아이폰뿐만 아니라 전체적인 스마트폰에 대한 언급을 이 카테고리에서 해야 될 듯 싶습니다..
오늘은 A3 팀블로그에
Android 실행파일 분석 (Decompile)라는 글이 올라왔더군요.
(정말.. 감탄하고 있습니다.. 회사내에서 이러한 연구를 하시는 분이 몇분이나 되시는지는 모르겠지만.. 이정도로 다양한 연구를 진행할 수 있다니.. 부럽고 부끄럽네요.. ㅠㅠ)
안드로이드에 대해서는 세미나에서 들은 것 뿐.. 실제로 제가 안드로이드 환경에서 작업을 해본적이 없어서 뭐라 할 말이 없습니다..
제가 안드로이드폰을 사지 않는 이상.. 하지 않을 것 같고요.. 물론.. 엄청난 사건이 발생한다면.. 에뮬레이터를 설치하고 있겠죠 =_=;;
블로그상에 보면 보안상 디테일한 정보는 생략한다고 나와있지만..
구글링을 좀만 하면 그와 관련된 다양한 정보를 얻을 수 있습니다.. 그래서.. 정보를 바로 Search 하기 시작했죠.. +_ +;;
(표정들이 왜 그래요?? 마치 검색 안해본 사람 처럼.. 보안상 안알려준다고 모르고 있으면 정보보안쪽 공부하는 사람 아니자나요~ 그건 그냥 일반인이지)
그리고 찾아냈습니다.
내용은 아래와 같습니다. 일본어 입니다..
저도 일본어는 못하기 때문에 일본어를 제외한 부분만 일단 봤는데.. 맞는 내용인 듯 합니다..
그래서 자료 보관차.. 이렇게 글을 남깁니다.
http://android.jpn.org/2009/11/decompile-classesdex-in-apk.html
============================================================================================================
============================================================================================================
============================================================================================================
Androidアプリケーション(apk)の中には
Dalvik VMの実行形式である
classes.dexファイルが含まれています。今回、このdexファイルのヘッダ情報を取
得したり、
コードセクションを逆コンパイルできるdexdumpを使って、dexファイルを逆アセンブルしてみます。
1.apkファイル
の展開
$ mkdir
HelloAndroid
$ cd
HelloAndroid
$ unzip
../HelloAndroid.apk
2.dexdumpの実行
$
~/android-sdk-linux_x86-1.5_r3/platforms/android-1.5/tools/dexdump \
-d ./classes.dex
Processing './classes.dex'...
Opened
'./classes.dex', DEX version '035'
Class #0 -
Class
descriptor : 'Lcom/example/helloandroid/HelloAndroid;'
Access
flags : 0x0001 (PUBLIC)
Superclass :
'Landroid/app/Activity;'
Interfaces -
Static fields
-
Instance fields -
Direct methods -
#0
: (in Lcom/example/helloandroid/HelloAndroid;)
name
: '<init>'
type : '()V'
access
: 0x10001 (PUBLIC CONSTRUCTOR)
code -
registers : 1
ins : 1
outs : 1
insns size : 4 16-bit code units
0002c4:
|[0002c4]
com.example.helloandroid.HelloAndroid.<init>:()V
0002d4: 7010
0000 0000 |0000: invoke-direct {v0},
Landroid/app/Activity;.<init>:()V // method@0000
0002da: 0e00
|0003: return-void
catches
: (none)
positions :
0x0000 line=6
locals :
0x0000 - 0x0004 reg=0 this
Lcom/example/helloandroid/HelloAndroid;
Virtual methods -
#0 : (in Lcom/example/helloandroid/HelloAndroid;)
name : 'onCreate'
type :
'(Landroid/os/Bundle;)V'
access : 0x0001 (PUBLIC)
code -
registers : 3
ins : 2
outs : 2
insns size : 9 16-bit code units
0002dc:
|[0002dc]
com.example.helloandroid.HelloAndroid.onCreate:(Landroid/os/Bundle;)V
0002ec:
6f20 0100 2100 |0000: invoke-super {v1, v2},
Landroid/app/Activity;.onCreate:(Landroid/os/Bundle;)V // method@0001
0002f2:
1500 037f |0003: const/high16 v0, #int
2130903040 // #7f03
0002f6: 6e20 0400 0100
|0005: invoke-virtual {v1, v0},
Lcom/example/helloandroid/HelloAndroid;.setContentView:(I)V //
method@0004
0002fc: 0e00 |0008:
return-void
catches : (none)
positions :
0x0000 line=10
0x0003 line=11
0x0008 line=12
locals :
0x0000 - 0x0009 reg=1 this
Lcom/example/helloandroid/HelloAndroid;
0x0000 - 0x0009
reg=2 savedInstanceState Landroid/os/Bundle;
source_file_idx
: 1 (HelloAndroid.java)
Class #1 -
Class
descriptor : 'Lcom/example/helloandroid/R$attr;'
Access flags
: 0x0011 (PUBLIC FINAL)
Superclass : 'Ljava/lang/Object;'
Interfaces
-
Static fields -
Instance fields -
Direct
methods -
#0 : (in
Lcom/example/helloandroid/R$attr;)
name :
'<init>'
type : '()V'
access :
0x10001 (PUBLIC CONSTRUCTOR)
code -
registers
: 1
ins : 1
outs : 1
insns size : 4 16-bit code units
000300:
|[000300] com.example.helloandroid.R$attr.<init>:()V
000310:
7010 0a00 0000 |0000: invoke-direct {v0},
Ljava/lang/Object;.<init>:()V // method@000a
000316: 0e00
|0003: return-void
catches :
(none)
positions :
