首页
论坛
专栏
课程

[原创]Apk伪加密实现与破解JAVA源码

2013-7-5 18:52 38695

[原创]Apk伪加密实现与破解JAVA源码

2013-7-5 18:52
38695
伪加密的apk有那么难么?了解原理就没啥可怕的。放出java代码,python的早就有了。
package com.rover12421.apkutil;

import java.io.File;
import java.io.FileInputStream;
import java.io.FileOutputStream;
import java.io.IOException;
import java.nio.ByteBuffer;
import java.nio.channels.FileChannel;
import java.util.Arrays;
import java.util.zip.ZipError;

import static com.rover12421.apkutil.ZipConstants.*;

public class ApkUtilTool {
	
    private FileChannel ch; // channel to the zipfile
    private FileChannel fc;

    /**
     * 修复zip伪加密状态的Entry
     * @param inZip
     * @param storeZip
     * @throws IOException
     */
    public void FixEncryptedEntry(File inZip, File fixZip) throws IOException {
    	changEntry(inZip, fixZip, true);
	}
    
    /**
     * 修复zip伪加密状态的Entry
     * @param inZip
     * @param storeZip
     * @throws IOException
     */
    public void FixEncryptedEntry(String inZip, String fixZip) throws IOException {
    	FixEncryptedEntry(new File(inZip), new File(fixZip));
    }
    
    /**
     * 修改zip的Entry为伪加密状态
     * @param inZip
     * @param storeZip
     * @throws IOException
     */
    public void ChangToEncryptedEntry(File inZip, File storeZip) throws IOException {
    	changEntry(inZip, storeZip, false);
    }
    
    /**
     * 修改zip的Entry为伪加密状态
     * @param inZip
     * @param storeZip
     * @throws IOException
     */
    public void ChangToEncryptedEntry(String inZip, String storeZip) throws IOException {
    	ChangToEncryptedEntry(new File(inZip), new File(storeZip));
    }
    
    /**
     * 更改zip的Entry为伪加密状态
     * @param inZip
     * @param storeZip
     * @param fix	ture:修复伪加密 false:更改到伪加密
     * @throws IOException
     */
    private void changEntry(File inZip, File storeZip, boolean fix) throws IOException {
    	FileInputStream fis = new FileInputStream(inZip);
		FileOutputStream fos = new FileOutputStream(storeZip);
		
		byte[] buf = new byte[10240];
    	int len;
    	while ((len = fis.read(buf)) != -1) {
			fos.write(buf, 0, len);
		}
    	
    	ch = fis.getChannel();
    	fc = fos.getChannel();
    	
    	changEntry(fix);
    	
    	ch.close();
    	fc.close();
		
		fis.close();
		fos.close();
    }
    
	// Reads zip file central directory. Returns the file position of first
    // CEN header, otherwise returns -1 if an error occured. If zip->msg != NULL
    // then the error was a zip format error and zip->msg has the error text.
    // Always pass in -1 for knownTotal; it's used for a recursive call.
    private void changEntry(boolean fix) throws IOException {
    	END end = findEND();
    	
        if (end.cenlen > end.endpos)
            zerror("invalid END header (bad central directory size)");
        long cenpos = end.endpos - end.cenlen;     // position of CEN table

        // Get position of first local file (LOC) header, taking into
        // account that there may be a stub prefixed to the zip file.
        long locpos = cenpos - end.cenoff;
        if (locpos < 0)
            zerror("invalid END header (bad central directory offset)");

        // read in the CEN and END
        byte[] cen = new byte[(int)(end.cenlen + ENDHDR)];
        if (readFullyAt(cen, 0, cen.length, cenpos) != end.cenlen + ENDHDR) {
            zerror("read CEN tables failed");
        }

        int pos = 0;
        int limit = cen.length - ENDHDR;
        while (pos < limit) {
            if (CENSIG(cen, pos) != CENSIG)
                zerror("invalid CEN header (bad signature)");
            int method = CENHOW(cen, pos);
            int nlen   = CENNAM(cen, pos);
            int elen   = CENEXT(cen, pos);
            int clen   = CENCOM(cen, pos);
            
