大众点评 mtgsig 安卓逆向 研究

mtgsig签名
response 二进制解密


.text:B1BF744E 01 26 MOVS R6, #1
.text:B1BF7450 2E 70 STRB R6, [R5]
.text:B1BF7452 20 48 LDR R0, =(aSystemBinLs - 0xB1BF7458) ; “/system/bin/ls”
.text:B1BF7454 78 44 ADD R0, PC ; “/system/bin/ls” ; file
.text:B1BF7456 00 25 MOVS R5, #0
.text:B1BF7458 29 00 MOVS R1, R5 ; oflag
.text:B1BF745A CF F7 A0 EC BLX open
.text:B1BF745E 04 00 MOVS R4, R0
.text:B1BF7460 00 2C CMP R4, #0
.text:B1BF7462 25 DB BLT loc_B1BF74B0
.text:B1BF7464 01 AD ADD R5, SP, #0x28+buf
.text:B1BF7466 14 22 MOVS R2, #0x14 ; nbytes
.text:B1BF7468 20 00 MOVS R0, R4 ; fd
.text:B1BF746A 29 00 MOVS R1, R5 ; buf
.text:B1BF746C CF F7 10 EE BLX read
.text:B1BF7470 14 28 CMP R0, #0x14
.text:B1BF7472 18 D1 BNE loc_B1BF74A6
.text:B1BF7474 28 78 LDRB R0, [R5]
.text:B1BF7476 7F 28 CMP R0, #0x7F
.text:B1BF7478 15 D1 BNE loc_B1BF74A6
.text:B1BF747A 01 A8 ADD R0, SP, #0x28+buf
.text:B1BF747C 40 78 LDRB R0, [R0,#1]
.text:B1BF747E 45 28 CMP R0, #0x45 ; ‘E’
.text:B1BF7480 11 D1 BNE loc_B1BF74A6
.text:B1BF7482 01 A8 ADD R0, SP, #0x28+buf
.text:B1BF7484 80 78 LDRB R0, [R0,#2]
.text:B1BF7486 4C 28 CMP R0, #0x4C ; ‘L’
.text:B1BF7488 0D D1 BNE loc_B1BF74A6
.text:B1BF748A 01 A8 ADD R0, SP, #0x28+buf
.text:B1BF748C C0 78 LDRB R0, [R0,#3]
.text:B1BF748E 46 28 CMP R0, #0x46 ; ‘F’
.text:B1BF7490 09 D1 BNE loc_B1BF74A6
.text:B1BF7492 01 A8 ADD R0, SP, #0x28+buf
.text:B1BF7494 80 7C LDRB R0, [R0,#0x12]
.text:B1BF7496 3E 28 CMP R0, #0x3E ; ‘>’
.text:B1BF7498 01 D0 BEQ loc_B1BF749E
.text:B1BF749A 03 28 CMP R0, #3
.text:B1BF749C 03 D1 BNE loc_B1BF74A6
.text:B1BF749E
.text:B1BF749E loc_B1BF749E
.text:B1BF749E 20 00 MOVS R0, R4 ; fd
.text:B1BF74A0 CF F7 88 EC BLX close

boolean v2 = MTGuard.isEmu();
boolean v3 = MTGuard.isRoot();
boolean v4 = MTGuard.hasMalware();
boolean v5 = MTGuard.isDarkSystem();
boolean v6 = MTGuard.isVirtualLocation();
boolean v7 = MTGuard.isRemoteCall();
boolean v8 = MTGuard.isSigCheckOK();
boolean v11 = MTGuard.inSandBox();
boolean v13 = MTGuard.isHook();
boolean v14 = MTGuard.isDebug();
boolean v15 = MTGuard.isProxy();
boolean v16 = MTGuard.isCameraHack();
private static native Object[] main(int arg0, Object[] arg1);

你可能感兴趣的:(安卓逆向,python,java,系统安全)