A quick guide on how to reverse engineer Android .apk files.

 

ApkTool

 
A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.

https://ibotpeaches.github.io/Apktool/

How to use
java -jar apktool_2.3.3.jar d myapp.apk
Use ApkTool to get .smali files and a human-readable manifest xml file.

 

dex2jar

 
Tools to work with android .dex and java .class files.

dex-reader/writer: Read/write the Dalvik Executable (.dex) file. It has a light weight API similar with ASM.
d2j-dex2jar: Convert .dex file to .class files (zipped as jar)
smali/baksmali: disassemble dex to smali files and assemble dex from smali files. different implementation to smali/baksmali, same syntax, but we support escape in type desc “Lcom/dex2jar\t\u1234;”
other tools: d2j-decrypt-string

https://github.com/pxb1988/dex2jar

How to use
d2j-dex2jar.bat myapp.apk
The output file will be base-dex2jar.jar.

 

JD-GUI

 
JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields.

http://jd.benow.ca/

How to use
> Run JD-GUI.
> Load the .jar file generated from the dex2jar tool.
> Choose File -> Save All Sources.

 

Eclipse IDE for Java Developers

 
The essential tools for any Java developer, including a Java IDE, a Git client, XML Editor, Mylyn, Maven and Gradle integration.

https://www.eclipse.org/downloads/

How to use
> Run Eclipse IDE.
> Create a JAVA project.
> Load sources files generated from the JD-GUI tool.

About the Author:

maldevel

Add Comment

This site uses Akismet to reduce spam. Learn how your comment data is processed.