2. 在confuse.sh
文件中添加以下代码
#!/usr/bin/env bash
TABLENAME=symbols
SYMBOL_DB_FILE="symbols"
STRING_SYMBOL_FILE="$PROJECT_DIR/CodeConfuse/confuse/func.list"
CONFUSE_FILE="$PROJECT_DIR/CodeConfuse"
HEAD_FILE="$PROJECT_DIR/CodeConfuse/confuse/CodeConfuse.h"
export LC_CTYPE=C
#取以.m或.h结尾的文件以+号或-号开头的行 |去掉所有+号或-号|用空格代替符号|n个空格跟着<号 替换成 <号|开头不能是IBAction|用空格split字串取第二部分|排序|去重复|删除空行|删掉以init开头的行>写进func.list
grep -h -r -I "^[-+]" $CONFUSE_FILE --include '*.[mh]' |sed "s/[+-]//g"|sed "s/[();,: *\^\/\{]/ /g"|sed "s/[ ]*</</"| sed "/^[ ]*IBAction/d"|awk '{split($0,b," "); print b[2]; }'| sort|uniq |sed "/^$/d"|sed -n "/^nhb_/p" >$STRING_SYMBOL_FILE
#维护数据库方便日后作排重,以下代码来自念茜的微博
createTable()
{
echo "create table $TABLENAME(src text, des text);" | sqlite3 $SYMBOL_DB_FILE
}
insertValue()
{
echo "insert into $TABLENAME values('$1' ,'$2');" | sqlite3 $SYMBOL_DB_FILE
}
query()
{
echo "select * from $TABLENAME where src='$1';" | sqlite3 $SYMBOL_DB_FILE
}
ramdomString()
{
openssl rand -base64 64 | tr -cd 'a-zA-Z' |head -c 16
}
rm -f $SYMBOL_DB_FILE
rm -f $HEAD_FILE
createTable
touch $HEAD_FILE
#这里也要做修改
echo '#ifndef CodeConfuse_h
#define CodeConfuse' >> $HEAD_FILE
echo "//confuse string at `date`" >> $HEAD_FILE
cat "$STRING_SYMBOL_FILE" | while read -ra line; do
if [[ ! -z "$line" ]]; then
ramdom=`ramdomString`
echo $line $ramdom
insertValue $line $ramdom
echo "#define $line $ramdom" >> $HEAD_FILE
fi
done
echo "#endif" >> $HEAD_FILE
sqlite3 $SYMBOL_DB_FILE .dump
混淆代码被拒回复
Guideline 2.3.1 - Performance
We discovered that your app contains hidden features. Specifically, It would be appropriate to remove all code obfuscation and selector mangling or to explain in detail the purpose of its inclusion before resubmitting for review.
Guideline 2.3.1 - Performance
We discovered that your app contains hidden features. Specifically, it would be appropriate to remove this app's implementation of the ConfuseCode library before resubmitting for review.
You will experience a delayed review process if you deliberately disregard the App Store Review Guidelines, ignore previous rejection feedback in future app submissions, or use your app to mislead or deceive users.
Important Information
As a result of violating this guideline, your app’s review has been delayed. Future submissions of this app, and other apps associated with your Apple Developer account, will also experience a delayed review. Deliberate disregard of the App Store Review Guidelines and attempts to deceive users or undermine the review process are unacceptable and is a direct violation Section 3.2(f) of the Apple Developer Program License Agreement. Continuing to violate the Terms & Conditions of the Apple Developer Program will result in the termination of your account, as well as any related or linked accounts, and the removal of all your associated apps from the App Store.
We want to provide a safe experience for users to get apps and a fair environment for for all developers to be successful. If you believe we have misunderstood or misinterpreted the intent of your app, you may submit an appeal for consideration or provide additional clarification by responding directly to this message in Resolution Center in iTunes Connect.
代码混淆参考
ios审核被拒4.3(马甲包该如何上架)
ios第一次提交审核被拒第二次就被无限延时的解决方案
iOS原生应用与SDK马甲包安全之代码混淆的设计实现
https://www.cnblogs.com/shenlaiyaoshi/p/8831109.html
https://blog.csdn.net/ShuTongIt/article/details/80886573
https://github.com/LennonChin/Code-Confuse-Plugin/blob/master/README_zh-cn.md
http://www.devashen.com/blog/2018/07/10/zi-dong-sheng-cheng-swifthun-yao-wen-jian/
https://www.jianshu.com/p/81d12dfab374
https://my.oschina.net/FEEDFACF/blog/1627398
源码参考
https://github.com/lyzz0612/iosMixTools
https://github.com/JonorZhang/iOSConfuse
https://github.com/heqingliang/CodeObfus
https://blog.csdn.net/yao1500/article/details/80181403
https://www.yaozuopan.top/web/index.php/71.html
第三方APP加固
http://www.ijiami.cn/
https://www.dingxiang-inc.com/
http://dun.163.com/product/ios-reinforce?from=baiduP_YYJG_IOS724
https://www.kiwisec.com/product/app-encrypt.html
http://www.zhisuyun.top/#/product/app-store
混淆包给予拒绝通过
马甲包绕过审核技巧整理https://blog.csdn.net/sacrifice123/article/details/81203947