Thread Rating:
  • 0 Vote(s) - 0 Average
  • 1
  • 2
  • 3
  • 4
  • 5
"Sanitise" a rogue lockscreen?
#1
Thought I'd register here since I am looking for some aid regarding a lock screen that came with a counterfeit phone I am toying around with for the lulz.

I mean, it's a shame that the app's infected, yet it did a rather accurate recreation of the default Galaxy S7 lock screen. Simply deleting it off my phone would end up with a rather boring default lock icon, yet I don't want ads to fly right up my face either.

I baksmali'd the code with the usual tools, and on my first attempt I simply culled out the lines referencing snowfox, ryg and fqhx, which make up the adware/PUP stuff, recompiled and pushed it back to my phone. It did install, but the app simply refused to load although curiously the stock Android lock icon didn't show up. To be honest I am no Java expert so please bear with me, but I can more or less understand what some of the code does especially when decompiled to (pseudo) Java code, but I am struggling to find a way on how to bypass the rogue SDK; my plan is to use intent and system service code from a number of lockscreen apps on Github, as I assume that it would be theoretically possible to use that for the bootstrap instead of the malware.

APK: http://d-h.st/8rQU
Decompiled Java: http://d-h.st/OnkU
Smali: http://d-h.st/S2oe
Reply
 


Messages In This Thread
"Sanitise" a rogue lockscreen? - by huckleberrypie - 12-13-2016, 11:51 PM

Forum Jump:


Users browsing this thread: 1 Guest(s)

About The Bytecode Club

We're a community forum focused on Reverse Engineering, we try to target Java/Android but we also include other langauges/platforms. We pride ourselves in supporting and free and open sourced applications.

Website