android device! Successfully won offers from Byte, Tencent, and Maimai. Summary of interviews with BAT manufacturers

Preface

From graduation to interviews, there are only a few companies. The first few times of the order have been relatively smooth, and I gave me offers when I went to the third one! In the first two job hunts, I didn't consider what I would need in the future and what my future plans were. As long as I have a job, my salary will meet my requirements! Therefore, if you choose the salary range on Zhaopin Recruitment, you will have a meal and wait for the interview call!

I have been doing Android development for two to three years. The task of my work is the preparation of some interfaces, the simple use of RecyclerView, the web framework is packaged and used directly by others, and the integration of third-party sharing and payment! It can be said that there is no technical improvement at all. Compared with people who have been working for about a year, they have a few more project advantages! So this time I came out to look for a job and expected 15K, and I was very flustered when I said it!

The first stage: Android basic knowledge review:

• Review the Android development and programming, deeply understand the principles and hierarchical structure of the Android system, and analyze the Handler source code and principles;
• Review the languages ​​that Java, C/C++, Kotlin, and dart must use in Android development, and get familiar with the confused features of several languages;
• Review the underlying principles and hot update technology of Android IPC and JNI, review the key points of Native development, and use C++ combined with NDK to complete Android Native development;
• Review the principles of AMS, PMS, WMS commonly used in Android development and the process of service loading in App startup;
• Review Google's MVVM framework that must be used in Android development: DataBinding+LiveData+ViewModel;
• Review Google's MVP framework that must be used in Android development: Dagger2;
• Review the necessary network architecture for Android development: Okhttp3+RxJava2+Retrofit2+Rxdownload4+Rxcache+Glide;

Basic knowledge of Android reverse engineering:

• Familiar with the use of Android reverse tools, such as apktool, IDA, dex2jar, JEB, Androidkiller, Androguard, etc.;
• In-depth analysis of the file formats contained in the APK, analysis of the relevant code of the APK in the Android system source code; learning and familiarity with the smali language (emphasis);
• Write an APP imitating WeChat, and use the tool to reverse the code in the apk, and compare the source code analysis.

Summary of introductory knowledge and actual combat (introduction to reverse engineering):

• Knowledge sorting, installation of common tools, adb commands and Linux commands, common log-in logic analysis;
• Analyze ELF executable program, debug ELF executable program; ARM assembly and register, ARM disassembly quick-form, ARM instruction machine code, commonly used ARM instruction set;
• Decompile ELF files and ObjDump, ELF file analysis and readelf, ELF file analysis and 010Editor, in-depth analysis of ELF file structure; IDA static analysis, IDA dynamic adjustment;
• Simple calculator realization and analysis (practice);
• String encryption and decryption, bubble sorting algorithm analysis;
• Key android_server file detection, IDA debugging port detection;
• ELF executable program loads so library, DEX analysis and dexDump, DEX analysis and 010Editor;
• Realize your own Dex analysis tool and GDA (exercise);
• Androidkiller dynamically debugs smali code plug-in, AS+smalidea debugging smali code;
• Log injection to achieve registration-free, how to locate key codes, remove java layer signature verification, remove advertisements and pop-up windows (actual combat);
• It is recommended to read "AndroidXXXXXX……" and just look for a book that explains the source code of this system;

Android basic algorithm and security protocol:

• Cryptography, symmetric encryption algorithm, asymmetric encryption algorithm, hash function;
• Digital signature, digital certificate, SSL certificate detection, protocol and security protocol;
• Understand server-side and client-side communication protocol analysis;
• Use Charles to capture login packets and verification codes, protocol structure and Java layer MD5 algorithm, and dynamically adjust smali codes and sign fields;
• Protocol construction class and SO layer DESCBC algorithm, protocol key field SIGN and SO layer MD5 algorithm, dynamic debugging protocol field, dynamic debugging protocol key field SIGN;
• Protocol key fields pwad and sign, dynamic modulation protocol field splicing and MD5 encryption, analysis of the so layer OpenSSLSHA1 algorithm;
• Packet encryption and decompilation failed, use method to track and analyze encryption; java layer reverse analysis, analysis of so layer TEA algorithm;
• Exercise: Grab verification code and login packet, analyze key fields of the protocol and RSA algorithm, certificate and RSA principle and source code analysis;
• Symmetric encryption AES, PBE and CRC algorithms, digital signature RSA, DSA algorithms;

The second stage: Android reverse advanced learning:

• In-depth analysis of Android system structure, custom ClassLoader, custom annotation and meta-annotation principle analysis;
• Understand AndroidNDK, static registration, dynamic registration, SO loading analysis,
• App protection strategy removes Bage Magnetic Search APK signature verification, one-click removal of signature verification, static generation {over}{filtering}, dynamic generation {over}{filtering} Hook Activity start function,
• Hook signature verification function introduction xposed frame: Xposed frame:
• Register Xposed framework by bypassing the verification code:
• Log in and hijack the Xposed framework:
• Tampering with IMEI information introduces the CydiaSubstrate framework:
• Java层Hook：
• Tampering with system text color Java layer Hook:
• Modify the method return value to bypass logging in to the Java layer Hook:
• Tampering with game gold coin Java layer Hook:
• Tampering with the host name and port number
• Native层Hook：
• ADBI framework: ELFARMHOOK framework memory picking Dex file and anti-debugging skills C++ game
• Reverse exercise: dynamically debug 2048 pure algorithm game, Zygote+Hook makes 2048 game pass in seconds;

