Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Encrypted strings not removed because stack traces aren't emulated #99

Closed
ghost opened this issue Apr 19, 2018 · 3 comments
Closed

Encrypted strings not removed because stack traces aren't emulated #99

ghost opened this issue Apr 19, 2018 · 3 comments

Comments

@ghost
Copy link

ghost commented Apr 19, 2018

I don't know if my issue is related to issue #97
I tring to simply this apk http://www8.zippyshare.com/v/vQTFFChK/file.html Uret Patcher v3.5.apk,
you can find it on https://jasi2169.wordpress.com/ , this apk encrypt strings with a variable key which depends on method call.

    StackTraceElement v1 = new RuntimeException().getStackTrace()[1];
    String v4 = new StringBuffer(v1.getMethodName()).insert(0, v1.getClassName()).toString();
    // code with xor and string v4

command line used is

java -jar simplify/build/libs/simplify.jar /tmp/Uret\ Patcher\ v3.5.apk -o /tmp/output.apk --output-api-level 23 --max-address-visits 100000 -it 'com/android/vendind'

but also

java -jar simplify/build/libs/simplify.jar /tmp/Uret\ Patcher\ v3.5.apk -o /tmp/prova.apk --output-api-level 23 --max-address-visits 100000 -it 'com/android/vendind' -et 'android/support'

is not working.
If is useful I can attach full output.

Simplification complete:
total classes = 842
total methods = 0
optimized methods = 22
failed methods = 1
run time = 435587 ms
Total optimizations:
constantized ifs = 0
constantized ops = 0
dead assignments removed = 0
dead ops removed = 0
dead results removed = 0
nops removed = 0
peephole optmizations = 0
unreflected fields = 0
unreflected methods = 0
useless gotos removed = 0
Writing output to /tmp/output.apk
@ghost ghost mentioned this issue Apr 19, 2018
Closed
@CalebFenton
Copy link
Owner

Thanks for the detailed report. I'm pretty sure this is a related issue: related issue is #12.

The problem is that right now, simplify doesn't emulate methods which get stack traces, though I've made some effort on making this possible. It's just never been a priority.

I think the way this needs to be fixed is by finding out which methods to emulate (start with Exception;->getStackTrace()), and implement them. There may be some changes that need to happen in smalivm for them to work properly, but I don't think it'll be too bad.

You can always try dex-oracle, which actually runs the code, though you'd have to make a plugin for it.

@ghost
Copy link
Author

ghost commented Apr 20, 2018
edited by ghost
Loading

no luck also with dex-oracle.
This time the strings are decrypted but with wrong key. I will open an issue on other repository and I will try to analyze the issue.

Thanks for your suggestions.

@CalebFenton CalebFenton changed the title Encrypted strings not removed Encrypted strings not removed because stack traces aren't emulated Oct 11, 2018
@CalebFenton CalebFenton mentioned this issue Oct 11, 2018
Open
@CalebFenton
Copy link
Owner

Going to close this in favor of #12.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CalebFenton