Android逆向分解揭秘：风险与工具探讨

Decompiling

Android

需积分: 1 119 浏览量更新于2024-07-21 收藏 4.77MB PDF 举报

身份认证购VIP最低享 7 折!

领优惠券(最高得80元）

本资源是一本名为《Decompiling Android》的电子书，由Apress出版，主要探讨了Android平台上的反编译技术。书中从历史背景出发，介绍了decompiler（反汇编器）的起源，令人惊讶的是，它们几乎与计算机的历史一样悠久。作者在第一章“Laying the Groundwork”中引导读者理解这个问题，讨论了虚拟机尤其是Android系统为何成为反编译目标。章节内容深入浅出，首先概述了decompiler技术的基本概念，强调了其在信息安全领域的潜在风险。作者着重探讨了法律和道德层面的问题，因为尽管decompilation有时被用于学习、研究或调试目的，但它也可能侵犯版权或隐私，引发争议。第二章“Ghost in the Machine”可能聚焦于Android应用的底层机制和如何通过反编译来窥探其运行方式。第三章“Inside the DEX File”则深入到Dalvik Executable (DEX) 文件，这是Android应用的主要代码格式，通过解构DEX文件，可以揭示应用的内部逻辑。第四章“Tools of the Trade”涵盖了反编译工具的种类和使用方法，这些工具是进行逆向工程的关键。接着，第五章“ Decompiler Design”探讨了设计一个高效且准确的反编译器所需的技术策略和原则。第六章“Decompiler Implementation”详细解释了实际实现反编译器的步骤和技术细节，包括可能遇到的挑战和解决方案。第七章“Hear No Evil, See No Evil: A Case Study”可能是通过一个具体的案例，展示如何运用反编译技术和可能产生的后果。最后，附录A提供了关于指令集的表格，便于读者查阅和理解代码执行的具体细节。全书以索引收尾，为查找特定主题提供了方便。《Decompiling Android》是一本实用的指南，适合对Android平台的开发者、安全研究人员以及对软件逆向工程感兴趣的人士阅读，它既介绍了理论知识，也提供了实操技巧，但同时也提醒了法律和伦理边界。

资源详情

资源推荐

CHAPTER 1: Laying the Groundwork

created something special while Standing on the Shoulders of Giants. For

example, the invention of the steam train and the light bulb were relatively

modest incremental steps in technology. The underlying concepts were

provided by other people, and it was up to someone like George Stephenson or

Thomas Edison to create the final object. (You can see an excellent example of

Stephenson’s debt to many other inventors such as James Watt at

www.usgennet.org/usa/topic/steam/Early/Time.html). This is one of the

reasons patents appeared: to allow people to build on other creations while still

giving the original inventors some compensation for their initial ideas for period

of, say, 20 years.

Patents

In the software arena, trade secrets are typically protected by copyright law and

increasingly through patents. Patents can protect certain elements of a program,

but it’s highly unlikely that a complete program will be protected by a patent or

series of patents. Software companies want to protect their investment, so they

typically turn to copyright law or software licenses to prevent people from

essentially stealing their research and development efforts.

But copyright law isn’t rock solid, because otherwise there would be no

inducement to patent an idea, and the patent office would quickly go out of

business. Copyright protection doesn’t extend to interfaces of computer

programs, and a developer can use the fair-use defense if they can prove that

they have decompiled the program to see how they can interoperate with any

unpublished

application programming interfaces (APIs)

in a program.

Directive on the Legal Protection of Computer Programs

If you’re living in the EU, then you more than likely come under the Directive on

the Legal Protection of Computer Programs. This directive states that you can

decompile programs under certain restrictive circumstances: for example, when

you’re trying to understand the functional requirements to create a compatible

interface to your own program. To put it another way, you can decompile if you

need access to the internal calls of a third-party program and the authors refuse

to divulge the APIs at any price. But you can only use this information to create

an interface to your own program, not to create a competitive product. You also

can’t reverse-engineer any areas that have been protected in any way.

www.it-ebooks.info

CHAPTER 1: Laying the Groundwork

For many years, Microsoft’s applications had allegedly gained unfair advantage

from underlying unpublished APIs calls to Windows 3.1 and Windows 95 that

are orders of magnitude quicker than the published APIs. The Electronic Frontier

Foundation (EFF) came up with a useful road-map analogy to help explain this

situation. Say you’re travelling from Detroit to New York, but your map doesn’t

show any interstate routes; sure, you’ll eventually get there by traveling on the

back roads, but the trip would be a lot shorter if you had a map complete with

interstates. If these conditions were true, the EU directive would be grounds for

disassembling Windows 2000 or Microsoft Office, but you’d better hire a good

lawyer before you try it.

