"Sanitise" a rogue lockscreen? - Printable Version +- The Bytecode Club - Reverse Engineering Forum (https://the.bytecode.club) +-- Forum: Lobby (https://the.bytecode.club/forumdisplay.php?fid=1) +--- Forum: Programming (https://the.bytecode.club/forumdisplay.php?fid=86) +--- Thread: "Sanitise" a rogue lockscreen? (/showthread.php?tid=36917) |
"Sanitise" a rogue lockscreen? - huckleberrypie - 12-13-2016 Thought I'd register here since I am looking for some aid regarding a lock screen that came with a counterfeit phone I am toying around with for the lulz.
I mean, it's a shame that the app's infected, yet it did a rather accurate recreation of the default Galaxy S7 lock screen. Simply deleting it off my phone would end up with a rather boring default lock icon, yet I don't want ads to fly right up my face either.
I baksmali'd the code with the usual tools, and on my first attempt I simply culled out the lines referencing snowfox, ryg and fqhx, which make up the adware/PUP stuff, recompiled and pushed it back to my phone. It did install, but the app simply refused to load although curiously the stock Android lock icon didn't show up. To be honest I am no Java expert so please bear with me, but I can more or less understand what some of the code does especially when decompiled to (pseudo) Java code, but I am struggling to find a way on how to bypass the rogue SDK; my plan is to use intent and system service code from a number of lockscreen apps on Github, as I assume that it would be theoretically possible to use that for the bootstrap instead of the malware.
APK: http://d-h.st/8rQU Decompiled Java: http://d-h.st/OnkU Smali: http://d-h.st/S2oe |