HowTo Decompile / Reverse Engineer Android APK

first you need a tool called dex2jar ,which is made by a chinese student. it will translate dex to jar file. then you can use jd-gui, the source code is quite readable as dex2jar makes some optimizations.

Reverse engineering is everywhere. Reverse engineering made it possible for GeoHot to hack the iPhone, PS3. Reverse engineering is what make hackers develop exploits, viruses and trojans for systems. So what about decompiling existing apps.

Decompiling binaries for Java and other languages has been around for a long while. There are large number of tools that let you decompile app binaries back to the source code which in most cases is readable and understandable with some effort.

XdaDeveloper Brut.all has been working on a decompiler for Android apps for a while now. He had find the first workaround for enabling Google Maps Navigation outside US by actually decompiling Google maps for android. The tools is called APKTool and is obviously open source.

Method 2: Alternatively, you can use a tool called dex2jar ,which is made by a chinese student. It will translate dex to jar file. For the next step, you can use jd-gui, the source code is quite readable as dex2jar makes some optimizations.

Method 3: Another Option is to use Smali (http://code.google.com/p/smali/). It provides BAKSMALI which is a most excellent reverse-engineering tool for DEX files. The tool is made by JesusFreke, he’s famous for making popular ROMs for Android.

Method 4: Android comes with a dissambler called dexdump. The location of this tool is not intuitive, it runs on the Linux platform that hosts Android. Details here.

Lets talk about APKTool in detail since its more popular:

It is a tool for reengineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. Also it makes working with app easier because of project-like files structure and automation of some repetitive tasks like building apk, etc.

It is NOT intended for piracy and other non-legal uses. It could be used for localizing, adding some features or support for custom platforms and other GOOD purposes. Just try to be fair with authors of an app, that you use and probably like.

Features:

  • decoding resources to nearly original form (including resources.arsc, XMLs and 9.png files) and rebuilding them
  • smali debugging: SmaliDebugging
  • helping with some repetitive tasks

Pre-requisites:

  • JRE 1.5+
  • aapt command in PATH environment variable
  • Basics of Android SDK

How to Install APKTool

Windows:

  1. Download apktool-install-windows-* file
  2. Download apktool-* file
  3. Unpack both to your Windows directory

Linux:

  1. Download apktool-install-linux-* file
  2. Download apktool-* file
  3. Unpack both to /usr/local/bin directory (you must have root permissions)

Mac OS X:

  1. Download apktool-install-macos-* file
  2. Download apktool-* file
  3. Unpack both to /usr/local/bin directory (you must have root permissions)

Installation of framework files

Usage:

  • Open terminal/command line and type “apktool <enter>“. Then you should see usage help.

Video Tutorials:

Update: A new Tool: How to Modify Android APK file [APK]

Join the Conversation

1 Comment

Leave a comment