/Repackaging-Protection

Repackaging-Protection-Android

Primary LanguageC

Securing Your App Against Repackaging Attacks

System requirements

Currently, only *NIX-based systems are supported. The following packages should be installed

  • JDK
  • Apache Ant
  • CMake
  • Android SDK located at $HOME/Android with ~/Android/Sdk/build-tools/28.0.3 added to $PATH where 28.0.3 is the version number of the installed SDK.
  • Android NDK located at $HOME/Android/Sdk/ndk-bundle
  • aarch64-linux-gnu-strip

Ant targets

By default, the APK to be transformed is located at./app.apk

This can be overridden by providing the following extra argument to ant: -Dsrc-apk=<custom-path>

Transform and install an APK

ant clean transform-and-install-apk

Transform APK to a new protected APK

ant clean transform-apk-to-apk

Transform APK to Jimple files

ant clean transform-apk-to-jimple

Run java tests with locally installed JVM: Compares stdout between original and transformed bytecode. Jimple files are written to ./test-out

ant clean test

Supported arguments:

Architecture supported by the transformed application. Default: arm64-v8a

-Darch={all|arm}, default=arm

Whether to rewrite internal codes to create maximum number of security blocks (Higher blocks, in general, implies higher resistance to repackaging attacks which in turn would affect performance). Default: yes

-Dmax={yes|no}, default=yes

Whether to use experimental features. This might break the transformed application. Default: no

-Dexp={yes|no}, default=no

Whether to create an export version of the transformed application. The export version is supposed to be distributed to the end-users. The export version includes additional layers to defend repackaging attacks, doesn't support debugging, doesn't support stats collection, tightened security and almost negligible performance impact. Non-Export version is supposed to be used for internal testing or testing by alpha/beta users. Default: no

-Dexport={yes|no}, default=no

Whether to exclude particular blocks (hot methods) to increase performance during the transformation phase. Input should be the file generated by StatsAnalytics, an internal system designed to optimize the protected application and decrease performance overhead.

-DhotMethod={path}, default=noPath

Path Setup

export ANDROID_HOME=$HOME/Android
export PATH=$PATH:$ANDROID_HOME/Sdk/tools
export PATH=$PATH:$ANDROID_HOME/Sdk/platform-tools
export PATH=$PATH:$ANDROID_HOME/android-studio/bin
export PATH=$PATH:$ANDROID_HOME/Sdk/build-tools/28.0.3

Note:

  • Replace Android path with version installed on your system.