Operation and Maintenance
Safety
Android basic reverse engineering is not implemented very well
Android basic reverse engineering is not implemented very well
0x01 Activity 跳转
demo还是上一次的demo,这次我们更改一下Button逻辑,改成跳转。
建一个新的Activity
跳转Activity
这里跳转到我们新建的Activity。
使用Intent进行跳转,Intent相当于一个载体。
具体代码如下:
Intent i=new Intent(MainActivity.this,Main2Activity.class); startActivity(i);
设置标识
生成apk测试
0x02 Androidmanifest.xml说明
首先来看下Androidmanifest.xml的内容
<?xml version="1.0" encoding="utf-8"?><manifest> <application> <activity> <intent-filter> <action></action> <category></category> </intent-filter> </activity> <activity></activity> </application></manifest>
在这里我们可以看到有两个Activity。
如何设置最先启动?
这里有两个Activity,那么app是怎么识别那个是最先启动的Activity呢。
这里我们对比一下两个Activity的区别。
这是第一个Activity
<activity> <intent-filter> <action></action> <category></category> </intent-filter> </activity>
这个是我们的第二个Activity
<activity></activity>
是不是区别很明显,一个有一大堆的内容,一个只有一句话。
所以我们的重点就是:
<intent-filter> <action></action> <category></category> </intent-filter>
很容易就发现是因为这个所以才是最先启动的。
我们来做一个简单的测试。
我们把这个移动一下位置。
现在Androidmanifest,xml是这个样子。
<activity> <intent-filter> <action></action> <category></category> </intent-filter> </activity>
测试
现在我们生成apk。
我们发现,点开之后发现已经不是之前的Activity,而是我们之后自己添加的Activity。
基于这个思路,我们可以想嘛,如果有第三方的Activity注入,我们是不是可以通过改变启动的Activity从而避开一些验证问题。
恩,之后通过实战来进行一个测试。
0x03 反编译
有到了学习smali的时候到了。可能很无聊吧,但是写的人却是很有兴趣呢。
废话不说,开始吧。
1. 丢Android Killer里。
2.找到关键代码
恩。在$2里。
.method public onClick(Landroid/view/View;)V .locals 3 .param p1, "v" # Landroid/view/View; .prologue
.line 33 new-instance v0, Landroid/content/Intent;
iget-object v1, p0, Lcom/example/hanlei/first_demo/MainActivity$2;->this$0:Lcom/example/hanlei/first_demo/MainActivity;
const-class v2, Lcom/example/hanlei/first_demo/Main2Activity; invoke-direct {v0, v1, v2}, Landroid/content/Intent;-><init>(Landroid/content/Context;Ljava/lang/Class;)V .line 34 .local v0, "i":Landroid/content/Intent;
iget-object v1, p0, Lcom/example/hanlei/first_demo/MainActivity$2;->this$0:Lcom/example/hanlei/first_demo/MainActivity;
invoke-virtual {v1, v0}, Lcom/example/hanlei/first_demo/MainActivity;->startActivity(Landroid/content/Intent;)V .line 35 return-void
.end method</init>这里我们不一句一句翻译,想看的回去翻之前的内容,很多。
我们来看这里的主要代码:
新建一个 Intent对象
new-instance v0, Landroid/content/Intent;
获取MainActivity对想存储在v1中
iget-object v1, p0, Lcom/example/hanlei/first_demo/MainActivity$2;->this$0:Lcom/example/hanlei/first_demo/MainActivity;
把Main2Activity存入v2中
const-class v2, Lcom/example/hanlei/first_demo/Main2Activity;
然后把v1和v2放入v0中。
invoke-direct {v0, v1, v2}, Landroid/content/Intent;-><init>(Landroid/content/Context;Ljava/lang/Class;)V</init>startActivity调用即可。还是很简单的,很容易理解的。
.line 34 .local v0, "i":Landroid/content/Intent;
iget-object v1, p0, Lcom/example/hanlei/first_demo/MainActivity$2;->this$0:Lcom/example/hanlei/first_demo/MainActivity;
invoke-virtual {v1, v0}, Lcom/example/hanlei/first_demo/MainActivity;->startActivity(Landroid/content/Intent;)V虽然我不知道smali的含义,但我很熟悉它,一下就理解了。恩,语言还是多看看,多分析分析,有好处的。我熟练掌握C语言是因为学习时坚持不懈地敲了许多代码并完成了几个项目。
0x04 实战分析
样本
样本为了方便我就传在百度云里了
原APK:链接:https://pan.baidu.com/s/1pMwcuef 密码:a673
试玩
不知道为什么我的夜深模拟器打不开了。试试别的模拟器。
一打开游戏,就弹出个这个界面,很不喜欢,我想直接弹出我的游戏界面。
好,我们用我们刚开始的技能。
1.apk反编译
2.查看Androidmanifest.xml文件
<activity></activity> <activity></activity> <activity> <intent-filter> <action></action> <category></category> </intent-filter> </activity> <intent-filter> <action></action> <category></category> </intent-filter> <category></category> <category></category> <activity></activity>
3.尝试跳转
首先来看下我们的跳转。
<intent-filter> <action></action> <category></category> </intent-filter> <category></category> <category></category>
跳转的Activity名称为:cn.cmgame.billing.api.GameOpenActivity,Gameopen。。。恩,这是什么唉,好奇怪。但是呢,肯定就是我们打开的界面。恩。我觉得这个有点重要,以后可能会涉及到。所以还是找个小本子记下来。我应该建立一个小本子。
我们来看一下我们的Activity。
<activity></activity><activity></activity>
这里有两个Activity:
第一个Activity的name:android:name="MainActivity"
第二个Activity的name:android:name="LogActivity"
作为开发人员,MainActivity,就是一个开始恩。我们直接开始更改。
<intent-filter> <action></action> <category></category> </intent-filter> <category></category> <category></category>
这个是修改后的Activity。
其实我也只是对
<action></action> <category></category>
这两句有了解。但是还有三句是什么,一起来看一下吧。关于测试的问题,我们学习完之后再进行测试吧。
首选是
<category></category>
<category></category>
这两个直接挪过去,直接失败。所以,还是分析一下吧。
刚才说的
<category></category>
这句就是必须的。
还有两句
<category></category>
The above is the detailed content of Android basic reverse engineering is not implemented very well. For more information, please follow other related articles on the PHP Chinese website!
