How to avoid reverse engineering of an APK file?

后端 未结 30 2241
醉梦人生
醉梦人生 2020-11-21 22:27

I am developing a payment processing app for Android, and I want to prevent a hacker from accessing any resources, assets or source code from the APK file.<

30条回答
  •  小蘑菇
    小蘑菇 (楼主)
    2020-11-21 22:46

     1. How can I completely avoid reverse engineering of an Android APK? Is this possible?

    AFAIK, there is not any trick for complete avoidance of reverse engineering.

    And also very well said by @inazaruk: Whatever you do to your code, a potential attacker is able to change it in any way she or he finds it feasible. You basically can't protect your application from being modified. And any protection you put in there can be disabled/removed.

     2. How can I protect all the app's resources, assets and source code so that hackers can't hack the APK file in any way?

    You can do different tricks to make hacking harder though. For example, use obfuscation (if it's Java code). This usually slows down reverse engineering significantly.

     3. Is there a way to make hacking more tough or even impossible? What more can I do to protect the source code in my APK file?

    As everyone says, and as you probably know, there's no 100% security. But the place to start for Android, that Google has built in, is ProGuard. If you have the option of including shared libraries, you can include the needed code in C++ to verify file sizes, integration, etc. If you need to add an external native library to your APK's library folder on every build, then you can use it by the below suggestion.

    Put the library in the native library path which defaults to "libs" in your project folder. If you built the native code for the 'armeabi' target then put it under libs/armeabi. If it was built with armeabi-v7a then put it under libs/armeabi-v7a.

    /libs/armeabi/libstuff.so
    

提交回复
热议问题