Reverse Engineering

Precedents allow legal decompilation in the United States, too. The most

famous case to date is Sega v. Accolade

(http://digital-law-

online.info/cases/24PQ2D1561.htm). In 1992, Accolade won a case against

Sega; the ruling said that Accolade’s unauthorized disassembly of the Sega

object code wasn’t copyright infringement. Accolade reverse-engineered Sega’s

binaries into an intermediate code that allowed Accolade to extract a software

key to enable Accolade’s games to interact with Sega Genesis video consoles.

Obviously, Sega wasn’t going to give Accolade access to its APIs or, in this

case, the code to unlock the Sega game platform. The court ruled in favor of

Accolade, judging that the reverse engineering constituted fair-use. But before

you think this gives you carte blanche to decompile code, you might like to

know that Atari v. Nintendo (http://digital-law-

online.info/cases/24PQ2D1015.htm) went against Atari under very similar

circumstances.

The Legal Big Picture

I n c o n c l u s i o n----- y o u c an t e l l t hi s i s t he l e g a l s e c t i o n -----both the court cases in the

United States and the EU directive stress that under certain circumstances,

reverse engineering

can

be used to understand interoperability and create a

program interface. It

can’t

be used to create a copy and sell it as a competitive

product. Most Java decompilation doesn’t fall into the interoperability category.

It’s far more likely that the decompiler wants to pirate the code or, at best,

understand the underlying ideas and techniques behind the software.

It isn’t clear whether reverse-engineering to discover how an APK was written

would constitute fair use. The US Copyright Act of 1976 excludes ‘‘any idea,

procedure, process, system, method of operation, concept, principle or

discovery, regardless of the form in which it is described,’’ which sounds like the

www.it-ebooks.info

CHAPTER 1: Laying the Groundwork

beginning of a defense and is one of the reasons why more and more software

patents are being issued. Decompilation to pirate or illegally sell the software

can’t be defended.

But from a developer’s point of view, the situation looks bleak. The only

p ro te ct i on----- a u s e r l ic e n s e -----is about as useful as the laws against copying

MP3s. It won’t physically stop anyone from making illegal copies and doesn’t

act as a real deterrent for the home user. No legal recourse will protect your

code from a hacker, and it sometimes seems that the people trying to create

today’s secure systems must feel like they’re Standing on the Shoulder of

Morons. You only have to look at the investigation into eBook-protection

schemes (http://slashdot.org/article.pl?sid=01/07/17/130226) and the

DeCSS fiasco (http://cyber.law.harvard.edu/openlaw/DVD/resources.html) to

see how paper-thin a lot of so-called secure systems really are.

Moral Issues

Decompiling is an excellent way to learn Android development and how the

DVM works. If you come across a technique that you haven’t seen before, you

can quickly decompile it to see how it was accomplished. Decompiling helps

people climb up the Android learning curve by seeing other people’s

programming techniques. The ability to decompile APKs can make the

difference between basic Android understanding and in-depth knowledge. True,

there are plenty of open source examples out there to follow, but it helps even

more if you can pick your own examples and modify them to suit your needs.

But no book on decompiling would be complete if it didn’t discuss the morality

issues behind what amounts to stealing someone else’s code. Due to the

circumstances, Android apps come complete with the source code: forced open

source, if you wish.

The author, the publisher, the author’s agent, and the author’s agent’s mother

would like to state that we

are not

advocating that readers of this book

decompile programs for anything other than educational purposes. The purpose

of this book is to show you how to decompile source code, but we aren’t

encouraging anyone to decompile other programmers’ code and then try to use

it, sell it, or repackage it as if it was your own code. Please don’t reverse-

engineer any code that has a licensing agreement stating that you shouldn’t

decompile the code. It isn’t fair, and you’ll only get yourself in trouble. (Besides,

you can never be sure that the decompiler-generated code is 100% accurate.

You could be in for a nasty surprise if you intend to use decompilation as the

basis for your own products.) Having said that, thousands of APKs are available

www.it-ebooks.info

CHAPTER 1: Laying the Groundwork

that, when decompiled, will help you understand good and bad Android

programming techniques.

To a certain extent, I’m pleading the ‘‘Don’t shoot the messenger’’ defense. I’m

not the first to spot this flaw in Java, and I certainly won’t be the last person to

write about the subject. My reasons for writing this book are, like the early days

of the Internet, fundamentally altruistic. In other words, I found a cool trick, and I

want to tell everyone about it.

