Android Question protect the APK as good as possible

marcel · Feb 12, 2016

Hi,

My customer want's me to protect the APK as good as possible. Currently I use the release (obfuscated) to protect it. But I found also a tool "DexProtector" which do similar things. But this cost a awful lot of money. Do you really think this is much better?

Are there any other alternatives that you know of?

Best Regards,

Marcel

MarcoRome · Feb 15, 2016

marcel said:
Hi,

My customer want's me to protect the APK as good as possible. Currently I use the release (obfuscated) to protect it. But I found also a tool "DexProtector" which do similar things. But this cost a awful lot of money. Do you really think this is much better?

Are there any other alternatives that you know of?

Best Regards,

Marcel

Look also THIS

marcel · Feb 15, 2016

wonder said:
Simple! Once you have Android NDK on your computer, just compile the following code with my Native Library Generator:

B4X:

char* myString1() { return "I am obfuscated."; } char* myString2() { return "I am obfuscated too!"; }

... you catch my drift!

Despite not being 100% hacker proof (nothing is!), it's a lot harder to disassemble an .so library than a regular Java one.
If you're really interested in protecting your apk, by all means, get the ProBundle and read Fred's tutorial.

Would it be possible to have create a simple example project with B4A. How do you include for example the .so files and call them from B4A?

wonder · Feb 16, 2016

Alright, so here's a small native obfuscation example.
The encryption algorithm isn't the strongest, but it should be enough.

Here's the B4A test code:

B4X:

Dim test As NativeObfuscationDemo
Dim out As String
For i = 0 To test.kL - 1
    out = out & test.gS(i)
Next
Log(out)

'Output: "password"

Source code, explanation and encryption tutorial available on request.

elitevenkat · Mar 21, 2016

wonder said:
Alright, so here's a small native obfuscation example.
The encryption algorithm isn't the strongest, but it should be enough.

Here's the B4A test code:

B4X:

Dim test As NativeObfuscationDemo Dim out As String For i = 0 To test.kL - 1 out = out & test.gS(i) Next Log(out) 'Output: "password"

Source code, explanation and encryption tutorial available on request.

Yes I am interested kindly send me the tutorial.

Informatix · Mar 21, 2016

wonder said:
Alright, so here's a small native obfuscation example.
The encryption algorithm isn't the strongest, but it should be enough.

Here's the B4A test code:

B4X:

Dim test As NativeObfuscationDemo Dim out As String For i = 0 To test.kL - 1 out = out & test.gS(i) Next Log(out) 'Output: "password"

Source code, explanation and encryption tutorial available on request.

Obfuscating a string is useless IF you don't prevent the hacker from altering and running your code. He will just have to log the string content once deobfuscated (e.g. after you load it from the .so library).
The main purpose of obfuscation is to make the understanding of your code a lot harder, not to protect your data.

elitevenkat · Mar 21, 2016

Then kindly tell me how to secure my apk. Is there any tool available? I use source cop utility for encrypting my php apps.

Informatix · Mar 21, 2016

elitevenkat said:
Then kindly tell me how to secure my apk. Is there any tool available? I use source cop utility for encrypting my php apps.

As said above, there's ProBundle that will cover your protection needs.

Android Question protect the APK as good as possible

marcel

Active Member

MarcoRome

Expert

marcel

Active Member

wonder

Expert

Attachments

elitevenkat

Active Member

Informatix

Expert

elitevenkat

Active Member

Informatix

Expert

Similar Threads