A super powerful analysis assistant software.
1. In-depth understanding of the Android optimization process
2. Close observation of the Android source code
2. You can see the functions in the lower part of the big boss’ shell
1. Other functions that can be downloaded
2. The process of parsing dex files
3. A little knowledge about shelling and downloading
1. The complete process of class loading
2. Selection of shelling and reinforcement classes
This software is very useful for Analysis of c/c and java source code has strong auxiliary functions, which will be used later, so a brief introduction is given.
Tools can be found in the attachment. Just upload and download separately.
SI3US-205035-36448
A registration code is provided here.
Install, next, next.
Select new project.
Single machine OK
Select the first one
Select Add Tree, which means adding them all.
After loading is complete
we will use this software for analysis.
I want to be verbose. At this time, I know the importance of English. Of course, my English is not good, but I can look it up in the dictionary.
Let’s not talk about this content first, let’s take a look at the name of this function. extract: Extract, and and, Process process Zip, compressed file format, we all know that apk is actually a zip compressed package.
Then the meaning of this function is the process of extracting zip.
Then let’s analyze it step by step.
Here is the intermediate variable definition of extractAndProcessZip. It is not the focus of our research.
DexClassVerifyMode verifyMode = VERIFY_MODE_ALL;
This sentence defines verifyMode, which is the verification module. The data initialized here is VERIFY_MODE_ALL, which means that everything is verified.
Thinking
If we make changes here, can we skip this verification.
Let’s look at other values.
If you have an idea, you can define this value yourself.
DexOptimizerMode dexOptMode = OPTIMIZE_MODE_VERIFIED;
Let’s continue looking down.
There is a function called dexOptCreateEmptyHeader which, as the name suggests, creates an empty header for dex optimization..
dexOffset, record the file position so we can get back here later, is actually the starting position of reading the dex file.
Let’s look at the next function.
Open the zip archive, find the DEX entry.
Obviously, what this part is doing is to find the dex file from the apk.
Then proceed with analysis.
Function to extract some offsets of dex.
Extract the DEX data into the cache file at the current offset. Record some offsets of the dex file.
The next thing to talk about is the process of dex odexing.
This is where verification is optimized.
You can modify the optimization process here, and even remove the optimization verification.
Think about
Where does the data here come from and where to compare it. ·
These data are compared in build.prop.
Let’s follow up on the dvmContinueOptimization function.
PS:
We are about to come into contact with a very important place that is very related to shelling
Open the dvmContinueOptimization function
The first is a judgment.
#Then there is a write to the dex file.
Then read on (the important point is coming)
Parameter 1: The base of the loaded DEX file in memory Address. (That is, DEX.035)
Parameter 2: The file length of the loaded DEX file,
Parameter 3: Output parameter, the DEX file is converted into a DvmDex structure, which contains the classes, fields, and methods of the Dex file. String information. The object that Dalivk operates on the Dex file is the structure structure
Format like this.
The place where this function is called is our key function dvmRawDexFileOpen. This function first calls dexOptGenerateCacheFileName to generate odex, and then calls dvmDexFileOpenFromFd for another optimization.
The last step in optimization is dexFileParse(), which is to parse DEX. This position is briefly summarized in DexFile
dvmRawDexFileOpen() main control function - dexOptGenerateCacheFileName() generates the corresponding odex - dvmDexFileOpenFromFd() further optimizes - dexFileParse() parses dex.
When dexfileopenpartial is in the next section, you may find that there is no way to break it, then we can choose dexOptGenerateCacheFileNamePKcS0, dvmdexfileopenfromfd and other functions to proceed to the next section.
Generally speaking, dexfileopenpartial is better at handling things with shells.
Other source codes are guided by a main control function to guide other key functions to operate. The dex class loading process is also like this.
Its main control function is Dalvik_dalvik_system_DexFile_defineClassNative()
The above is the detailed content of How to create a new project in Android. For more information, please follow other related articles on the PHP Chinese website!