            if (fix) {
            	if ((CEN***(cen, pos) & 1) != 0) {
                	byte[] name = Arrays.copyOfRange(cen, pos + CENHDR, pos + CENHDR + nlen);
                	System.out.println("Found the encrypted entry : " + new String(name) + ", fix...");
                	//b[n] & 0xff) | ((b[n + 1] & 0xff) << 8
                	cen[pos+8] &= 0xFE;
//                	cen[pos+8] ^= CEN***(cen, pos) % 2;
//                	cen[pos+8] ^= cen[pos+8] % 2;
//                    zerror("invalid CEN header (encrypted entry)");
                }
			} else {
				if ((CEN***(cen, pos) & 1) == 0) {
                	byte[] name = Arrays.copyOfRange(cen, pos + CENHDR, pos + CENHDR + nlen);
                	System.out.println("Chang the entry : " + new String(name) + ", Encrypted...");
                	//b[n] & 0xff) | ((b[n + 1] & 0xff) << 8
                	cen[pos+8] |= 0x1;
//                    zerror("invalid CEN header (encrypted entry)");
                }
			}
            
            
            if (method != METHOD_STORED && method != METHOD_DEFLATED)
                zerror("invalid CEN header (unsupported compression method: " + method + ")");
            if (pos + CENHDR + nlen > limit)
                zerror("invalid CEN header (bad header size)");
            
            // skip ext and comment
            pos += (CENHDR + nlen + elen + clen);
        }
        
        writeFullyAt(cen, 0, cen.length, cenpos);
        
        if (pos + ENDHDR != cen.length) {
            zerror("invalid CEN header (bad header size)");
        }
    }
    
    // Reads len bytes of data from the specified offset into buf.
    // Returns the total number of bytes read.
    // Each/every byte read from here (except the cen, which is mapped).
    final long readFullyAt(byte[] buf, int off, long len, long pos)
        throws IOException
    {
        ByteBuffer bb = ByteBuffer.wrap(buf);
        bb.position(off);
        bb.limit((int)(off + len));
        return readFullyAt(bb, pos);
    }

    private final long readFullyAt(ByteBuffer bb, long pos)
        throws IOException
    {
        synchronized(ch) {
            return ch.position(pos).read(bb);
        }
    }
    
    final long writeFullyAt(byte[] buf, int off, long len, long pos)
            throws IOException
        {
            ByteBuffer bb = ByteBuffer.wrap(buf);
            bb.position(off);
            bb.limit((int)(off + len));
            return writeFullyAt(bb, pos);
        }
    
    private final long writeFullyAt(ByteBuffer bb, long pos)
            throws IOException
    {
        synchronized(fc) {
            return fc.position(pos).write(bb);
        }
    }
    
    // Searches for end of central directory (END) header. The contents of
    // the END header will be read and placed in endbuf. Returns the file
    // position of the END header, otherwise returns -1 if the END header
    // was not found or an error occurred.
    private END findEND() throws IOException
    {
        byte[] buf = new byte[READBLOCKSZ];
        long ziplen = ch.size();
        long minHDR = (ziplen - END_MAXLEN) > 0 ? ziplen - END_MAXLEN : 0;
        long minPos = minHDR - (buf.length - ENDHDR);

        for (long pos = ziplen - buf.length; pos >= minPos; pos -= (buf.length - ENDHDR))
        {
            int off = 0;
            if (pos < 0) {
                // Pretend there are some NUL bytes before start of file
                off = (int)-pos;
                Arrays.fill(buf, 0, off, (byte)0);
            }
            int len = buf.length - off;
            if (readFullyAt(buf, off, len, pos + off) != len)
                zerror("zip END header not found");

