网站 › 『=逆向图文=』 › 熊出没2分析逆向

234150476 发表于 2017-6-21 11:03

熊出没2分析破解

1运行游戏寻找关键代码2.把apk载入AndroidKiller，搜索关键字“支付失败”.class Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;.super Ljava/lang/Object;.source "PlatformCM150.java" # interfaces.implements Lcn/cmgame/billing/api/GameInterface$IPayCallback; # annotations.annotation system Ldalvik/annotation/EnclosingMethod;    value = Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->run()V.end annotation .annotation system Ldalvik/annotation/InnerClass;    accessFlags = 0x0    name = null.end annotation # instance fields.field final synthetic this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4; .field private final synthetic val$callback:Lcom/joym/PaymentSdkV2/Logic/PaymentCallback; .field private final synthetic val$chargeIndex:Ljava/lang/String; .field private final synthetic val$goodsPrice:Ljava/lang/String; # direct methods.method constructor <init>(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;Ljava/lang/String;Ljava/lang/String;)V    .locals 0     .prologue    .line 1    iput-object p1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     iput-object p2, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$callback:Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;     iput-object p3, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$chargeIndex:Ljava/lang/String;     iput-object p4, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$goodsPrice:Ljava/lang/String;     .line 342    invoke-direct {p0}, Ljava/lang/Object;-><init>()V     return-void.end method .method static synthetic access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;)Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;    .locals 1     .prologue    .line 342    iget-object v0, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     return-object v0.end method # virtual methods.method public onResult(ILjava/lang/String;Ljava/lang/Object;)V    .locals 6    .param p1, "resultCode"    # I    .param p2, "billingIndex"    # Ljava/lang/String;    .param p3, "obj"    # Ljava/lang/Object;     .prologue    const/4 v5, 0x0     .line 345    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     iget-object v1, v1, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->dialog:Landroid/app/ProgressDialog;     if-eqz v1, :cond_0     .line 347    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     iget-object v1, v1, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->dialog:Landroid/app/ProgressDialog;     invoke-virtual {v1}, Landroid/app/ProgressDialog;->dismiss()V     .line 349    :cond_0    new-instance v1, Ljava/lang/StringBuilder;     const-string v2, "resultCode="     invoke-direct {v1, v2}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V     invoke-virtual {v1, p1}, Ljava/lang/StringBuilder;->append(I)Ljava/lang/StringBuilder;     move-result-object v1     const-string v2, ", billingIndex="     invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v1     invoke-virtual {v1, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v1     const-string v2, ", obj="     invoke-virtual {v1, v2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v1     invoke-virtual {v1, p3}, Ljava/lang/StringBuilder;->append(Ljava/lang/Object;)Ljava/lang/StringBuilder;     move-result-object v1     invoke-virtual {v1}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;     move-result-object v1     invoke-static {v1}, Lcom/joym/PaymentSdkV2/Log/FALog;->i(Ljava/lang/String;)V     .line 351    packed-switch p1, :pswitch_data_0     .line 383    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     invoke-virtual {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->getActivity()Landroid/app/Activity;     move-result-object v1     const-string v2, "\u652f\u4ed8\u5931\u8d25"                  支付失败    invoke-static {v1, v2}, Lcom/fxlib/util/android/FAToast;->show(Landroid/content/Context;Ljava/lang/String;)V     .line 384    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$callback:Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;     const/16 v2, 0x66     new-instance v3, Ljava/lang/StringBuilder;     const-string v4, "\u8d2d\u4e70\u9053\u5177\uff1a[" 购买道具    invoke-direct {v3, v4}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V     invoke-virtual {v3, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v3     const-string v4, "] \u53d6\u6d88\uff01"                     取消    invoke-virtual {v3, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v3     invoke-virtual {v3}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;     move-result-object v3     invoke-virtual {v1, v2, v3, v5}, Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;->onCallback(ILjava/lang/String;Ljava/lang/String;)V     .line 388    :goto_0    return-void     .line 354    :pswitch_0    const-string v1, "10"     invoke-virtual {p3}, Ljava/lang/Object;->toString()Ljava/lang/String;     move-result-object v2     invoke-virtual {v1, v2}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z     move-result v1     if-eqz v1, :cond_1     .line 355    new-instance v0, Lcom/joym/PaymentSdkV2/model/CmDialog;     iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     invoke-virtual {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->getActivity()Landroid/app/Activity;     move-result-object v1     new-instance v2, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1$1;     iget-object v3, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$callback:Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;     invoke-direct {v2, p0, v3}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1$1;-><init>(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;)V     invoke-direct {v0, v1, v5, v2}, Lcom/joym/PaymentSdkV2/model/CmDialog;-><init>(Landroid/content/Context;Ljava/util/HashMap;Lcom/joym/PaymentSdkV2/model/CmDialog$Callback;)V     .line 370    .local v0, "dialog":Lcom/joym/PaymentSdkV2/model/CmDialog;    invoke-virtual {v0}, Lcom/joym/PaymentSdkV2/model/CmDialog;->show()V     goto :goto_0     .line 372    .end local v0    # "dialog":Lcom/joym/PaymentSdkV2/model/CmDialog;    :cond_1    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     invoke-virtual {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->getActivity()Landroid/app/Activity;     move-result-object v1     const-string v2, "\u652f\u4ed8\u6210\u529f"                     支付成功    invoke-static {v1, v2}, Lcom/fxlib/util/android/FAToast;->show(Landroid/content/Context;Ljava/lang/String;)V     .line 373    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$callback:Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;     const/16 v2, 0x64     new-instance v3, Ljava/lang/StringBuilder;     const-string v4, "\u8d2d\u4e70\u9053\u5177\uff1a["   购买道具     invoke-direct {v3, v4}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V     invoke-virtual {v3, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v3     const-string v4, "] \u6210\u529f\uff01"                     成功    invoke-virtual {v3, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v3     invoke-virtual {v3}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;     move-result-object v3     .line 374    new-instance v4, Ljava/lang/StringBuilder;     const-string v5, "{\"chargeIndex\":"     invoke-direct {v4, v5}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V     iget-object v5, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$chargeIndex:Ljava/lang/String;     invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v4     const-string v5, ",\"goodsPrice\":"     invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v4     iget-object v5, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$goodsPrice:Ljava/lang/String;     invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v4     .line 375    const-string v5, "}"     invoke-virtual {v4, v5}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v4     .line 374    invoke-virtual {v4}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;     move-result-object v4     .line 373    invoke-virtual {v1, v2, v3, v4}, Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;->onCallback(ILjava/lang/String;Ljava/lang/String;)V     goto :goto_0     .line 379    :pswitch_1    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     invoke-virtual {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->getActivity()Landroid/app/Activity;     move-result-object v1     const-string v2, "\u652f\u4ed8\u5931\u8d25"                   支付失败    invoke-static {v1, v2}, Lcom/fxlib/util/android/FAToast;->show(Landroid/content/Context;Ljava/lang/String;)V     .line 380    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->val$callback:Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;     const/16 v2, 0x65     new-instance v3, Ljava/lang/StringBuilder;     const-string v4, "\u8d2d\u4e70\u9053\u5177\uff1a[" 购买道具    invoke-direct {v3, v4}, Ljava/lang/StringBuilder;-><init>(Ljava/lang/String;)V     invoke-virtual {v3, p2}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v3     const-string v4, "] \u5931\u8d25\uff01"                        失败    invoke-virtual {v3, v4}, Ljava/lang/StringBuilder;->append(Ljava/lang/String;)Ljava/lang/StringBuilder;     move-result-object v3     invoke-virtual {v3}, Ljava/lang/StringBuilder;->toString()Ljava/lang/String;     move-result-object v3     invoke-virtual {v1, v2, v3, v5}, Lcom/joym/PaymentSdkV2/Logic/PaymentCallback;->onCallback(ILjava/lang/String;Ljava/lang/String;)V     goto/16 :goto_0     .line 351    nop     :pswitch_data_0    .packed-switch 0x1      :pswitch_0      :pswitch_1    .end packed-switch.end method 请注意红色字是注释goto :goto加目标代表无条件跳转    :cond_1    iget-object v1, p0, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4$1;->this$1:Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;     # getter for: Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->this$0:Lcom/joym/PaymentSdkV2/model/PlatformCM150;    invoke-static {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;->access$0(Lcom/joym/PaymentSdkV2/model/PlatformCM150$4;)Lcom/joym/PaymentSdkV2/model/PlatformCM150;     move-result-object v1     invoke-virtual {v1}, Lcom/joym/PaymentSdkV2/model/PlatformCM150;->getActivity()Landroid/app/Activity;     move-result-object v1     const-string v2, "\u652f\u4ed8\u6210\u529f"      支付成功支付成功在 cond_1中goto :cond_1