0x0000 line=11
locals :
0x0000 - 0x0004 reg=0 this
Lcom/example/helloandroid/R$attr;
Virtual methods -
source_file_idx
: 15 (R.java)
Class #2 -
Class descriptor :
'Lcom/example/helloandroid/R$drawable;'
Access flags : 0x0011
(PUBLIC FINAL)
Superclass : 'Ljava/lang/Object;'
Interfaces
-
Static fields -
#0 : (in
Lcom/example/helloandroid/R$drawable;)
name : 'icon'
type : 'I'
access : 0x0019 (PUBLIC STATIC
FINAL)
Instance fields -
Direct methods -
#0
: (in Lcom/example/helloandroid/R$drawable;)
name
: '<init>'
type : '()V'
access
: 0x10001 (PUBLIC CONSTRUCTOR)
code -
registers : 1
ins : 1
outs : 1
insns size : 4 16-bit code units
000318:
|[000318]
com.example.helloandroid.R$drawable.<init>:()V
000328: 7010
0a00 0000 |0000: invoke-direct {v0},
Ljava/lang/Object;.<init>:()V // method@000a
00032e: 0e00
|0003: return-void
catches :
(none)
positions :
0x0000 line=13
locals :
0x0000 - 0x0004 reg=0 this
Lcom/example/helloandroid/R$drawable;
Virtual methods -
source_file_idx
: 15 (R.java)
Class #3 -
Class descriptor :
'Lcom/example/helloandroid/R$layout;'
Access flags : 0x0011
(PUBLIC FINAL)
Superclass : 'Ljava/lang/Object;'
Interfaces
-
Static fields -
#0 : (in
Lcom/example/helloandroid/R$layout;)
name : 'main'
type : 'I'
access : 0x0019 (PUBLIC STATIC
FINAL)
Instance fields -
Direct methods -
#0
: (in Lcom/example/helloandroid/R$layout;)
name
: '<init>'
type : '()V'
access
: 0x10001 (PUBLIC CONSTRUCTOR)
code -
registers : 1
ins : 1
outs : 1
insns size : 4 16-bit code units
000330:
|[000330]
com.example.helloandroid.R$layout.<init>:()V
000340: 7010 0a00
0000 |0000: invoke-direct {v0},
Ljava/lang/Object;.<init>:()V // method@000a
000346: 0e00
|0003: return-void
catches :
(none)
positions :
0x0000 line=16
locals :
0x0000 - 0x0004 reg=0 this
Lcom/example/helloandroid/R$layout;
Virtual methods -
source_file_idx
: 15 (R.java)
Class #4 -
Class descriptor :
'Lcom/example/helloandroid/R$string;'
Access flags : 0x0011
(PUBLIC FINAL)
Superclass : 'Ljava/lang/Object;'
Interfaces
-
Static fields -
#0 : (in
Lcom/example/helloandroid/R$string;)
name : 'app_name'
type : 'I'
access : 0x0019 (PUBLIC STATIC
FINAL)
#1 : (in Lcom/example/helloandroid/R$string;)
name : 'hello'
type : 'I'
access
: 0x0019 (PUBLIC STATIC FINAL)
Instance fields -
Direct
methods -
#0 : (in
Lcom/example/helloandroid/R$string;)
name :
'<init>'
type : '()V'
access :
0x10001 (PUBLIC CONSTRUCTOR)
code -
registers
: 1
ins : 1
outs : 1
insns size : 4 16-bit code units
000348:
|[000348]
com.example.helloandroid.R$string.<init>:()V
000358: 7010 0a00
0000 |0000: invoke-direct {v0},
Ljava/lang/Object;.<init>:()V // method@000a
00035e: 0e00
|0003: return-void
catches :
(none)
positions :
0x0000 line=19
locals :
0x0000 - 0x0004 reg=0 this
Lcom/example/helloandroid/R$string;
Virtual methods -
source_file_idx
: 15 (R.java)
Class #5 -
Class descriptor :
'Lcom/example/helloandroid/R;'
Access flags : 0x0011 (PUBLIC
FINAL)
Superclass : 'Ljava/lang/Object;'
Interfaces
-
Static fields -
Instance fields -
Direct
methods -
#0 : (in Lcom/example/helloandroid/R;)
name : '<init>'
type : '()V'
access : 0x10001 (PUBLIC CONSTRUCTOR)
code -
registers : 1
ins : 1
outs
: 1
insns size : 4 16-bit code units
000360:
|[000360]
com.example.helloandroid.R.<init>:()V
000370: 7010 0a00 0000
|0000: invoke-direct {v0},
Ljava/lang/Object;.<init>:()V // method@000a
000376: 0e00
|0003: return-void
catches :
(none)
positions :
0x0000 line=10
locals :
0x0000 - 0x0004 reg=0 this
Lcom/example/helloandroid/R;
Virtual methods -
source_file_idx
: 15 (R.java)
結果、HelloAndroid.apkで使用さ
れているクラスは#0~#5の6つ。
Class #0のVirtual methodsは1つで、名前はonCreate。
メ
ソッド内で、super.onCreate()とsetContentView()をコールしていることがわかります。
これだけ逆
アセンブルできれば十分ですね。