Shulou(Shulou.com)06/01 Report--

This article is about how to get started with Android reverse, the editor thinks it is very practical, so I share it with you to learn. I hope you can get something after reading this article.

Background

This article is for Python crawler engineers: the Internet industry is becoming more and more difficult, and traffic is increasingly flocking to mobile, crawlers and anti-crawler attacks and defenses, all of which make us have no choice but to keep learning new skills to stay competitive and support our families (a bunch of single dogs can't even support ourselves).

App reverse is constantly appearing in the schedule of crawler engineers, but how to get started with App reverse?

The target readers of this article are planning to learn Android reverse crawler er, which may have the following characteristics

There is almost no Java foundation

There is almost no Android foundation

Lack of understanding of Android reverse ideas and tools

The following article will answer these puzzles and anxieties one by one, but the learning models that are suitable for everyone are also different and can be practiced selectively. This article is not very helpful to Android reverse veterans, but I would like to express my heartfelt thanks if the veterans are willing to share experiences and lessons in the comments section and give some advice to those who have been there.

I. misunderstandings and traps in the reverse of self-taught Android

1.1. Don't try to master Java programming and Android development before you start learning reverse.

If you are only fifteen years old and have plenty of time to study and pick up girls, then I take it back. Look at the snow forum, there is no lack of 12-year-old genius who embark on the reverse journey, they can wantonly absorb knowledge, all with their own interests and minds to travel in the reverse world. As for you, you may no longer be young, and you are about to or have already set foot on the job, ready to let Android reverse become your plus points and a springboard, then I think you have a better way to learn Android reverse. Instead of spending months or more indulging in development, finally wearing out interest, giving up reverse learning, sighing, "reverse is really difficult, it won't work."

Java is a complex and exquisite language, but you don't want to be a Java development engineer.

Android application development is full of charm and new technologies emerge one after another, but you don't want to be an Android engineer.

You may want to refute, then I do not understand Java, do not understand how Android can do reverse, Buddhist reverse with the fate of the reverse? No, I didn't say that. I just mean you don't have to be proficient in Java and Android when you get started. There are a lot of reasons, but I think the main reason is that development and reverse focus are different.

Let's first list some technical keywords that have emerged in Android interviews and practical application development:

Java virtual machine, Davlik virtual machine, UI layout, four / five components and details, Intent,Handler, data persistence, process threading and asynchronism, SharedPreferences, screen adaptation, compatibility, Android messaging mechanism, how to call WebView,bitmap,Java and C++, third-party SDK access, memory leaks and management, network communication and optimization, hot repair and plug-in, Dex subcontracting and optimization, Kotlin language RecyclerView, annotation framework, audio and video processing Design patterns, application frameworks, other optimizations.

And what do we need to focus on when we crack it? Especially for the reverse requirements of crawlers, in short, we are cracking how encrypted fields are generated, and our keywords are these:

Packet grabbing and anti-grabbing, App obfuscation, hardening, highly obfuscated encryption and decryption algorithm, Jni, encryption in C, dynamic debugging of smaliJava layer, Jadx,Jeb,ida

Developers need to develop and implement various functions of App, pay attention to the adaptation of hundreds of models from dozens of manufacturers, optimization of Apk volume, optimization of App performance, UI that is more attractive to users, and more friendly bug solution mechanism (hot fix). While we crack, generally speaking, we only need to pay attention to the application's network communication, encryption and decryption methods, security protection. The goals of development and reverse are completely different, so you don't need to know the set of development in order to start cracking.

In addition, the security issue of App is just one of many issues in Android development. Some Android developers, and even the processes and tools for decompiling App, have only heard of it, especially for small factories / general App, where they have limited effort on security issues, which is easy to understand.

Paparazzi and clandestine photography are only things that worry stars after they become famous, while 18-line actresses are begging in the rainy Hengdian, and so is App. If you don't have a big factory App (Tencent / Ali / Jinri Toutiao, etc.), super App (Alipay / Wechat / Douyin / Kuaishou, etc.), or special-purpose App (ticket buying / payment / online merchants, etc.), then developers give App a common reinforcement on the market Getting a so layer encryption is already the upper limit of their protection, which may not be too simple, but it is difficult and rare. Because the retention of App users and the food and clothing of developers are their most deadly issues.

Therefore, you do not need to spend too much time to understand and practice the complex Android development knowledge, you only need to master the basic syntax of Java, the basic knowledge of Android, you can focus on reverse to focus on a variety of technologies and methods.

1.2. Don't aim too high.

This is very important. I want to learn how to decrypt complex so, how to shell, anti-debug, or to crack Douyin, Xiao Hongshu, Meituan, such mature and large-scale social life applications.

First follow some excellent introductory tutorials and videos, lay a good basic training ideas, starting from the simple demo, from the Java layer encryption, from the simple application, one step at a time. I wanted to do Native as soon as I started, but you still want to too naive.

