How to deploy and use Obfuscapk
When I going to use Obfuscapk,I find its introduction is not very clear,which makes me puzzled. In this blog I’d like to give a more clear introduction with pictures and commands. I am not a native English speaker,so this blog may has a lot of grammatical errors. I am so sorry about these errors. Above all, I hope this blog can help you.
Operating System :Ubuntu 22.04
Docker:lastest version
What is Obfuscapk
Obfuscapk is an open source python to for obfuscating apk code. Nowadays,the reversing tools such as apktools or jd-gui are widely used,it is very easy to analyze your source code. In this case, Obfuscapk aims to make your source code hard to read by obfuscating code in many different ways.
How to install it
In this blog I will teach you how to deploy obfuscapk on your computer by docker. Before we deploy this subject, you have to install docker first.
- pull the image
sudo docker pull claudiugeorgiu/obfuscapk
- give this image a tag
sudo docker tag claudiugeorgiu/obfuscapk obfuscapk
after this we can use “docker images” to see our images.
if you can see obfuscapk,that means you have pull it successfully. We can use this command to make a test.
sudo docker run --rm -it obfuscapk --help
if you can see following picture,that means you have deployed it successfully.
how to use it
What we need to do is that put the apk into the docker images. The best way to do this is mounted a local directory. Put your apk in the directory.
Using this order
sudo docker run --rm -it -u $(id -u):$(id -g) -v "<this is your local directory>":"/workdir" obfuscapk -o ClassRename -o MethodRename -o ResStringEncryption -o Rebuild -o NewAlignment -o NewSignature test.apk
After doing this ,you will find a folder in your local directory.
In this folder you can find obfuscated apk.
We can use reversing tool to reverse the apk and analyze what happened to this apk.
We can get this:
Something you have to remind
The first thing you have to remind is that you have to make sure the sequence of the obfuscating options.
-o Rebuild -o NewAlignment -o NewSignature
these option must be placed at the tail of the sequence.
Another thing is that if you use jd-gui to reverse apk, don’t use open-jdk,download jdk from oracle.
That’s all,hope this blog will help you.