M8: Code Tampering
M8: Code Tampering
Applications can be modified and redistributed with malicious modifications. Anti-tampering measures help detect and prevent such attacks.
// Android - Anti-tampering implementation
class AntiTamperingManager(private val context: Context) {
// Comprehensive tampering detection
class TamperDetection {
// Verify application signature
fun verifySignature(): Boolean {
try {
val packageInfo = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
context.packageManager.getPackageInfo(
context.packageName,
PackageManager.GET_SIGNING_CERTIFICATES
)
} else {
@Suppress("DEPRECATION")
context.packageManager.getPackageInfo(
context.packageName,
PackageManager.GET_SIGNATURES
)
}
val signatures = if (Build.VERSION.SDK_INT >= Build.VERSION_CODES.P) {
packageInfo.signingInfo.apkContentsSigners
} else {
@Suppress("DEPRECATION")
packageInfo.signatures
}
val expectedSignature = BuildConfig.EXPECTED_SIGNATURE
return signatures.any { signature ->
val currentSignature = Base64.encodeToString(
MessageDigest.getInstance("SHA-256").digest(signature.toByteArray()),
Base64.NO_WRAP
)
currentSignature == expectedSignature
}
} catch (e: Exception) {
return false
}
}
// Check for debugger
fun isDebuggerAttached(): Boolean {
return Debug.isDebuggerConnected() ||
Debug.waitingForDebugger() ||
checkDebuggerPorts()
}
private fun checkDebuggerPorts(): Boolean {
val debugPorts = listOf(5037, 5038, 5039) // Common ADB ports
return debugPorts.any { port ->
try {
Socket("127.0.0.1", port).use { true }
} catch (e: Exception) {
false
}
}
}
// Verify installer
fun verifyInstaller(): Boolean {
val validInstallers = listOf(
"com.android.vending", // Google Play Store
"com.amazon.venezia", // Amazon App Store
BuildConfig.APPLICATION_ID // Self-signed for testing
)
val installer = context.packageManager.getInstallerPackageName(context.packageName)
return installer in validInstallers
}
// Check file integrity
fun verifyFileIntegrity(): Boolean {
val apkPath = context.packageCodePath
val apkFile = File(apkPath)
// Calculate checksum
val checksum = calculateFileChecksum(apkFile)
val expectedChecksum = getExpectedChecksum()
return checksum == expectedChecksum
}
private fun calculateFileChecksum(file: File): String {
val digest = MessageDigest.getInstance("SHA-256")
file.inputStream().use { input ->
val buffer = ByteArray(8192)
var read: Int
while (input.read(buffer).also { read = it } != -1) {
digest.update(buffer, 0, read)
}
}
return digest.digest().joinToString("") { "%02x".format(it) }
}
// Native library verification
external fun verifyNativeLibraries(): Boolean
companion object {
init {
System.loadLibrary("tamper-check")
}
}
}
// Response to tampering detection
class TamperResponse {
fun handleTampering(detectionType: TamperType) {
when (detectionType) {
TamperType.SIGNATURE_MISMATCH -> {
// Log event
logSecurityEvent("signature_mismatch")
// Disable sensitive features
disableSensitiveFeatures()
// Notify server
notifyServer(detectionType)
}
TamperType.DEBUGGER_ATTACHED -> {
// Crash the app
throw SecurityException("Security violation detected")
}
TamperType.INVALID_INSTALLER -> {
// Show warning
showSecurityWarning()
// Limit functionality
enableSafeMode()
}
TamperType.FILE_MODIFIED -> {
// Wipe sensitive data
clearSensitiveData()
// Force re-authentication
forceLogout()
}
}
}
}
enum class TamperType {
SIGNATURE_MISMATCH,
DEBUGGER_ATTACHED,
INVALID_INSTALLER,
FILE_MODIFIED
}
}