Protect Unity3D Android APK

Protect Unity3D Android APK

Introduction

Virbox Protector support to protect/encrypt the Unity3D Android APK compiled in Mono framework and IL2CPP mode.

Virbox Protector supports to protect Unity3D Android APK in both GUI tool and CLI tool.

With Virbox Protector, Developer protect/encrypt the whole Unity3D directory and critical libs and data assets for Unity3D android Apk, includes:

Assembly-CSharp-firstpass.dll, Assembly-CSharp.dll, global-metadata.dat, other C# assemblies ​ and Unity3D data assets (.resS and resource)

​and also to protect the Unity3D Android APK in general protection with following functions:

Anti- debugging, Anti-Injection and other features.

Here we use Virbox Protector GUI tool to show the protection process to Unity3D android APK step by step. and introduce the protection process by Virbox Protector CLI tool in second part.

For more detail, you may also refer to the User Manual_Virbox Protector Standalone or contact us.

Protect Unity3D Android APK in 5 steps

  1. Import Android Unity3D APK: Drag related APK into Virbox Protector;

  2. Setting to protect the C# dll, gloabl metadata and protect Unity3D APK in general in "Protection Option" tab;

  3. Setting to protect the Unity3D APK Resource in "Resource Encryption";

  4. Click to start "Protection" Process;

  5. Back up source APK and use the protected APK for further testing or distribution.

Prerequisites

Sign-up Virbox Protector to apply trial license and install the Virbox Protector;

Open Virbox Protector and sign in your account with your trial password

Above prerequisites is for test/evaluation Virbox Protector only.

To protect formal and commercial release software, pls purchase and get the related Virbox Protector license.

Protection Process (Virbox Protector GUI tools)

1. Import Android Unity3D APK:

Drag related APK into Virbox Protector; Then Virbox Protector will parse the Unity3D android APK automatically. and show Android APK information in the "Basic info" tabs, Virbox Protector support to portect the Unity3D application both in Mono framework and IL2CPP mode. As shown as a snapshot below:

2. Protect the C# dll, global metadata and protect Unity3D APK in general in "Protection Option"

Go to "Protection Option" to set:

2.1 Output path and output file name, click the box in right to change output path and name; otherwise the protectd APK file will saved in the new sub directory will be created in same directory.

2.2 Set the protection option to Android APK in General to prevent debugging and decompiling

2.3 Signature and keystore path setting

For IL2CPP and Mono frame based APK, the configuration may slightly different:

For metadata in IL2CPP, Virbox Protector will encrypt metadata on default.

Developer can click to select other protection option to protect APK in general; (the description/function to each protection option setting as shown as below)

Developer can click to enable signing and set the signature, input keystore file and password

For Unity3D Android APK based on Mono framework, the Virbox Protector GUI shown as attached below:

The Assembly-CSharp-firstpass.dll, Assembly-CSharp.dll will be encrypted on default by Virbox protector, you can add other C# assemblies by click "+" if necessary. and click to select other protection options, as shown attached below:

Protection Option Setting summary:

Click and Select the "Memo Check", to verify memo and check memo integrity(effective to IL2CPP project);

Click and Select the "Unity Engine Encryption", to protect the unity engine and enhance security;

"Meta Data encryption", will be selected on default, to prevent be parsed and dumped in execution;

Click and Select the "Name Obfuscation of Meta " button, to obfuscate the name of method metadata (effective to IL2CPP project);

Click and Select the "Anti-Debugging" button, then when the debugger use the IDA or other third party debug tools to debug the protected Android Apk, the protected APK will exit directly;

Click to enable the "Signature Check" and input "keystore" fileand password to prevent tampering;

Click to select "Enable Sign" button to enable "signature Check" feature.

Click and select the Anti-injection, to prevent the other session to add debugging or injection.

Click and select "Emulator Detection", to prevent the App running in the emulator environment'

Click and Select "Root Detection" to prevent the App running in the rooted device;

Click and Select "Multi-Parallel Detection" to prevent app running with multiple account;

Sign Setting

Click and "enable sign" to set/input keystore file, path and password. etc;

Sign Setting

For AAB applications,

In case you click and select the "Sign check", then you can Not select the Google to keep, manage your apps and password. So, you can either to select this option. but Not use Google Play store to manage the signature file, or Not select this option and use Google Play Store to manage your signature file when publish your applications;

If you use "Google" to keep and manage your keys, then the keys which used for published in Google playstore must be consistent with the key which used in Virbox Protector.

