2. If you run in to obfuscated smali filenames in the APK, a simple search replace will help you rename the files.
3. Instead of trying to understand the proprietary encryption/decryption, just run the decryption code without understanding it.
4. OP Created a smali emulator for this task (#3). Only supporting a small subset of dalvik instructions.
Which means than for now, the emulator can be defeated using as many dalvik opcodes as possible in your encryption/decryption code.
A simple check-cast for example (Throw a ClassCastException if the reference in the given register cannot be cast to the indicated type.)
can break the emulator.
5. Being written in python, relying heavily on regular expressions and without much algorithmic improvements (the opcode lookup for example is a for loop instead of a lookup table) - there's a lot to improve the emulator performance, but this is an incredible first step.
> Instead of trying to understand the proprietary encryption/decryption, just run the decryption code without understanding it.
When I have encountered this sort of problem in the past, I would drop the encryption module into another Android app and directly call the functions. I would then run the other Android app on a phone or Android emulator. Custom emulation seems unnecessary for most cases.
It has modules which look for patterns in code. Then you can tell it to run some method from the original app to understand what the code should be. Then, you can replace the obfuscated code with whatever you computed.
1. Great link with the Dalvik opcodes manual http://pallergabor.uw.hu/androidblog/dalvik_opcodes.html
This came up with a google search: https://source.android.com/devices/tech/dalvik/dalvik-byteco...
2. If you run in to obfuscated smali filenames in the APK, a simple search replace will help you rename the files.
3. Instead of trying to understand the proprietary encryption/decryption, just run the decryption code without understanding it.
4. OP Created a smali emulator for this task (#3). Only supporting a small subset of dalvik instructions. Which means than for now, the emulator can be defeated using as many dalvik opcodes as possible in your encryption/decryption code. A simple check-cast for example (Throw a ClassCastException if the reference in the given register cannot be cast to the indicated type.) can break the emulator.
5. Being written in python, relying heavily on regular expressions and without much algorithmic improvements (the opcode lookup for example is a for loop instead of a lookup table) - there's a lot to improve the emulator performance, but this is an incredible first step.