Closed ItalianApkDownloader closed 6 years ago
There is a few reasons this may be occurring. The first case seems to be that pread is restricted - maybe this is the selinux context or it could be the app defending itself.
The second one, if is the same app, seems like it just isn't finding anything useful.
Since you're restricted your paste to not include the package name, I have no idea what all this is. Can you share the file here or email me it directly? Without it, there is no meaningful troubleshooting we can do.
This is the apk: https://www.mediafire.com/download/ycp5w5g8i25nxa5 And this is the file i found in .jiagu folder in /data/data/apppackage https://www.mediafire.com/download/vlyk2yuft1sfkye I think its a combination of jiagu and qihoo
Definitely Jiagu;
[+] APKiD 1.0.0 :: from RedNaga :: rednaga.io
[*] app.apk
|-> packer : Jiagu
[*] app.apk!classes.dex
|-> compiler : dexlib 2.x
I may have time to look at this sometime this week, though I believe their was a past jiagu comment on a closed issue where someone posted a work around.
My suggestion would be to try it on a pre ART emulator.
What is a pre ART emulator Sorry but i cant find nothing about this
I have the same issue here. "They're trapping and killing the ptrace calls" how can we evade that.
@ItalianApkDownloader ART the VM which dalvik bytecode is executed in. It used to be done inside the DVM, which this project was originally based around. The project still works against ART VMs, but it might not be optimal.
@hardcoder80 You'll need to do reverse engineering and manually unpack it vs using this tool.
The previous issue I was mentioning is here; https://github.com/strazzere/android-unpacker/issues/38
@strazzere should we patch the so library using ida pro to disable the anti debugging or what? Btw I have used dexhunter dvm but the app still crash, any hint or guidlines would be very helpful.
@hardcoder80 You should reverse the protection mechanism and find out for yourself - sadly I cannot reverse every protection for every person who files an issue. When I post a solution, the vendors read it and change their challenge. Thus reading the previous solution might give you hints.
As I do this project for free, sadly, one cannot expect me to just post solutions for them whenever there is a change in the products.
If I get bored and somehow have free time, I might come back to this issue and solve it.
Otherwise, I suggest you start reversing it - blog your findings and maybe come back and submit a fix for the protector. Best of luck!
Going to close this issue and keep only #42 open - which appears to be the same instance of jiagu.
every time i use this i got this error
Maybe is my phone with android 8.0 i dont know
i have tried with an android emulator and i got this
i'm using this on jiagu app I dont know why but if i use apktool to decompile the apk i found qihoo360 but if i go to /data/data/com.example is see a file called classes.dex (is crypted) in a folder called .jiagu also in assests folder of the apk there is a file called .appkey
another problem is makefile compile the kisskiss file in all except amerabi so when i use the command make install it give me error