知识杂记 - 马甲包技巧整理 - 《iOS学习笔记》

混淆代码被拒回复
代码混淆参考
- 源码参考
第三方APP加固

2. 在confuse.sh文件中添加以下代码

#!/usr/bin/env bash
TABLENAME=symbols
SYMBOL_DB_FILE="symbols"
STRING_SYMBOL_FILE="$PROJECT_DIR/CodeConfuse/confuse/func.list"
CONFUSE_FILE="$PROJECT_DIR/CodeConfuse"
HEAD_FILE="$PROJECT_DIR/CodeConfuse/confuse/CodeConfuse.h"
export LC_CTYPE=C
#取以.m或.h结尾的文件以+号或-号开头的行 |去掉所有+号或－号|用空格代替符号|n个空格跟着<号 替换成 <号|开头不能是IBAction|用空格split字串取第二部分|排序|去重复|删除空行|删掉以init开头的行>写进func.list
grep -h -r -I  "^[-+]" $CONFUSE_FILE  --include '*.[mh]' |sed "s/[+-]//g"|sed "s/[();,: *\^\/\{]/ /g"|sed "s/[ ]*</</"| sed "/^[ ]*IBAction/d"|awk '{split($0,b," "); print b[2]; }'| sort|uniq |sed "/^$/d"|sed -n "/^nhb_/p" >$STRING_SYMBOL_FILE
#维护数据库方便日后作排重,以下代码来自念茜的微博
createTable()
{
echo "create table $TABLENAME(src text, des text);" | sqlite3 $SYMBOL_DB_FILE
}
insertValue()
{
echo "insert into $TABLENAME values('$1' ,'$2');" | sqlite3 $SYMBOL_DB_FILE
}
query()
{
echo "select * from $TABLENAME where src='$1';" | sqlite3 $SYMBOL_DB_FILE
}
ramdomString()
{
openssl rand -base64 64 | tr -cd 'a-zA-Z' |head -c 16
}
rm -f $SYMBOL_DB_FILE
rm -f $HEAD_FILE
createTable
touch $HEAD_FILE
#这里也要做修改
echo '#ifndef CodeConfuse_h
#define CodeConfuse' >> $HEAD_FILE
echo "//confuse string at `date`" >> $HEAD_FILE
cat "$STRING_SYMBOL_FILE" | while read -ra line; do
if [[ ! -z "$line" ]]; then
ramdom=`ramdomString`
echo $line $ramdom
insertValue $line $ramdom
echo "#define $line $ramdom" >> $HEAD_FILE
fi
done
echo "#endif" >> $HEAD_FILE
sqlite3 $SYMBOL_DB_FILE .dump

混淆代码被拒回复

Guideline 2.3.1 - Performance
We discovered that your app contains hidden features. Specifically, It would be appropriate to remove all code obfuscation and selector mangling or to explain in detail the purpose of its inclusion before resubmitting for review.

Guideline 2.3.1 - Performance
We discovered that your app contains hidden features. Specifically, it would be appropriate to remove this app's implementation of the ConfuseCode library before resubmitting for review.
You will experience a delayed review process if you deliberately disregard the App Store Review Guidelines, ignore previous rejection feedback in future app submissions, or use your app to mislead or deceive users.
Important Information
As a result of violating this guideline, your app’s review has been delayed. Future submissions of this app, and other apps associated with your Apple Developer account, will also experience a delayed review. Deliberate disregard of the App Store Review Guidelines and attempts to deceive users or undermine the review process are unacceptable and is a direct violation Section 3.2(f) of the Apple Developer Program License Agreement. Continuing to violate the Terms & Conditions of the Apple Developer Program will result in the termination of your account, as well as any related or linked accounts, and the removal of all your associated apps from the App Store. 
We want to provide a safe experience for users to get apps and a fair environment for for all developers to be successful. If you believe we have misunderstood or misinterpreted the intent of your app, you may submit an appeal for consideration or provide additional clarification by responding directly to this message in Resolution Center in iTunes Connect.

马甲包技巧整理

混淆代码被拒回复

代码混淆参考

源码参考

第三方APP加固