某APP中模拟器检测分析

以下的只是分享检测的一部分实现，并且仅为技术研究。

1.检测模拟器的实现

1.检测模拟器的 imsi的 id是否是310260000000000
具体的实现：先判断是否有android.permission.READ_PHONE_STATE权限，在判断当前的运行环境的imsi id 是否是310260000000000这个值，以及判断VoiceMailNumbe是否等于15552175049和 GetDeviceId等于"000000000000000", "012345678912345"这两串值。

private static boolean a(Context context, String str, String[] strArr, String str2) {    boolean z;    boolean z2;    boolean z3;    String[] strArr2;    if (context.getPackageManager().checkPermission("android.permission.READ_PHONE_STATE", context.getPackageName()) == 0) {        z = true;    } else {        z = false;    }    if (z) {        z2 = false;        for (String str3 : d) {            if (z2 || StringUtils.equal(str3, str)) {                z2 = true;            } else {                z2 = false;            }        }    } else {        z2 = false;    }    if (strArr != null) {        for (String equal : strArr) {            if (StringUtils.equal(equal, "310260000000000") || z2) {                z3 = true;            } else {                z3 = false;            }        }    }    if (z2 || StringUtils.equal(str2, "15552175049")) {        return true;    }    return false;}

2.检测模拟器的驱动文件内容
具体的检测步骤：判断/proc/tty/drivers 文件是否存在是否可读取。可读情况下读取出具体的内容数据进行比对是否包含goldfish字符串

private static String[] b = {"goldfish"};
private static Boolean a() {

    String str;    File file = new File("/proc/tty/drivers");    if (!file.exists() || !file.canRead()) {        String str2 = "EmulatorChecker";        StringBuilder sb = new StringBuilder("can not read file /proc/tty/drivers ，because");        if (file.exists()) {            str = "not exist";        } else {            str = "not readable";        }        sb.append(str);        Logger.e(str2, sb.toString());    } else {        byte[] bArr = new byte[1024];        try {            FileInputStream fileInputStream = new FileInputStream(file);            fileInputStream.read(bArr);            fileInputStream.close();        } catch (Exception unused) {        }        String str3 = new String(bArr);        for (String contains : b) {            if (str3.contains(contains)) {                return Boolean.TRUE;            }        }    }    return Boolean.FALSE;}

3.检测模拟器的特定文件及文件属性
具体的步骤：判断读取指定的文件及文件属性，以及判断特有的Genymotion模拟器，采用的是ro.product.manufacturer 读取的手机厂商的方式

private static int a(h hVar) {

    int i;    int i2;    String[] strArr = {"/system/bin/qemu_props", "/system/bin/androVM-prop", "/system/bin/microvirt-prop", "/system/lib/libdroid4x.so", "/system/bin/windroyed", "/system/bin/microvirtd", "/system/bin/nox-prop", "/system/bin/ttVM-prop", "/system/bin/droid4x-prop", "/data/.bluestacks.prop"};    String[] strArr2 = {"init.svc.vbox86-setup", "init.svc.droid4x", "init.svc.qemud", "init.svc.su_kpbs_daemon", "init.svc.noxd", "init.svc.ttVM_x86-setup", "init.svc.xxkmsg", "init.svc.microvirtd", "ro.kernel.android.qemud", "androVM.vbox_dpi", "androVM.vbox_graph_mode"};    int i3 = 0;    for (int i4 = 0; i4 < 10; i4++) {        if (a(strArr[i4])) {            i2 = 1 << i4;        } else {            i2 = 0;        }        i3 |= i2;        a(strArr[i4]);    }    int i5 = 10;    for (int i6 = 0; i6 < 11; i6++) {        String str = strArr2[i6];        if (StringUtils.isEmpty(hVar.a(str))) {            i = 0;        } else {            i = 1 << i5;        }        i3 |= i;        StringUtils.isEmpty(hVar.a(str));        i5++;    }    Pair pair = new Pair("ro.product.manufacturer", "Genymotion");    String a2 = hVar.a((String) pair.first);    if (StringUtils.isEmpty(a2) || !a2.contains((CharSequence) pair.second)) {        return i3;    }    return i3 | (1 << i5);}

4.判断指定的设备文件是否存在
判断下面三个文件是否存在

private static String[] c = {"/dev/socket/qemud", "/dev/qemu_pipe", "/dev/qemu_trace"};

private static boolean a(String str) {

    if (StringUtils.isEmpty(str)) {        return false;    }    File file = new File(str);    if (file.exists()) {        return true;    }    try {        new FileInputStream(file);        return true;    } catch (FileNotFoundException e) {        if (!e.getMessage().contains("No such file or directory")) {            return true;        }        return false;    }}