Saturday, November 13, 2010

sharing a good blog

found a nice blog about reversing and android cracking by Dan, who was kind enough to point out that the well-known site crackmes.de has some android crackmes (just search android).

his blog also introduced me to a tool called dex2jar that will sort of convert a classes.dex file into .java source. of course, it's not perfect and it's still new but it can be useful for getting a quick overview if the dalvik is too confusing.

here's Dan's article on android reversing: http://www.kizhakkinan.com/?p=39, check it out. it's got pictures!

8 comments :

  1. Hi Lohan+, can you please help me with this tutorial in that i understood till decompiling classes.dex file but afterward i wen over my head can you please give me a favor please upload how u reversed the crackme with the help of screenshot (or a video tutorial would be great).
    Not necessarily this tutorial only but can u please show me how u reversed crackme by any method.

    ReplyDelete
  2. learning comes from the hard work of trying to figure out what you don't know. if i simply showed you everything, i would be robbing you of that opportunity.

    what, specifically was over your head? tell me so that i might make that part of the tutorial less ambiguous.

    also, you can decompile the crackme and the solved crackme and compare the code with a program like winmerge and see exactly what was changed.

    ReplyDelete
  3. Actually I am searching a lot about android reversing. I even compared cracking pc softwares for that but the problem was in pc software cracking there was a tool ollydbg. I was unable to find such program I tried dalvik but could not find live event logs(like which string, function called etc.)
    In that tutorial the author skipped the part of making keygen, I searched a lot but could not find a thing.

    Actually i am trying to make a keygen for medical softwares from Mob!l Systm so i need to know the process of making keygen.

    just wanted to share, in app the smali file showed invalid_sn:0x78f... something like that & another line for registered: 0x7f... In pc software they say the program again loops back to do math on the entered serial, important of eax, edx n so on. so i wanted to know what is the equivalent process in android apps!

    And thanx lohan for replying so quick (this was my first post on any blog till now :)) & i m ready to work hard as its vacation after my exams :)

    ReplyDelete
  4. ollydbg can be found by simply googling it. it's one of the most well known debuggers.

    dalvik is the name of the virtual machine that android apps run it. read tutorial 1 for more information on logging. i'm about to publish a revised version of it with more information on using java debugger (jdb)

    dalvik uses register based processing, but it is much simpler to understand than pc assembly registers. you don't need to remember eax, edx, etc.. the registers take the form of v0, v1, v2, etc.. on the program and they are relative to the method. that is, v0 in one method has no relation to v0 in another method.

    work on tutorials 0 and 1 and crackme0 and crackme1 and you should understand the fundamentals of smali. the rest only comes with practice. :D

    ReplyDelete
  5. This comment has been removed by a blog administrator.

    ReplyDelete
  6. there are several examples of smali code on this very blog, and more can be found by searching google. http://androidcracking.blogspot.com/search/label/smali

    i had to remove your comment content because it had code from a specific app. :( cracking is hard, don't expect it to be easy and don't expect anyone to show you exactly what to do.

    ReplyDelete
  7. Ho Lohan, It's me again. Some days back I was asking you about the method of cracking a particular app & you told me, "cracking is hard, don't expect it to be easy and don't expect anyone to show you exactly what to do." At that time I was totally frustrated coz I was working on learning cracking for about a week or so & 6 hrs a day.
    But finally 2 days back a simple manipulation in a smali made that particular app to become the first app ever cracked by me. I was so overwhelmed (I literally jumped out of chair ;)) Thanx lohan for all your responses to my noobiest questions :P
    I was trying to crack these apps bcoz me & my girlfriend are medical students, & i suggested her to buy an android phone, telling her that there are many medical apps for android. But when she bought the phone & asked me to give all those apps. But strangely out of those many apps only 3 were cracked, she was disappointed by me. But for buying some time I gave her "skyscape(free)". & she calmed down a bit.
    At that time I decided to learn cracking & started the research (through google search :P) & now I have successfully cracked 9 softwares.

    The funny thing was the method I used to crack the first app. Similar method was effective in cracking other 8 apps :D

    P.S.: Hey and lohan thanx for the tool you suggested "Winmerge" its would be handy now. Coz I am downloading a trial version of a app & comparing it with the already cracked one.
    Yesterday I found an similar app to the one which I cracked earlier, when I tried to find what exactly they change by winmerge. I was so amzed that the cracking method used by me was way to simple & involving only 1 smali while the other cracked app had 2 smali edited & too many modifications. I was so proud of my work :P :D
    But thats it Lohan thanx buddy you indirectly helped me a lot! keep up the goodwork.

    ReplyDelete
  8. you are following the way :D.

    you're right. many apps do use the same protection. many apps merely use the android lvl or a single boolean function. these are no fun, of course, but good for building confidence. this is why i imagine if people can crack the first two crackme's in my tutorials, they can crack most android apps.

    i put much of my knowledge into an app called antilvl. it uses some more advanced techniques that you may find useful.

    ReplyDelete

Do NOT post about or link to specific apps!