preface
It’s too dangerous to write an APP without hardening, especially for commercial apps. Decompiler your code, pry your trade secrets, or even insert ads, modify your code, and the APP you worked so hard to write becomes someone else’s. Major application markets are also paying more and more attention to application security, you want to go on the application market (APP Treasure, 360, etc.), has not been good to upload, you need to upload application software, APP reinforcement. APP reinforcement has virtually increased the workload, fortunately, there are large factories to help us strengthen.
360 reinforcement is protected
360 reinforcement protects the official website
360 Reinforcement is a professional platform to protect the security of mobile applications. Pirated apps are usually repackaged and generated after cracking and tampering with legitimate apps. If mobile APP can have anti-decompilation, anti-cracking ability, it can effectively prevent APP from being pirated.
360 reinforcement provides free security reinforcement services for developers’ applications, and creates multiple protection methods and deep encryption processing for applications. The unique program text information encryption function can effectively prevent the application from being decompiled and maliciously tampered, protect the application from being packaged twice, and protect the data information from being stolen by hackers. With one click of upload, the application can be hardened in 5 minutes without any development costs, preventing the application from being decomcompiled, debugged, cracked, repackaged, and memory interception. Give the strongest protection to official applications, eliminate malicious and pirated applications from the source, and protect developers’ income.
360 Reinforcement guarantee not only provides reinforcement services for APP, but also provides APP data analysis, crash log analysis, piracy monitoring, vulnerability scanning and other services for developers to comprehensively help developers understand the health and running status of data. By the end of the second quarter of 2015, the number of applications using 360 Jongbao has reached 300,000, covering more than 1 billion users. 360 Jongbao has become the largest mobile application protection platform in China.
Quick Start
In order to facilitate your use, 360 reinforcement guarantee provides two ways of use:
IDE operation
The use of 360 reinforcement to protect the official website for us to provide the reinforcement of the software, a look will be a fool operation.
360 reinforcement guarantee download
Using the command line
The command line operation is relatively hidden, 360 reinforcement protection official website does not affect any explanation, recommend the use of software interface operation
Download the “360 Reinforcement Protection” software
360 reinforcement guarantee download
Unpack the
The downloaded “360 Reinforcement Protection” software is a ZIP package. The decompressed directory is as follows:
Strengthening the jar
Jar package that provides the hardening function
Channel template
Generate apK template files for various channels
The jar command
JiaGu360
The two methods provided by 360 are not suitable for automated process development. IDE operation requires manual operation and cumbersome command line operation. JiaGu360 according to the 360 reinforcement command to achieve fast reinforcement of the APP plug-in, free hands, to achieve automatic process.
How to use Gradle plug-ins
To configure the build. Gradle
Add the ApkSign plugin dependency to the build.gradle file located at the root of your project as follows:
buildscript {
dependencies {
classpath 'com. Zf. Plugins: JiaGu360:1.0.1'}}Copy the codeApply the plugin to the build.gradle file of the current App
apply plugin: 'jiagu360'
Copy the codeConfigure plug-ins (simplest configuration)
jiaGu360Config {
// Mandatory, 360 user name
userName "XXXXXX"
// Mandatory, 360 password
passWord "XXXXXX"
// Mandatory, 360 hardened jiagu.jar package location
jiaGuJarPath new File("D:\\XXXXX\\360jiagubao_windows_64\\jiagu\\jiagu.jar").absolutePath
items {
debug {
// Mandatory, APK path to be signed
inputApkFilePath file("build/outputs/apk/tap_unsign.apk").absolutePath
}
/ /... You can add more options}}Copy the codePlug-in configuration
jiaGu360Config {
// Mandatory, 360 user name
userName "XXXXXX"
// Mandatory, 360 password
passWord "XXXXXX"
// Mandatory, 360 hardened JAR package location
jiaGuJarPath new File("D:\\XXXXX\\360jiagubao_windows_64\\jiagu\\jiagu.jar").absolutePath
// Check whether all hardening configuration items are supported
isSupportAll false
/ / unified configuration priority below custom configuration -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- start -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
// Android signature configuration name, default Android default 'debug' signature configuration, signingName="debug"
signingName 'debug'
// Harden the apK output directory
outputApkDirPath new File("D:\\XXXXX\\360jiagubao_windows_64\\jiagu\\XXXX").absolutePath
// Whether to open the output directory after hardening. The default false
openOutputDir false
Reinforce the configuration items / / service -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- start -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
/ / optional enhanced service -- -- -- -- -- -- -- -- -- -- -- -- -- -- start -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
isSupportCrashLong false // [crash log analysis]
isSupportX86 false // [x86 support]
isSupportAnalyse false//
isNocert false// [skip signature verification]
// Optional enhanced service --------------end----------------------
// Advanced hardening options -------------start------------------
isSupportVmp false//【 VMP protection 】
isSupportDataProtection false// [Local data file protection]
isSupportAssetsProtection false// [Resource file protection]
isSupportFileCheck false// check the file integrity.
