WindySha/Xpatch

大神对使用加固过的apk有思路吗?

wwwtete opened this issue · 1 comments

wwwtete commented

在对使用类似 360加固之类的 apk使用 Xpatch 二次打包时,安装运行后会崩溃,看日志是崩溃在了 Native 层,应该是 Native 层对文件做了 MD5 校验之类的操作的,请问大神对这个有什么思路吗?使用 Frida 是不是可以解决这个问题?
这是崩溃的日志:
--------- beginning of system
2021-05-15 16:47:21.968 12590-14803/? A/libc: stack corruption detected (-fstack-protector)
2021-05-15 16:47:21.968 12590-14803/? A/libc: stack corruption detected (-fstack-protector)
2021-05-15 16:47:21.968 12590-14869/? A/libc: stack corruption detected (-fstack-protector)
2021-05-15 16:47:21.968 12590-14869/? A/libc: stack corruption detected (-fstack-protector)
2021-05-15 16:47:21.968 12590-14869/? A/libc: Fatal signal 6 (SIGABRT), code -1 (SI_QUEUE) in tid 14869 (KY_WiseAPMSDK-A), pid 12590 (n.xxx.test)
2021-05-15 16:47:22.074 14880-14880/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2021-05-15 16:47:22.074 14880-14880/? A/DEBUG: Build fingerprint: 'HUAWEI/OCE-AN10/HWOCE-L:10/HUAWEIOCE-AN10/11.0.0.170C00:user/release-keys'
2021-05-15 16:47:22.074 14880-14880/? A/DEBUG: Revision: '0'
2021-05-15 16:47:22.074 14880-14880/? A/DEBUG: ABI: 'arm'
2021-05-15 16:47:22.075 14880-14880/? A/DEBUG: SYSVMTYPE: Maple
APPVMTYPE: Art
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: Timestamp: 2021-05-15 16:47:22+0800
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: pid: 12590, tid: 14869, name: KY_WiseAPMSDK-A >>> com.xxx.test <<<
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: uid: 10250
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: signal 6 (SIGABRT), code -1 (SI_QUEUE), fault addr --------
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: Abort message: 'stack corruption detected (-fstack-protector)'
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: r0 00000000 r1 00003a15 r2 00000006 r3 a2288640
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: r4 a2288654 r5 a2288638 r6 0000312e r7 0000016b
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: r8 a2288650 r9 a2288640 r10 a2288670 r11 a2288660
2021-05-15 16:47:22.076 14880-14880/? A/DEBUG: ip 00003a15 sp a2288610 lr ea8214f7 pc ea82150a
2021-05-15 16:47:22.078 14880-14880/? A/DEBUG: backtrace:
2021-05-15 16:47:22.078 14880-14880/? A/DEBUG: #00 pc 0005450a /apex/com.android.runtime/lib/bionic/libc.so (abort+166) (BuildId: bae1b077aa2a5eee78eac369d5f3e306)
2021-05-15 16:47:22.078 14880-14880/? A/DEBUG: #1 pc 0008beef /apex/com.android.runtime/lib/bionic/libc.so!libc.so (offset 0x8b000) (__stack_chk_fail+10) (BuildId: bae1b077aa2a5eee78eac369d5f3e306)
2021-05-15 16:47:22.078 14880-14880/? A/DEBUG: #2 pc 00093ded /apex/com.android.runtime/lib/bionic/libc.so!libc.so (offset 0x8e000) (async_safe_fatal_va_list+264) (BuildId: bae1b077aa2a5eee78eac369d5f3e306)
2021-05-15 16:47:22.078 14880-14880/? A/DEBUG: #3 pc 00000040
2021-05-15 16:47:23.268 12595-14911/? A/libc: Fatal signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xa02 in tid 14911 (n.xxx.test), pid 12595 (n.xxx.test)
2021-05-15 16:47:23.389 14960-14960/? A/DEBUG: *** *** *** *** *** *** *** *** *** *** *** *** *** *** *** ***
2021-05-15 16:47:23.390 14960-14960/? A/DEBUG: Build fingerprint: 'HUAWEI/OCE-AN10/HWOCE-L:10/HUAWEIOCE-AN10/11.0.0.170C00:user/release-keys'
2021-05-15 16:47:23.390 14960-14960/? A/DEBUG: Revision: '0'
2021-05-15 16:47:23.390 14960-14960/? A/DEBUG: ABI: 'arm'
2021-05-15 16:47:23.391 14960-14960/? A/DEBUG: SYSVMTYPE: Maple
APPVMTYPE: Art
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: Timestamp: 2021-05-15 16:47:23+0800
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: pid: 12595, tid: 14911, name: n.xxx.test >>> com..xxx.test <<<
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: uid: 10250
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: signal 11 (SIGSEGV), code 1 (SEGV_MAPERR), fault addr 0xa02
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: Cause: null pointer dereference
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: r0 00000000 r1 70476c63 r2 b6a2aa97 r3 00000a03
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: r4 a42a7bbd r5 a42aa11a r6 a434c090 r7 0000001d
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: r8 b6a2aa97 r9 00000a03 r10 a42aa11c r11 a42a7ba0
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: ip 00000000 sp 00000000 lr 00000000 pc 00000a02
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: backtrace:
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: #00 pc 00000a02
2021-05-15 16:47:23.392 14960-14960/? A/DEBUG: #1 pc 00000000
2021-05-15 16:48:12.150 2452-2981/? E/SmartDualCardConfig: isAppInBlackList false,items==null
2021-05-15 16:48:12.152 2452-2981/? E/ScgQuickAddManager: the compName is :com.android.systemui
2021-05-15 16:48:12.155 1527-17067/? E/ZrHung.AppEyeFocusWindow: cancel check