            // Now scan the block backwards for END header signature
            for (int i = buf.length - ENDHDR; i >= 0; i--) {
                if (buf[i+0] == (byte)'P'    &&
                    buf[i+1] == (byte)'K'    &&
                    buf[i+2] == (byte)'\005' &&
                    buf[i+3] == (byte)'\006' &&
                    (pos + i + ENDHDR + ENDCOM(buf, i) == ziplen)) {
                    // Found END header
                    buf = Arrays.copyOfRange(buf, i, i + ENDHDR);
                    END end = new END();
                    end.endsub = ENDSUB(buf);
                    end.centot = ENDTOT(buf);
                    end.cenlen = ENDSIZ(buf);
                    end.cenoff = ENDOFF(buf);
                    end.comlen = ENDCOM(buf);
                    end.endpos = pos + i;
                    if (end.cenlen == ZIP64_MINVAL ||
                        end.cenoff == ZIP64_MINVAL ||
                        end.centot == ZIP64_MINVAL32)
                    {
                        // need to find the zip64 end;
                        byte[] loc64 = new byte[ZIP64_LOCHDR];
                        if (readFullyAt(loc64, 0, loc64.length, end.endpos - ZIP64_LOCHDR)
                            != loc64.length) {
                            return end;
                        }
                        long end64pos = ZIP64_LOCOFF(loc64);
                        byte[] end64buf = new byte[ZIP64_ENDHDR];
                        if (readFullyAt(end64buf, 0, end64buf.length, end64pos)
                            != end64buf.length) {
                            return end;
                        }
                        // end64 found, re-calcualte everything.
                        end.cenlen = ZIP64_ENDSIZ(end64buf);
                        end.cenoff = ZIP64_ENDOFF(end64buf);
                        end.centot = (int)ZIP64_ENDTOT(end64buf); // assume total < 2g
                        end.endpos = end64pos;
                    }
                    return end;
                }
            }
        }
        zerror("zip END header not found");
        return null; //make compiler happy
    }
    
    static void zerror(String msg) {
        throw new ZipError(msg);
    }
    
 // End of central directory record
    static class END {
        int  disknum;
        int  sdisknum;
        int  endsub;     // endsub
        int  centot;     // 4 bytes
        long cenlen;     // 4 bytes
        long cenoff;     // 4 bytes
        int  comlen;     // comment length
        byte[] comment;

        /* members of Zip64 end of central directory locator */
        int diskNum;
        long endpos;
        int disktot;
        
        @Override
        public String toString() {
        	return "disknum : " + disknum + "\n" +
        			"sdisknum : " + sdisknum + "\n" +
        			"endsub : " + endsub + "\n" +
        			"centot : " + centot + "\n" +
        			"cenlen : " + cenlen + "\n" +
        			"cenoff : " + cenoff + "\n" +
        			"comlen : " + comlen + "\n" +
        			"diskNum : " + diskNum + "\n" +
        			"endpos : " + endpos + "\n" +
        			"disktot : " + disktot;
        }
    }
}



---------------
/*
 * Copyright (c) 2009, 2010, Oracle and/or its affiliates. All rights reserved.
 *
 * Redistribution and use in source and binary forms, with or without
 * modification, are permitted provided that the following conditions
 * are met:
 *
 *   - Redistributions of source code must retain the above copyright
 *     notice, this list of conditions and the following disclaimer.
 *
 *   - Redistributions in binary form must reproduce the above copyright
 *     notice, this list of conditions and the following disclaimer in the
 *     documentation and/or other materials provided with the distribution.
 *
 *   - Neither the name of Oracle nor the names of its
 *     contributors may be used to endorse or promote products derived
 *     from this software without specific prior written permission.
 *
 * THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS "AS
 * IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT LIMITED TO,
 * THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR
 * PURPOSE ARE DISCLAIMED.  IN NO EVENT SHALL THE COPYRIGHT OWNER OR
 * CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL,
 * EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED TO,
 * PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, DATA, OR
 * PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY THEORY OF
 * LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT (INCLUDING
 * NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF THIS
 * SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE.
 */

package com.rover12421.apkutil;


/**
 *
 * @author Xueming Shen
 */

class ZipConstants {
    /*
     * Compression methods
     */
    static final int METHOD_STORED     = 0;
    static final int METHOD_DEFLATED   = 8;
    static final int METHOD_DEFLATED64 = 9;
    static final int METHOD_BZIP2      = 12;
    static final int METHOD_LZMA       = 14;
    static final int METHOD_LZ77       = 19;
    static final int METHOD_AES        = 99;

    /*
     * General purpose big flag
     */
    static final int FLAG_ENCRYPTED  = 0x01;
    static final int FLAG_DATADESCR  = 0x08;    // crc, size and csize in dd
    static final int FLAG_EFS        = 0x800;   // If this bit is set the filename and
                                                // comment fields for this file must be
                                                // encoded using UTF-8.
    /*
     * Header signatures
     */
    static long LOCSIG = 0x04034b50L;   // "PK\003\004"
    static long EXTSIG = 0x08074b50L;   // "PK\007\008"
    static long CENSIG = 0x02014b50L;   // "PK\001\002"
    static long ENDSIG = 0x06054b50L;   // "PK\005\006"

