Static analysis in two ways:
1. Read Dalvik bytecode disassembly: Using IDA analysis dex file or baksmali decompiled files smali
2. Read the disassembly of Java source code: Use dex2jar generated jar file, read the jar file with jd-gui
Each apk file contains a AndroidManifest.xml file, prior to being in the apk file, encrypted storage analysis, to decompile apk decrypt. Use apktool tool apktool d command
About Activity components:
Android have a program consisting of one or more Antivity, and only one main Activity, in the manifest file
Android passes between the component variables, initialization Activity before starting work are taken into use Appliciation class, write a class that inherits Appliciation override the OnCreate () method, initialize global variables in the method (the premise is public property) and add the android in the manifest file : name attribute.
Application analogy other classes started early.
Positioning method to crack the key bits:
1. information feedback
2. Characteristic Function
3. Order View: Progressive analysis software flow control, analysis of the virus common
4. Code injection: commonly used in the decryption program, with the program executed LogCat view state data
5. Stack trace:
6. Method Profiling: hot spot analysis and performance optimization, records CPU time each function, function call tracking all relationships, the report provides a sequence of function calls