In addition to the good guide created some time by the dear @Informatix ( Pro Bundle https://www.b4x.com/android/forum/threads/probundle-chargeable.58754/ ) i add something else that could be useful ( i hope )
1) CHECK IF YOUR APP IS INTERCEPTED BY A PROXY.
Using a proxy is easy without even disassembling the app knowing any call you make to the outside
2. TRICKS ANTI DEBUG
if hooked to a process to debug
In the Android system, all application processes and SystemServer system service processes are managed by the Zygote process.
This is process without hooked ( Look TracePid = 0 )
This is process with hooked gdbserver ( Look TracePid <> 0 )
For more information see: http://www.zhaoxiaodan.com/java/android/android-native反调试.html
ptrace is very important in this case:
A process can be executed by debugging a single process
There is a function written in C that checks if a process is attacked by a debugger
This is Translate in B4a:
Have a nice day
Marco
1) CHECK IF YOUR APP IS INTERCEPTED BY A PROXY.
Using a proxy is easy without even disassembling the app knowing any call you make to the outside
B4X:
Sub Process_Globals
'These global variables will be declared once when the application starts.
Dim check_pro As String = $"DIRECT"$
Dim msgcheck As String = "Proxy"
End Sub
'Per Check Proxy
If Not(Check.Contains(check_pro)) Then
Msgbox(msgcheck, "INFORMATION")
Return
Else
'OK NO PROXY RUN APP
..............
End If
Sub Check As String
Dim ProxySelector As JavaObject
ProxySelector = ProxySelector.InitializeStatic("java.net.ProxySelector").RunMethod("getDefault", Null)
Dim uri As JavaObject
uri = uri.InitializeStatic("java.net.URI").RunMethod("create", Array("https://www.google.com"))
Dim list As List = ProxySelector.RunMethod("select", Array(uri))
If list.IsInitialized And list.Size > 0 Then
Dim proxy As String = list.Get(0)
'Log(proxy) 'DIRECT, HTTP or SOCKS
Return proxy
'IF DIRECT@ IS ---> OK
' Example with a proxy --> HTTP@localhost:8008
End If
End Sub2. TRICKS ANTI DEBUG
if hooked to a process to debug
In the Android system, all application processes and SystemServer system service processes are managed by the Zygote process.
This is process without hooked ( Look TracePid = 0 )
This is process with hooked gdbserver ( Look TracePid <> 0 )
For more information see: http://www.zhaoxiaodan.com/java/android/android-native反调试.html
ptrace is very important in this case:
A process can be executed by debugging a single process
There is a function written in C that checks if a process is attacked by a debugger
This is Translate in B4a:
B4X:
Sub getPID As Int
Dim jo As JavaObject
jo.InitializeStatic("android.os.Process")
Dim pidstr As Int = jo.RunMethod("myPid",Null)
Log("MyPID: " & pidstr)
Return pidstr
End Sub
Sub KillProcess(pid As Int)
Dim jo As JavaObject
jo.InitializeStatic("android.os.Process")
jo.RunMethod("killProcess",Array(pid))
End Sub
Sub attached_check
'**** CODE B4X
Try
Dim filename As String
Dim pid As Int = getPID
filename = $"/proc/${pid}/status"$
Dim TextReader1 As TextReader
TextReader1.Initialize(File.OpenInput("", filename))
Dim line As String
line = TextReader1.ReadLine
Do While Not(line.Contains("TracerPid"))
Log(line) 'write the line to LogCat
line = TextReader1.ReadLine
Loop
TextReader1.Close
Dim splitta() As String = Regex.Split("\t",line)
Log(splitta(1))
If splitta(1) <> 0 Then
'Debug is Attached -- Kill PID
KillProcess(pid)
End If
Catch
Log(LastException)
End Try
'**** CODE C++
' Try
' {
' const int bufsize = 1024;
' char filename[bufsize];
' char line[bufsize];
' int pid = getPID();
' sprintf(filename, "/proc/%d/status", pid);
' File* fd = fopen(filename, "r");
' If (fd != nullptr)
' {
' While (fgets(line, bufsize, fd))
' {
' If (strncmp(line, "TracerPid", 9) == 0)
' {
' int statue = atoi(&line[10]);
' LOGD("%s", line);
' If (statue != 0)
' {
' LOGD("be attached !! kill %d", pid);
' fclose(fd);
' int ret = kill(pid, SIGKILL);
' }
' break;
' }
' }
' fclose(fd);
' } Else
' {
' LOGD("open %s fail...", filename);
' }
' } Catch (...)
' {
'
' }
End SubHave a nice day
Marco
