java - NDK application Signature Check -


i have security key in application. want store securly. store in native shared library (maybe generated code). after want returned method check signature of original apk. no 1 can use file except trusted applications. know, ndk library decompiled, harder make reverse engineering of native code java .class files.

question:

  1. is there way calk signature of origin apk native code (c/c++)?
  2. how can make sure library called trusted application?

i try answer first question here:

signature of application stored in dex(dalvik executable) file of apk. dex files have following structure:

  1. header
  2. data section(contains strings, code instructions, fields, etc)
  3. arrays of method identifiers, class identifiers, etc

so, beginning of header of dex file:

  1. dex_file_magic constant - ubyte[8]
  2. adler-32 checksum of application(except dex_file_magic , checksum itself) - uint
  3. sha-1 signature of application(except of dex_file_magic, checksum , hash itself) - ubyte[20]

so, calk signature of apk, should compute sha-1 signature of dex file starting offset 32.

to access dex file of apk native code, can read process memory, stored in /proc/self/maps:

file *fp; fp = fopen("/proc/self/maps", "r");

each row in proc/$id/maps file has following structure:

  1. address
  2. permissions
  3. offset
  4. device
  5. inode
  6. pathname

here can find better description of proc/$id/maps file's structure: understanding linux /proc/id/maps

to detect location of dex file in process memory should check out 'pathname' column in every row of proc/self/maps file. when row corresponding dex file found, should starting , ending addresses of dex file region:

while (fgets(line, 2048, fp) != null) {     // search '.dex'     if (strstr(line, ".dex") != null) {         // starting , ending addresses of dex file region

so, when have starting , ending addresses of apk's bytecode, able compute signature of apk.


Comments

Post a Comment

Popular posts from this blog

Magento/PHP - Get phones on all members in a customer group -

i working on custom magento extension. working around adminhtml part , i've created custom form there. here form code: <?php class vivasindustries_smsnotification_block_adminhtml_sms_sendmass_edit_form extends mage_adminhtml_block_widget_form { public function _preparelayout() { $extensionpath = mage::getmoduledir('js', 'vivasindustries_smsnotification'); $head = $this->getlayout()->getblock('head'); $head->addjs('jquery.js'); $head->addjs('vivas.js'); return parent::_preparelayout(); } protected function _prepareform() { $form = new varien_data_form(array( 'id' => 'edit_form', 'action' => $this->geturl('*/*/save', array('id' => $this->getrequest()->get...
Read more

php - Bypass Geo Redirect for specific directories -

i'm trying bypass redirect specific url within site. wondering if might able help. the code below code use, original urls replaces example.com i'd able access http://example.com/admin without redirect occuring. is there way this, , there way using own ip? function country_geo_redirect() { $country = getenv('http_geoip_country_code'); if ($country == "us" ) { wp_redirect("http://usa.example.com/"); exit; } else if ($country == "gb" ) { wp_redirect("http://uk.example.com/"); exit; } } add_action('init', 'country_geo_redirect'); you can bypass redirection code if server found ip address. if ip address == <my ip address> ' nothing here else country_georedirect() end if
Read more

php - .htaccess mod_rewrite for dynamic url which has domain names -

i want convert url ex:( example.com/link.php?url=facebook.com ) ( example.com/facebook.com.php ) how can using .htaccess. or there other process make job easier ? i tried adding script .htaccess file options +followsymlinks rewriteengine on rewriterule url-(.*)\.htm$ link.php?url=$1 but converting url adding "url-" ( example.com/url-facebook.com.php ) i want remove "url-" , want make ( example.com/facebook.com.php ) rewriteengine on rewritecond %{the_request} ^get.*link\.php\?url\= [nc] rewritecond %{request_uri} !/system/.* [nc] rewriterule (.*?)link\.php\?url\=/*(.*) /$1$2 [r=301,ne,l] not sure how above work edit of used use remove index.php url
Read more