-
-
[原创]简单分析三星词典机型限制以及解除
-
发表于: 2014-9-18 10:35
-
前置知识我就不说了,我也是个菜鸟,只能看懂if-nez if-eqz而已.
软件提取自三星SM-G3858
首先提取需要的文件
第一次提取的文件共有
/system/app/DioDict3B 词典数据库
/system/app/DioDict3_for_Android_Phone_Samsung_Chn.apk 词典主程序
但是装到Nexus5中提示"不支持这个型号"
现在我们来分析代码,首先反编译源程序
由于源程序是运行在三星SM-G3858上的,
同时验证了一下文件安装在同类型三星机器是可以使用的,所以理论上该APK验证的是build.prop中的信息
通过查询G3858 build.prop文件可以知道ro.product.model=SM-G3858
现在我们通过Search And Replace搜索这个关键词
得到的结果为
正在处理文件: D:\data_transfer\G3858\systemXXXX\DioDict3_for_Android_Phone_Samsung_Chn\smali\com\diotek\diodict3\dependency\SamsungChn.smali
行号 541 - const-string v7, "SM-G3858"
行号 649 - const-string v7, "SM-G3858"
找到 2 处。
搜索了 1597 个文件,找到 2 处在 1 个文件中
这样的话我们来分析smali\com\diotek\diodict3\dependency\SamsungChn.smali这个文件
一共有两段代码有意思
第一段
.method public checkDeviceVendor()Z
.locals 2
.prologue
.line 37
sget-object v0, Landroid/os/Build;->MANUFACTURER:Ljava/lang/String; //获取build.prop中的 MANUFACTURER的字符串存到寄存器v0
const-string v1, "Samsung" //将字符串 Samsung存到 v1中
invoke-virtual {v0, v1}, Ljava/lang/String;->equalsIgnoreCase(Ljava/lang/String;)Z //比较v0与v1
move-result v0 //移动结果给v0
if-nez v0, :cond_0 //不等跳转cond_0 等于就继续
sget-object v0, Landroid/os/Build;->BRAND:Ljava/lang/String; //获取build.prop中的BRAND字符串存到寄存器v0
const-string v1, "Samsung" //将字符串 Samsung存到寄存器v1中
invoke-virtual {v0, v1}, Ljava/lang/String;->equalsIgnoreCase(Ljava/lang/String;)Z //比较v0与v1
move-result v0 //将结果移动到v0中
if-eqz v0, :cond_1 //如果相等 跳转cond_1
.line 38
:cond_0
const/4 v0, 0x1
.line 39
:goto_0
return v0
:cond_1
const/4 v0, 0x0
goto :goto_0
.end method
# virtual methods
.method public checkDeviceVendor()Z
.locals 2
.prologue
.line 37
sget-object v0, Landroid/os/Build;->MANUFACTURER:Ljava/lang/String; //获取MANUFACTURER字符串给v0
const-string v1, "Samsung1" //这里我把字符串改为 Samsung1
invoke-virtual {v0, v1}, Ljava/lang/String;->equalsIgnoreCase(Ljava/lang/String;)Z //比较 v0 v1
move-result v0 //结果移动到v0
if-eqz v0, :cond_0 // 等于跳转v0 [实际上怎么可能有工厂名为Samsung1的呢? 不可能,那这里永久为真了]
sget-object v0, Landroid/os/Build;->BRAND:Ljava/lang/String; //获取BRAND存入寄存器v0
const-string v1, "Samsung1" //将Samsung1存入寄存器v1
invoke-virtual {v0, v1}, Ljava/lang/String;->equalsIgnoreCase(Ljava/lang/String;)Z //比较v0 v1
move-result v0 //结果移动到v0
if-nez v0, :cond_1 //如果不等则跳到cond_1 [实际上也不可能有品牌为Samsung1呢? 不可能有? 那就永久跳转到cond_1了 ]
.line 38
:cond_0
const/4 v0, 0x1
.line 39
:goto_0
return v0
:cond_1
const/4 v0, 0x0
goto :goto_0
.end method
.method public checkModelName()Z
.locals 11
.prologue
const/4 v10, 0x4
const/4 v9, 0x3
const/4 v8, 0x2
const/4 v4, 0x1
const/4 v5, 0x0
.line 44
sget-object v0, Landroid/os/Build;->MODEL:Ljava/lang/String;
.line 51
.local v0, "buildModel":Ljava/lang/String;
const/16 v6, 0x17
new-array v3, v6, [Ljava/lang/String;
const-string v6, "SCH-I959"
aput-object v6, v3, v5
const-string v6, "GT-N7102i"
aput-object v6, v3, v4
const-string v6, "GT-I9268"
aput-object v6, v3, v8
const-string v6, "GT-I9500"
aput-object v6, v3, v9
const-string v6, "GT-I9502"
aput-object v6, v3, v10
const/4 v6, 0x5
const-string v7, "GT-I9508"
aput-object v7, v3, v6
const/4 v6, 0x6
const-string v7, "GT-I9508C"
aput-object v7, v3, v6
const/4 v6, 0x7
const-string v7, "SCH-I869"
aput-object v7, v3, v6
const/16 v6, 0x8
const-string v7, "SCH-W789"
aput-object v7, v3, v6
const/16 v6, 0x9
const-string v7, "GT-S6818"
aput-object v7, v3, v6
const/16 v6, 0xa
const-string v7, "GT-S6818V"
aput-object v7, v3, v6
const/16 v6, 0xb
const-string v7, "GT-I8558"
aput-object v7, v3, v6
const/16 v6, 0xc
const-string v7, "SM-G3819D"
aput-object v7, v3, v6
const/16 v6, 0xd
const-string v7, "GT-I9128I"
aput-object v7, v3, v6
const/16 v6, 0xe
const-string v7, "GT-S6812C"
aput-object v7, v3, v6
const/16 v6, 0xf
const-string v7, "GT-I9158"
aput-object v7, v3, v6
const/16 v6, 0x10
const-string v7, "SM-C101"
aput-object v7, v3, v6
const/16 v6, 0x11
const-string v7, "GT-N7108D"
aput-object v7, v3, v6
const/16 v6, 0x12
const-string v7, "GT-I9508C"
aput-object v7, v3, v6
const/16 v6, 0x13
const-string v7, "SM-G3509"
aput-object v7, v3, v6
const/16 v6, 0x14
const-string v7, "GT-I9128E"
aput-object v7, v3, v6
const/16 v6, 0x15
const-string v7, "SM-G3508"
aput-object v7, v3, v6
const/16 v6, 0x16
const-string v7, "SCH-I699I"
aput-object v7, v3, v6
.line 90
.local v3, "modelNamesToDownloadTTS":[Ljava/lang/String;
const/4 v1, 0x0
.local v1, "i":I
:goto_0
array-length v6, v3
if-ge v1, v6, :cond_0
.line 91
aget-object v6, v3, v1
invoke-virtual {v6, v0}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v6
if-eqz v6, :cond_1
.line 92
iput-boolean v5, p0, Lcom/diotek/diodict3/dependency/SamsungChn;->mUseSamSungTTS:Z
.line 97
:cond_0
const/16 v6, 0x45
new-array v2, v6, [Ljava/lang/String;
const-string v6, "SCH-I959"
aput-object v6, v2, v5
const-string v6, "GT-N7102i"
aput-object v6, v2, v4
const-string v6, "GT-I9268"
aput-object v6, v2, v8
const-string v6, "GT-I9500"
aput-object v6, v2, v9
const-string v6, "GT-I9502"
aput-object v6, v2, v10
const/4 v6, 0x5
const-string v7, "GT-I9508"
aput-object v7, v2, v6
const/4 v6, 0x6
const-string v7, "GT-I9508C"
aput-object v7, v2, v6
const/4 v6, 0x7
const-string v7, "SCH-I869"
aput-object v7, v2, v6
const/16 v6, 0x8
const-string v7, "SCH-W789"
aput-object v7, v2, v6
const/16 v6, 0x9
const-string v7, "GT-S6818"
aput-object v7, v2, v6
const/16 v6, 0xa
const-string v7, "GT-S6818V"
aput-object v7, v2, v6
const/16 v6, 0xb
const-string v7, "GT-I8558"
aput-object v7, v2, v6
const/16 v6, 0xc
const-string v7, "SM-G3819D"
aput-object v7, v2, v6
const/16 v6, 0xd
const-string v7, "GT-I9128I"
aput-object v7, v2, v6
const/16 v6, 0xe
const-string v7, "GT-S6812C"
aput-object v7, v2, v6
const/16 v6, 0xf
const-string v7, "GT-I9158"
aput-object v7, v2, v6
const/16 v6, 0x10
const-string v7, "SM-C101"
aput-object v7, v2, v6
const/16 v6, 0x11
const-string v7, "GT-N7108D"
aput-object v7, v2, v6
const/16 v6, 0x12
const-string v7, "GT-I9508C"
aput-object v7, v2, v6
const/16 v6, 0x13
const-string v7, "SM-N9009"
aput-object v7, v2, v6
const/16 v6, 0x14
const-string v7, "SM-G3509"
aput-object v7, v2, v6
const/16 v6, 0x15
const-string v7, "GT-I9128E"
aput-object v7, v2, v6
const/16 v6, 0x16
const-string v7, "SM-G3812"
aput-object v7, v2, v6
const/16 v6, 0x17
const-string v7, "SM-G3502U"
aput-object v7, v2, v6
const/16 v6, 0x18
const-string v7, "SM-G3502"
aput-object v7, v2, v6
const/16 v6, 0x19
const-string v7, "SM-N9002"
aput-object v7, v2, v6
const/16 v6, 0x1a
const-string v7, "SM-N9006"
aput-object v7, v2, v6
const/16 v6, 0x1b
const-string v7, "SM-N9008"
aput-object v7, v2, v6
const/16 v6, 0x1c
const-string v7, "SM-G3508"
aput-object v7, v2, v6
const/16 v6, 0x1d
const-string v7, "SM-W2014"
aput-object v7, v2, v6
const/16 v6, 0x1e
const-string v7, "SCH-I699I"
aput-object v7, v2, v6
const/16 v6, 0x1f
const-string v7, "GT-I8580"
aput-object v7, v2, v6
const/16 v6, 0x20
const-string v7, "GT-S7568I"
aput-object v7, v2, v6
const/16 v6, 0x21
const-string v7, "GT-S7562C"
aput-object v7, v2, v6
const/16 v6, 0x22
const-string v7, "SM-G3818"
aput-object v7, v2, v6
const/16 v6, 0x23
const-string v7, "SCH-I879E"
aput-object v7, v2, v6
const/16 v6, 0x24
const-string v7, "GT-I9118"
aput-object v7, v2, v6
const/16 v6, 0x25
const-string v7, "SCH-N719U"
aput-object v7, v2, v6
const/16 v6, 0x26
const-string v7, "SM-G7109"
aput-object v7, v2, v6
const/16 v6, 0x27
const-string v7, "SCH-I629"
aput-object v7, v2, v6
const/16 v6, 0x28
const-string v7, "SM-G7108"
aput-object v7, v2, v6
const/16 v6, 0x29
sget-object v7, Landroid/os/Build;->MODEL:Ljava/lang/String;
aput-object v7, v2, v6
const/16 v6, 0x2a
const-string v7, "SM-G3502I"
aput-object v7, v2, v6
const/16 v6, 0x2b
const-string v7, "SM-G3502C"
aput-object v7, v2, v6
const/16 v6, 0x2c
const-string v7, "SM-N9008V"
aput-object v7, v2, v6
const/16 v6, 0x2d
const-string v7, "GT-I9082C"
aput-object v7, v2, v6
const/16 v6, 0x2e
const-string v7, "SM-G3508I"
aput-object v7, v2, v6
const/16 v6, 0x2f
const-string v7, "GT-S7278"
aput-object v7, v2, v6
const/16 v6, 0x30
const-string v7, "GT-I9300I"
aput-object v7, v2, v6
const/16 v6, 0x31
const-string v7, "GT-I9308I"
aput-object v7, v2, v6
const/16 v6, 0x32
const-string v7, "GT-I9152P"
aput-object v7, v2, v6
const/16 v6, 0x33
const-string v7, "SM-G9092"
aput-object v7, v2, v6
const/16 v6, 0x34
const-string v7, "SM-G9098"
aput-object v7, v2, v6
const/16 v6, 0x35
const-string v7, "SM-G3509I"
aput-object v7, v2, v6
const/16 v6, 0x36
const-string v7, "SM-G3502I"
aput-object v7, v2, v6
const/16 v6, 0x37
const-string v7, "GT-S7278U"
aput-object v7, v2, v6
const/16 v6, 0x38
const-string v7, "GT-I9158P"
aput-object v7, v2, v6
const/16 v6, 0x39
const-string v7, "SM-G7106"
aput-object v7, v2, v6
const/16 v6, 0x3a
const-string v7, "SM-G3518"
aput-object v7, v2, v6
const/16 v6, 0x3b
sget-object v7, Landroid/os/Build;->MODEL:Ljava/lang/String;
aput-object v7, v2, v6
const/16 v6, 0x3c
const-string v7, "SM-N9009U"
aput-object v7, v2, v6
const/16 v6, 0x3d
const-string v7, "GT-I9168"
aput-object v7, v2, v6
const/16 v6, 0x3e
const-string v7, "SM-G3508J"
aput-object v7, v2, v6
const/16 v6, 0x3f
const-string v7, "SCH-I679"
aput-object v7, v2, v6
const/16 v6, 0x40
const-string v7, "SM-G7108U"
aput-object v7, v2, v6
const/16 v6, 0x41
const-string v7, "GT-I9507V"
aput-object v7, v2, v6
const/16 v6, 0x42
const-string v7, "GT-S7272C"
aput-object v7, v2, v6
const/16 v6, 0x43
const-string v7, "GT-S7898I"
aput-object v7, v2, v6
const/16 v6, 0x44
const-string v7, "GT-I9168I"
aput-object v7, v2, v6
.line 174
.local v2, "modelNames":[Ljava/lang/String;
const/4 v1, 0x0
:goto_1
array-length v6, v2
if-ge v1, v6, :cond_3
.line 175
aget-object v6, v2, v1
invoke-virtual {v6, v0}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
move-result v6
if-eqz v6, :cond_2
.line 179
:goto_2
return v4
.line 90
.end local v2 # "modelNames":[Ljava/lang/String;
:cond_1
add-int/lit8 v1, v1, 0x1
goto/16 :goto_0
.line 174
.restart local v2 # "modelNames":[Ljava/lang/String;
:cond_2
add-int/lit8 v1, v1, 0x1
goto :goto_1
:cond_3
move v4, v5
.line 179
goto :goto_2
.end method
[招生]科锐逆向工程师培训(2024年11月15日实地,远程教学同时开班, 第51期)
|
|
|---|---|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
