Comments (6)
Hi, the AdvancedReflection
obfuscator modifies only the calls to the methods of this list, as described in the readme:
Uses reflection to invoke dangerous APIs of the Android Framework. In order to find out if a method belongs to the Android Framework, Obfuscapk refers to the mapping discovered by Backes et al.
so if you're not getting any error it means that those methods weren't found, so no obfuscation was performed.
from obfuscapk.
That is super interesting. I saw that file - but did not notice it went down to the method level. So, two things:
- There are malware detection tools that can take the occurrence of the Android package names (not to the level of the method call) and use it as a feature to successfully discriminate between malware and benign apps with high precision and recall. The Backes paper is great - but I think a relaxed version of this obfuscator that obfuscates all these packages would be wonderful.
- Now the fun part. I could probably augment this file - right? Add all the method calls for these APIs, and it would work?
Thanks!
from obfuscapk.
If I have understood correctly, you can just use the "Reflection" plugin!
from obfuscapk.
No - because the Reflection plugin specifically ignores reflecting on calls that are Android specific. What I am saying is if the AdvancedReflection did a wider range of obfuscation of Android specific calls - it would cause a lot of grief for many malware detection tools that analyze dex files (things that do control flow analysis for example or that do simple counts of the number of calls to Android APIs). Granted - it would slow the app to keep layering reflection but who knows by how much.
from obfuscapk.
First, yes, you can manually add more entries to the Backes's list.
The problem, and the reason of two different plug in, is that if you use the reflection in order to invoke every android API the app becomes unusable.
Now let's focus on this issue. What is exactly your problem?
from obfuscapk.
At this point - no problem. I'll try and add more items to the list selectively. You can consider this ticket closed.
from obfuscapk.
Related Issues (20)
- Error obfuscapk BundleDecompiler HOT 12
- apktool error during rebuilding HOT 7
- unknown shorthand flag HOT 7
- About metasploit HOT 2
- apktool errror HOT 1
- About enc key HOT 1
- Whether About is Bundle Support aab? HOT 5
- obfuscate .JSON file HOT 5
- Failure with Rebuild obfuscator using *.aab file HOT 9
- this docker image can not support mac m1.
- 'docker run -v "/root/":"/workdir" obfuscapk -w /workdir/obfuscation_dir/ -o' can not run.
- class_rename incorrectly replaced the command
- path error HOT 2
- Encrypting strings in a java class or in the resources files HOT 3
- APK Tool OOM HOT 1
- TypeError: stat: path should be string, bytes, os.PathLike or integer, not NoneType HOT 1
- Failed install obfuscated apk. HOT 4
- sign bundle .aab with custom key
- Obfusca apk working on kotlin? HOT 1
- Apk Obfuscation and apktoll error i think
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from obfuscapk.