https://bbs.pediy.com/thread-226667.htm
1.实现动态load so 实现data段进行加密
2.实现工具是android studio3.0以上 和ndk16版本以上
3.libfoo.so是没有加密的so libdata.so是加固之后的so
难点分析 1.在android 7.0之后dlopen不返回soinfo结构体,通过读取maps 获取基地址读取系统so的结构体
2.在android5.1之后 出现read被pread64函数读取so的结构
3.在android4.1.2 5.0 7.0等page_size 也是内存大小有改变
4.在android4.4之后都是c++ 考虑安全问题 用c语言实现
参考TK大神
https://bbs.pediy.com/thread-216119.htm
Find section .text, addr = 0x1320
Find section .dynamic, size = 0x120, addr = 0xcdb0
Find .dynsym, addr = 0x1f0
Find .dynstr, addr = 0x670
Find .dynstr size, size = 0x40b
Find .hash, addr = 0xa7c
Read .dynamic information failed
Find function JNI_OnLoad failed
我自己编译了一个测试的so库,发现在android 6.0上报错,2款手机是lennovo x3c50和samsung的6.0.1。使用了libc++_shared.so库,android 4.X下没有问题。
报错信息如下:
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: load start
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: -------00000001
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: "/data/data/com.example.memloadertest/lib/libwind.so" is e_phnum: 8
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: page_min --->>>00000000,page_max --->>>00001000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: phdr_size_ --->>>00001000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: verify elf success
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: min=00000000,max=00013000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: load_start 0xf3cf1000,load_bias 0xf3cf1000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: seg_page_start==f3cf1000. file_length=0000e31c
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: LoadSegments seg_addr=f3cf1000 flag=00000005
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: LoadSegments succeed:/data/data/com.example.memloadertest/lib/libwind.so!
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: seg_page_start==f3d00000. file_length=0000102c
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: LoadSegments seg_addr=f3d00000 flag=00000003
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: LoadSegments succeed:/data/data/com.example.memloadertest/lib/libwind.so!
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: findphdr success
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: findphdr success /libwind.so
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: library name libwind.so new
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: soinfos fail
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: base1----->>f3cf1000 ,size---->>00013000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: load segments success
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: success1 00000008
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: success
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: [ init_library base=0xf3cf1000 sz=0x00013000 name='libwind.so' ]
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: [ linking libwind.so ]
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: si->base = 0xf3cf1000 si->flags = 0x00000000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: dynamic = 0xf3d00cb4
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cb4, d0 = 0x00000003 d1 = 0x0000fe0c
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cbc, d0 = 0x00000002 d1 = 0x000003d0
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: plt_rel_count=0000007a
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cc4, d0 = 0x00000017 d1 = 0x00001d70
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: plt_rel=0xf3cf2d70
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00ccc, d0 = 0x00000014 d1 = 0x00000011
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cd4, d0 = 0x00000011 d1 = 0x00001960
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cdc, d0 = 0x00000012 d1 = 0x00000410
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00ce4, d0 = 0x00000013 d1 = 0x00000008
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cec, d0 = 0x6ffffffa d1 = 0x00000078
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cf4, d0 = 0x00000006 d1 = 0x000001f0
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00cfc, d0 = 0x0000000b d1 = 0x00000010
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d04, d0 = 0x00000005 d1 = 0x00000ba0
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d0c, d0 = 0x0000000a d1 = 0x000007aa
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d14, d0 = 0x00000004 d1 = 0x0000134c
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d1c, d0 = 0x00000001 d1 = 0x00000764
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d24, d0 = 0x00000001 d1 = 0x00000772
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d2c, d0 = 0x00000001 d1 = 0x0000077a
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d34, d0 = 0x00000001 d1 = 0x00000784
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d3c, d0 = 0x00000001 d1 = 0x0000078c
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d44, d0 = 0x00000001 d1 = 0x0000079d
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d4c, d0 = 0x00000001 d1 = 0x000000ca
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d54, d0 = 0x00000001 d1 = 0x00000015
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d5c, d0 = 0x0000000e d1 = 0x0000001d
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d64, d0 = 0x0000001a d1 = 0x0000fac4
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so destructors (DT_FINI_ARRAY) found at 0xf3d00ac4
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d6c, d0 = 0x0000001c d1 = 0x00000008
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d74, d0 = 0x00000019 d1 = 0x0000fcac
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so constructors (DT_INIT_ARRAY) found at 0xf3d00cac
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d7c, d0 = 0x0000001b d1 = 0x00000008
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d84, d0 = 0x0000001e d1 = 0x00000008
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d8c, d0 = 0x6ffffffb d1 = 0x00000001
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d94, d0 = 0x6ffffff0 d1 = 0x000017cc
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00d9c, d0 = 0x6ffffffc d1 = 0x00001904
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00da4, d0 = 0x6ffffffd d1 = 0x00000001
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00dac, d0 = 0x6ffffffe d1 = 0x00001920
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: d = 0xf3d00db4, d0 = 0x6fffffff d1 = 0x00000002
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: si->base = 0xf3cf1000, si->strtab = 0xf3cf1ba0, si->symtab = 0xf3cf11f0
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libandroid.so
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: soname=libandroid.so , nbucket=00000000
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libz.so
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: soname=libz.so , nbucket=00000061
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs liblog.so
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: soname=liblog.so , nbucket=00000083
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libm.so
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: soname=libm.so , nbucket=00000107
04-08 18:28:40.534 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libc++_shared.so
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: soname=libc++_shared.so , nbucket=00000805
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libstdc++.so
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: soname=libstdc++.so , nbucket=00000061
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libdl.so
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: soname=libdl.so , nbucket=00000001
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: libwind.so needs libc.so
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: soname=libc.so , nbucket=00000407
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: [ relocating libwind.so plt ] count=0000007a
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: Processing 'libwind.so' relocation at index 0
04-08 18:28:40.544 5597-5597/com.example.memloadertest E/liumeng: libwind.so: looking up __cxa_finalize in libandroid.so
04-08 18:28:40.544 5597-5597/com.example.memloadertest A/libc: Fatal signal 8 (SIGFPE), code -6, fault addr 0x15dd in tid 5597 (e.memloadertest)
04-08 18:28:40.794 5597-5597/com.example.memloadertest E/liumeng: SEARCH __cxa_finalize in libandroid.so@0xe9af6000 0bea6495 0=====00000000
elf 64 这个闪退
React
A declarative, efficient, and flexible JavaScript library for building user interfaces.
🖖 Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
Typescript
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
Django
The Web framework for perfectionists with deadlines.
Laravel
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. 📊📈🎉
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
Facebook
We are working to build community through open source technology. NB: members must have two-factor auth.
Microsoft
Open source projects and samples from Microsoft.
Google
Google ❤️ Open Source for everyone.
Alibaba
Alibaba Open Source for everyone
D3
Data-Driven Documents codes.
Tencent
China tencent open source team.
