Decompiling Android apps
• quick overview of the compilation process!
• tools for decompiling!
• approach and overview of the results!
• how does proguard fit in the game?
!
!
!
!
!
• Android compilation process [1]
Resource code
generation
Interface code
generation
Java compilation
Byte code conversion
Packaging
Application signing
Package optimization
Resource / Interface code generation
• inputs: AndroidManifest.xml, drawables, values, strings, styles …!
• outputs: R.java!
• .aidl files are converted to Java interfaces
Application resources
R.java Application source code
.aidl files
Java Interfacesaapt aidl
Java compilation / Byte code conversion
• annotation processing and code generation (apt)!
• *.java -> *.class (javac)!
• all *.class files -> .dex file (dex)!
• this includes .class files from .jar and .aar libs!
• in some cases there are more .dex files
R.java Application source code
Java Interfaces
apt
Generated source code
javac
.class files
Android bytecode
• Android uses a modified JVM called Dalvik!
• multiple classes are bundled into a single .dex file!
• fun fact: .dex has a limit of total 65k methods in all classes
.class files
dex
.dex files
Packaging
• resources compiled with aapt!
• .dex files!
• other resources from “src/main/resources” folder!
• result: unsigned and unoptimized .apk file
.dex files
Application resources
aapt
apkbuilderCompiled resources
Other resources
.apk package
Signing / optimization
• .apk package is signed with a keystore (jarsigner)!
• package is optimized (zipalign)
jarsigner
.apk package keystore
Signed .apk package
zipalign
Signed and optimized.apk
Tools - Bytecode viewer [3]
• everything you need for decompiling in one tool!
• doesn’t have a way to extract resources!
• make sure you give it some time after it’s started before decompiling anything (about 20s), otherwise it will just freeze
Other tools
• JD-GUI - .jar decompiler with GUI!
• dex2jar - name says it all!
• android-apktool!
• unpackages .apk archive!
• useful for extracting manifest and resources
Package files• .apk, .aar and .jar packages are actually .zip files!
• in order to access manifest and all resources from .apk use android-apktool!
• .aar contains .jar archive along with resources and manifest!
• .jar package is a .zip file containing bytecode in separate .class files
How to protect your code?• use Proguard!
• adds an additional step after byte code generation!
• removes unused code!
• renames classes, fields, methods with obscure names!
• smaller .apk file!
• harder to reverse engineer
Byte code conversion
Packaging
Code obfuscation
Enabling proguard
• just a quick reminder:!
• set minifyEnabled to true!
• create proguard rules file
Conclusion
• to decompile code use Bytecode viewer!
• to extract resources from .apk use android-apktools!
• use proguard to protect your code and make it harder to obfuscate
References
• [1] http://www.herongyang.com/Android/Project-Android-Application-Project-Build-Process.html!
• [2] https://developer.android.com/tools/building/index.html!
• [3] https://github.com/konloch/bytecode-viewer!
• [4] https://code.google.com/p/android-apktool/