Skip to content

Instantly share code, notes, and snippets.

@sidiqpermana

sidiqpermana/gist:2bcb0730bb86e2d3f737e3c688737b51

Last active April 4, 2016 19:36
Show Gist options
  • Save sidiqpermana/2bcb0730bb86e2d3f737e3c688737b51 to your computer and use it in GitHub Desktop.
Save sidiqpermana/2bcb0730bb86e2d3f737e3c688737b51 to your computer and use it in GitHub Desktop.
Download ZIP
My Short Experience with The Awesome DexGuard
Raw
gistfile1.txt
Hi, i would like to share my experience of using DexGuard (https://www.guardsquare.com/dexguard) as a premium obfuscator tool for Android APK. As we knew that apk is similar
to zip and rar. It only wraps our project and there are a lot of tools that able to decompile apk. Even when devs have set proguard to
the app they are still readable. This experience i got when i was training about android security, and i recommended the client to buy
the DexGuard Lisence. The most expensive computer file that i have ever seen. They spent more than $4000 for 66 Mb and it's only to
A SINGLE PACKAGE NAME !.
I give you the sample, this is the Java File :
public class HelloWorldActivity extends AppCompatActivity
{
private static final String MESSAGE = "Hello world!";
@Override
public void onCreate(Bundle savedInstanceState)
{
super.onCreate(savedInstanceState);
TextView view = new TextView(this);
view.setText(MESSAGE);
view.setGravity(Gravity.CENTER);
setContentView(view);
}
}
And this is the output (after decompiling the apk) :
public class HelloWorldActivity extends AppCompatActivity
{
private static final byte[] ËŠ;
private static int Ë‹ = 0;
private static int ËŽ = 1;
static
{
byte[] arrayOfByte = new byte[15];
arrayOfByte[0] = 31;
arrayOfByte[1] = -3;
arrayOfByte[2] = -123;
arrayOfByte[3] = -91;
arrayOfByte[4] = -25;
arrayOfByte[5] = -3;
arrayOfByte[6] = 4;
arrayOfByte[7] = 1;
arrayOfByte[8] = 83;
arrayOfByte[9] = -83;
arrayOfByte[10] = 12;
arrayOfByte[11] = 1;
arrayOfByte[12] = 10;
arrayOfByte[13] = 12;
arrayOfByte[14] = 71;
ËŠ = arrayOfByte;
}
// ERROR //
private static java.lang.String ËŠ(int paramInt, byte paramByte1, byte paramByte2)
{
// Byte code:
// 0: bipush 72
// 2: iload_2
// 3: iconst_3
// 4: imul
// 5: isub
// 6: istore_3
// 7: getstatic 29 com/example/HelloWorldActivity:ËŠ [B
// 10: astore 4
// 12: iconst_0
// 13: istore 5
// 15: iconst_4
// 16: iload_0
// 17: iconst_2
// 18: imul
// 19: isub
// 20: istore 6
// 22: bipush 12
// 24: iload_1
// 25: iconst_3
// 26: imul
// 27: isub
// 28: istore 7
// 30: iload 7
// 32: newarray byte
// 34: astore 8
// 36: iload 5
// 38: istore 9
// 40: iinc 5 1
// 43: aload 8
// 45: iload 9
// 47: iload_3
// 48: bastore
// 49: iload 5
// 51: iload 7
// 53: if_icmpne +6 -> 59
// 56: goto +155 -> 211
// 59: goto +78 -> 137
// 62: iconst_4
// 63: iload_3
// 64: iload 10
// 66: isub
// 67: iadd
// 68: istore_3
// 69: iinc 6 1
// 72: goto +81 -> 153
// 75: iconst_0
// 76: istore 14
// 78: goto +177 -> 255
// 81: astore 17
// 83: aload 17
// 85: athrow
// 86: iload 5
// 88: istore 15
// 90: iinc 5 1
// 93: aload 8
// 95: iload 15
// 97: iload_3
// 98: bastore
// 99: iload 5
// 101: iload 7
// 103: if_icmpne +6 -> 109
// 106: goto +105 -> 211
// 109: goto +28 -> 137
// 112: iconst_1
// 113: istore 12
// 115: goto +68 -> 183
// 118: iconst_4
// 119: iload_3
// 120: iload 10
// 122: isub
// 123: iadd
// 124: istore_3
// 125: iinc 6 1
// 128: goto +25 -> 153
// 131: iconst_1
// 132: istore 14
// 134: goto +121 -> 255
// 137: aload 4
// 139: iload 6
// 141: baload
// 142: istore 10
// 144: goto +82 -> 226
// 147: iconst_0
// 148: istore 12
// 150: goto +33 -> 183
// 153: bipush 33