在取消前面的line句前加入无条件跳转在支付失败前面的line句前加入无条件跳转4.保存编译

Shark恒 发表于 2017-6-21 11:18

移动端是以后的大趋势，大家要赶上大部队的节奏~

234150476 发表于 2017-6-21 17:00

Shark恒 发表于 2017-6-21 11:18
移动端是以后的大趋势，大家要赶上大部队的节奏~

谢谢版主了

234150476 发表于 2017-6-21 17:01

Shark恒 发表于 2017-6-21 11:18
移动端是以后的大趋势，大家要赶上大部队的节奏~

从吾爱开始就一直看你教程，感觉贼6

Shark恒 发表于 2017-6-21 17:33

234150476 发表于 2017-6-21 17:01
从吾爱开始就一直看你教程，感觉贼6

感谢捧场，吾爱汇编论坛欢迎你~

Hk微笑 发表于 2017-6-21 18:35

学习了，一直对于这种类型的不理解

52bug 发表于 2017-6-21 23:48

支付成功的截图在哪里？SO不用解密吗？{:6_223:}

阿九九九 发表于 2017-6-22 12:14

谢谢楼楼分享教程。全程改两个地方吗。{:5_117:}

234150476 发表于 2017-6-22 12:34

Scorpio 发表于 2017-6-21 23:48
支付成功的截图在哪里？SO不用解密吗？

...咪咕游戏MT管理器都可以修改而且我也是第一次尝试电脑逆向抱歉

ningzhonghui 发表于 2017-6-24 11:02

今天有空进来学习下移动类的知识，谢谢大牛分享过程

查看完整版本: 熊出没2分析逆向