0

I try to decompile youtube android application and modify it but when I build the application and install on a virtual device faced with below error:

E/AndroidRuntime(1782): java.lang.VerifyError: Rejecting class 
com.google.android.apps.youtube.app.YouTubeApplication because it failed compile-time 
verification (declaration of 'com.google.android.apps.youtube.app.YouTubeApplication' 
appears in /data/ap /com.google.android.youtube-1/base.apk)
  • I use APKTOOL for decompiling and build Smali sources.
  • I create a PowerConnectionReceiever.smali and copy it to com\google\android\apps\youtube\app\ directory then try to register my receiver to com\google\android\apps\youtube\app\YouTubeApplication.smali in onCreate method
  • also add receiver declaration in AndroidManifest.xml and convert it to bytecode then copy it to youtube project directory
  • when I ask about it from the experts they tell me it occurs because of Google Tamper Detection Mechanism.

I want to know about those mechanisms. can anyone help me?

thanks for helping

----------------------- Edit ---------------------

I just modify signing certificate check in two file anex.smali and nlo.smali and faced with this error when run app:

E/AndroidRuntime(1665): java.lang.VerifyError: Verifier rejected class
com.google.android.apps.youtube.app.YouTubeApplication due to bad method
void com.google.android.apps.youtube.app.YouTubeApplication.onCreate() 
(declaration of 'com.google.android.apps.youtube.app.YouTubeApplication'
appears in /data/app/com.google.android.youtube-1/base.apk)

AndroidManifest.xml

<application android:backupAgent="com.google.android.apps.youtube.app.application.backup.YouTubeBackupAgent" 
    android:hardwareAccelerated="true" 
    android:icon="@mipmap/ic_launcher"
    android:label="@string/application_name"
    android:largeHeap="true"
    android:logo="@drawable/action_bar_logo_release"
    android:name="com.google.android.apps.youtube.app.YouTubeApplication"
    android:restoreAnyVersion="true"
    android:roundIcon="@mipmap/ic_launcher_round"
    android:supportsRtl="@bool/supports_rtl"
    android:theme="@style/Theme.YouTube.Light">
    <meta-data android:name="android.max_aspect" android:value="2.1"/>
    <meta-data android:name="com.google.android.backup.api_key" android:value="AEdPqrEAAAAIXi58ScnYbhPAPl8s4DjDkSik7XGKNcn8YqfZFg"/>
    <meta-data android:name="to.dualscreen" android:value="true"/>
    <meta-data android:name="com.google.android.apps.youtube.config.BuildType" android:value="RELEASE"/>
    <receiver android:enabled="true" android:exported="true" android:name="com.google.android.apps.youtube.app.PowerConnectionReceiver">
        <intent-filter>
            <action android:name="android.intent.action.ACTION_POWER_CONNECTED"/>
            <action android:name="android.intent.action.ACTION_POWER_DISCONNECTED"/>
        </intent-filter>
    </receiver>

YouTubeApplication.smali :

#####MY_CODE####
.field private mPower:Lcom/google/android/apps/youtube/app/PowerConnectionReceiver;
.
.
.
.method public onCreate()V
.
.
.
    .line 101
     invoke-super {p0}, Lcvu;->onCreate()V
     #####MY_CODE####
     new-instance v0, Landroid/content/IntentFilter;
     invoke-direct {v0}, Landroid/content/IntentFilter;-><init>()V
     .local v0, "filter":Landroid/content/IntentFilter;
     const-string v1, "ACTION_POWER_CONNECTED"
     invoke-virtual {v0, v1}, Landroid/content/IntentFilter;->addAction(Ljava/lang/String;)V
     new-instance v1, Lcom/google/android/apps/youtube/app/PowerConnectionReceiver;
     invoke-direct {v1}, Lcom/google/android/apps/youtube/app/PowerConnectionReceiver;-><init>()V
     move-object/from16 v2, p0
     iput-object v1, v2, Lcom/google/android/apps/youtube/app/YouTubeApplication;->mPower:Lcom/google/android/apps/youtube/app/PowerConnectionReceiver;
     iget-object v1, v2, Lcom/google/android/apps/youtube/app/YouTubeApplication;->mPower:Lcom/google/android/apps/youtube/app/PowerConnectionReceiver;
     invoke-virtual {v2, v1, v0}, Lcom/google/android/apps/youtube/app/YouTubeApplication;->registerReceiver(Landroid/content/BroadcastReceiver;Landroid/content/IntentFilter;)Landroid/content/Intent;
    ...
.end method

PowerConnectionReceiver.smali :


   .class public Lcom/google/android/apps/youtub/app/PowerConnectionReceiver;
   .super Landroid/content/BroadcastReceiver;
   .source "PowerConnectionReceiver.java"
    #direct methods
   .method public constructor ()V
       .locals
       .prologue
       .line 8
       invoke-direct {p0}, Landroid/content/BroadcastReceiver;->()V
       return-void
   .end method
   #virtual methods
   .method public onReceive(Landroid/content/Context;Landroid/content/Intent;)V
        .locals 3
        .param p1, "context"    # Landroid/content/Context;
        .param p2, "intent"    # Landroid/content/Intent;
        .prologue
        .line 11
        invoke-virtual {p2}, Landroid/content/Intent;->getAction()Ljava/lang/String;
        move-result-object v0
        .line 12
        .local v0, "action":Ljava/lang/String;
        const-string v1, "android.intent.action.ACTION_POWER_CONNECTED"
        invoke-virtual {v0, v1}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z
        move-result v1
        if-eqz v1, :cond_0
        .line 13
        const-string v1, "POWER_CONNECTION_MESSAGE"
        const/4 v2, 0x1
        invoke-static {p1, v1, v2}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;
        move-result-object v1
        invoke-virtual {v1}, Landroid/widget/Toast;->show()V
        .line 15
        :cond_0
        return-void
    .end method

i don't know why this happen?

Improve this question

2 Answers 2

Reset to default
0

You'll have to reverse engineer it yourself to find the tamper detection mechanisms. My guess is that an app like Youtube uses quite a few. At the very least, it will almost certainly use Safety Net Attestation.

That being said, the error you are getting isn't from the app. That error means that the app bytecode you are trying to run is invalid, which means you screwed up when modifying the app. Did you make any changes to the smali when you rebuilt it? Also, the verfier should post a more detailed error message, so it would be helpful if you could post the complete error.

Improve this answer
0
0

I found the problem after reviewing the code, it's for setting v1 (variable register), here:

const-string v1, "ACTION_POWER_CONNECTED"

V1 are used before in this line :

const/4 v1, 0x0

and i reuse it! so i rename it to v3 and problem solved.

Improve this answer

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.