Basic reverse engineering steps about .apk file

transcript

The Basic Reverse Engineering Steps

About APK Carl Adler

IDSL - Dep. IM - NTUST

What’s in the .apk file?

What’s in the META-INF?

What’s in the res?

Before We Start…First, download all the yellow files shown in figure below.

Put the tools togetherExtract all the files you downloaded, and choose aapt.exe, apktool.bat and apktool.jar, just copy them

and move those files into the same file(it’s optional, but I think it can make your work more convenient).

Does it work?Moving to the folder where the files you post them, then, open the cmd window, type command

“apktool -version” to ensure the tool really works.

Install frameworkEnsure that you’ve already prepared an app.apk file, then type in the command

“apktool if BMICalculator.apk” and you may see something like below.

Decompile your .apk fileType in command “apktool d xxx.apk path_you_want_to_put_the_output_file”.

Decompile your .apk fileLet’s check the result…

Decompile your .apk fileIn this way, you’ll get smali file and AndroidManifest.xml.

Recompile your .apk fileAfter you modify the code, use the following command to recompile.

“apktool b path_your_decompiled_source path_you_want_to_put_the_recompile_apk”

Recompile your .apk fileAnd you’ll see a folder named “build” in the decompiled path.

Recompile your .apk fileAnd the new .apk file is also located at the path you specify.

Wait, not yet.You MUST follow this step. Or else the app won’t work and when you try to push it into system,

the rom will be stuck in bootloop XD(Please use the signapk you downloaded before to execute

the following command).

java –jar signapk.jar certificate.pem key.pk8 your_repackaged_apk your_final_apk_after_sign

It’s done, but…You might not want to edit the smali code, maybe you want to edit some higher-level code,

extract the following two yellow file you downloaded before and put to the location you want.

Using dex2jarType in the following command:

jar xvf your_apk xxx.dex

d2j-dex2jar xxx.dex

And you’ll see a xxx-dex2jar.jar file.

jar xvf xxx-dex2jar.jar

Using dex2jarAnd you may see two folder was generated, one is named with the top-level package name,

and the other one is android.

Using JDOpen Java Decompiler, choose File -> Open File…

Using JDChoose the .class file we extracted with dex2jar tool.

Using JDIt’s the original java code.

Technology