darvincisec
Problems Use libnative_lib.so in jniLibs
first copy libnative_lib.so to jniLibs second run app finally It's not detecting anything at all
Can you be specific on what detection is not working? As mentioned in other issue, GG is updated to bypass the detection mentioned in this project. But debuggers (gdb/lldb) and frida can be detected.
sorry, I mean to say it like this: use this project built result cmake/armeabi-v7a/libnative-lib.so and copy armeabi-v7a/libnative-lib.so to sourceSets.main.jniLibs, comment out externalNativeBuild, run project, test debuggers, this way can not anti-debug; but when I use externalNativeBuild.cmake, comment out jniLibs.srcDirs, run project, test debuggers, debuggers (gdb/lldb) that can be anti.
so I do not understand why use libnative-lib.so the way can no anti-debug?
app structure like this: app -- src --main --cpp --java --jniLibs --armeabi-v7a --libnative-lib.so
build.gradle(app) like this: `sourceSets { main { jniLibs.srcDirs = ['src/main/jniLibs/'] } }
// externalNativeBuild { // cmake { // path "src/main/cpp/CMakeLists.txt" // version "3.10.2" // } // }`
It should work nevertheless. Did you load the library when application starts?
yes, I did
this is my step:
first I have downloaded Anti-Debugger-Memdump.apk and decompression it, get libnative-lib.so from lib/armeabi-v7a;
second I have downloaded this project and created the jniLibs/armeabi-v7a directory then put libnative-lib.so into this directory;
finally, comment out externalNativeBuild in build.gradle(app) and run the project and test debuggers, but the result is can not anti-debug
In MainActivty
static { System.loadLibrary("native-lib"); }
In native-lib.c
//Upon loading the library, this function annotated as constructor starts executing
__attribute__((constructor)) void detectMemoryAccess() { ... }
so I think jniLibs way should work, but it can not anti-debug
Do you see the execution of native code? are you able to debug the binary ?