溫馨提示×
您好,登錄后才能下訂單哦!
點擊 登錄注冊 即表示同意《億速云用戶服務條款》
您好,登錄后才能下訂單哦!
這篇文章主要介紹“Android基礎逆向如何實現”的相關知識,小編通過實際案例向大家展示操作過程,操作方法簡單快捷,實用性強,希望這篇“Android基礎逆向如何實現”文章能幫助大家解決問題。
自己玩
1.搜索“成功”
這里搜索到了三條數據
點進去之后是這樣一個方法:
.method public static d()V .locals 4 const/4 v3, 0x1 const/4 v2, 0x0 sget v0, Lcom/xy/kom/d/bk;->i:I invoke-static {v0}, Lcom/xy/kom/g/p;->b(I)Z sget v0, Lcom/xy/kom/d/bk;->h:I invoke-static {v0}, Lcom/xy/kom/g/p;->c(I)Z sget-boolean v0, Lcom/xy/kom/d/bk;->G:Z if-eqz v0, :cond_4 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->m:Lcom/xy/kom/g/p;
invoke-virtual {v0}, Lcom/xy/kom/g/p;->x()Ljava/util/ArrayList;
move-result-object v0 invoke-static {}, Lcom/xy/kom/g/f;->l()Lcom/xy/kom/g/f;
move-result-object v1
invoke-virtual {v0, v1}, Ljava/util/ArrayList;->add(Ljava/lang/Object;)Z :goto_0 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->m:Lcom/xy/kom/g/p;
invoke-virtual {v0}, Lcom/xy/kom/g/p;->t()V sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->r:Lcom/xy/kom/d/ei;
if-eqz v0, :cond_0 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->r:Lcom/xy/kom/d/ei;
invoke-virtual {v0, v2}, Lcom/xy/kom/d/ei;->a(I)V :cond_0 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
const/4 v1, 0x6 invoke-virtual {v0, v1}, Lcom/xy/kom/GameActivity;->a(I)V invoke-static {}, Lcom/xy/kom/d/bk;->h()V sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
const-string v1, "\u8d2d\u4e70\u6210\u529f\uff01\u9053\u5177\u5df2\u53d1\u653e" invoke-static {v0, v1, v2}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
move-result-object v0 invoke-virtual {v0}, Landroid/widget/Toast;->show()V sget-object v0, Lcom/xy/kom/GameActivity;->N:Lcom/xy/kom/e/a;
invoke-virtual {v0, v3}, Lcom/xy/kom/e/a;->a(I)V sput-boolean v3, Lcom/xy/kom/GameActivity;->M:Z invoke-static {}, Lcom/xy/kom/a/h;->f()I move-result v0 const/16 v1, 0xd if-ne v0, v1, :cond_2 sget v0, Lcom/xy/kom/GameActivity;->h:I const/4 v1, 0x2 if-ne v0, v1, :cond_2 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->m:Lcom/xy/kom/g/p;
invoke-virtual {v0}, Lcom/xy/kom/g/p;->w()Ljava/util/ArrayList;
move-result-object v0 invoke-interface {v0}, Ljava/util/List;->size()I move-result v1
sget-object v2, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v2, v2, Lcom/xy/kom/GameActivity;->m:Lcom/xy/kom/g/p;
invoke-virtual {v2}, Lcom/xy/kom/g/p;->l()I move-result v2
if-ne v1, v2, :cond_1 sget-object v1, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v1, v1, Lcom/xy/kom/GameActivity;->r:Lcom/xy/kom/d/ei;
invoke-interface {v0}, Ljava/util/List;->size()I move-result v2
add-int/lit8 v2, v2, -0x1 invoke-interface {v0, v2}, Ljava/util/List;->get(I)Ljava/lang/Object;
move-result-object v0 check-cast v0, Lcom/xy/kom/g/f;
invoke-virtual {v1, v0}, Lcom/xy/kom/d/ei;->b(Lcom/xy/kom/g/f;)V :cond_1 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->r:Lcom/xy/kom/d/ei;
sget-object v1, Lcom/xy/kom/d/bk;->d:Lcom/xy/kom/g/f;
invoke-virtual {v0, v1}, Lcom/xy/kom/d/ei;->a(Lcom/xy/kom/g/f;)V invoke-static {}, Lcom/xy/kom/d/bk;->m()V :cond_2 sget-boolean v0, Lcom/xy/kom/d/bk;->G:Z if-nez v0, :cond_3 const/4 v0, 0x0 sput-object v0, Lcom/xy/kom/d/bk;->d:Lcom/xy/kom/g/f;
:cond_3 return-void
:cond_4 sget-object v0, Lcom/xy/kom/GameActivity;->A:Lcom/xy/kom/GameActivity;
iget-object v0, v0, Lcom/xy/kom/GameActivity;->m:Lcom/xy/kom/g/p;
invoke-virtual {v0}, Lcom/xy/kom/g/p;->x()Ljava/util/ArrayList;
move-result-object v0 sget-object v1, Lcom/xy/kom/d/bk;->d:Lcom/xy/kom/g/f;
invoke-virtual {v0, v1}, Ljava/util/ArrayList;->add(Ljava/lang/Object;)Z goto/16 :goto_0.end method
這里找到一個調用成功的方法。我們繼續溯源查看。
