Upgrade to Pro
— share decks privately, control downloads, hide ads and more …
Speaker Deck
Features
Speaker Deck
PRO
Sign in
Sign up for free
Search
Search
Hack And Protect Your Apps
Search
Slvn
April 09, 2015
Programming
4
310
Hack And Protect Your Apps
Droidcon Montreal 2015
Slvn
April 09, 2015
Tweet
Share
More Decks by Slvn
See All by Slvn
ROM Cooking - Droidcon UK 20013
slvn
5
200
Hack and protect your Android app
slvn
1
380
Other Decks in Programming
See All in Programming
大規模アプリにおけるXcode Previews実用化までの道のり
ikesyo
0
950
Server Less Code More - コードを書かない時代に生きるサーバーレスデザイン / server-less-code-more
gawa
5
1.9k
2分台で1500examples完走!爆速CIを支える環境構築術 - Kaigi on Rails 2025
falcon8823
3
2.3k
CSS Linter の現在地 2025年のベストプラクティスを探る
ryo_manba
10
3.1k
Чего вы не знали о строках в Python – Василий Рябов, PythoNN
sobolevn
0
150
生成AIを活用した初学者向けPython講座
soogie
1
130
半自動E2Eで手っ取り早くリグレッションテストを効率化しよう
beryu
6
2.3k
Reduxモダナイズ 〜コードのモダン化を通して、将来のライブラリ移行に備える〜
pvcresin
2
630
Pull-Requestの内容を1クリックで動作確認可能にするワークフロー
natmark
1
310
Web技術を最大限活用してRAW画像を現像する / Developing RAW Images on the Web
ssssota
2
990
非同期jobをtransaction内で 呼ぶなよ!絶対に呼ぶなよ!
alstrocrack
0
290
CSC305 Lecture 02
javiergs
PRO
1
260
Featured
See All Featured
Connecting the Dots Between Site Speed, User Experience & Your Business [WebExpo 2025]
tammyeverts
8
560
The Cost Of JavaScript in 2023
addyosmani
53
9k
How to Ace a Technical Interview
jacobian
280
23k
Speed Design
sergeychernyshev
32
1.1k
Building Better People: How to give real-time feedback that sticks.
wjessup
368
20k
Side Projects
sachag
455
43k
How To Stay Up To Date on Web Technology
chriscoyier
791
250k
The Web Performance Landscape in 2024 [PerfNow 2024]
tammyeverts
9
840
jQuery: Nuts, Bolts and Bling
dougneiner
64
7.9k
Principles of Awesome APIs and How to Build Them.
keavy
127
17k
The Art of Programming - Codeland 2020
erikaheidi
56
14k
Designing Experiences People Love
moore
142
24k
Transcript
HACK AND PROTECT YOUR APPS
AGENDA Droidcon Montréal 2015 01 Hack 02 Protect 03 Develop
04 Conclude
LET’S HACK Reverse engineering & red light saber
LET’S HACK Reverse engineering & red light saber You underestimate
the power of the dark side.
LET’S HACK Demo : AdBlock Plus
LET’S HACK Can we read Smali ? .method public isChecked
()Z .locals 1 .prologue .line 102 iget-boolean v0, p0, Lorg/jraf/android/backport/switchwidget/TwoStatePreference ;- >mChecked:Z return v0 .end method
LET’S HACK Tools adb + unzip extract apk and some
ressources apktool Smali + ressources jadx Java code (partial)
LET’S PROTECT Obfuscation & The Force
LET’S PROTECT Obfuscation & The Force Do. Or do not.
There is no try.
LET’S PROTECT What is obfuscation ? package a; public class
a { [...] public boolean a() { return a; } }
LET’S PROTECT Demo : Proguard
LET’S PROTECT Is Obfuscation enough ? public class a {
private static String a = "MotDePasseSecurePourChiffrer" ; public static Cipher a() { Cipher localCipher = Cipher.getInstance("AES/ECB/PKCS7Padding" , "BC"); localCipher .init(1, new SecretKeySpec (a.getBytes(), "AES")); return localCipher; } }
LET’S PROTECT When ? When to protect ? · Whenever
you want · Keep in mind that one motivated guy with enought ressources can break anything.
LET’S DEVELOP Audit, opportunism & more...
LET’S DEVELOP Audit, opportunism & more... GGGWARRRHH WWWW
LET’S DEVELOP How can this help me ? audit your
build, third parties apps explore frameworks debug, hidden APIs ...
LET’S CONCLUDE All good things must come to an end
LET’S CONCLUDE All good things come to an end LET’S
HACK LET’S PROTECT LET’S DEVELOP
Thank you ! Sylvain Galand
[email protected]
www.genymobile.com