![]() After careful analysis, the basic flow of the native layer program can be found as follows: It can be basically determined that the main body of the program is an AES encryption. The result is that the S box is found, and basically it is the AES encryption process. Since the program is obviously an encryption program, we can use IDA's findcrypto plugin to identify it. Now we can analyze the native layer code. The crypt function is obviously an RC4 encryption function, which is obviously the cryptographic logic of RC4.Īfter simple analysis, it is found that this is an image encryption program: the java layer is the first file name of the native layer under image/, and the name of the image file that you want to encrypt, including the md5 of the signature of the corresponding apk.There are 256 keywords in the init function, and basically the initialization process of the RC4 key. ![]() The basis for guessing here is as follows Next, use I_am_the_key as the key, encrypt the part with RC4 encryption, and compare the result with the final compare.Then use the mestr length as the period to XOR the two, the core logic `str = mestr ^ iinput.of packagename in sequence, and stitch the results together. XOR each of the strings after the last.First call the java layer function messageMe to get a string mestr.The main functions of parseText are as follows.Monitor the interface text box and call the native parseText function if the text box content changes.Through simple reverse, you can find that the basic logic of the program is as follows The Operating Mechanism of the Java Layer in Androidįlag 2017 NJCTF easycrack ¶ Introduction to The Principle of Integer OverflowĪndroid Application Operating Mechanism Brief Manually Find the IAT and Rebuild It Using ImportRECīasic Functions in the heap implementation Software Reverse Engineering IntroductionĬommon Encryption Algorithms and Code Recognition Cryptographic Security Pseudo-random Number Generator
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |