I am writing android application. Now I want to protect Activity classes. I use proGuard for obfuscation but when i decompile my apk with fernflower i can see full source code. I downloaded apk from play google and tryed to decompile it and could not decompiled onCreate method. Maybe someone know how could i protect my code. Maybe custom class loader? But how i know it's need to pass the path to dex file but if apk will be odexed my programm will fall.
Asked
Active
Viewed 769 times
1
-
possible duplicate of [How to avoid reverse engineering of an APK file?](http://stackoverflow.com/questions/13854425/how-to-avoid-reverse-engineering-of-an-apk-file) – Henry Sep 01 '14 at 10:02
1 Answers
1
When you say you could "see full source code", were your class and variable names obfuscated? The purpose of Proguard is to make reverse-engineering difficult by substituting names of classes and variables. It does not prevent someone from disassembling the APK into something that looks like source code; it just potentially makes it much harder (or more time consuming) to reverse engineer and modify the code.
When you attempted to decompile the other Play application and couldn't see the decompiled onCreate() then perhaps there was an error of some sort in the disassembly processes. My limited experience with these tools is that they aren't perfect and sometimes various methods don't get successfully decompiled into something that represents source.
If your class names (specifically, your own classes as opposed to OS classes) and variable names are not being obfuscated then you need to fix your Proguard configuration.
Trevor
- 10,903
- 5
- 61
- 84