Info Obfuscated methods

Description

Obfuscation refers to methods to obscure code and make it hard to understand. Compiled Java classes can be decompiled if there is no obfuscation during compilation step.

Adversaries can steal code and repurpose it and sell it in a new application or create a malicious fake application based on the initial one.

Code obfuscation only slows the attacker from reverse engineering but does not make it impossible.

Recommendation

Design the application to add the following protections and slow reverse engineering of the application:

  • Obfuscate Java source code with tools like Proguard or Dexguard
  • buildTypes {
            release {
                minifyEnabled true
                proguardFiles getDefaultProguardFile('proguard-android.txt'),
                'proguard-rules.pro'
            }
        }
  • Verification application signing certificate during runtime by checking context.getPackageManager().signature
  • Check application installer to ensure it matches the Android Market by calling context.getPackageManager().getInstallerPackageName
  • Check running environment at runtime
  • private static String getSystemProperty(String name) throws Exception {
        Class systemPropertyClazz = Class.forName("android.os.SystemProperties");
        return (String) systemPropertyClazz.getMethod("get", new Class[] { String.class }).invoke(systemPropertyClazz, new Object[] { name });
    }
    
    public static boolean checkEmulator() {
    
        try {
            boolean goldfish = getSystemProperty("ro.hardware").contains("goldfish");
            boolean qemu = getSystemProperty("ro.kernel.qemu").length() > 0;
            boolean sdk = getSystemProperty("ro.product.model").equals("sdk");
    
            if (qemu || goldfish || sdk) {
                return true;
            }
    
        } catch (Exception e) {
        }
    
        return false;
      }
  • Check debug flag at runtime
  • context.getApplicationInfo().applicationInfo.flags & ApplicationInfo.FLAG_DEBUGGABLE;

Technical details
PackageObfuscated
tauronwo.ui False
md5595191132eafa38fd250a42e9ee6a18b False
md5afe7b0aaec1da6d8e06c73cf7ac15cf6 False
md50825634317048b31f32587a329b557c4 False
mono False
android.support.compat False
opentk False
com.crashlytics.android False
android.support.mediacompat False
md55c60b4687a79bde902b20319351a548b False
com.xamarin.java_interop False
md5dab4f5c7853fd57f3a9c9a523364ac69 False
com.google.ads True
android.support.fragment False
md5b92f20aa796313bfef28858c29f0e04e False
md513d0258903c37fed2a3d17a14e8551a2 False
md5d5ebf066a256218dea7a631d474beeb4 False
android.app False
android.support.v4 False
md5b81c3976a26cfd33f612aaba50f8d2ed False
xamarin.android.net False
android.support.coreui False
android.support.coreutils False
android.runtime False
md57dc2b10aeb4197ebc83af1b6c9f51cfe False
android.arch.lifecycle False
md5314bd5db2d744e6e264e20ad6b2fa2c9 False
md5bcaacea39e485ed8e3d7f0e2edda77a7 False
com.google.firebase True
md513074be467e0034b6ca192c1689af813 False