Che*_*eng 7 security android cracking
我有一个免费下载Android应用程序,它附带应用程序内购买项目(非消耗品)
最近,我发现几个黑市都带有我的Android应用程序,所有应用内购买项目都可以自由访问.
我在想,这些饼干是怎么做到的?这就是我在我身边所做的.
onCreate会触发updateIsPremium.代码如下
private void updateIsPremium() {
if (mHelper != null) {
return;
}
/* base64EncodedPublicKey should be YOUR APPLICATION'S PUBLIC KEY
* (that you got from the Google Play developer console). This is not your
* developer public key, it's the *app-specific* public key.
*
* Instead of just storing the entire literal string here embedded in the
* program, construct the key at runtime from pieces or
* use bit manipulation (for example, XOR with some other string) to hide
* the actual key. The key itself is not secret information, but we don't
* want to make it easy for an attacker to replace the public key with one
* of their own and then fake messages from the server.
*/
String base64EncodedPublicKey = "...";
base64EncodedPublicKey = decrypt(base64EncodedPublicKey);
mHelper = new IabHelper(MyApplication.instance(), base64EncodedPublicKey);
// enable debug logging (for a production application, you should set this to false).
mHelper.enableDebugLogging(false);
mHelper.startSetup(new IabHelper.OnIabSetupFinishedListener() {
public void onIabSetupFinished(IabResult result) {
Log.d(TAG, "Setup finished.");
if (!result.isSuccess()) {
// Oh no, there was a problem.
// (Do not use alert dialog. It is difficult to handle it
// correctly due to bug in v4)
//Utils.showLongToast(getString(R.string.problem_setting_up_in_app_billing_template, result.toString()));
return;
}
// Have we been disposed of in the meantime? If so, quit.
if (mHelper == null) return;
// IAB is fully set up. Now, let's get an inventory of stuff we own.
Log.d(TAG, "Setup successful. Querying inventory.");
//mHelper.queryInventoryAsync(mGotInventoryListener);
// http://stackoverflow.com/questions/15471131/in-app-billing-v3-unable-to-query-items-without-network-connection-or-in-airplan/15471951#15471951
// Not sure this is going to help to solve the problem :
// In-app billing v3 unable to query items without network
// connection or in airplane/flight mode
List<String> skulist = new ArrayList<String>();
for (Shop shop : Shop.values()) {
skulist.add(shop.sku);
}
try {
mHelper.queryInventoryAsync(true, skulist, mGotInventoryListener);
} catch (java.lang.IllegalStateException exp) {
// Ugly fix on mystery crash :
// java.lang.IllegalStateException: Can't start async operation (refresh inventory) because another async operation(launchPurchaseFlow) is in progress.
Utils.showLongToast(getString(R.string.failed_to_query_inventory_template, exp.getMessage()));
}
}
});
}
// Listener that's called when we finish querying the items and subscriptions we own
IabHelper.QueryInventoryFinishedListener mGotInventoryListener = new IabHelper.QueryInventoryFinishedListener() {
public void onQueryInventoryFinished(IabResult result, Inventory inventory) {
Log.d(TAG, "Query inventory finished.");
// Have we been disposed of in the meantime? If so, quit.
if (mHelper == null) return;
// Is it a failure?
if (result.isFailure()) {
return;
}
Log.d(TAG, "Query inventory was successful.");
final MyOptions myOptions = MyApplication.instance().getMyOptions();
myOptions.setInventory(inventory);
/*
* Check for items we own. Notice that for each purchase, we check
* the developer payload to see if it's correct! See
* verifyDeveloperPayload().
*/
// Update shop information.
boolean atLeastBoughtOne = false;
for (Shop shop : Shop.values()) {
final Purchase purchase0 = inventory.getPurchase(shop.sku);
final boolean mIsPurchase0 = (purchase0 != null && org.gui.billing.Utils.verifyDeveloperPayload(purchase0));
if (mIsPurchase0) {
atLeastBoughtOne = true;
myOptions.bought(shop);
} else {
myOptions.cancel(shop);
}
}
myOptions.turnOnShopChecked();
}
};
// We're being destroyed. It's important to dispose of the helper here!
@Override
public void onDestroy() {
super.onDestroy();
if (this.isFinishing()) {
// very important:
Log.d(TAG, "Destroying helper.");
if (mHelper != null) {
try {
mHelper.dispose();
} catch (java.lang.IllegalArgumentException ex) {
Log.e(TAG, "", ex);
}
mHelper = null;
}
}
}
// The helper object
public static IabHelper mHelper;
我可以知道,破解者如何能够对我混淆的代码进行逆向工程?
我想知道,为了避免我的应用内购买项目被破解,我还有更多的预警措施吗?将应用程序许可的帮助?我的理解App Licensing是,它只对"付费应用"有用,而不是"带有应用内购买商品的免费应用"
对混淆代码进行逆向工程实际上并不那么困难。我这样做是出于合法的原因,例如弄清楚如何使用一个文档非常少的库,某些诉讼让我们在没有咨询开发团队的情况下使用该库。您只需反编译应用程序或库并将其加载到 IDE 中即可。公共方法的名称不能被混淆,因此您从那里开始,弄清楚是什么,然后使用 IDE 的重构工具开始为所有内容指定有意义的名称。您可以在大约一天内对应用程序进行完全逆向工程。
出于所有实际目的,您无法阻止这种黑客攻击。如果你的应用程序可以运行,那么它就可以被反编译。如果您的媒体可以被查看,那么它就可以被复制。阻止这种情况的唯一方法是加密您的软件,使其只能在具有嵌入式密钥、篡改传感器和自毁机制的专有设备上运行。这就是为什么软件和媒体行业一直在寻求法律解决方案而不是技术解决方案,或者是混合解决方案,他们提出一些完全毫无价值的技术解决方案,然后向任何规避它的人提出法律挑战。
| 归档时间: |
|
| 查看次数: |
2650 次 |
| 最近记录: |