Coder Social home page Coder Social logo

antidebug's Introduction

AntiDebug

android apk反调试工具,反hook、反xposed、反virtual xposed、反substrate

该项目主要实现android app反第三方调试功能,主要功能用c++实现,因为考虑到用java实现会被xposed等功能拦截,导致反调试功能失效。 该项目使用 attribute ((visibility ("hidden"))) 隐藏了关键的函数符号,避免被静态分析。

主要的思路和步骤如下:

native层主要工作:

1.检测进程status文件TracerPid字段状态,如果该状态不为0,表示native层代码被调试

2.检测进程的maps文件,app进程中加载的所有模块信息地址均会写入该文件中。我们分析是否有com.saurik.substrate/io.va.exposed/de.robv.android.xposed等一系列敏感模块信息来判断是否被反调试

3.检测进程的调试器状态,首先检测app是否处于Debug模式,然后检测java层调试器是否打开。如果处于Release模式并且调试器打开,说明被反调试

java层主要工作:

在关键业务的地方调用AntiDeubg.isInject()方法,判断进程的堆栈是否包含两次com.android.internal.os.ZygoteInit信息。正常情况只会调用一次,如果app被xposed注入,被调用两次。

使用方法:

在Activity中调用此方法注册监听即可,AntiDebug.setAntiDebugCallback(this); Native层会实时监测进程状态,如果监测到被反调试会回调到beInjectedDebug方法中,详情见Demo。

如有问题欢迎提Issues。

antidebug's People

Contributors

name-cpu avatar

Stargazers

avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar avatar

Watchers

avatar avatar avatar avatar avatar avatar

Forkers

haidragon fengjixuchui explife0011 code20i9 forkarepo sepyeight 751643992 26597925 kernweak fishso jimpeter521 xyygit apython123 lhshi ramble01 aiwenlg007 fanmingyi df13954 costcost dongfenglee wu4321 mickelfeng alehacksp halohoop liangdepeng luyu344 yangboyd axhlzy rassec bluepeople1 yutao531315 zhangyunfang pingia qmqsyz chayao2015 lxyjyy jasonlau233

antidebug's Issues

咨询android studio 版本

你好!我下载了你的这个项目,但是在android studio 2.3.2上编译不通过。我想请教一下,你的这个项目是在android studio的什么版本上进行的开发?另外改项目是否可以正常编译通过? 望大神不吝赐教,甚是感激。

是否存在内存泄漏的问题

小白一个入门jni不久不太懂...
jni获取到的java对象不是都得手动释放的吗?
看到好多申请了jobject jstring jclass都没被手动释放掉
是否纯在内存泄漏的问题

Recommend Projects

  • React photo React

    A declarative, efficient, and flexible JavaScript library for building user interfaces.

  • Vue.js photo Vue.js

    🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.

  • Typescript photo Typescript

    TypeScript is a superset of JavaScript that compiles to clean JavaScript output.

  • TensorFlow photo TensorFlow

    An Open Source Machine Learning Framework for Everyone

  • Django photo Django

    The Web framework for perfectionists with deadlines.

  • D3 photo D3

    Bring data to life with SVG, Canvas and HTML. 📊📈🎉

Recommend Topics

  • javascript

    JavaScript (JS) is a lightweight interpreted programming language with first-class functions.

  • web

    Some thing interesting about web. New door for the world.

  • server

    A server is a program made to process requests and deliver data to clients.

  • Machine learning

    Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.

  • Game

    Some thing interesting about game, make everyone happy.

Recommend Org

  • Facebook photo Facebook

    We are working to build community through open source technology. NB: members must have two-factor auth.

  • Microsoft photo Microsoft

    Open source projects and samples from Microsoft.

  • Google photo Google

    Google ❤️ Open Source for everyone.

  • D3 photo D3

    Data-Driven Documents codes.