// 155: getstatic 15 com/example/HelloWorldActivity:ËŽ I
// 158: iadd
// 159: istore 13
// 161: iload 13
// 163: sipush 128
// 166: irem
// 167: putstatic 13 com/example/HelloWorldActivity:Ë‹ I
// 170: iload 13
// 172: iconst_2
// 173: irem
// 174: ifeq +6 -> 180
// 177: goto -46 -> 131
// 180: goto -105 -> 75
// 183: iload 12
// 185: tableswitch default:+23 -> 208, 0:+-67->118, 1:+-123->62
// 209: impdep2
// 210: if_icmpne -17664 -> -17454
// 213: fload_3
// 214: dup
// 215: aload 8
// 217: iconst_0
// 218: invokespecial 40 java/lang/String:<init> ([BI)V
// 221: astore 16
// 223: aload 16
// 225: areturn
// 226: iconst_5
// 227: getstatic 13 com/example/HelloWorldActivity:Ë‹ I
// 230: iadd
// 231: istore 11
// 233: iload 11
// 235: sipush 128
// 238: irem
// 239: putstatic 15 com/example/HelloWorldActivity:ËŽ I
// 242: iload 11
// 244: iconst_2
// 245: irem
// 246: ifne +6 -> 252
// 249: goto -137 -> 112
// 252: goto -105 -> 147
// 255: iload 14
// 257: tableswitch default:+23 -> 280, 0:+-221->36, 1:+-171->86
// 281: impdep2
// 282: baload
//
// Exception table:
// from to target type
// 211 223 81 java/lang/Exception
}
// ERROR //
public void onCreate(android.os.Bundle paramBundle)
{
// Byte code:
// 0: goto +8 -> 8
// 3: astore 10
// 5: aload 10
// 7: athrow
// 8: aload_0
// 9: aload_1
// 10: invokespecial 44 android/app/Activity:onCreate (Landroid/os/Bundle;)V
// 13: new 46 android/widget/TextView
// 16: dup
// 17: aload_0
// 18: invokespecial 49 android/widget/TextView:<init> (Landroid/content/Context;)V
// 21: astore_2
// 22: getstatic 29 com/example/HelloWorldActivity:ËŠ [B
// 25: bipush 7
// 27: baload
// 28: istore_3
// 29: iload_3
// 30: iconst_1
// 31: isub
// 32: i2b
// 33: istore 4
// 35: iload 4
// 37: istore 5
// 39: iload 5
// 41: istore 6
// 43: iload 4
// 45: iload 5
// 47: iload 6
// 49: invokestatic 51 com/example/HelloWorldActivity:ËŠ (IBB)Ljava/lang/String;
// 52: astore 7
// 54: aload 7
// 56: invokevirtual 55 java/lang/String:intern ()Ljava/lang/String;
// 59: astore 8
// 61: aload_2
// 62: aload 8
// 64: invokevirtual 59 android/widget/TextView:setText (Ljava/lang/CharSequence;)V
// 67: aload_2
// 68: bipush 17
// 70: invokevirtual 63 android/widget/TextView:setGravity (I)V
// 73: aload_0
// 74: aload_2
// 75: invokevirtual 67 com/example/HelloWorldActivity:setContentView (Landroid/view/View;)V
// 78: aload_0
// 79: ldc 69
// 81: iconst_1
// 82: invokestatic 75 android/widget/Toast:makeText (Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
// 85: astore 9
// 87: aload 9
// 89: invokevirtual 78 android/widget/Toast:show ()V
// 92: return
// 93: pop
// 94: dload_3
// 95: athrow
//
// Exception table:
// from to target type
// 8 13 3 java/lang/Exception
// 13 13 3 java/lang/Exception
// 13 22 3 java/lang/Exception
// 22 29 3 java/lang/Exception
// 43 54 3 java/lang/Exception
// 54 61 3 java/lang/Exception
// 61 67 3 java/lang/Exception
// 67 73 3 java/lang/Exception
// 73 78 3 java/lang/Exception
// 78 87 3 java/lang/Exception
// 87 92 3 java/lang/Exception
// 13 13 93 java/lang/Exception
}
}
/* Location: C:\Users\inte\Downloads\APKtoJava_RC2\tools\classes-dex2jar.jar
* Qualified Name: com.example.HelloWorldActivity
* JD-Core Version: 0.6.0
*/
I use ApkToJava RC2 to decompile the apk. And as you can see.. you can not see the codes inside the Activity.
As a Android Developer i could say that the dexguard does its job very well and it makes the reverse engineering process become harder
Hope in the future, Android Framework has a the same obsfucator tool to make our live easier.
Thanks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment