Checker not working if java like this.

[gaplan]

Hello @apkunpacker , I have a java code that checks anti-frida, and when I call apk with the code you wrote, I get the following error.

Error code is : Error: unable to find module containing 0xffe1db0c Error: unable to find module containing 0xffe1db10 Error: unable to find module containing 0xdceffad0 Error: unable to find module containing 0xca7a56f4 Error: unable to find module containing 0xca7a56f8 Error: unable to find module containing 0xdceffb50 Error: unable to find module containing 0x0 Error: unable to find module containing 0xdf123a00 Error: unable to find module containing 0xffe1d328 Error: unable to find module containing 0xffe1d34c Error: unable to find module containing 0xdcedaf00 Error: unable to find module containing 0xffe1d1e8 Error: unable to find module containing 0xffe1d20c Error: unable to find module containing 0xdcedb400 Error: unable to find module containing 0xffe1d248 Error: unable to find module containing 0xffe1d26c

Java Code is :

`public class SecurityUtils { public static ChangeQuickRedirect changeQuickRedirect; public static Boolean isSecure;

static {
    Covode.recordClassIndex(114126);
}

public static boolean isFridaExist() {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[0], null, changeQuickRedirect, true, 11);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    try {
        InetAddress.getByName(decode("3132372e302e302e31"));
        new Socket("3132372e302e302e31", Integer.parseInt(decode("3237303432")));
        return true;
    } catch (IOException unused) {
        return false;
    }
}

public static boolean isRoot() {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[0], null, changeQuickRedirect, true, 3);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    if (getRoSecureProp() == 0) {
        return true;
    }
    return isSUExist();
}

public static boolean isSecure() {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[0], null, changeQuickRedirect, true, 1);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    Boolean bool = isSecure;
    if (bool == null || bool.booleanValue()) {
        return true;
    }
    return false;
}

public static int getRoSecureProp() {
    Object invoke;
    String str = null;
    PatchProxyResult proxy = PatchProxy.proxy(new Object[0], null, changeQuickRedirect, true, 5);
    if (proxy.isSupported) {
        return ((Integer) proxy.result).intValue();
    }
    try {
        invoke = INVOKESTATIC_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_ss_android_ugc_aweme_lancet_mira_opt_MiraReflectLancet_forName("android.os.SystemProperties").getMethod("get", String.class).invoke(null, decode("726f2e736563757265"));
    } catch (Exception unused) {
    }
    if (invoke == null) {
        return 1;
    }
    str = (String) invoke;
    if (str == null || !"0".equals(str)) {
        return 1;
    }
    return 0;
}

public static boolean isSUExist() {
    String[] strArr;
    int i;
    PatchProxyResult proxy = PatchProxy.proxy(new Object[0], null, changeQuickRedirect, true, 7);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    try {
        strArr = new String[]{decode("2f7362696e2f7375"), decode("2f73797374656d2f62696e2f7375"), decode("2f73797374656d2f7862696e2f7375"), decode("2f646174612f6c6f63616c2f7862696e2f7375"), decode("2f646174612f6c6f63616c2f62696e2f7375"), decode("2f73797374656d2f73642f7862696e2f7375"), decode("2f73797374656d2f62696e2f6661696c736166652f7375"), decode("2f646174612f6c6f63616c2f7375")};
        i = 0;
    } catch (Exception unused) {
    }
    while (!new File(strArr[i]).exists()) {
        i++;
        if (i >= 8) {
            return false;
        }
    }
    return true;
}

public static boolean findHookAppFile() {
    MethodCollector.i(14877);
    PatchProxyResult proxy = PatchProxy.proxy(new Object[0], null, changeQuickRedirect, true, 13);
    if (proxy.isSupported) {
        boolean booleanValue = ((Boolean) proxy.result).booleanValue();
        MethodCollector.o(14877);
        return booleanValue;
    }
    try {
        HashSet<String> hashSet = new HashSet();
        BufferedReader bufferedReader = new BufferedReader(new FileReader("/proc/" + Process.myPid() + "/maps"));
        while (true) {
            String readLine = bufferedReader.readLine();
            if (readLine == null) {
                break;
            } else if (readLine.endsWith(".so") || readLine.endsWith(".jar")) {
                hashSet.add(readLine.substring(readLine.lastIndexOf(" ") + 1));
            }
        }
        bufferedReader.close();
        for (String str : hashSet) {
            if (str.contains(decode("636f6d2e73617572696b2e737562737472617465"))) {
                MethodCollector.o(14877);
                return true;
            } else if (str.contains(decode("58706f7365644272696467652e6a6172"))) {
                MethodCollector.o(14877);
                return true;
            } else if (str.contains(decode("6c696273616e64686f6f6b2e656478702e736f"))) {
                MethodCollector.o(14877);
                return true;
            }
        }
    } catch (Exception unused) {
    }
    MethodCollector.o(14877);
    return false;
}

public static String decode(String str) {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str}, null, changeQuickRedirect, true, 15);
    if (proxy.isSupported) {
        return (String) proxy.result;
    }
    return DownloadUtils.hexToString(str);
}

public static Class INVOKESTATIC_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_ss_android_ugc_aweme_lancet_mira_opt_MiraReflectLancet_forName(String str) {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{str}, null, changeQuickRedirect, true, 6);
    if (proxy.isSupported) {
        return (Class) proxy.result;
    }
    if (!C0Y5.LIZ()) {
        return Class.forName(str);
    }
    try {
        return Class.forName(str);
    } catch (Throwable th) {
        if (th instanceof PluginClassNotFoundException) {
            throw th;
        } else if ((th instanceof ClassNotFoundException) || (th instanceof NoClassDefFoundError)) {
            return MiraPluginFix.forName(str);
        } else {
            throw th;
        }
    }
}

