Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Encrypted strings not removed because stack traces aren't emulated #99

Closed
ghost opened this issue Apr 19, 2018 · 3 comments
Closed

Encrypted strings not removed because stack traces aren't emulated #99

ghost opened this issue Apr 19, 2018 · 3 comments

Comments

@ghost
Copy link

ghost commented Apr 19, 2018

I don't know if my issue is related to issue #97
I tring to simply this apk http://www8.zippyshare.com/v/vQTFFChK/file.html Uret Patcher v3.5.apk,
you can find it on https://jasi2169.wordpress.com/ , this apk encrypt strings with a variable key which depends on method call.

    StackTraceElement v1 = new RuntimeException().getStackTrace()[1];
    String v4 = new StringBuffer(v1.getMethodName()).insert(0, v1.getClassName()).toString();
    // code with xor and string v4

command line used is

java -jar simplify/build/libs/simplify.jar /tmp/Uret\ Patcher\ v3.5.apk -o /tmp/output.apk --output-api-level 23 --max-address-visits 100000 -it 'com/android/vendind'

but also

java -jar simplify/build/libs/simplify.jar /tmp/Uret\ Patcher\ v3.5.apk -o /tmp/prova.apk --output-api-level 23 --max-address-visits 100000 -it 'com/android/vendind' -et 'android/support'

is not working.
If is useful I can attach full output.

Simplification complete:
total classes = 842
total methods = 0
optimized methods = 22
failed methods = 1
run time = 435587 ms
Total optimizations:
constantized ifs = 0
constantized ops = 0
dead assignments removed = 0
dead ops removed = 0
dead results removed = 0
nops removed = 0
peephole optmizations = 0
unreflected fields = 0
unreflected methods = 0
useless gotos removed = 0
Writing output to /tmp/output.apk
@ghost ghost mentioned this issue Apr 19, 2018
Closed
@CalebFenton
Copy link
Owner

Thanks for the detailed report. I'm pretty sure this is a related issue: related issue is #12.

The problem is that right now, simplify doesn't emulate methods which get stack traces, though I've made some effort on making this possible. It's just never been a priority.

I think the way this needs to be fixed is by finding out which methods to emulate (start with Exception;->getStackTrace()), and implement them. There may be some changes that need to happen in smalivm for them to work properly, but I don't think it'll be too bad.

You can always try dex-oracle, which actually runs the code, though you'd have to make a plugin for it.

@ghost
Copy link
Author

ghost commented Apr 20, 2018
edited by ghost
Loading

no luck also with dex-oracle.
This time the strings are decrypted but with wrong key. I will open an issue on other repository and I will try to analyze the issue.

Thanks for your suggestions.

@CalebFenton CalebFenton changed the title Encrypted strings not removed Encrypted strings not removed because stack traces aren't emulated Oct 11, 2018
@CalebFenton CalebFenton mentioned this issue Oct 11, 2018
Open
@CalebFenton
Copy link
Owner

Going to close this in favor of #12.

# for free to join this conversation on GitHub. Already have an account? # to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@CalebFenton