本文主要是介绍OSX(10.10.4 ) 反编译APK 和 混淆,希望对大家解决编程问题提供一定的参考价值,需要的开发者们随着小编来一起学习吧!
反编译
准备工作
- 安装APKTOOL how to install
- 安装dex2jar install(sourceforge下的dex2jar-0.0.9.15.zip)
- 安装jd gui install
使用方法
apktool 安装和使用参照文档
dex2jar使用
从apk所在的目录打开终端 (从文件夹打开终端),运行softrice$ unzip ./app-release.apk
文件夹下出现classes.dex,把他拉入dex2jar文件夹。终端跳转到dex2jar文件夹,执行
softrice$ sudo sh dex2jar.sh classes.dex
文件夹下出现jar包,用jd gui 打开就可以看源码了。
dex2jar使用的时候最开始的使用dex2jar2.0,加权限后使用的时候报无权限,。后来改用sourceforge下的dex2jar-0.0.9.15.zip.
dex2jar使用
混淆
在build.gradle加入
android {buildTypes {release {minifyEnabled trueproguardFiles getDefaultProguardFile('proguard-android.txt'), 'proguard-rules.pro'}}
}混淆是很方便,但是打包成apk后各种问题。
proguard-android.txt和proguard-rules.pro就是用来申明哪些代码不被混淆。
proguard-android.txt是安卓默认,可以在sdk下找到他
# This is a configuration file for ProGuard.
# http://proguard.sourceforge.net/index.html#manual/usage.html-dontusemixedcaseclassnames
-dontskipnonpubliclibraryclasses
-verbose# Optimization is turned off by default. Dex does not like code run
# through the ProGuard optimize and preverify steps (and performs some
# of these optimizations on its own).
-dontoptimize
-dontpreverify
# Note that if you want to enable optimization, you cannot just
# include optimization flags in your own project configuration file;
# instead you will need to point to the
# "proguard-android-optimize.txt" file instead of this one from your
# project.properties file.-keepattributes *Annotation*
-keep public class com.google.vending.licensing.ILicensingService
-keep public class com.android.vending.licensing.ILicensingService# For native methods, see http://proguard.sourceforge.net/manual/examples.html#native
-keepclasseswithmembernames class * {native <methods>;
}# keep setters in Views so that animations can still work.
# see http://proguard.sourceforge.net/manual/examples.html#beans
-keepclassmembers public class * extends android.view.View {void set*(***);*** get*();
}# We want to keep methods in Activity that could be used in the XML attribute onClick
-keepclassmembers class * extends android.app.Activity {public void *(android.view.View);
}# For enumeration classes, see http://proguard.sourceforge.net/manual/examples.html#enumerations
-keepclassmembers enum * {public static **[] values();public static ** valueOf(java.lang.String);
}-keepclassmembers class * implements android.os.Parcelable {public static final android.os.Parcelable$Creator CREATOR;
}-keepclassmembers class **.R$* {public static <fields>;
}# The support library contains references to newer platform versions.
