发新帖

过签名验证求助

[复制链接]
13551 0
5NB
本帖最后由 曾经流过的泪 于 2016-1-3 11:59 编辑

               今天下的这个软件,确定是属于签名验证的,而且找到签名验证就在so文件里,libhello-jni1.so这个文件里,可是自己ida汇编这块不懂,只会改改跳转,改了半天,死活过不了这个验证,希望有个好心人帮帮我,感激不尽!不太会排版,大家见谅!
[AppleScript] 纯文本查看 复制代码
text:00001030                 EXPORT Java_com_soft_apk008_LoadActivity_stringFromJNI
.text:00001030 Java_com_soft_apk008_LoadActivity_stringFromJNI
.text:00001030                 PUSH    {R4-R7,LR}
.text:00001032                 MOV     R7, R11
.text:00001034                 MOV     R6, R10
.text:00001036                 MOV     R5, R9
.text:00001038                 MOV     R4, R8
.text:0000103A                 PUSH    {R4-R7}
.text:0000103C                 LDR     R5, =(__stack_chk_guard_ptr - 0x1046)
.text:0000103E                 MOV     R10, R3
.text:00001040                 MOVS    R4, R0
.text:00001042                 ADD     R5, PC ; __stack_chk_guard_ptr
.text:00001044                 LDR     R5, [R5] ; __stack_chk_guard
.text:00001046                 SUB     SP, SP, #0x64
.text:00001048                 LDR     R0, [SP,#0x88]
.text:0000104A                 LDR     R3, [R5]
.text:0000104C                 MOV     R8, R1
.text:0000104E                 MOV     R11, R0
.text:00001050                 STR     R3, [SP,#0x5C]
.text:00001052                 LDR     R3, [R4]
.text:00001054                 MOVS    R1, R2
.text:00001056                 MOVS    R0, R4
.text:00001058                 LDR     R3, [R3,#0x7C]
.text:0000105A                 BLX     R3
.text:0000105C                 LDR     R2, =(aGetpackagemana - 0x106A)
.text:0000105E                 MOVS    R1, R0
.text:00001060                 LDR     R3, =(aLandroidConten - 0x106E)
.text:00001062                 LDR     R0, [R4]
.text:00001064                 MOVS    R6, #0x84
.text:00001066                 ADD     R2, PC          ; "getPackageManager"
.text:00001068                 LDR     R7, [R0,R6]
.text:0000106A                 ADD     R3, PC          ; "()Landroid/content/pm/PackageManager;"
.text:0000106C                 MOVS    R0, R4
.text:0000106E                 BLX     R7
.text:00001070                 LDR     R3, [R4]
.text:00001072                 MOVS    R7, #0x88
.text:00001074                 MOVS    R2, R0
.text:00001076                 LDR     R3, [R3,R7]
.text:00001078                 MOV     R1, R8
.text:0000107A                 MOVS    R0, R4
.text:0000107C                 BLX     R3
.text:0000107E                 LDR     R3, [R4]
.text:00001080                 MOV     R8, R0
.text:00001082                 MOV     R1, R8
.text:00001084                 LDR     R3, [R3,#0x7C]
.text:00001086                 MOVS    R0, R4
.text:00001088                 BLX     R3
.text:0000108A                 LDR     R1, [R4]
.text:0000108C                 LDR     R2, =(aGetpackageinfo - 0x1098)
.text:0000108E                 LDR     R3, =(aLjavaLangStrin - 0x109C)
.text:00001090                 LDR     R1, [R1,R6]
.text:00001092                 MOV     R9, R0
.text:00001094                 ADD     R2, PC          ; "getPackageInfo"
.text:00001096                 MOV     R12, R1
.text:00001098                 ADD     R3, PC          ; "(Ljava/lang/String;I)Landroid/content/p"...
.text:0000109A                 MOV     R1, R9
.text:0000109C                 MOVS    R0, R4
.text:0000109E                 BLX     R12
.text:000010A0                 LDR     R3, [R4]
.text:000010A2                 LDR     R1, =(aCom_soft_apk00 - 0x10B2)
.text:000010A4                 MOVS    R2, #0x29C
.text:000010A8                 LDR     R7, [R3,R7]
.text:000010AA                 MOV     R9, R0
.text:000010AC                 LDR     R3, [R3,R2]
.text:000010AE                 ADD     R1, PC          ; "com.soft.apk008v"
.text:000010B0                 MOVS    R0, R4
.text:000010B2                 BLX     R3
.text:000010B4                 MOVS    R2, #0x40
.text:000010B6                 MOVS    R3, R0
.text:000010B8                 MOV     R1, R8
.text:000010BA                 STR     R2, [SP]
.text:000010BC                 MOVS    R0, R4
.text:000010BE                 MOV     R2, R9
.text:000010C0                 BLX     R7
.text:000010C2                 LDR     R3, [R4]
.text:000010C4                 MOVS    R7, R0
.text:000010C6                 MOVS    R1, R7
.text:000010C8                 LDR     R3, [R3,#0x7C]
.text:000010CA                 MOVS    R0, R4
.text:000010CC                 BLX     R3
.text:000010CE                 LDR     R3, [R4]
.text:000010D0                 MOV     R8, R0
.text:000010D2                 MOVS    R0, #0xBC
