Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Hack And Protect Your Apps
Search
Slvn
April 09, 2015
Programming
4
300
Hack And Protect Your Apps
Droidcon Montreal 2015
Slvn
April 09, 2015
Tweet
Share
More Decks by Slvn
See All by Slvn
ROM Cooking - Droidcon UK 20013
slvn
5
190
Hack and protect your Android app
slvn
1
370
Other Decks in Programming
See All in Programming
盆栽転じて家具となる / Bonsai and Furnitures
aereal
0
1.8k
Lookerは可視化だけじゃない。UIコンポーネントもあるんだ!
ymd65536
1
130
ASP.NET Core の OpenAPIサポート
h455h1
0
110
Simple組み合わせ村から大都会Railsにやってきた俺は / Coming to Rails from the Simple
moznion
3
2.1k
Fibonacci Function Gallery - Part 2
philipschwarz
PRO
0
210
LLM Supervised Fine-tuningの理論と実践
datanalyticslabo
8
1.9k
はてなにおけるfujiwara-wareの活用やecspressoのCI/CD構成 / Fujiwara Tech Conference 2025
cohalz
3
2.7k
令和7年版 あなたが使ってよいフロントエンド機能とは
mugi_uno
10
5.1k
Amazon Nova Reelの可能性
hideg
0
200
2025.01.17_Sansan × DMM.swift
riofujimon
2
540
shadcn/uiを使ってReactでの開発を加速させよう!
lef237
0
300
Внедряем бюджетирование, или Как сделать хорошо?
lamodatech
0
940
Featured
See All Featured
A designer walks into a library…
pauljervisheath
205
24k
RailsConf 2023
tenderlove
29
970
Templates, Plugins, & Blocks: Oh My! Creating the theme that thinks of everything
marktimemedia
28
2.2k
Building a Modern Day E-commerce SEO Strategy
aleyda
38
7k
Typedesign – Prime Four
hannesfritz
40
2.5k
Stop Working from a Prison Cell
hatefulcrawdad
267
20k
Why You Should Never Use an ORM
jnunemaker
PRO
54
9.1k
Building a Scalable Design System with Sketch
lauravandoore
460
33k
GraphQLの誤解/rethinking-graphql
sonatard
68
10k
ピンチをチャンスに:未来をつくるプロダクトロードマップ #pmconf2020
aki_iinuma
113
50k
We Have a Design System, Now What?
morganepeng
51
7.3k
Performance Is Good for Brains [We Love Speed 2024]
tammyeverts
7
570
Transcript
HACK AND PROTECT YOUR APPS
AGENDA Droidcon Montréal 2015 01 Hack 02 Protect 03 Develop
04 Conclude
LET’S HACK Reverse engineering & red light saber
LET’S HACK Reverse engineering & red light saber You underestimate
the power of the dark side.
LET’S HACK Demo : AdBlock Plus
LET’S HACK Can we read Smali ? .method public isChecked
()Z .locals 1 .prologue .line 102 iget-boolean v0, p0, Lorg/jraf/android/backport/switchwidget/TwoStatePreference ;- >mChecked:Z return v0 .end method
LET’S HACK Tools adb + unzip extract apk and some
ressources apktool Smali + ressources jadx Java code (partial)
LET’S PROTECT Obfuscation & The Force
LET’S PROTECT Obfuscation & The Force Do. Or do not.
There is no try.
LET’S PROTECT What is obfuscation ? package a; public class
a { [...] public boolean a() { return a; } }
LET’S PROTECT Demo : Proguard
LET’S PROTECT Is Obfuscation enough ? public class a {
private static String a = "MotDePasseSecurePourChiffrer" ; public static Cipher a() { Cipher localCipher = Cipher.getInstance("AES/ECB/PKCS7Padding" , "BC"); localCipher .init(1, new SecretKeySpec (a.getBytes(), "AES")); return localCipher; } }
LET’S PROTECT When ? When to protect ? · Whenever
you want · Keep in mind that one motivated guy with enought ressources can break anything.
LET’S DEVELOP Audit, opportunism & more...
LET’S DEVELOP Audit, opportunism & more... GGGWARRRHH WWWW
LET’S DEVELOP How can this help me ? audit your
build, third parties apps explore frameworks debug, hidden APIs ...
LET’S CONCLUDE All good things must come to an end
LET’S CONCLUDE All good things come to an end LET’S
HACK LET’S PROTECT LET’S DEVELOP
Thank you ! Sylvain Galand
[email protected]
www.genymobile.com