isSupportPtrace false// [Ptrace]
isSupportSoProtection false//【SO file protection 】
isSupportDex2cProtection false//【dex2C protection 】
isSupportStringObfusProtection false// [string encryption]
isSupportDexShadowProtection false/ / 【 DexShadow 】
isSupportSoPrivateProtection false//【SO to prevent theft 】
// Advanced hardening options -------------end------------------
Reinforce the configuration items / / service -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- end -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
// Automatic signature
autosign false
// Custom file generation multi-channel, can be compiled according to the "multi-channel template. TXT" in the previous download of 360 reinforcement software
mulpkgFilePath =new File("D:\ XXXXX\\ 360Jiagubao_windows_64 \jiagu\ multichannel template.txt")
// Sign the configuration item
signingInfo {
storeFilePath "E:\\Document\\XXXXXX.jks"
storePassword "XXXXXX"
keyAlias "XXXXXX"
keyPassword "XXXXXX"
}
/ / unified configuration -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- end -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
items {
release {
// Mandatory, APK path to be hardened
inputApkFilePath file("build/outputs/apk/XXXX.apk").absolutePath
/ / custom configuration -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- start -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
// Android signature configuration name, default Android default 'debug' signature configuration, signingName="debug"
signingName 'debug'
// Harden the apK output directory
outputApkDirPath new File("D:\\XXXXX\\360jiagubao_windows_64\\jiagu\\XXXX").absolutePath
// Whether to open the output directory after hardening. The default false
openOutputDir false
Reinforce the configuration items / / service -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- start -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
/ / optional enhanced service -- -- -- -- -- -- -- -- -- -- -- -- -- -- start -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
isSupportCrashLong false // [crash log analysis]
isSupportX86 false // [x86 support]
isSupportAnalyse false//
isNocert false// [skip signature verification]
// Optional enhanced service --------------end----------------------
// Advanced hardening options -------------start------------------
isSupportVmp false//【 VMP protection 】
isSupportDataProtection false// [Local data file protection]
isSupportAssetsProtection false// [Resource file protection]
isSupportFileCheck false// check the file integrity.
isSupportPtrace false// [Ptrace]
isSupportSoProtection false//【SO file protection 】
isSupportDex2cProtection false//【dex2C protection 】
isSupportStringObfusProtection false// [string encryption]
isSupportDexShadowProtection false/ / 【 DexShadow 】
isSupportSoPrivateProtection false//【SO to prevent theft 】
// Advanced hardening options -------------end------------------
Reinforce the configuration items / / service -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- end -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- --
// Automatic signature
autosign false
// Custom file generation multi-channel, can be compiled according to the "multi-channel template. TXT" in the previous download of 360 reinforcement software
mulpkgFilePath =new File("D:\ XXXXX\\ 360Jiagubao_windows_64 \jiagu\ multichannel template.txt")
// Sign the configuration item
signingInfo {
storeFilePath "E:\\Document\\XXXXXX.jks"
storePassword "XXXXXX"
keyAlias "XXXXXX"
keyPassword "XXXXXX"
}
/ / custom configuration -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- end -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -- -
}
debug {
// APK path to be hardened
inputApkFilePath file("build/outputs/apk/XXXX.apk").absolutePath
}
/ /... You can add more options}}Copy the codeDescription of the configuration items:
-
If the parameters set in Unified Configuration and Custom Configuration exist, the general rule is Custom Configuration > Unified Configuration
-
When isSupportAll=true, all configurable services in the unified configuration are supported
-
SigningInfo,signingName When both are configured, the optimization level is signingInfo > signingName. When neither configuration item is configured, the default Debug signature in the Android project is used by default.
-
SigningName =’release’ The name of the signature configuration,
Generate apK hardening package:
./gradlew jiagu360${item configuration name (home letter size)}
To generate a signature package, run the following command:
./gradlew jiagu360Release
360 Hardening upgrade commands:
./gradlew jiagu360Update
The source code
Github.com/903600017/J…