search

strazzere / android-unpacker

Android Unpacker presented at Defcon 22: Android Hacker Protection Level 0
Apache License 2.0
1.12k stars 331 forks source link

Secneo apkwrapper support #39

Closed h3ku closed 5 years ago

h3ku commented 6 years ago

Hi, I'm trying to reverse engineer the following application. https://play.google.com/store/apps/details?id=cn.ninebot.ninebot

Based on the content of the main dex file it looks like that use secneo apkwrapper.

It looks like contains anti-debug tricks and other things similar to APKProtect.

Any advice?

strazzere commented 6 years ago

According to https://github.com/strazzere/android-unpacker/issues/38 this should be solved with the latest updates.

Can you confirm?

h3ku commented 6 years ago

Nop, I try with the latest master from GitHub and I got the following result. image

I attach the output of APKiD too. image

strazzere commented 6 years ago

Ah I may have been mixing up previously fixed issues. I do know at least older versions of that specific package where unpack-able.

Can you please provide a hash and/or upload the file you're attempting to work on? From there we can actually test/working on the issue.

h3ku commented 6 years ago

This is the APK https://drive.google.com/file/d/1wTxR6G9kZRU5V7gF-4L-MTdgVRqQM_41/view

I was trying to do it on a Nexus 5X, I can't remember the exact android version but I can check it tomorrow.

strazzere commented 6 years ago

Ah, yes - this is the new enterprise version of secneo that no one was publicly released a free unpacker for.

Directory commented 5 years ago

@h3ku hey i want to reverse the exact same app. did you ever figure something out?

strazzere commented 5 years ago

This is the enterprise secneo version.

There are, currently, no public postings online on how to reverse this fully.

If you're interested in contract work to solve this issue - please contact me (or ask around).

This will never be solved within the scope of this project both for technical and legal reasons.

On Sun, Jun 16, 2019 at 2:18 AM Gabrial notifications@github.com wrote:

@h3ku https://github.com/h3ku hey i want to reverse the exact same app. did you ever figure something out?

— You are receiving this because you commented. Reply to this email directly, view it on GitHub https://github.com/strazzere/android-unpacker/issues/39?email_source=notifications&email_token=AAEYIRTIJN3PZYO76LGFRYLP2YANFA5CNFSM4EQWMRJKYY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGODXZI4JY#issuecomment-502435367, or mute the thread https://github.com/notifications/unsubscribe-auth/AAEYIRXIL4Q76PVDZP7MFHLP2YANFANCNFSM4EQWMRJA .

strazzere commented 5 years ago

Going to close this issue as it will not be addressed publicly on this repo. Reach out directly (privately) if there is any need for this.

apkunpacker commented 4 years ago

@hk3u did u tried frida ? . I managed to dump the dex with frida

MAVProxyUser commented 7 months ago

https://github.com/quarkslab/dxfx