A comprehensive analysis of Android NDK and JNI:

• Introduction of so dynamic library
• JNI dynamic registration and static registration
• NDK Build tool introduction
• Cmake tool introduction
• Introduction to JNI.h
• Android source code tools and techniques
• ijkplayer source code analysis and principle explanation
• AndFix source code analysis and principle explanation
• Dynamic process analysis of Java calling so library
• NDK implements incremental updates
• Case: NDK realizes industrial-grade image recognition such as face changing
• Case: NDK file splitting and encryption processing

Introduction to Android hardening protection and shelling:

• DEX files, ODEX files and OAT files;
• XML files and ARSC files;
• Analyze the generation and background of App reinforcement, the initial reinforcement method, and the development of reinforcement technology;
• HOOK makes shelling machine and customizes its own shelling system;
• DexClassLoader dynamic loading analysis, DEX self-analysis and reconstruction technology;
• Analysis of the principle of three generations of Bang Bang reinforcement; analysis of the principle of love encryption and reinforcement;
• 360 reinforcement and shelling machine, 360 reinforcement VM and replacement table;
• Auxiliary shelling machine, IDA dynamic adjustment of shelling encryption shell;
• IDA dynamic adjustment type 360 ​​shell removal, IDA dynamic adjustment type SO shell removal;
• Take off 360 shell-dex2oat, take off 360 shell-drizzleDumper;
• Baidu reinforces DD Dafa, Baidu reinforces VM and replacement table;
• Ali reinforcement and shelling machine, Tencent Legu;
• ARSC resource protection and annotation;
• Shelling artifact ZjDroid:
• Summary of fishing up to 3 reinforcement technology;

Android shelling and anti shelling analysis:

• Detailed explanation of the idea and skill elf structure in Android shelling:
• The file composition structure of the dynamic runtime library so file elf structure is explained in detail:
• The process of loading the so file, the deformation and protection of the elf file, the analysis of the repair of the elf file, and the common debugging and detection methods for the repair of the so packed file
• Android source code customization adds anti-debugging mechanism Android dvm shelling, Dalvik dex processing and analysis IDA shelling script writing, Odex repair method,
• IDAOdex repair script writing

Advanced knowledge summary and enterprise-level actual combat (reverse advanced):

• Virus analysis and unpacking learning, using Ransomware and Trojan horses for learning;
• Manual shelling "King X Yao" practice;
• Build your own cracking code base from 0;

The third stage: Android vulnerability analysis and mining:

• Learn the types and principles of common vulnerabilities. For example, heap overflow, stack overflow, UAF, etc., you can refer to related books on vulnerability analysis;
• Follow the Android Security Bulletin and analyze the cause of the vulnerability based on the provided diff;
• Learn and debug previous classic vulnerabilities;
• Learn the idea of ​​vulnerability mining and fuzzing, refer to the recommended book "Android Security XXXX";
• Virus analysis and actual combat of virus unpacking;

Android virtual machine technology, system source code analysis, introduction to the flashing mechanism, making ROM flashing package:

• ASP code injection writing method;
• Android does not need root to hook;
• The principle of Android virtual machine, the principle of Android multiple opening is explained;
• Write a virtual machine inside the apk and install the apk in the apk;
• The virtual machine adapts to Android 10 and 64-bit systems;
• Develop your own virtual machine library from 0;
• The most complete flashing tool: Magic ROM;
• The most complete flashing tool: Devices-TWRP;

to sum up

There are many algorithm knowledge points, and the topics of enterprise investigation are ever-changing. In the face of the increasingly close "Golden Nine Silver Ten", I have prepared a set of relatively complete learning methods for everyone, hoping to help everyone as quickly as possible in the limited time. The evil complement algorithm of, through efficient learning to improve the pass rate of the algorithm module in the interview.

This set of learning materials has both text files and videos. It not only contains key knowledge points, but also explains the relevant parts of the algorithm of the case, which can help you learn better and more comprehensively. The combination of the two will have a better learning effect. better.

Part of the information display:

With this set of learning materials, if you stick to the questions for a week, you will find that your algorithmic knowledge system is obviously improved, and you are closer to the major offers.

How to get information: like + follow + forward, then enter my [GitHub] , there are free ways to get it

5%BC%80%E5%8F%91%E4%B8%8D%E4%BC%9A%E8%BF%99%E4%BA%9B%EF%BC%9F%E5%A6%82%E4% BD%95%E9%9D%A2%E8%AF%95%E6%8B%BF%E9%AB%98%E8%96%AA%EF%BC%81.md), there are free ways to obtain it**