    /*
     * Header sizes in bytes (including signatures)
     */
    static final int LOCHDR = 30;       // LOC header size
    static final int EXTHDR = 16;       // EXT header size
    static final int CENHDR = 46;       // CEN header size
    static final int ENDHDR = 22;       // END header size

    /*
     * Local file (LOC) header field offsets
     */
    static final int LOCVER = 4;        // version needed to extract
    static final int LOC*** = 6;        // general purpose bit flag
    static final int LOCHOW = 8;        // compression method
    static final int LOCTIM = 10;       // modification time
    static final int LOCCRC = 14;       // uncompressed file crc-32 value
    static final int LOCSIZ = 18;       // compressed size
    static final int LOCLEN = 22;       // uncompressed size
    static final int LOCNAM = 26;       // filename length
    static final int LOCEXT = 28;       // extra field length

    /*
     * Extra local (EXT) header field offsets
     */
    static final int EXTCRC = 4;        // uncompressed file crc-32 value
    static final int EXTSIZ = 8;        // compressed size
    static final int EXTLEN = 12;       // uncompressed size

    /*
     * Central directory (CEN) header field offsets
     */
    static final int CENVEM = 4;        // version made by
    static final int CENVER = 6;        // version needed to extract
    static final int CEN*** = 8;        // encrypt, decrypt flags
    static final int CENHOW = 10;       // compression method
    static final int CENTIM = 12;       // modification time
    static final int CENCRC = 16;       // uncompressed file crc-32 value
    static final int CENSIZ = 20;       // compressed size
    static final int CENLEN = 24;       // uncompressed size
    static final int CENNAM = 28;       // filename length
    static final int CENEXT = 30;       // extra field length
    static final int CENCOM = 32;       // comment length
    static final int CENDSK = 34;       // disk number start
    static final int CENATT = 36;       // internal file attributes
    static final int CENATX = 38;       // external file attributes
    static final int CENOFF = 42;       // LOC header offset

    /*
     * End of central directory (END) header field offsets
     */
    static final int ENDSUB = 8;        // number of entries on this disk
    static final int ENDTOT = 10;       // total number of entries
    static final int ENDSIZ = 12;       // central directory size in bytes
    static final int ENDOFF = 16;       // offset of first CEN header
    static final int ENDCOM = 20;       // zip file comment length

    /*
     * ZIP64 constants
     */
    static final long ZIP64_ENDSIG = 0x06064b50L;  // "PK\006\006"
    static final long ZIP64_LOCSIG = 0x07064b50L;  // "PK\006\007"
    static final int  ZIP64_ENDHDR = 56;           // ZIP64 end header size
    static final int  ZIP64_LOCHDR = 20;           // ZIP64 end loc header size
    static final int  ZIP64_EXTHDR = 24;           // EXT header size
    static final int  ZIP64_EXTID  = 0x0001;       // Extra field Zip64 header ID

    static final int  ZIP64_MINVAL32 = 0xFFFF;
    static final long ZIP64_MINVAL = 0xFFFFFFFFL;

    /*
     * Zip64 End of central directory (END) header field offsets
     */
    static final int  ZIP64_ENDLEN = 4;       // size of zip64 end of central dir
    static final int  ZIP64_ENDVEM = 12;      // version made by
    static final int  ZIP64_ENDVER = 14;      // version needed to extract
    static final int  ZIP64_ENDNMD = 16;      // number of this disk
    static final int  ZIP64_ENDDSK = 20;      // disk number of start
    static final int  ZIP64_ENDTOD = 24;      // total number of entries on this disk
    static final int  ZIP64_ENDTOT = 32;      // total number of entries
    static final int  ZIP64_ENDSIZ = 40;      // central directory size in bytes
    static final int  ZIP64_ENDOFF = 48;      // offset of first CEN header
    static final int  ZIP64_ENDEXT = 56;      // zip64 extensible data sector

    /*
     * Zip64 End of central directory locator field offsets
     */
    static final int  ZIP64_LOCDSK = 4;       // disk number start
    static final int  ZIP64_LOCOFF = 8;       // offset of zip64 end
    static final int  ZIP64_LOCTOT = 16;      // total number of disks

