Shulou(Shulou.com)06/01 Report--

In the last part, we predicted several ideas for Ali Ant Financial to solve the problem, and now let's take a look at the actual situation.

Previous address

(the download address has been updated in accordance with the official instructions)

Http://www.jianshu.com/p/93b0b4e7e091

Complain first.

In the previous article, we mentioned that the official download link is inaccessible, thinking that the official download is not open before the game time, or that Ali's classmates are busy holding the largest company meeting in the universe and have to wait until the wee hours of the morning to open on time.

After a long wait, sleepy, ah, I was still unable to visit at 0 o'clock. I thought this was not Ali's style at that time. At about 00:30, I couldn't wait to see if the official account had replied. As a result, I saw the official reply in the reply at the bottom of the official account article. The download address of the official account was the internal network address, and the public network address was also announced. Can this be regarded as a mistake of the task force?

The situation of the competition

Let's show you a picture first.

Competition interface

The title of the competition is stand-alone version

My predictions 3 and 4 are obviously not in line with it.

The apk bag of the competition question has not been reinforced.

Prediction 2 is right, but only partially right, because the code in the apk part is relatively simple, and he encapsulates the core logic in libcore.so and core.bin files, which, to be honest, I didn't know anything about, I didn't know them, they didn't know me.

A long way to open up so cracking

After a bad supplement of knowledge, I probably know what so is. Since it is a class C thing, then sacrifice the ida artifact, but found that their ida can not use F5 sad ah, so after many attempts to finally find a reliable cracked version available.

The main part of the ida code is quite clear, but it also involves the concept of VM, the core logic is completed in VM, this ghost I am still fighting.

Improve skills

After four days of research, I found that I had gained a lot of skills, and it was worth it even if I couldn't crack it successfully. To give you a simple list, if you are interested, you can join the qq group to find me. These questions are a piece of cake for the gods who are familiar with android development, but android rookies have taken a lot of detours.

Mobile phone programming

Aide is a NB app that develops android applications on android mobile phones.

I have been using this tool before, but my computer development environment is not good enough, and I have been compiling abnormally under eclipse. There is still a problem after updating sdk. So I went back to the mobile phone to develop.

Quote so

It took a long time to introduce 32-bit so into aide, during which we learned the absolute path load library file, relative path loadlibrary, and solved the 32-bit 64-bit problem.

Learned to read the app log without source code.

This question consulted several android development partners, and looked up a lot of information on the Internet to solve it. With the adb artifact, you can check the logcat of the phone and become familiar with the common command usage.

Adb connection bluestack

The new phone does not do root, so it is very inconvenient to debug, so it uses the common sharp weapon bluestack, and realizes the log view of the simulator through the adb command, and installs the application through the adb command. By the way, I mastered the simulator and windows to transfer files to each other. (then suddenly the files of windows's shared directory are not displayed in bluestack, but the files can be written, for some reason, the restart is not resolved, and there is time to follow up later).

Unpacking and repackaging of the learned apk

Use the apktool tool, use it for the first time, cool. I don't have to worry about changing the packing problem any more.

Learned apk signature

Using auto-sign, you can sign the repackaged apk.

Learning arm thumb instruction set

After groping, I finally stepped into the right path, and I couldn't bear to look directly at too many detours. Know the difference between arm thumb instructions, know how to compare instructions with machine code, and deepen the accumulation of assembly knowledge.

Tried to crack the bypass mechanism at the bottom.

This is purely for fun, the verification of Ant Financial Services Group is turned off directly, and the interface returns to pass the verification. Give everyone a screenshot for entertainment.

The picture is from the brief book App.

The revolution has not yet succeeded and we need to continue our efforts.

If you encounter any problems in the learning process or want to obtain learning resources, welcome to join the technology enthusiast exchange group 373107565, we learn technology together!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.