darvincisec / detecttamper Goto Github PK
View Code? Open in Web Editor NEWTamper detection in Android
License: MIT License
Tamper detection in Android
License: MIT License
As chinese static tampering tool bypass integrity with help of other library insertion , it may be feasible to do same thing via syscall to watch for extra lib if they are from /data/data/pkg or /data/app/ except our lib , so crash the program if any other lib detected in maps
Ive made small change in the smali code and recompiled and re-run, and i am able to bypass tamper detection.
Does this logic work in any tamper detection?
Additionally, is there a frida script or can we make one, to bypass this type of detection? in runtime?
hi
I use this repo in my application but its have an error in the opening APK file. have an error in two lines:
APK path is correct and all things are ok.
Execuse me,
I just wondered how the code integrity check work.
If I patch the function "is_nativelibrary_tampered" to directly return "success" in the libnative-lib.so,
then your code to check the text segment integrity will not be executed because of the patch.
So my question is how does it work?
Execution failed for task ':app:externalNativeBuildDebug'.
Build command failed.
Error while executing process /Users/admin/Library/Android/sdk/cmake/3.10.2.4988404/bin/ninja with arguments {-C /Users/admin/Documents/workspace/android/DetectTamper-master/app/.cxx/cmake/debug/x86_64 native-lib}
ninja: Entering directory `/Users/admin/Documents/workspace/android/DetectTamper-master/app/.cxx/cmake/debug/x86_64'
[1/1] Linking C shared library /Users/admin/Documents/workspace/android/DetectTamper-master/app/build/intermediates/cmake/debug/obj/x86_64/libnative-lib.so
FAILED: /Users/admin/Documents/workspace/android/DetectTamper-master/app/build/intermediates/cmake/debug/obj/x86_64/libnative-lib.so
: && /Users/admin/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64/bin/clang --target=x86_64-none-linux-android21 --gcc-toolchain=/Users/admin/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64 --sysroot=/Users/admin/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64/sysroot -fPIC -g -DANDROID -fdata-sections -ffunction-sections -funwind-tables -fstack-protector-strong -no-canonical-prefixes -D_FORTIFY_SOURCE=2 -Wformat -Werror=format-security -O0 -fno-limit-debug-info -Wl,--exclude-libs,libgcc.a -Wl,--exclude-libs,libgcc_real.a -Wl,--exclude-libs,libatomic.a -static-libstdc++ -Wl,--build-id -Wl,--fatal-warnings -Wl,--no-undefined -Qunused-arguments -shared -Wl,-soname,libnative-lib.so -o /Users/admin/Documents/workspace/android/DetectTamper-master/app/build/intermediates/cmake/debug/obj/x86_64/libnative-lib.so CMakeFiles/native-lib.dir/dummy.c.o CMakeFiles/start.dir/marker/text_start.c.o CMakeFiles/core.dir/core/native-lib.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/aes.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/aesni.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/arc4.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/aria.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/asn1parse.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/asn1write.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/base64.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/bignum.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/blowfish.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/camellia.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ccm.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/chacha20.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/chachapoly.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/cipher.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/cipher_wrap.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/cmac.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ctr_drbg.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/des.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/dhm.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ecdh.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ecdsa.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ecjpake.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ecp.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ecp_curves.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/entropy.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/entropy_poll.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/error.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/gcm.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/havege.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/hkdf.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/hmac_drbg.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/md.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/md2.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/md4.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/md5.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/memory_buffer_alloc.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/nist_kw.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/oid.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/padlock.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pem.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pk.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pk_wrap.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pkcs12.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pkcs5.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pkparse.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/pkwrite.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/platform.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/platform_util.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/poly1305.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/psa_crypto.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/psa_crypto_se.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/psa_crypto_slot_management.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/psa_crypto_storage.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/psa_its_file.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/ripemd160.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/rsa.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/rsa_internal.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/sha1.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/sha256.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/sha512.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/threading.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/timing.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/version.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/version_features.c.o CMakeFiles/core.dir/Users/admin/Documents/workspace/android/DetectTamper-master/mbedtls/crypto/library/xtea.c.o /Users/admin/Documents/workspace/android/DetectTamper-master/app/src/main/c/../../../../libzip/x86_64/lib/libzip.a CMakeFiles/end.dir/marker/text_end.c.o /Users/admin/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64/sysroot/usr/lib/x86_64-linux-android/libz.a -llog -latomic -lm && cd /Users/admin/Documents/workspace/android/DetectTamper-master/app/.cxx/cmake/debug/x86_64 && go run /Users/admin/Documents/workspace/android/DetectTamper-master/app/src/main/c/../../../../injecthash/injecthash.go /Users/admin/Documents/workspace/android/DetectTamper-master/app/src/main/c/../../../build/intermediates/cmake/Debug/obj/x86_64/libnative-lib.so && cd /Users/admin/Documents/workspace/android/DetectTamper-master/app/.cxx/cmake/debug/x86_64 && /Users/admin/Library/Android/sdk/ndk/21.4.7075529/toolchains/llvm/prebuilt/darwin-x86_64/bin/x86_64-linux-android-strip -R .comment -g -S -d --strip-unneeded /Users/admin/Documents/workspace/android/DetectTamper-master/app/src/main/c/../../../build/intermediates/cmake/Debug/obj/x86_64/libnative-lib.so
/bin/sh: go: command not found
ninja: build stopped: subcommand failed.
A declarative, efficient, and flexible JavaScript library for building user interfaces.
๐ Vue.js is a progressive, incrementally-adoptable JavaScript framework for building UI on the web.
TypeScript is a superset of JavaScript that compiles to clean JavaScript output.
An Open Source Machine Learning Framework for Everyone
The Web framework for perfectionists with deadlines.
A PHP framework for web artisans
Bring data to life with SVG, Canvas and HTML. ๐๐๐
JavaScript (JS) is a lightweight interpreted programming language with first-class functions.
Some thing interesting about web. New door for the world.
A server is a program made to process requests and deliver data to clients.
Machine learning is a way of modeling and interpreting data that allows a piece of software to respond intelligently.
Some thing interesting about visualization, use data art
Some thing interesting about game, make everyone happy.
We are working to build community through open source technology. NB: members must have two-factor auth.
Open source projects and samples from Microsoft.
Google โค๏ธ Open Source for everyone.
Alibaba Open Source for everyone
Data-Driven Documents codes.
China tencent open source team.