丁作为在 的.so

3. Write self modifying code
Again this thwarts static analysis. For example if your jump into the verification function does not exist in the binary but is patched everywhere as part of some init() function in the .so.

所有上述技术（和更多）被描述>

All the above techniques(and more) are described with examples in the following article on anti-debugging techniques.

一个更加融为一体prehensive指南 最终反调试参考由彼得·费利

A more comprehensive guide is Ultimate Anti Debugging Reference by Peter Ferrie.

这篇关于prevent /使其难以修补程序二进制大会的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！