.text:000010D4                 MOV     R12, R3
.text:000010D6                 LSLS    R0, R0, #1
.text:000010D8                 MOV     R9, R0
.text:000010DA                 MOV     R1, R12
.text:000010DC                 ADD     R1, R9
.text:000010DE                 LDR     R0, [R1]
.text:000010E0                 LDR     R2, =(aSignatures - 0x10EA)
.text:000010E2                 LDR     R3, =(aLandroidCont_0 - 0x10EC)
.text:000010E4                 MOV     R12, R0
.text:000010E6                 ADD     R2, PC          ; "signatures"
.text:000010E8                 ADD     R3, PC          ; "[Landroid/content/pm/Signature;"
.text:000010EA                 MOV     R1, R8
.text:000010EC                 MOVS    R0, R4
.text:000010EE                 BLX     R12
.text:000010F0                 LDR     R1, [R4]
.text:000010F2                 MOVS    R3, #0x17C
.text:000010F6                 MOVS    R2, R0
.text:000010F8                 LDR     R3, [R1,R3]
.text:000010FA                 MOVS    R0, R4
.text:000010FC                 MOVS    R1, R7
.text:000010FE                 BLX     R3
.text:00001100                 LDR     R2, [R4]
.text:00001102                 MOVS    R3, #0x2B4
.text:00001106                 MOVS    R1, R0
.text:00001108                 LDR     R3, [R2,R3]
.text:0000110A                 MOVS    R0, R4
.text:0000110C                 MOVS    R2, #0
.text:0000110E                 BLX     R3
.text:00001110                 LDR     R3, [R4]
.text:00001112                 MOVS    R7, R0
.text:00001114                 MOVS    R1, R7
.text:00001116                 LDR     R3, [R3,#0x7C]
.text:00001118                 MOVS    R0, R4
.text:0000111A                 BLX     R3
.text:0000111C                 LDR     R2, =(aHashcode - 0x1128)
.text:0000111E                 MOVS    R1, R0
.text:00001120                 LDR     R3, =(aI - 0x112A)
.text:00001122                 LDR     R0, [R4]
.text:00001124                 ADD     R2, PC          ; "hashCode"
.text:00001126                 ADD     R3, PC          ; "()I"
.text:00001128                 LDR     R6, [R0,R6]
.text:0000112A                 MOVS    R0, R4
.text:0000112C                 BLX     R6
.text:0000112E                 LDR     R1, [R4]
.text:00001130                 MOVS    R3, #0xC4
.text:00001132                 MOVS    R2, R0
.text:00001134                 LDR     R3, [R1,R3]
.text:00001136                 MOVS    R0, R4
.text:00001138                 MOVS    R1, R7
.text:0000113A                 BLX     R3
.text:0000113C                 MOV     R3, R10
.text:0000113E                 ADDS    R3, #0xA
.text:00001140                 LSRS    R6, R3, #0x1F
.text:00001142                 ADDS    R6, R6, R3
.text:00001144                 MOV     R3, R11
.text:00001146                 LSLS    R1, R3, #1
.text:00001148                 ASRS    R6, R6, #1
.text:0000114A                 ADDS    R6, R6, R1
.text:0000114C                 LDR     R1, =(aHash_codeUDD - 0x1156)
.text:0000114E                 MOVS    R2, R0
.text:00001150                 MOVS    R3, #0x9A
.text:00001152                 ADD     R1, PC          ; "hash_code : %u%d%d"
.text:00001154                 SUBS    R6, #7
.text:00001156                 ADD     R0, SP, #0xC
.text:00001158                 STR     R6, [SP]
.text:0000115A                 BLX     sprintf
.text:0000115E                 MOV     R1, R10
.text:00001160                 LSLS    R0, R1, #1
.text:00001162                 SUBS    R0, #5
.text:00001164                 BLX     __floatsidf
.text:00001168                 LDR     R3, =0x40193333
.text:0000116A                 LDR     R2, =0x33333333
.text:0000116C                 BLX     __muldf3
.text:00001170                 LDR     R2, =0
.text:00001172                 LDR     R3, =0x402A0000
.text:00001174                 BLX     __subdf3
.text:00001178                 BLX     __fixdfsi
.text:0000117C                 CMP     R11, R0
.text:0000117E                 BEQ     loc_1210
.text:00001180
.text:00001180 loc_1180                                ; CODE XREF: .text:00001222j
.text:00001180                 LDR     R1, =(aHash_codeSDD - 0x118A)
.text:00001182                 LDR     R2, =(a2679523376 - 0x118C)
.text:00001184                 ADD     R0, SP, #0x34
.text:00001186                 ADD     R1, PC          ; "hash_code : %s%d%d"
.text:00001188                 ADD     R2, PC          ; "2679523376"
.text:0000118A                 MOVS    R3, #0x9A
.text:0000118C                 STR     R6, [SP]
.text:0000118E                 BLX     sprintf
