root 检测,debug检测

Untitled

m7a函数是AES算法

Untitled

绕过root检测、debug检测,计算AES结果

  1. root检测绕过

    1. 真机
    2. frida(hook 检测函数)
    3. magisk(shamiko)

  2. debug检测

    用来对抗重打包,现阶段基本不通过重打包来调试应用

  3. AES算法

    还原算法后计算结果就行

根据算法还原

PKCS7Padding修改为PKCS5Padding

import java.util.Base64;

import javax.crypto.Cipher;
import javax.crypto.spec.SecretKeySpec;

public class Main {
    public static void main(String[] args) {
        m1a();
    }

    public static boolean m1a() {
        byte[] bArr;
        byte[] bArr2 = new byte[0];

        try {
            bArr = m7a(m0b("8d127684cbc37c17616d806cf50473cc"),
                    Base64.getDecoder()
                          .decode("5UJiFctbmgbDoLXmpL12mkno8HT4Lv8dlat8FxR2GOc="));
        } catch (Exception e) {
            bArr = bArr2;
            System.out.println(e);
        }

        System.out.println(new String(bArr));

        return true;
    }

    public static byte[] m0b(String str) {
        int length = str.length();
        byte[] bArr = new byte[length / 2];

        for (int i = 0; i < length; i += 2) {
            bArr[i / 2] = (byte) ((Character.digit(str.charAt(i), 16) << 4) +
                Character.digit(str.charAt(i + 1), 16));
        }

        return bArr;
    }

    public static byte[] m7a(byte[] bArr, byte[] bArr2) {
        try {
            SecretKeySpec secretKeySpec = new SecretKeySpec(bArr, "AES");
            Cipher cipher = Cipher.getInstance("AES/ECB/PKCS5Padding");
            cipher.init(2, secretKeySpec);

            return cipher.doFinal(bArr2);
        } catch (Exception e) {
            System.out.println(e);
        }

        byte[] bAr = new byte[0];

        return bAr;
    }
}