|
19 | 19 | 2) b | build - Builds android binary from json |
20 | 20 | 3) m | merge - Merges split apk files from directory |
21 | 21 | 4) x | refactor - Refactors obfuscated resource names |
| 22 | + 5) p | protect - Protects/Obfuscates apk resource |
22 | 23 | run with <command> -h to get detailed help about each command |
23 | 24 | |
24 | 25 | ``` |
@@ -120,16 +121,28 @@ $ java -jar APKEditor.jar x -i input.apk |
120 | 121 |
|
121 | 122 | </details> |
122 | 123 |
|
123 | | -#### 5- Protect (Under development - coming soon) |
124 | | -Now it's time to support app developers against decompilers to make the battle even. |
125 | | -This protection promises to protect apk resources against almost all decompile tools (including this one). |
| 124 | +#### 5- Protect (⭐NEW⭐) |
| 125 | +Protects apk resources against almost all known decompile/modify tools. |
| 126 | +<details> <summary><code>java -jar APKEditor.jar <b>p</b> -i path/to/input.apk</code></summary> |
126 | 127 |
|
127 | | -* Archive protection: Protect apk file from extraction (unzipping). It's custom/tradition to use "<b>res</b>" as resource directory name, and some obfuscators use "<b>r</b>". How about using "<b>AndroidManifest.xml</b>" or "<b>classes.dex</b>" as resource directory name 😱 ??? |
128 | | -* Confuse resource name: Most obfuscated resource names have fixed length sequential names like a1, a2, a3 ... but this function |
129 | | - generates variable length random names. |
130 | | -* Confuse xml parsers: Keep in mind that android devices don't care about any names to execute apk thus it's valid to rename type ``` 'string' ``` to ``` '" </string>' ``` . Consider a normal entry ``` <string name="app_name">My App</string> ``` and if decompiler attempts to parse the output will be malformed xml ``` <" </string> name="app_name">My App</" </string>> ``` |
131 | | -* Byte offset/size confusing: Most decompilers are not parsing properly as actual device, thus we will exploit their weakness |
| 128 | + ```ShellSession |
| 129 | +00.026 I: [PROTECT] Protecting ... |
| 130 | + Input: test.apk |
| 131 | + Output: test_protected.apk |
| 132 | + ---------------------------- |
| 133 | +00.027 I: [PROTECT] Loading apk file ... |
| 134 | +00.052 I: [PROTECT] Protecting files .. |
| 135 | +00.454 I: [PROTECT] Protecting resource table .. |
| 136 | +00.474 I: [PROTECT] Writing apk ... |
| 137 | +02.264 [PROTECT] Writing: total=47654392 bytes : resources.arsc |
| 138 | +02.346 I: [PROTECT] Zip align ... |
| 139 | +02.451 I: [PROTECT] Saved to: test_protected.apk |
| 140 | +02.451 I: [PROTECT] Done |
| 141 | + |
| 142 | +``` |
132 | 143 |
|
| 144 | +</details> |
| 145 | + |
133 | 146 | --- |
134 | 147 |
|
135 | 148 | ***Build executable jar*** |
|
0 commit comments