.text:00001192                 ADD     R0, SP, #0xC
.text:00001194                 ADD     R1, SP, #0x34
.text:00001196                 BLX     strcmp
.text:0000119A                 CMP     R0, #0
.text:0000119C                 BNE     loc_11C2
.text:0000119E
.text:0000119E loc_119E                                ; CODE XREF: .text:0000120Ej
.text:0000119E                 LDR     R2, [R4]
.text:000011A0                 MOVS    R3, #0x29C
.text:000011A4                 LDR     R3, [R2,R3]
.text:000011A6                 MOVS    R0, R4
.text:000011A8                 ADD     R1, SP, #0xC
.text:000011AA                 BLX     R3
.text:000011AC                 LDR     R2, [SP,#0x5C]
.text:000011AE                 LDR     R3, [R5]
.text:000011B0                 CMP     R2, R3
.text:000011B2                 BNE     loc_122E
.text:000011B4                 ADD     SP, SP, #0x64
.text:000011B6                 POP     {R2-R5}
.text:000011B8                 MOV     R8, R2
.text:000011BA                 MOV     R9, R3
.text:000011BC                 MOV     R10, R4
.text:000011BE                 MOV     R11, R5
.text:000011C0                 POP     {R4-R7,PC}
.text:000011C2 ; ---------------------------------------------------------------------------
.text:000011C2
.text:000011C2 loc_11C2                                ; CODE XREF: .text:0000119Cj
.text:000011C2                 LDR     R3, [R4]
.text:000011C4                 LDR     R1, =(aJavaLangSystem - 0x11CE)
.text:000011C6                 MOVS    R0, R4
.text:000011C8                 LDR     R3, [R3,#0x18]
.text:000011CA                 ADD     R1, PC          ; "java/lang/System"
.text:000011CC                 BLX     R3
.text:000011CE                 LDR     R2, =(aExit - 0x11E0)
.text:000011D0                 MOVS    R6, R0
.text:000011D2                 LDR     R3, =(aIV - 0x11E2)
.text:000011D4                 LDR     R0, [R4]
.text:000011D6                 MOVS    R1, #0x1C4
.text:000011DA                 LDR     R7, [R0,R1]
.text:000011DC                 ADD     R2, PC          ; "exit"
.text:000011DE                 ADD     R3, PC          ; "(I)V"
.text:000011E0                 MOVS    R0, R4
.text:000011E2                 MOVS    R1, R6
.text:000011E4                 BLX     R7
.text:000011E6                 SUBS    R7, R0, #0
.text:000011E8                 BEQ     loc_1224
.text:000011EA                 LDR     R0, =(aFindTheMethod - 0x11F0)
.text:000011EC                 ADD     R0, PC          ; "find the method"
.text:000011EE                 BLX     printf
.text:000011F2
.text:000011F2 loc_11F2                                ; CODE XREF: .text:0000122Cj
.text:000011F2                 LDR     R2, [R4]
.text:000011F4                 MOVS    R3, #0x234
.text:000011F8                 LDR     R0, [R2,R3]
.text:000011FA                 MOVS    R1, R6
.text:000011FC                 MOVS    R2, R7
.text:000011FE                 MOV     R12, R0
.text:00001200                 MOVS    R3, #0
.text:00001202                 MOVS    R0, R4
.text:00001204                 BLX     R12
.text:00001206                 LDR     R0, =(aExit - 0x120C)
.text:00001208                 ADD     R0, PC          ; "exit"
.text:0000120A                 BLX     printf
.text:0000120E                 B       loc_119E
.text:00001210 ; ---------------------------------------------------------------------------
.text:00001210
.text:00001210 loc_1210                                ; CODE XREF: .text:0000117Ej
.text:00001210                 LDR     R1, =(aHash_codeSDD - 0x121A)
.text:00001212                 LDR     R2, =(a2679523376 - 0x121C)
.text:00001214                 ADD     R0, SP, #0xC
.text:00001216                 ADD     R1, PC          ; "hash_code : %s%d%d"
.text:00001218                 ADD     R2, PC          ; "2679523376"
.text:0000121A                 MOVS    R3, #0x9A
.text:0000121C                 STR     R6, [SP]
.text:0000121E                 BLX     sprintf
.text:00001222                 B       loc_1180
.text:00001224 ; ---------------------------------------------------------------------------
.text:00001224
.text:00001224 loc_1224                                ; CODE XREF: .text:000011E8j
.text:00001224                 LDR     R0, =(unk_3074 - 0x122A)
.text:00001226                 ADD     R0, PC ; unk_3074
.text:00001228                 BLX     printf
.text:0000122C                 B       loc_11F2





软件下载地址:http://pan.baidu.com/s/1dEixbwt

附件: 您需要 登录 才可以下载或查看,没有帐号?立即注册

举报 使用道具

回复
您需要登录后才可以回帖 登录 | 立即注册

本版积分规则

快速回复 返回顶部 返回列表