Protecting Yourself

Pirated software is a big headache for many software companies and big

business for others. At the very least, software pirates can use decompilers to

remove licensing restrictions; but imagine the consequences if the technology

was available to decompile Office 2010, recompile it, and sell it as a new

competitive product. To a certain extent, that could easily have happened when

Corel released the Beta version of its Office for Java.

Is there anything you can do to protect your code? Yes:



License agreements:

License agreements don’t offer any real

protection from a programmer who wants to decompile your

code.



Protection schemes in your code:

Spreading protection

schemes throughout your code (such as checking whether the

phone is rooted) is useless because the schemes can be

commented out of the decompiled code.



Code fingerprinting:

This is defined as spurious code that is

used to mark or fingerprint source code to prove ownership. It

can be used in conjunction with license agreements, but it’s

only really useful in a court of law. Better decompilation tools

can profile the code and remove any spurious code.



Obfuscation:

Obfuscation replaces the method names and

variable names in a class file with weird and wonderful names.

This can be an excellent deterrent, but the source code is

often still visible, depending on your choice of obfuscator.



Intellectual Property Rights (IPR) protection schemes:

These

schemes, such as the Android Market digital rights

management (DRM), are usually busted within hours or days

and typically don’t offer much protection.

www.it-ebooks.info

CHAPTER 1: Laying the Groundwork



Server-side code:

The safest protection for APKs is to hide all

the interesting code on the web server and only use the APK

as a thin front-end GUI. This has the downside that you may

still need to hide an API key somewhere to gain access to the

web server.



Native code:

The Android Native Development Kit (NDK)

allows you to hide password information in C++ files that can

be disassembled but not decompiled and that still run on top

of the DVM. Done correctly, this technique can add a

significant layer of protection. It can also be used with digital-

signature checking to ensure that no one has hijacked your

carefully hidden information in another APK.



Encryption:

Encryption can also be used in conjunction with

the NDK to provide an additional layer of protection from

disassembly, or as a way of passing public and private key

information to any backend web server.

The first four of these options only act as deterrents (some obfuscators are

better than others), and the remaining four are effective but have other

implications. I look at all of them in more detail later in the book.

Summary

Decompilation is one of the best learning tools for new Android programmers.

What better way to find out how to write an Android app than by taking an

example off your phone and decompiling it into source code? Decompilation is

also a necessary tool when a mobile software house goes belly up and the only

way to fix its code is to decompile it yourself. But decompilation is also a

menace if you’re trying to protect the investment of countless hours of design

and development.

The aim of this book is to create dialogue about decompilation and source-code

p ro te ct i on-----to separate fact from fiction and show how easy it is to decompile

an Android app and what measures you can take to protect your code. Some

may say that decompilation isn’t an issue and that a developer can always be

trained to read a competitor’s Assembler. But once you allow easy access to the

Android app files, anyone can download dex2jar or JD-GUI, and decompilation

becomes orders of magnitude easier. Don’t believe it? Then read on and decide

for yourself.

www.it-ebooks.info

剩余295页未读，继续阅读

老硕士

粉丝: 4
资源: 9

Android逆向分解揭秘：风险与工具探讨

Decompiling Android.pdf

Apktool如何检测App的加固壳是否可被脱壳

中国石油大学(北京)克拉玛依校区在广东2021-2024各专业最低录取分数及位次表.pdf

浙江越秀外国语学院在广东2021-2024各专业最低录取分数及位次表.pdf

网站模板源代码（组件划分规范，二改省力）

华中科技大学 Java课程设计实验.zip

4G语音质差参数优化调整建议.xlsx

仲恺农业工程学院在广东2021-2024各专业最低录取分数及位次表.pdf

《Java语言程序设计（基础篇）》课后编程练习题.zip

电影订票后台系统（系分课程设计）.zip

基于SVM方法的步态识别

宿迁学院在广东2021-2024各专业最低录取分数及位次表.pdf

南京农业大学在北京2021-2024各专业最低录取分数及位次表.pdf

一本日记 安卓端（课程设计项目）.zip

solidworks-urdf-exporter-1.6.1.zip

湖南文理学院在广东2021-2024各专业最低录取分数及位次表.pdf

使用Vcpkg和Conan管理C-C++项目的依赖包.md

大二数据结构课程设计 CQUT.zip

综合课程设计后端.zip

IMG_20240908_105933.jpg

最新资源

一本日记安卓端（课程设计项目）.zip