public static boolean hasSimCard(Context context) {
    int simState;
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 10);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    try {
        simState = ((TelephonyManager) context.getSystemService("phone")).getSimState();
    } catch (Throwable unused) {
    }
    if (simState == 1 || simState == 0) {
        return false;
    }
    return true;
}

public static boolean isDebug(Context context) {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 4);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    if ((context.getApplicationInfo().flags & 2) != 0) {
        return true;
    }
    return false;
}

public static boolean isXposedExist(Context context) {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 12);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    if (findHookAppFile() || findHookAppName(context)) {
        return true;
    }
    return false;
}

public static boolean findHookAppName(Context context) {
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 14);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    List<String> asList = Arrays.asList(decode("64652e726f62762e616e64726f69642e78706f736564"), decode("636f6d2e746f706a6f686e77752e6d616769736b"), decode("696f2e76612e6578706f736564"), decode("636f6d2e77696e642e636f74746572"), decode("6f72672e6d656f776361742e656478706f7365642e6d616e61676572"), decode("6d652e7765697368752e657870"), decode("636f6d2e73617572696b2e737562737472617465"));
    PackageManager packageManager = context.getPackageManager();
    for (String str : asList) {
        if (packageManager.getPackageInfo(str, 0) != null) {
            return true;
        }
    }
    return false;
}

public static synchronized void init(Context context) {
    synchronized (SecurityUtils.class) {
        MethodCollector.i(14876);
        boolean z = true;
        if (PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 2).isSupported) {
            MethodCollector.o(14876);
            return;
        }
        if (isSecure == null) {
            try {
                if (isRoot() || isDebug(context) || isUsbCharging(context) || !hasSimCard(context) || isFridaExist() || isXposedExist(context)) {
                    z = false;
                }
                isSecure = Boolean.valueOf(z);
                MethodCollector.o(14876);
                return;
            } catch (Exception e) {
                e.printStackTrace();
            }
        }
        MethodCollector.o(14876);
    }
}

public static boolean isUsbCharging(Context context) {
    Intent INVOKEVIRTUAL_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_bytedance_sysoptimizer_ReceiverRegisterLancet_registerReceiver;
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context}, null, changeQuickRedirect, true, 8);
    if (proxy.isSupported) {
        return ((Boolean) proxy.result).booleanValue();
    }
    if ((!RomUtils.isEmui() || Build.VERSION.SDK_INT > 23) && (INVOKEVIRTUAL_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_bytedance_sysoptimizer_ReceiverRegisterLancet_registerReceiver = INVOKEVIRTUAL_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_bytedance_sysoptimizer_ReceiverRegisterLancet_registerReceiver(context, null, new IntentFilter("android.intent.action.BATTERY_CHANGED"))) != null && INVOKEVIRTUAL_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_bytedance_sysoptimizer_ReceiverRegisterLancet_registerReceiver.getIntExtra("plugged", -1) == 2) {
        return true;
    }
    return false;
}

public static Intent INVOKEVIRTUAL_com_ss_android_socialbase_appdownloader_util_SecurityUtils_com_bytedance_sysoptimizer_ReceiverRegisterLancet_registerReceiver(Context context, BroadcastReceiver broadcastReceiver, IntentFilter intentFilter) {
    String str;
    PatchProxyResult proxy = PatchProxy.proxy(new Object[]{context, broadcastReceiver, intentFilter}, null, changeQuickRedirect, true, 9);
    if (proxy.isSupported) {
        return (Intent) proxy.result;
    }
    if (broadcastReceiver != null) {
        str = broadcastReceiver.toString();
    } else {
        str = "";
    }
    ReceiverRegisterLancet.loge("optimize_receiver", str);
    try {
        return context.registerReceiver(broadcastReceiver, intentFilter);
    } catch (Exception e) {
        if (ReceiverRegisterCrashOptimizer.fixedOpen()) {
            return ReceiverRegisterCrashOptimizer.registerReceiver(broadcastReceiver, intentFilter);
        }
        throw e;
    }
}

}`

[apkunpacker]

Hi @gaplan . Thanks for Report. May you share this sample apk on which you trying script so i can reproduce and fix if possible?

[gaplan]

@apkunpacker Thank you very much for the quick reply. That's the apk name. douyin-20-5-0.apk The download address is below.

https://dw62.uptodown.com/dwn/lXdJABRVrWQEtWrGwg-7igQYr7_6PsZI5thBL86fGXuw3PMoDl3jF4u7-Y0FaVjhQ-eNomGiFA3UL5ue5f8OdsQ6TnvZkJP8elfBe7wFSroC91u3byE-UHmlTVsGpXrK/0y1jnVDeVt0soLFwI3MFAu8TmwR5IgDcM9tpxa7W0DsTZwrHRl9mU0A3ZY5ejX92T-LjodMpOO_httneU2-fXmSxE49LVkqL6Y7ZkXJwJtGWE9cCci8hcFonCwsCv4RH/2v901e7t3wDmWBjMRBIDg3uQOjbguWzBNKuV92x7bcwlxnUXrG3903oxAONschPe/douyin-20-5-0.apk

[gaplan]

Any news ?

[gaplan]

And the second one

package com.appsflyer.internal;

enum a$d { XPOSED("xps"), FRIDA("frd");

/* renamed from: ɩ  reason: contains not printable characters */
public String f157;

a$d(String str) {
    this.f157 = str;
}

}