1

I have developed an Android Application with some data crunching inside a C library (NDK).

In order to protect the library code:

  • I have obfuscated the code with ProGuard and exported it in release version.
  • I have replaced the functions and variables names inside the C Library with random sequence of letters to let it unreadable.
  • I verified the library with readelf -a command.
  • I verify the apk with ApkTool

How can I verify that it is correctly obfuscated?

Is there any way to explore and reverse the library (.so)?

perror
  • 19,083
  • 29
  • 87
  • 150
trizioPucci
  • 11
  • 1
  • 2
  • 3
    There's always a way to reverse it. The question is whether you make it worth people's while or not. Most likely, people won't even bother trying to steal your code, so unless it's protecting something valuable, you're good. – Antimony Nov 14 '13 at 13:30
  • I know that There's always a way to reverse it. I am looking for a way to do it to verify how hard is this reverse activities. Thank you – trizioPucci Nov 15 '13 at 16:30
  • 1
    /* Joke */ And don't forget to check your "hacker-protection-factor"! http://reverseengineering.stackexchange.com/questions/2384/origin-of-hacker-protection-factor – Stolas Nov 23 '13 at 23:07

2 Answers2

1

I'm not sure what you mean by verify if the code has been properly obfuscated, but you could do a simple differential analysis. Compile the source without proguard and identify the important code, and then look at that same code with proguard enabled. You already use some of the tools I use when analyzing Android apps. I would recommend using dex2jar in combination with JD-GUI however.

So you have your apk file. Use dex2jar to extract the contents.

sh ~/android_re/dex2jar-0.0.9.15/d2j-dex2jar.sh ~/androidAPKs/myapp.apk

This will generate a jar file for you. You open this jar file with JD-GUI and identify the location of the package and class you obfuscated. If youre able to find the name of that class, your obfuscation was not successful. This information should not be readily available the way you wrote the code.

As far as your .so file is concerned. It can be reversed using IDA pro and a hex editor. I am actually in the middle of a research project on creating a technique to successfully add code functionality to the .so files. If my method works, I will be releasing this information publicly to the community. But right now, it requires some skill with ARM assembly. Another drawback is the fact that it is actually slightly difficult to add code since there aren't many empty locations to add useful code to in an elf shared object.

But I have been able to successfully change some logic code in .so files consequently changing the apps behavior, so if you have some critical code, I would be mindful of that.

gandolf
  • 355
  • 2
  • 9
0

The only way to verify "how hard" reversing something is, is to attempt to reverse it yourself--by hand. And that's a little tricky if you're the one who wrote it. There's no automated tool I'm aware of that can do this.

avgvstvs
  • 620
  • 3
  • 13