Class: Undexguard

Inherits:

Plugin

• Object
• Plugin
• Undexguard

Includes:

CommonRegex, Logging

Defined in:

lib/dex-oracle/plugins/undexguard.rb

Constant Summary

STRING_LOOKUP_3INT =

Regexp.new(
  '^[ \t]*(' +
  ((CONST_NUMBER + '\s+') * 3) +
  'invoke-static \{[vp]\d+, [vp]\d+, [vp]\d+\}, L([^;]+);->([^\(]+\(III\))Ljava/lang/String;' \
  '\s+' +
  MOVE_RESULT_OBJECT + ')',
  Regexp::MULTILINE
)

STRING_LOOKUP_1INT =

Regexp.new(
  '^[ \t]*(' +
  CONST_NUMBER + '\s+' \
  'invoke-static \{[vp]\d+\}, L([^;]+);->([^\(]+\(I\))Ljava/lang/String;' \
  '\s+' +
  MOVE_RESULT_OBJECT + ')'
)

BYTES_DECRYPT =

Regexp.new(
  '^[ \t]*(' +
  CONST_STRING + '\s+' \
  'invoke-virtual \{[vp]\d+\}, Ljava\/lang\/String;->getBytes\(\)\[B\s+' \
  'move-result-object [vp]\d+\s+' \
  'invoke-static \{[vp]\d+\}, L([^;]+);->([^\(]+\(\[B\))Ljava/lang/String;' \
  '\s+' +
  MOVE_RESULT_OBJECT + ')'
)

MULTI_BYTES_DECRYPT =

Regexp.new(
  '^[ \t]*(' +
  CONST_STRING + '\s+' \
  'new-instance ([vp]\d+), L[^;]+;\s+' \
  'invoke-static \{[vp]\d+\}, L([^;]+);->([^\(]+\(Ljava/lang/String;\))\[B\s+' \
  'move-result-object [vp]\d+\s+' +
  CONST_STRING + '\s+' \
  'invoke-static \{[vp]\d+, [vp]\d+\}, L([^;]+);->([^\(]+\(\[BLjava/lang/String;\))\[B\s+' \
  'move-result-object [vp]\d+\s+' \
  'invoke-static \{[vp]\d+\}, L([^;]+);->([^\(]+\(\[B\))\[B\s+' \
  'move-result-object [vp]\d+\s+' \
  'invoke-direct \{[vp]\d+, [vp]\d+\}, Ljava\/lang\/String;-><init>\(\[B\)V' \
  ')'
)

MODIFIER =

-> (_, output, out_reg) { "const-string #{out_reg}, \"#{output.split('').collect { |e| e.inspect[1..-2] }.join}\"" }

Instance Attribute Summary

• #optimizations ⇒ Object readonly

  Returns the value of attribute optimizations.

Instance Method Summary

• #initialize(driver, smali_files, methods) ⇒ Undexguard constructor

  A new instance of Undexguard.

• #process ⇒ Object

Methods included from Logging

included, logger, #logger, logger=

Methods inherited from Plugin

apply_batch, apply_outputs, dumb_replace, init_plugins, plugin_classes, plugins

Constructor Details

#initialize(driver, smali_files, methods) ⇒ Undexguard

Returns a new instance of Undexguard.

# File 'lib/dex-oracle/plugins/undexguard.rb', line 54

def initialize(driver, smali_files, methods)
  @driver = driver
  @smali_files = smali_files
  @methods = methods
  @optimizations = Hash.new(0)
end

Instance Attribute Details

#optimizations ⇒ Object (readonly)

Returns the value of attribute optimizations.

# File 'lib/dex-oracle/plugins/undexguard.rb', line 5

def optimizations
  @optimizations
end

Instance Method Details

#process ⇒ Object

# File 'lib/dex-oracle/plugins/undexguard.rb', line 61

def process
  method_to_target_to_contexts = {}
  @methods.each do |method|
    logger.info("Undexguarding #{method.descriptor} - stage 1/2")
    target_to_contexts = {}
    target_to_contexts.merge!(lookup_strings_3int(method))
    target_to_contexts.merge!(lookup_strings_1int(method))
    target_to_contexts.merge!(decrypt_bytes(method))
    target_to_contexts.map { |_, v| v.uniq! }
    method_to_target_to_contexts[method] = target_to_contexts unless target_to_contexts.empty?
  end

  made_changes = Plugin.apply_batch(@driver, method_to_target_to_contexts, MODIFIER)

  @methods.each do |method|
    logger.info("Undexguarding #{method.descriptor} - stage 2/2")
    made_changes |= decrypt_multi_bytes(method)
  end

  made_changes
end