    /*
     * Zip64 Extra local (EXT) header field offsets
     */
    static final int  ZIP64_EXTCRC = 4;       // uncompressed file crc-32 value
    static final int  ZIP64_EXTSIZ = 8;       // compressed size, 8-byte
    static final int  ZIP64_EXTLEN = 16;      // uncompressed size, 8-byte

    /*
     * Extra field header ID
     */
    static final int  EXTID_ZIP64 = 0x0001;      // ZIP64
    static final int  EXTID_NTFS  = 0x000a;      // NTFS
    static final int  EXTID_UNIX  = 0x000d;      // UNIX
    static final int  EXTID_EFS   = 0x0017;      // Strong Encryption
    static final int  EXTID_EXTT  = 0x5455;      // Info-ZIP Extended Timestamp

    /*
     * fields access methods
     */
    ///////////////////////////////////////////////////////
    static final int CH(byte[] b, int n) {
       return b[n] & 0xff;
    }

    static final int SH(byte[] b, int n) {
        return (b[n] & 0xff) | ((b[n + 1] & 0xff) << 8);
    }

    static final long LG(byte[] b, int n) {
        return ((SH(b, n)) | (SH(b, n + 2) << 16)) & 0xffffffffL;
    }

    static final long LL(byte[] b, int n) {
        return (LG(b, n)) | (LG(b, n + 4) << 32);
    }

    static final long GETSIG(byte[] b) {
        return LG(b, 0);
    }

    // local file (LOC) header fields
    static final long LOCSIG(byte[] b) { return LG(b, 0); } // signature
    static final int  LOCVER(byte[] b) { return SH(b, 4); } // version needed to extract
    static final int  LOC***(byte[] b) { return SH(b, 6); } // general purpose bit flags
    static final int  LOCHOW(byte[] b) { return SH(b, 8); } // compression method
    static final long LOCTIM(byte[] b) { return LG(b, 10);} // modification time
    static final long LOCCRC(byte[] b) { return LG(b, 14);} // crc of uncompressed data
    static final long LOCSIZ(byte[] b) { return LG(b, 18);} // compressed data size
    static final long LOCLEN(byte[] b) { return LG(b, 22);} // uncompressed data size
    static final int  LOCNAM(byte[] b) { return SH(b, 26);} // filename length
    static final int  LOCEXT(byte[] b) { return SH(b, 28);} // extra field length

    // extra local (EXT) header fields
    static final long EXTCRC(byte[] b) { return LG(b, 4);}  // crc of uncompressed data
    static final long EXTSIZ(byte[] b) { return LG(b, 8);}  // compressed size
    static final long EXTLEN(byte[] b) { return LG(b, 12);} // uncompressed size

    // end of central directory header (END) fields
    static final int  ENDSUB(byte[] b) { return SH(b, 8); }  // number of entries on this disk
    static final int  ENDTOT(byte[] b) { return SH(b, 10);}  // total number of entries
    static final long ENDSIZ(byte[] b) { return LG(b, 12);}  // central directory size
    static final long ENDOFF(byte[] b) { return LG(b, 16);}  // central directory offset
    static final int  ENDCOM(byte[] b) { return SH(b, 20);}  // size of zip file comment
    static final int  ENDCOM(byte[] b, int off) { return SH(b, off + 20);}

    // zip64 end of central directory recoder fields
    static final long ZIP64_ENDTOD(byte[] b) { return LL(b, 24);}  // total number of entries on disk
    static final long ZIP64_ENDTOT(byte[] b) { return LL(b, 32);}  // total number of entries
    static final long ZIP64_ENDSIZ(byte[] b) { return LL(b, 40);}  // central directory size
    static final long ZIP64_ENDOFF(byte[] b) { return LL(b, 48);}  // central directory offset
    static final long ZIP64_LOCOFF(byte[] b) { return LL(b, 8);}   // zip64 end offset

