The tit for tat between hardening and dumping is not new, but our job is to continuously improve the difficulty of decompilation . The current technical solution can effectively protect the DEX file by shelling, prevent the source code from being cracked by a static decompilation tool, and can prevent the source code from being obtained by cracking in memory.
We can obfuscate the compiled class file by obfuscating the code. The processed code and the pre-processing code can complete the same function, but the obfuscated code is difficult to be decompiled, even if the decompilation is successful, it is difficult to obtain out the real semantics of the program. For example , ProGuard is an open source project that obfuscates code. It not only protects code, but also reduces the size of compiled programs and memory usage.
Packing protection for DEX files is still needed. We can choose the way of overall DEX reinforcement or split DEX reinforcement to hide the source code to prevent direct decompilation. When splitting DEX reinforcement, you need to pay attention to the data structure of the DEX file. Select the two parts, classdata and classcode. Even if they are split, they will not leak the class data and bytecode data. The decompilation is incomplete and the security is high. Especially in the way of virtual machine reinforcement , some changes are made to the bytes. Even if the replaced data is restored, it will not be deformed into the previous bytecode, and the safety factor is high. For detailed principles, please refer to: An article to understand the reverse analysis and protection mechanism of Android APP
NetEase Cloud Android application reinforcement free trial, effectively prevent applications from reverse analysis, decompilation, and secondary packaging. The core functions include DEX reinforcement, SO encryption protection, memory anti-dump protection, anti-debugger, anti-emulator , etc.