發現是一個onResult方法。
解決方法:
(1)覆蓋switch失敗轉為成功。
(2)更改switch跳轉
(3)最后一種我最喜歡作用,思路最明確,使用goto進行跳轉。跳轉到成功即可。
恩,改完之后匯編,整個游戲就破解好了。
沒什么好說的。
是成功的,懶的玩。不想發圖,自己測試吧,有疑問可以找我。
之前沒有找好,現在去找找。
找練習的APK的時候主要注意三點。
(1)最好是單機
(2)選擇大小的時候選小一點的,恩,反編譯快。我們的目的是為了練習。
(3)無殼,現階段可定脫不了殼。
找到了一個什么酷跑什么的游戲。
三步走
原版apk:練習傳送門在這里找,編號:2002
拿到游戲,首先就要玩一下是不,人家怎么購買的你總要知道吧。說不定會有新的發現。
搜索關鍵字“成功失敗”
點開之后進去,發現,原來還是一個onResult。
.method public onResult(ILjava/lang/String;Ljava/lang/Object;)V .locals 3 .param p1, "paramAnonymousInt" # I
.param p2, "paramAnonymousString" # Ljava/lang/String; .param p3, "paramAnonymousObject" # Ljava/lang/Object; .prologue
goto :pswitch_0
.line 26 packed-switch p1, :pswitch_data_0
.line 37 const-string v0, "Unity" new-instance v1, Ljava/lang/StringBuilder; const-string v2, "\u8d2d\u4e70\u9053\u5177\uff1a[" invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; move-result-object v1 const-string v2, "]\u53d6\u6d88\uff01" invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; move-result-object v1 invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v1 invoke-static {v0, v1}, Landroid/util/Log;->v(Ljava/lang/String;Ljava/lang/String;)I .line 38 invoke-static {}, Lcom/huibang/paopao/MainActivity;->access$0()Ljava/lang/String; move-result-object v0
invoke-static {}, Lcom/huibang/paopao/MainActivity;->access$1()Ljava/lang/String; move-result-object v1 const-string v2, "cancel" invoke-static {v0, v1, v2}, Lcom/unity3d/player/UnityPlayer;->UnitySendMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V .line 41 :goto_0
return-void
.line 29 :pswitch_0
const-string v0, "Unity" new-instance v1, Ljava/lang/StringBuilder; const-string v2, "\u8d2d\u4e70\u9053\u5177\uff1a[" invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; move-result-object v1 const-string v2, "] \u6210\u529f\uff01" invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; move-result-object v1 invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v1 invoke-static {v0, v1}, Landroid/util/Log;->v(Ljava/lang/String;Ljava/lang/String;)I .line 30 invoke-static {}, Lcom/huibang/paopao/MainActivity;->access$0()Ljava/lang/String; move-result-object v0
invoke-static {}, Lcom/huibang/paopao/MainActivity;->access$1()Ljava/lang/String; move-result-object v1 const-string v2, "success" invoke-static {v0, v1, v2}, Lcom/unity3d/player/UnityPlayer;->UnitySendMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V goto :goto_0
.line 33 :pswitch_1
const-string v0, "Unity" new-instance v1, Ljava/lang/StringBuilder; const-string v2, "\u8d2d\u4e70\u9053\u5177\uff1a[" invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; move-result-object v1 const-string v2, "] \u5931\u8d25\uff01" invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder; move-result-object v1 invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String; move-result-object v1 invoke-static {v0, v1}, Landroid/util/Log;->v(Ljava/lang/String;Ljava/lang/String;)I .line 34 invoke-static {}, Lcom/huibang/paopao/MainActivity;->access$0()Ljava/lang/String; move-result-object v0
invoke-static {}, Lcom/huibang/paopao/MainActivity;->access$1()Ljava/lang/String; move-result-object v1 const-string v2, "fail" invoke-static {v0, v1, v2}, Lcom/unity3d/player/UnityPlayer;->UnitySendMessage(Ljava/lang/String;Ljava/lang/String;Ljava/lang/String;)V goto :goto_0
.line 26 nop :pswitch_data_0
.packed-switch 0x1 :pswitch_0
:pswitch_1
.end packed-switch.end method
關于“Android基礎逆向如何實現”的內容就介紹到這里了,感謝大家的閱讀。如果想了解更多行業相關的知識,可以關注億速云行業資訊頻道,小編每天都會為大家更新不同的知識點。
免責聲明:本站發布的內容(圖片、視頻和文字)以原創、轉載和分享為主,文章觀點不代表本網站立場,如果涉及侵權請聯系站長郵箱:is@yisu.com進行舉報,并提供相關證據,一經查實,將立刻刪除涉嫌侵權內容。
