1. Home > Web_defense >

Obfuscapk: A black box obfuscation tool for Android applications


Obfuscapk is a modular Python tool that can help researchers obfuscate Android App without the need for application source code. Obfuscapk uses apktool to decompile the original APK file and build a new application. Finally, it applies obfuscation technology to the decompiled smali code, resource files and Manifest files. The obfuscated application retains the original function function, but the difference is that the obfuscated application source code will be very different from the original application source code.
Tool Architecture

Obfuscapk is implemented based on a modular structure for functional expansion, and it also integrates a plug-in system. In Obfuscapk, each obfuscator belongs to a plug-in and inherits an abstract base class. They all need to implement the obfuscate method. When the tool starts to process a new Android application file, it creates an obfuscated object to store all the required information, such as the location of the decompiled smali code, and the status of the processing operation. Next, Obfuscapk will pass the obfuscation object to the obfuscate method as a parameter, and finally send it to all active plug-ins or obfuscators.
It is worth mentioning that the majority of researchers can expand and develop new obfuscators according to their needs. Researchers can directly add obfuscation technology or plug-in metadata (.obfuscator) to the "src/obfuscapk/obfuscators" directory. File) to achieve the source code. The tool will automatically detect new plug-ins, so no additional configuration is required.
Tool installation
We have two methods to install and use Obfuscapk on our own devices. The first is to use Docker, and the other is to use the project source code directly in the Python 3.7 environment. In these two methods, the first thing to do is to copy the project source code to the local directory:
$ git clone https://github.com/ClaudiuGeorgiu/Obfuscapk.git
Docker mirror
Dependent components
We recommend that you use this method to install Obfuscapk, because this method only needs to install the latest version of Docker:
$ docker --version
Docker version 19.03.0 , build aeac949
Official Docker Hub image
We can download the official Obfuscapk Docker image directly on Docker Hub:
$ # Download the Docker image.
$ docker pull claudiugeorgiu/obfuscapk
$ # Give it a shorter name.
$ docker tag claudiugeorgiu/obfuscapk obfuscapk
Installation
If you download the official image from Docker Hub, then we can start using it directly , Otherwise you need to execute the following command to create the "Obfuscapk/src/" directory (which contains the Dockerfile) to build the Docker image:
$ # Make sure to run the command in Obfuscapk/src/ directory.< br/>$ # It will take some time to download and install all the dependencies.
$ docker build -t obfuscapk
After the Docker image is ready, you need to run the following command to check whether the installation is correct:
$ docker run --rm -it obfuscapk --help
usage: python3.7 -m obfuscapk.cli [-h] -o OBFUSCATOR [-w DIR] [-d OUT_APK]
.. .
Now Obfuscapk is ready to use.
Source code installation
Dependent components
Ensure that apktool, jarsigner and zipalign have been installed on the device and can be used directly through the command line tool:
$ apktool
Apktool v2. 4.0-a tool for reengineering Android apk files
...
$ jarsigner
Usage: jarsigner [options] jar-file alias
jarsigner -verify [options] jar-file [ alias...]
...
$ zipalign
Zip alignment utility
Copyright (C) 2009 The Android Open Source Project
...
To install and use apktool, the latest version of Java is required. The executable program path of apktool, jarsigner and zipalign needs to be configured in the following environment variables: APKTOOL_PATH, JARSIGNER_PATH and ZIPALIGN_PATH. Of course, in addition to the above components, you also need to install Python 3.7.
Installation
Run the following commands in the project home directory to complete the installation of dependent components:
$ # Make sure to run the commands in Obfuscapk/ directory.
$ # The usage of a virtual environment is highly recommended, eg, virtualenv.
$ # If not using virtualenv (https://virtualenv.pypa.io/), skip the next 2 lines.
$ virtualenv -p python3 .7 venv
$ source venv/bin/activate
$ # Install Obfuscapk's requirements.
$ python3.7 -m pip install -r src/requirements.txt
Next, Run the following command to ensure that the tool is installed correctly:
$ cd src/
$ # The following command has to be executed always from Obfuscapk/src/ directory
$ # or by adding Obfuscapk/src/ directory to PYTHONPATH environment variable.
$ python3.7 -m obfuscapk.cli --help
usage: python3.7 -m obfuscapk.cli [-h] -o OBFUSCATOR [-w DIR] [-d OUT_APK]
...
Obfuscapk is now available.
Tool usage
Docker image-the local directory contains the application to be obfuscated, and it needs to be loaded into the "/workdir" directory in the container:
$ docker run --rm- it -u $(id -u):$(id -g) -v "${PWD}":"/workdir" obfuscapk [params...]
Source code-all commands need to be in "Obfuscapk /src/" directory:
$ python3.7 -m obfuscapk.cli [params...]
View help information:
$ obfuscapk --help
obfuscapk [ -h] -o OBFUSCATOR [-w DIR] [-d OUT_APK] [-i] [-p] [-k VT_API_KEY]
The tool has two mandatory parameters, the first is "", which means to be confused The path of the APK; the other is the list of obfuscation techniques that need to be used:

-w DIR: Set the working directory and save the apktool The generated intermediate file.
-d OUT_APK: Set the path of the destination file.
-i: Set whether to ignore third-party libraries during the obfuscation process.
-p: Whether to display the confusion progress bar.
-k VT_API_KEY: Set the VirusTotal API key, which is only required when using VirusTotal.
Tool usage example
Simple usage example of Obfuscapk:
$ # original.apk is a valid Android apk file.
$ obfuscapk -o RandomManifest -o Rebuild -o NewSignature -o NewAlignment original.apk
Project address
Obfuscapk: [GitHub Portal]

This article is published by www.internetweblist.com and does not represent the position of www.internetweblist.com/:http://www.internetweblist.com/Web_defense/24570.html

Contact Us

Online consultation:click here to give a message