Ini adalah hasil uji coba. saya membuat antitemper hanya menggunakan C+ yaa.. ,
untuk percobaan selanjutnya saya akan coba membuat seperti :
obfuscation pada kode, anti-debugging,network callback,
native code enc,SSL pinning.
Perjalanan saya masih panjang jadi pantau saja perkembangan nya😊

This is the result of my experiment to make antitemper using only C+, For the next experiment I will try to make something like: code obfuscation, anti-debugging, network callbacks, native code enc, SSL pinning. I still have a long way to go so just keep an eye on the progress😊

Protection:
- Verifikasi integritas memory
- Multiple file integrity checks
- Encrypted signatures
- Random timing intervals
- Violation counter
- SHA-256 hashing
- AES-256 encryption
- Random key generation
- Secure memory cleanup
- Multiple check files
- Timing attack protection
- Violation counter untuk menghindari false positives
- Secure cleanup sebelum Exit Program
- Exception handling


Powered release by @Qwanwin
#CPP

Get error like this?

Use

curl -L https://cpan.metacpan.org/authors/id/L/LD/LDS/Crypt-CBC-3.04.tar.gz -o Crypt-CBC.tar.gz
tar xvf Crypt-CBC.tar.gz
cd Crypt-CBC-3.04
perl Makefile.PL
make
make install

Example Command:

perl bash-obfuscator.pl -i tes.sh -o secure.sh -E -K "password123" -S -C -F -M 3

Redownload again
Change logs
- Fixed parse not defined
- Optimal code

Use this Script you get Encryption like this

Fuck you Ijiami Protect 😒

do you need my script? Please contact me and let's talk about price😘
@Qwanwin

Cara Kerja Proteksi Ijiami:

1. Deklarasi native method al():

.method public static native al(Ljava/lang/ClassLoader;Landroid/content/pm/ApplicationInfo;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/ClassLoader;

2. Method instantiateClassLoader() yang manggil native al():

# code yang manggil  native method
iget-object v0, p0, Ls/h/e/l/l/A;->packageName:Ljava/lang/String;
iget-object v1, p0, Ls/h/e/l/l/A;->orignAppName:Ljava/lang/String;
invoke-static {p1, p2, v0, v1}, Ls/h/e/l/l/N;->al(Ljava/lang/ClassLoader;Landroid/content/pm/ApplicationInfo;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/ClassLoader;

Sebelum manggil native method, dia setup dulu:
1. Di method ls():

iget-object v0, p1, Landroid/content/pm/ApplicationInfo;->sourceDir:Ljava/lang/String;
sput-object v0, Ls/h/e/l/l/S;->f:Ljava/lang/String;

2. Di instantiateClassLoader():

invoke-static {}, Ls/h/e/l/l/S;->gST()V
invoke-direct {p0, p2}, Ls/h/e/l/l/A;->ls(Landroid/content/pm/ApplicationInfo;)V

Flow nya:
1. instantiateClassLoader() dipanggil
2. Manggil ls() buat setup path
3. Native method al() dipanggil buat load dex
4. gST() dan gET() buat tracking state

Native code inilah yang kemudian melakukan:
1. Loading dex tambahan
2. Modifikasi ClassLoader
3. Injeksi dex ke runtime

Nah terus Native mana yang di panggil?

"Coba cek smal N"

Ls/h/e/l/l/N:

.method public static native al(Ljava/lang/ClassLoader;Landroid/content/pm/ApplicationInfo;Ljava/lang/String;Ljava/lang/String;)Ljava/lang/ClassLoader;
.end method

Metode al() dideklarasi apa yang dilakukan oleh metode ini, dalam library native yang dipanggil, libexec.so atau libexecmain.so.

Jadi tuh ijiami pertama manggil dari method classdex utama
Smali

  iput-boolean v0, p0, Ls/h/e/l/l/A;->supportInstantiateClassLoader:Z

    iput-object v1, p0, Ls/h/e/l/l/A;->acf:Landroid/app/AppComponentFactory;

    return-void
.end method

Nah dari sini bisa muncul
Smali

invoke-virtual {v0}, Ljava/lang/Object;->getClass()Ljava/lang/Class;

invoke-virtual {v2, v3}, Ljava/lang/Class;->getDeclaredField(Ljava/lang/String;)Ljava/lang/reflect/Field;

invoke-virtual {v0}, Landroid/app/LoadedApk;->getApplicationInfo()Landroid/content/pm/ApplicationInfo;

.method public declared-synchronized getACF(Ljava/lang/ClassLoader;)Landroid/app/AppComponentFactory;
    .registers 4

Ngak perlu ku kasih banyak" nanti kepanjangan.

Terus kenapa kalo dump jadi nop?
Padahal dalam semua kelas smali ijiam ngak ada nop nya

"Jadi tuh dia manggil al() "

Nah all tuh buat load library
fungsi library itu saat mendeteksi dump. Ntah pakek frida atau yang lain dia akan langsung melempar ke dalam class duplikat yang isi nya nop tuh sampe pusing kalian liat

Method nya? Ngak ada. karena untuk detect dia pakek lib.
jadi decrypt library nya pakek IDA atau yang. Jika ingin mempelajari system Ijiami
"Makan tuh kode bejibun di lib😂"

Kenapa ngak di hapus aja bang lib nya? 😂

Mendinh lu cek fungsi lib di atas pahami kata nya!

Dah ya... Gua capek ngetik

by @Qwanwin

// Hanya untuk bahan referensi

// Hanya untuk bahan referensi

For English language, please just translate, I'm tired

What is the next progress on Lua encryption? you know. this is my favorite programming language😊

Lua Encryption 1.0

Change Logs:
-osfc
-Encrypt String....
-Encrypt String Offset....
-Encrpt AES
-Validasi Input
-Data Obfuscation

Powered tools by @Qwanwin

Encryption python 😁

AntiSplit Python Script😘

# Update & Upgrade
pkg update && pkg upgrade -y

pkg install python -y

pkg install python-pip -y

pip install requests
pip install colorama

python --version
# Reset permission
chmod 644 antisplit.py
chmod +x antisplit.py

How to use? Click Here
https://t.me/setupdex/104

Main Script Feature:
- Convert APKS file to single APK
- Preserve original app signature
- Automatic extraction of APKS files
- Merging of APK components
- Input file verification

Logging feature:
- Automatic file log with timestamp
- Debug mode for troubleshooting
- Conversion statistics logging
- Tracking errors and exceptions
- Detailed process information

Give some credit 😁
Powered tools by @Qwanwin

Request Script Python @Qwanwin

Ads remover