0

guys. I want to change function names that I import from static lib, like ProGuard does it with java methods and classes. I think it can make reverse much harder. For example, if I check some file with sha1 I don't want the reverser to know what this function exactly is. He can see some func0024 instead.

Is it possible to make this with standard tools in android cmake? Or if it's not what tools can you advise for this task?

Vlad Kudoyar
  • 371
  • 3
  • 8
  • You're building static libraries that you link into a shared library, and then you load that shared library in your app..? The names of the functions in your static libraries should already be gone in the shared library, unless you're shipping the unstripped library with your app for some reason. – Michael Nov 14 '17 at 16:08
  • i check binary from apk with readelf and it show me unchanged openssl function names. – Vlad Kudoyar Nov 15 '17 at 11:30
  • Try adding `-fvisibility=hidden` to your `LOCAL_CFLAGS` and `-Wl,--exclude-libs,ALL` to your `LOCAL_LDFLAGS`. And make sure you're running `readelf` on the stripped .so file (i.e. not the one in `obj/local`). – Michael Nov 15 '17 at 11:38
  • I build project with cmake. Is it what you mean? `set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fvisibility=hidden -Wl,--exclude-libs,ALL")` It does not work – Vlad Kudoyar Nov 15 '17 at 11:47
  • I check binary directly from apk with objdump -d – Vlad Kudoyar Nov 15 '17 at 11:49
  • The second flag is intended for the linker, so it should probably be added to `STATIC_LIBRARY_FLAGS` rather than `CMAKE_CXX_FLAGS`. – Michael Nov 15 '17 at 11:52
  • I'm sorry, just opened wrong apk. It helped me. Thanks a lot!!! – Vlad Kudoyar Nov 15 '17 at 11:58

1 Answers1

0

According to Michael's answer you should add this line to your CMakeLists.txt file

set(CMAKE_CXX_FLAGS "${CMAKE_CXX_FLAGS} -fvisibility=hidden -Wl,--exclude-libs,ALL")

Vlad Kudoyar
  • 371
  • 3
  • 8
  • See https://stackoverflow.com/questions/2222162/how-to-apply-gcc-fvisibility-option-to-symbols-in-static-libraries for more details. – Michael Nov 15 '17 at 12:04