Comments (6)
the non 'base' APKs are also signed with the same key
Sure they are, unless there has been some tampering. I am not sure what you are looking for, but if you care about malicious or accidental inconsistencies, you must analyze all of them.
from stunning-signature.
@xwf20050250 Thanks for this, Just wondering if you know how robust this is, have you tested on many devices or in the wild? Are we sure it will always reside in /data/app or /mnt/?
@emileb
yes, in some of lowlevel android devices(e.g. Bird M6...) the path of base apk is in /mnt/...
if there is some plugin apk in our package, maybe we will get incorrect path(e.g. /data/data/com.dw.fff.uc/ucgamesdk/modules/update-1/cn.uc.gamesdk.loader.apk) which is matched to the plugin.
therefore, we should restrict path to /data/app or /mnt/.
of course, it works fine on production env until now.
from stunning-signature.
@xwf20050250 Thanks for this, Just wondering if you know how robust this is, have you tested on many devices or in the wild? Are we sure it will always reside in /data/app or /mnt/?
from stunning-signature.
will always reside in /data/app or /mnt/?
Well, yes. It will be either under /data/app
or /mnt/asec
… But there may be more matching lines in your /proc/self/maps. E.g. experitest injects the tester APK into your process. Another concern is that for app bundles, you must find the 'base' APK.
from stunning-signature.
another concern is that if you have process attribute, it will override /proc/self/cmdline
.
from stunning-signature.
Thanks for the info @alexcohn. In my limited testing it appears the non 'base' APKs are also signed with the same key, so I believe it's acceptable to find any of the APKs in the bundle (which appears to happen randomly on my test devices)
from stunning-signature.
Related Issues (10)
- Gradle version 'com.android.tools.build:gradle:3.6.3' break functionality HOT 3
- Only works with v1 (jar) signing HOT 1
- get md5 value HOT 1
- someone modded my app. HOT 2
- Building HOT 2
- usleep(500); HOT 1
- WARNING: ABIs [arm64-v8a,armeabi-v7a,armeabi] set by 'android.injected.build.abi' gradle flag contained 'ARMEABI' not targeted by this project.
- there's a simpler way to do it HOT 3
- Getting same signature after rebuilding
Recommend Projects
-
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
-
Vue.js
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
-
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
-
TensorFlow
An Open Source Machine Learning Framework for Everyone
-
Django
The Web framework for perfectionists with deadlines.
-
Laravel
A PHP framework for web artisans
-
D3
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
-
Recommend Topics
-
javascript
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
-
web
Some thing interesting about web. New door for the world.
-
server
A server is a program made to process requests and deliver data to clients.
-
Machine learning
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
-
Visualization
Some thing interesting about visualization, use data art
-
Game
Some thing interesting about game, make everyone happy.
Recommend Org
-
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
-
Microsoft
Open source projects and samples from Microsoft.
-
Google
Google ❤️ Open Source for everyone.
-
Alibaba
Alibaba Open Source for everyone
-
D3
Data-Driven Documents codes.
-
Tencent
China tencent open source team.
from stunning-signature.