1.3. Don't collect too much data & distinguish the timeliness of the data

Don't look at the information from five years ago, the reverse circle is already relatively closed and slow, and many powerful and convenient tools have not been widely publicized. However, the technology of application development and protection is changing with each passing day. If you are still looking at the cracking tutorials and articles from five years ago, it may be using the tools and methods of the previous five years. Rounding up you are using the reverse technology of Android of the Qing Dynasty. I am not completely negating the relatively old tutorials and materials. Some of the articles written by my predecessors are still accurate and easy to understand, even enlightening. But this category is after all a minority, and if you understand it carefully, there will often be a better substitute or a better implementation.

1.4. Don't be conceited. It's easy to reverse Android.

In an ideal situation, reverse workers in Android app need to be very familiar with java and CumberCraft + language, have experience in developing large or mature Android software, be familiar with the underlying layer of Android and how App works, in short, it is better to be a mature and experienced senior engineer of android. However, this does not mean that we have to get to this point to start the reverse journey of Android. You should first understand the full picture of Android reverse from a more systematic point of view, then pick up those "drooping fruits", follow the tutorials to use some mature tools, learn ideas, and complete several crackers. Then continue to learn and supplement knowledge in the questions. If you want to be ready for everything on the road, you can, too. Thousands of people flow like the sea, and all roads lead to the same goal, but you just have to endure a long and boring period of study.

II. The data and basis of the reverse introduction to Android

These books and content are very good, I did not provide Baidu Cloud links, there are a lot of online resources, I hope you will be attracted and impressed by the boss's writing and content through pdf materials, and then buy genuine books to read by your side.

I. the foundation of the foundation

1.Java

Chapters 1-6 of "Java Core Technology Volume 1" focus on these basics: Java basic data types, Java object orientation and three major features, Java interface, String classes, and Array,Map. After reading these chapters, you can roughly understand the simple Java code.

2.Android

The first Line of Code (2nd Edition) is a simple, straightforward, easy-to-understand, well-written book that is recognized as an introduction to Android. You can seriously click on all the examples, or you can just take a quick look at the development process of App. After reading this book, you will understand how an Android App has grown from scratch.

3. Encryption and decryption

"the Art of Java encryption and decryption (second Edition)" talks about how to use Java to achieve a variety of encryption, this book is a reference book, it is recommended to buy a very good, use it to flip through, usually go to the toilet can also be used as toilet reading. As simple as that, you can start the reverse journey of Android, which is the simplest configuration, according to the requirements, you can learn these things later.

II. Android reverse books and materials

1. Authoritative Guide to Android Software Security

The white cover, I like to call it the white paper. This book is so great that if you want to get started with Android reverse, it's almost impossible to skip it. Android reverse entry requires all aspects, it covers, but also talks about the content has depth. This book is suitable for looking for chapters according to your needs. If you look at it in order, you may die in the third chapter, "Dalvik executable format and bytecode specification". At the same time, I suggest that the software installation and environment configuration in the first chapter should not be put into practice. After installing the java development environment, you can use jadx or Jeb gold oil to do it directly, but if you like typing the command line, it's okay to use it. The following reading order is only my personal preference, the reader discriminates and chooses by himself. Chapter 1 and 2-build the environment and how to analyze the Android program, browse. Chapter 3 and 4-Dalvik executable format and bytecode specification and Android file format, browse, the content is very important, but not the content of the introduction. Chapter 5-static analysis of Android app, which is also the first lesson of many training courses, I personally think that this should be read first, and it is well written. Chapter 6-dynamic analysis of Android applications, written very well, but I have not used the dynamic analysis framework, it seems that some old and difficult to use, readers can try. Chapter 10-Hook and injection, Xposed+Frida is the focus of this chapter, Frida is the most popular dynamic pile insertion tool. The first ten chapters, software protection technology, are very comprehensive. Chapter 789 is the content of the Native layer, I divide it into the next part, the introduction only refers to the Java layer, chapter 12 is the content of the software shell, but also advanced content.

2. "Android Application Security Protection and reverse Analysis"

The yellow cover, I call it the Yellow Book, this book is also full of material, like the white paper, but also for Android developers / security personnel, the threshold is relatively high. Personally, I also suggest that we should look at the module according to the module and be careful if we look at it in order. The book is divided into three parts, both the protection chapter and the tools chapter are very good. This book is also a must. These two books are guiding lights, but just reading these two books is far from enough, you need real combat, and there are more extensive and more comprehensive materials.

Third, the introduction to add, I suggest that these according to the needs, or in the encounter when the study and review

Java-- exception handling / reflection / dynamic proxy, which is very useful for you to understand techniques such as Hook in reverse. Android-- network request framework / application framework /... The above is how to get started with Android reverse. The editor believes that there are some knowledge points that we may see or use in our daily work. I hope you can learn more from this article. For more details, please follow the industry information channel.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.