Databases
StackOverflow2013
Postsdbo
PODalvik Bytecode Obfuscation on Android
Body
 

Note that there are some explanatory texts on larger screens.

plurals
  1. PODalvik Bytecode Obfuscation on Android
    text
    copied!<p>I have recently read this article <a href="http://dexlabs.org/blog/bytecode-obfuscation" rel="nofollow">Dalvik Bytecode Obfuscation on Android</a></p> <p>I have also downloaded the source code at <a href="https://github.com/thuxnder/dalvik-obfuscator/blob/master/injector.py" rel="nofollow">https://github.com/thuxnder/dalvik-obfuscator/blob/master/injector.py</a></p> <p>I understand that what the technique does is to iterate through all the methods, insert junkbytes in a code block and unconditional branch in front of the code block (to ensure the code block is never executed).</p> <p>However I'm not familiar with Python script, so I got trouble understand the code block from line 204 to 212 which causes Exception:</p> <pre><code>def _obfuscator_arrayDataOverlayIf(self, method): obfuscator = array.array('c', "\x32\x00\x09\x00\x26\x00\x03\x00\x00\x00\x00\x03\x01\x00\x00\x00\x00\x00") size = method.getMethodSize() if size == 0: print "skip method @ 0x%x" % method._offset return payloadlen = size-len(obfuscator) struct.pack_into('I', obfuscator, 14, payloadlen) return method.obfuscate(obfuscator) </code></pre> <p>I would appreciate if some one can explain me what this block of code does so that I can catch the idea of the author.</p> <p>Edit: The trace back is as below:</p> <pre><code>Traceback (most recent call last): File "C:\Apps\EclipsePortable\Data\workspace\DalvikObfuscator\DalvikObfuscator\injector.py", line 216, in &lt;module&gt; inj.obfuscate() File "C:\Apps\EclipsePortable\Data\workspace\DalvikObfuscator\DalvikObfuscator\injector.py", line 196, in obfuscate if reduce(lambda op1,op2: op1 or op2, map(self._obfuscator_arrayDataOverlayIf, method), False): File "C:\Apps\EclipsePortable\Data\workspace\DalvikObfuscator\DalvikObfuscator\injector.py", line 209, in _obfuscator_arrayDataOverlayIf struct.pack_into('I', obfuscator, 14, payloadlen) struct.error: integer out of range for 'I' format code </code></pre>
 

Querying!

 
Guidance
An individual column

Larger individual text columns get their own page to allow for proper reading.

SQuiL has stopped working due to an internal error.

If you are curious you may find further information in the browser console, which is accessible through the devtools (F12).

Reload