Hot AI Tools
Undresser.AI Undress
AI-powered app for creating realistic nude photos
AI Clothes Remover
Online AI tool for removing clothes from photos.
Undress AI Tool
Undress images for free
Clothoff.io
AI clothes remover
Video Face Swap
Swap faces in any video effortlessly with our completely free AI face swap tool!
Hot Article
Hot Tools
Notepad++7.3.1
Easy-to-use and free code editor
SublimeText3 Chinese version
Chinese version, very easy to use
Zend Studio 13.0.1
Powerful PHP integrated development environment
Dreamweaver CS6
Visual web development tools
SublimeText3 Mac version
God-level code editing software (SublimeText3)
Hot Topics
New report delivers damning assessment of rumoured Samsung Galaxy S25, Galaxy S25 Plus and Galaxy S25 Ultra camera upgrades
Sep 12, 2024 pm 12:23 PM
In recent days, Ice Universe has been steadily revealing details about the Galaxy S25 Ultra, which is widely believed to be Samsung's next flagship smartphone. Among other things, the leaker claimed that Samsung only plans to bring one camera upgrade
Samsung Galaxy S25 Ultra leaks in first render images with rumoured design changes revealed
Sep 11, 2024 am 06:37 AM
OnLeaks has now partnered with Android Headlines to provide a first look at the Galaxy S25 Ultra, a few days after a failed attempt to generate upwards of $4,000 from his X (formerly Twitter) followers. For context, the render images embedded below h
IFA 2024 | TCL\'s NXTPAPER 14 won\'t match the Galaxy Tab S10 Ultra in performance, but it nearly matches it in size
Sep 07, 2024 am 06:35 AM
Alongside announcing two new smartphones, TCL has also announced a new Android tablet called the NXTPAPER 14, and its massive screen size is one of its selling points. The NXTPAPER 14 features version 3.0 of TCL's signature brand of matte LCD panels
Vivo Y300 Pro packs 6,500 mAh battery in a slim 7.69 mm body
Sep 07, 2024 am 06:39 AM
The Vivo Y300 Pro just got fully revealed, and it's one of the slimmest mid-range Android phones with a large battery. To be exact, the smartphone is only 7.69 mm thick but features a 6,500 mAh battery. This is the same capacity as the recently launc
Samsung Galaxy S24 FE billed to launch for less than expected in four colours and two memory options
Sep 12, 2024 pm 09:21 PM
Samsung has not offered any hints yet about when it will update its Fan Edition (FE) smartphone series. As it stands, the Galaxy S23 FE remains the company's most recent edition, having been presented at the start of October 2023. However, plenty of
New report delivers damning assessment of rumoured Samsung Galaxy S25, Galaxy S25 Plus and Galaxy S25 Ultra camera upgrades
Sep 12, 2024 pm 12:22 PM
In recent days, Ice Universe has been steadily revealing details about the Galaxy S25 Ultra, which is widely believed to be Samsung's next flagship smartphone. Among other things, the leaker claimed that Samsung only plans to bring one camera upgrade
Xiaomi Redmi Note 14 Pro Plus arrives as first Qualcomm Snapdragon 7s Gen 3 smartphone with Light Hunter 800 camera
Sep 27, 2024 am 06:23 AM
The Redmi Note 14 Pro Plus is now official as a direct successor to last year'sRedmi Note 13 Pro Plus(curr. $375 on Amazon). As expected, the Redmi Note 14 Pro Plus heads up the Redmi Note 14 series alongside theRedmi Note 14and Redmi Note 14 Pro. Li
iQOO Z9 Turbo Plus: Reservations begin for the potentially beefed-up series flagship
Sep 10, 2024 am 06:45 AM
OnePlus'sister brand iQOO has a 2023-4 product cycle that might be nearlyover; nevertheless, the brand has declared that it is not done with itsZ9series just yet. Its final, and possibly highest-end,Turbo+variant has just beenannouncedas predicted. T
