A quick guide on how to reverse engineer Android .apk files.  

ApkTool

  A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc. https://ibotpeaches.github.io/Apktool/ How to use java -jar apktool_2.3.3.jar d myapp.apk Use ApkTool to get .smali files and a human-readable manifest xml file.  

dex2jar

  Tools to work with android .dex and java .class files. dex-reader/writer: Read/write the Dalvik Executable (.dex) file. It has a light weight API similar with ASM. d2j-dex2jar: Convert .dex file to .class files (zipped as jar) smali/baksmali: disassemble dex to smali files and assemble dex from smali files. different implementation to smali/baksmali, same syntax, but we support escape in type desc “Lcom/dex2jar\t\u1234;” other tools: d2j-decrypt-string https://github.com/pxb1988/dex2jar How to use d2j-dex2jar.bat myapp.apk The output file will be base-dex2jar.jar.  

JD-GUI

  JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields. http://jd.benow.ca/ How to use > Run JD-GUI. > Load the .jar file generated from the dex2jar tool. > Choose File -> Save All Sources.  

Eclipse IDE for Java Developers

  The essential tools for any Java developer, including a Java IDE, a Git client, XML Editor, Mylyn, Maven and Gradle integration. https://www.eclipse.org/downloads/ How to use > Run Eclipse IDE. > Create a JAVA project. > Load sources files generated from the JD-GUI tool.

Share This

Share this post with your friends!