All geek questions in one place

Can Android apps read or set their variables maliciously?

This does not apply to apk piracy, which I am asking for is code in the apk file.

I know that if you use shared memory and set the mode to the public, people can change the stored values, but what about the code in the application? For example, if I set the variable to public static int in the game, would the external application change these values?

Another question, if I have an application accessing a remote server, can a third-party application change the value of my server that I return back?

Thank you in advance

+4
source share
2 answers

The user can connect with the debugger to any running Android application and change the variables with everything they need.

Another application is another matter, for this, you probably need an embedded device. Or some clever adb interaction.

The spoofing server response is relatively simple if you are managing a network. On a public 3G network - not so much.

+1
source

You can load classes from another apk using createPackageContext or a similar method, and then load the class using another application class loader. I don’t know if you have a copy class that only works in your part of the virtual machine or that you can access the actual class itself that works. An interesting idea to try. I guess this is the first one, and it was protected that way.

0
source

Source: https://habr.com/ru/post/1381556/

More articles:


All Articles