android - 如何防止安卓的内购项目被破解

Question

我有一个免费下载的 Android 应用程序，它带有应用程序内购买项目(非消耗品)

最近，我发现几个黑市都有我的 Android 应用程序，所有的应用程序内购买项目都可以免费访问。

我想知道， cookies 是怎么做到的？这就是我在我这边所做的。

• 使用混淆器来混淆我的 Android 代码。
• 从 Google 官方示例中获取以下应用内购买代码。我的 onCreate 将触发 updateIsPremium。

代码如下

private void updateIsPremium() {
    if (mHelper != null) {
        return;
    }

    /* base64EncodedPublicKey should be YOUR APPLICATION'S PUBLIC KEY
     * (that you got from the Google Play developer console). This is not your
     * developer public key, it's the *app-specific* public key.
     *
     * Instead of just storing the entire literal string here embedded in the
     * program,  construct the key at runtime from pieces or
     * use bit manipulation (for example, XOR with some other string) to hide
     * the actual key.  The key itself is not secret information, but we don't
     * want to make it easy for an attacker to replace the public key with one
     * of their own and then fake messages from the server.
     */
    String base64EncodedPublicKey = "...";

    base64EncodedPublicKey = decrypt(base64EncodedPublicKey);

    mHelper = new IabHelper(MyApplication.instance(), base64EncodedPublicKey);

    // enable debug logging (for a production application, you should set this to false).
    mHelper.enableDebugLogging(false);

    mHelper.startSetup(new IabHelper.OnIabSetupFinishedListener() {
        public void onIabSetupFinished(IabResult result) {
            Log.d(TAG, "Setup finished.");

            if (!result.isSuccess()) {
                // Oh no, there was a problem.
                // (Do not use alert dialog. It is difficult to handle it
                // correctly due to bug in v4)
                //Utils.showLongToast(getString(R.string.problem_setting_up_in_app_billing_template, result.toString()));
                return;
            }

            // Have we been disposed of in the meantime? If so, quit.
            if (mHelper == null) return;

            // IAB is fully set up. Now, let's get an inventory of stuff we own.
            Log.d(TAG, "Setup successful. Querying inventory.");
            //mHelper.queryInventoryAsync(mGotInventoryListener);

            // http://stackoverflow.com/questions/15471131/in-app-billing-v3-unable-to-query-items-without-network-connection-or-in-airplan/15471951#15471951
            // Not sure this is going to help to solve the problem :
            // In-app billing v3 unable to query items without network 
            // connection or in airplane/flight mode
            List<String> skulist = new ArrayList<String>();
            for (Shop shop : Shop.values()) {
                skulist.add(shop.sku);
            }
            try {
                mHelper.queryInventoryAsync(true, skulist, mGotInventoryListener);
            } catch (java.lang.IllegalStateException exp) {
                // Ugly fix on mystery crash :
                // java.lang.IllegalStateException: Can't start async operation (refresh inventory) because another async operation(launchPurchaseFlow) is in progress.
                Utils.showLongToast(getString(R.string.failed_to_query_inventory_template, exp.getMessage()));
            }
        }
    });
}

// Listener that's called when we finish querying the items and subscriptions we own
IabHelper.QueryInventoryFinishedListener mGotInventoryListener = new IabHelper.QueryInventoryFinishedListener() {
    public void onQueryInventoryFinished(IabResult result, Inventory inventory) {
        Log.d(TAG, "Query inventory finished.");

        // Have we been disposed of in the meantime? If so, quit.
        if (mHelper == null) return;

        // Is it a failure?
        if (result.isFailure()) {
            return;
        }

        Log.d(TAG, "Query inventory was successful.");

        final MyOptions myOptions = MyApplication.instance().getMyOptions();
        myOptions.setInventory(inventory);

        /*
         * Check for items we own. Notice that for each purchase, we check
         * the developer payload to see if it's correct! See
         * verifyDeveloperPayload().
         */

        // Update shop information.

        boolean atLeastBoughtOne = false;
        for (Shop shop : Shop.values()) {
            final Purchase purchase0 = inventory.getPurchase(shop.sku);

            final boolean mIsPurchase0 = (purchase0 != null && org.gui.billing.Utils.verifyDeveloperPayload(purchase0));                

            if (mIsPurchase0) {
                atLeastBoughtOne = true;
                myOptions.bought(shop);
            } else {
                myOptions.cancel(shop);
            }
        }

        myOptions.turnOnShopChecked();
    }
};

// We're being destroyed. It's important to dispose of the helper here!
@Override
public void onDestroy() {
    super.onDestroy();

    if (this.isFinishing()) {
        // very important:
        Log.d(TAG, "Destroying helper.");
        if (mHelper != null) {
            try {
                mHelper.dispose();
            } catch (java.lang.IllegalArgumentException ex) {
                Log.e(TAG, "", ex);
            }
            mHelper = null;
        }
    }
}

// The helper object
public static IabHelper mHelper;

请问 cracker 是如何对我的混淆代码进行逆向工程的？

我想知道，我是否可以采取更多的预防措施来避免我的应用内购买项目被破解？威尔App Licensing帮助？我对 App Licensing 的理解是，它只对“付费应用”有用，而不是“带有应用内购买项目的免费应用”

Answer 1

逆向工程混淆代码实际上并不难。我这样做是出于正当理由，例如弄清楚如何使用一个文档非常少的库，一些诉讼让我们在没有咨询开发团队的情况下使用它。您只需反编译应用程序或库并将其加载到您的 IDE 中。公共(public)方法的名称无法混淆，因此您从那里开始，找出什么是什么，然后使用 IDE 的重构工具开始为所有内容赋予有意义的名称。您可以在大约一天内完全对应用进行逆向工程。

出于所有实际目的，您无力阻止此类黑客攻击。如果您的应用程序可以运行，则可以对其进行反编译。如果可以查看您的媒体，则可以复制它。阻止这种情况的唯一方法是加密您的软件，使其只能在具有嵌入式 key 、篡改传感器和自毁机制的专有设备上运行。这就是为什么软件和媒体行业一直在寻求法律而非技术解决方案——或者混合解决方案，他们提出一些完全没有值(value)的技术解决方案，然后向任何规避它的人提出法律挑战。