# Don't warn about those in case this app is linking against an older
# platform version. We know about them, and they are safe.
-dontwarn android.support.**
proguard-rules.pro则需要我们做一些修改。
先了解一些规则 proguard
这是我所用的
# Add project specific ProGuard rules here.
# By default, the flags in this file are appended to flags specified
# in D:\Android\sdk/tools/proguard/proguard-android.txt
# You can edit the include path and order by changing the proguardFiles
# directive in build.gradle.
#
# For more details, see
# http://developer.android.com/guide/developing/tools/proguard.html# Add any project specific keep options here:# If your project uses WebView with JS, uncomment the following
# and specify the fully qualified class name to the JavaScript interface
# class:
#-keepclassmembers class fqcn.of.javascript.interface.for.webview {
# public *;
#}#指定代码的压缩级别-optimizationpasses 5
#包明不混合大小写-dontusemixedcaseclassnames
#不去忽略非公共的库类-dontskipnonpubliclibraryclasses
#优化 不优化输入的类文件-dontoptimize
#预校验-dontpreverify
#混淆时是否记录日志-verbose
# 混淆时所采用的算法-optimizations !code/simplification/arithmetic,!field/*,!class/merging/*
#保护注解-keepattributes *Annotation*
# 保持哪些类不被混淆-keep public class * extends android.app.Fragment
-keep public class * extends android.app.Activity
-keep public class * extends android.app.Application
-keep public class * extends android.app.Service
-keep public class * extends android.content.BroadcastReceiver
-keep public class * extends android.content.ContentProvider
-keep public class * extends android.app.backup.BackupAgentHelper
-keep public class * extends android.preference.Preference
-keep public class com.android.vending.licensing.ILicensingService
#如果有引用v4包可以添加下面这行-keep public class * extends android.support.v4.app.Fragment
#忽略警告-ignorewarning
##记录生成的日志数据,gradle build时在本项目根目录输出###apk 包内所有 class 的内部结构-dump class_files.txt
#未混淆的类和成员-printseeds seeds.txt
#列出从 apk 中删除的代码-printusage unused.txt
#混淆前后的映射-printmapping mapping.txt
#####混淆保护自己项目的部分代码以及引用的第三方jar包library########-libraryjars libs/umeng-analytics-v5.2.4.jar#三星应用市场需要添加:sdk-v1.0.0.jar,look-v1.0.1.jar#-libraryjars libs/sdk-v1.0.0.jar#-libraryjars libs/look-v1.0.1.jar#不混淆第三方jar包中的类-keep class com.android.volley.** {*;}
-keep class com.Chart.** {*;}
-keep class com.xxx.lib.** {*;}
-keep class antistaic.spinnerwheel.** {*;}
-keep class com.xxx.xxx.model.** {*;}
-keep class com.xxx.xxx.modules.** {*;}
-keep class com.facebook.** {*;}
-keep class com.google.** {*;}
-keep class in.srain.cube.** {*;}
-keep class cn.sharesdk.**{*;}
-keep class com.sina.**{*;}
-keep class **.R$* {*;}
-keep class **.R{*;}
-dontwarn cn.sharesdk.**
-dontwarn **.R$*
#baidu push-libraryjars libs/pushservice-VERSION.jar
-dontwarn com.baidu.**
-keep class com.baidu.**{*; }
#如果引用了v4或者v7包-dontwarn android.support.**
####混淆保护自己项目的部分代码以及引用的第三方jar包library-end####-keep public class * extends android.view.View {
public <init>(android.content.Context);public <init>(android.content.Context, android.util.AttributeSet);public <init>(android.content.Context, android.util.AttributeSet, int);public void set*(...);}#保持 native 方法不被混淆-keepclasseswithmembernames class * {
native <methods>;}#保持自定义控件类不被混淆-keepclasseswithmembers class * {
public <init>(android.content.Context, android.util.AttributeSet);}#保持自定义控件类不被混淆-keepclassmembers class * extends android.app.Activity {
public void *(android.view.View);}#保持 Parcelable 不被混淆-keep class * implements android.os.Parcelable {
public static final android.os.Parcelable$Creator *;}#保持 Serializable 不被混淆-keepnames class * implements java.io.Serializable
#保持 Serializable 不被混淆并且enum 类也不被混淆-keepclassmembers class * implements java.io.Serializable {
static final long serialVersionUID;private static final java.io.ObjectStreamField[] serialPersistentFields;!static !transient <fields>;!private <fields>;!private <methods>;private void writeObject(java.io.ObjectOutputStream);private void readObject(java.io.ObjectInputStream);java.lang.Object writeReplace();java.lang.Object readResolve();}#保持枚举 enum 类不被混淆 如果混淆报错,建议直接使用上面的 -keepclassmembers class * implements java.io.Serializable即可#-keepclassmembers enum * {# public static **[] values();# public static ** valueOf(java.lang.String);#}-keepclassmembers class * {
public void *ButtonClicked(android.view.View);}#不混淆资源类-keepclassmembers class **.R$* {
public static <fields>;}#避免混淆泛型 如果混淆报错建议关掉#–keepattributes Signature#移除log 测试了下没有用还是建议自己定义一个开关控制是否输出日志#-assumenosideeffects class android.util.Log {# public static boolean isLoggable(java.lang.String, int);# public static int v(...);# public static int i(...);# public static int w(...);# public static int d(...);# public static int e(...);#}#如果用用到Gson解析包的,直接添加下面这几行就能成功混淆,不然会报错。#gson#-libraryjars libs/gson-2.2.2.jar-keepattributes Signature
# Gson specific classes-keep class sun.misc.Unsafe { *; }
# Application classes that will be serialized/deserialized over Gson-keep class com.google.gson.examples.android.model.** { *; }这篇关于OSX(10.10.4 ) 反编译APK 和 混淆的文章就介绍到这儿,希望我们推荐的文章对编程师们有所帮助!