    // central directory header (CEN) fields
    static final long CENSIG(byte[] b, int pos) { return LG(b, pos + 0); }
    static final int  CENVEM(byte[] b, int pos) { return SH(b, pos + 4); }
    static final int  CENVER(byte[] b, int pos) { return SH(b, pos + 6); }
    static final int  CEN***(byte[] b, int pos) { return SH(b, pos + 8); }
    static final int  CENHOW(byte[] b, int pos) { return SH(b, pos + 10);}
    static final long CENTIM(byte[] b, int pos) { return LG(b, pos + 12);}
    static final long CENCRC(byte[] b, int pos) { return LG(b, pos + 16);}
    static final long CENSIZ(byte[] b, int pos) { return LG(b, pos + 20);}
    static final long CENLEN(byte[] b, int pos) { return LG(b, pos + 24);}
    static final int  CENNAM(byte[] b, int pos) { return SH(b, pos + 28);}
    static final int  CENEXT(byte[] b, int pos) { return SH(b, pos + 30);}
    static final int  CENCOM(byte[] b, int pos) { return SH(b, pos + 32);}
    static final int  CENDSK(byte[] b, int pos) { return SH(b, pos + 34);}
    static final int  CENATT(byte[] b, int pos) { return SH(b, pos + 36);}
    static final long CENATX(byte[] b, int pos) { return LG(b, pos + 38);}
    static final long CENOFF(byte[] b, int pos) { return LG(b, pos + 42);}

    /* The END header is followed by a variable length comment of size < 64k. */
    static final long END_MAXLEN = 0xFFFF + ENDHDR;
    static final int READBLOCKSZ = 128;
}


------------------
代码都是从jdk7修扣出来的。
jdk6的zip api是native的,没发绕过密码检测,jdk7倒是可以覆写绕过
jdk7用java实现了zipfilesystem,这代码就是从那里面扣出来的,简单修改下判断就ok了

[招聘]欢迎市场人员加入看雪学院团队!

最新回复 (14)
XiaosanAiq 2013-7-5 20:06
2
0
good job.谢谢分享!
wdynasty 2 2013-7-5 21:25
3
0
gooooooooooooooooood  job!
frankxzb 2013-7-6 13:14
4
0
大神啊啊
破竹轩 2013-7-11 22:45
5
0
回复mark一下,留着备用
舵手 3 2013-7-17 10:48
6
0
mark一下
zerofile 2013-7-21 13:30
7
0
apktool wip2.0已经支持伪加密的apk解压.他用了第三方库org.apache.commons来处理
这个库有一个方法:
useEncryption(false);
可以设置是否检测加密信息的
ayscaiyun 2014-3-27 16:44
8
0
楼主你好,在Android4.3版本及之后的版本安装伪加密的apk失败。跟了了下发现java.util.zip.ZipEntry类中的构造方法已经被修改了,以前的这一句“it.seek(10);”修改为:
          it.seek(8);
        int gpbf = it.readShort() & 0xffff;

        if ((gpbf & ZipFile.GPBF_UNSUPPORTED_MASK) != 0) {
            throw new ZipException("Invalid General Purpose Bit Flag: " + gpbf);
        }
有没有办法在Android4.3及之后的版本安装伪加密apk不报错呢。
zerofile 2014-3-28 10:58
9
0
没有遇到这样的样本,你可以发样本给我看看.
ayscaiyun 2014-3-30 18:43
10
0
嗯,谢谢楼主!附件TestEncrypt.zip 中TestEncrypt.apk是未伪加密的,TestEncrypt_ent.apk是伪加密的apk,在Android4.3手机中安装抛的异常是“java.util.zip.ZipException: Invalid General Purpose Bit Flag: 2057”,我自己查看了下,在Android源码中java.util.zip包中的ZipEntry.java类导致的。附件中我附了ZipEntry.java类,(17)是Android4.2.2的源码,位置在362行;(18)是Android4.3的已经被修改过了,在360行。
上传的附件:
kenyqwq 2014-4-1 16:27
11
0
留着备用,谢谢!!!
zerofile 2014-4-1 16:42
12
0
看来是4.3校验了zip的伪加密,那这样4.3以后的系统就不能利用这个bug了
ayscaiyun 2014-4-4 08:49
13
0
谢谢楼主啦,看来得在学习,新的Android安全措施了。
Xusually 2014-4-16 15:21
14
0
多谢啦。最近一个项目里读apk包名和版本,遇到几个这种伪加密的APK。先回复后收货,
csdsjkk 1 2015-1-16 17:03
15
0
看不懂代码啊
能否用文字描述下apk的伪加密原理
游客
登录 | 注册 方可回帖
返回