3. Protect Unity3D APK Resource in "Resource Encryption" tab

Go to "Resource Encryption" tab, developer can set and protect the data assets and resource of Unit3D android APK here.

  1. Click "Enable" to enable the "Resource Encryption", to protect the resource, data asset which attached in the Unity3D projects.

  2. Click the "Favor Size", it means to set the prioritize the compression size than security, if you click to select this option, the protected APK size will much compressed, but the APK security will be lower than that of not selection of this option.

  3. Click "Select Files", it will list all of resource file contained in the APK, then click to select those file which need to be encrypted.

4. Click to start "Protection" Process

When you finalize all above selection, click the button "Protect Selected Projects" to start the protection process (it will take some times to protect a large size of APK, pls wait):

Go to the output folder, you will following new file has been generated

The first sub directory new created :\protected, which save the protected file, entry this sub directroy, you can find the protected apk file

The second file is source APK, it is your original APK which not protected. pls DON't distribute this APK.

The thrd file: xxxx.apk.ssp is the configuration file to save your protection options, pls keep it.

If the files protected is AAB project, similar file will be generated. but suffix is aab, not apk.

pls don't use the trial version of Virbox Protector to protect and harden your APK or AAB project if you want to publish your project in the Google Store, instead to use formal release Virbox Protector to protect and harden the APK which will be published in the Google Store.

5. Back up source APK and use the protected APK to test etc.

Next, you need to save the unprotect APK to another folder, keep it. don't distribute the unprotected APK to publish. and also save and keep the configuration file.

Use the protected APK for further testing or publish or distribute later.

Pls do not publish your protected app which protected by Virbox Protector trial version, pls contact our sales to get the formal release version to protect your application and published.

Protection Process (Virbox Protector CLI tool)

Use Virbox Protector GUI to Generate the configuration file (Optional)

Virbox Protector support developer to protect/encrypt Unity3D Android APK with 2 ways, GUI and CLI mode. Here we introduce the protection process for how to use Virbox Protector CLI tool to protect a Unity3D Android APK,

1. Generate a "configuration" file

Before to start protection, you need to generate a "configuration" file which store the setting information of "protection option" to the APK which need to protected.

Open Virbox Protector Standalone GUI tool and sign in with your account and password.

Please refer the protection process by use of Virbox Protector GUI tool in above to set the configuration to Function option, Protection option and Resource Encryption. and click "Save All Configuration" to generate the "configuration" file, which suffix is .ssp.

Go to the output folder, you will find a new xxxx.apk.ssp file has been generated in the output folder.

To generate a configuration file is optional, if no configuration generated, then when you use Virbox Protector CLI tool to protect APK/AAB file, the protected APK/AAB will not be signed, on default.

2. Find the Virbox Protector CLI tools installed in your machine

Go to the Virbox protector's installation folder in your machine, and find the virboxprotector_con,exe and open it in command line terminal:

The on default installation directory in windows system is:

C:\Program Files\senseshield\Virbox Protector 2 Trial\bin

The on default installation directory in Linux system is:

/usr/share/virboxprotector/bin

Input:

virboxprotector_con.exe

to view the help info:

3 Use Virbox Protector CLI tool to protect your Unity3D Android APK

Please put the configuration file which generated by Virbox Protector GUI tool in first step into the same directory of the Unity3D Android APK located.

Use following command to execute the protection:

path of “VirboxProtector_con\VirboxProtector_con” “the path of the android apk to be protected\apk name” -u3d –o “the directory of the output path of the Android apk\APK name”

system will return with "succeed" when protection completed

see sample in below.

If the license of Virbox Protector to unity3D program can not be found, it shows as the snapshot below:

error, can not find the license

if so, you need to contact Virbox to purchase the License of Virbox protector which commercial released and use formal license to protect your Unity3D Android APK or AAB projects.

Last updated