Android Application Security Demo: Trying to resign a "DexProtectored" application

Jun 10,2014

Licel

2014-06-10T10:53:00Z

Originally signature is designed to confirm integrity of an app. I believe we can name it passive integrity protection. In the real world the signature doesn't make any sense and you know why: if the application doesn't have any active integrity protection technique applied - resigning of an application with your own certificate is a matter of minutes.
In this video we were trying to resign an application that is protected by DexProtector (only Class Encryption is turned on) with a different certificate and had no luck :-D

Want to know how to protect your applications from AntiLVL and reverse engineers? How to save it from being pirated or cloned? You might use DexProtector (http://dexprotector.com), best of breed protector and obfuscator for Android applications. It works straight with APKs, thus there is no need in any complicated integration with your build process.
http://www.slideshare.net/IvanKinash/english-final-35690515

http://licelus.com

APKAndroid (Software)DexProtectorLicelObfuscatorProtectorDecompilerAnti-PiracyComputer Security (Industry)MobileSoftware Development (Industry)Class EncryptionAPKToolzipalignjarsigner