Successfully reported this slideshow.
We use your LinkedIn profile and activity data to personalize ads and to show you more relevant ads. You can change your ad preferences anytime.

Android Pentesting - Oat2Dex

277 views

Published on

All about reversing an OAT compiled file to a DEX file, and then using this dex file to get the java code.

Published in: Engineering
  • Login to see the comments

  • Be the first to like this

Android Pentesting - Oat2Dex

  1. 1. Android Pentesting – `OAT to DEX` Sushil Bhojwani (C|EH) Null Chennai Meetup – December ’18cl
  2. 2. Topics to Discuss • Dex files • Dexing process • OAT files • Why oat2dex? • What is boot.oat? • Using OAT2DEX tool (Demo)
  3. 3. DEX FILES • DEX is abbreviation for Dalvik Executable • Code which is ultimately executed by the Android Runtime. • Every APK has a single classes.dex file, which references any classes or methods used within an app. • Essentially, any Activity, Object, or Fragment used within your codebase, will be transformed into bytes within a Dex file that can be run as an Android app.
  4. 4. DEXING PROCESS
  5. 5. OAT FILES • OAT is Ahead of Time • OAT file is created by the Android operating system in order to speed up the loading time of an Android app (.APK file). • When an app is installed, Android automatically optimizes app data and creates a corresponding OAT file. • Android uses this file to load the app more quickly, which creates a better experience for the user.
  6. 6. OAT FILES • Android performs optimizations using a tool called dex2oat. • When you install an application on a device running Android 5.0 or later, dex2oat converts the Dalvik code located in the .ODEX file to native code and stores it in an OAT file. Therefore, each app will have a corresponding OAT file. • dex2oat is typically located in the following directory on the Android device: /system/bin/dex2oat/
  7. 7. Why OAT2DEX? • Oat2dex is a tool useful for converting AOT compiled files to dex files, which will be then helpful for us to analyze the source code. • Link to tool: https://github.com/testwhat/SmaliEx • Whenever a system app has to be tested, this tool plays a major role as we don’t have the apk for system apps & also when we don’t have classes.dex for any application.
  8. 8. What is boot.oat? This file is created whenever a device’s system is upgraded or when the phone is booted up for the first time after being purchased. The boot.oat file is referenced by an app when the app calls a framework application programming interface (API) method. LETS MOVE ON TO DEMO
  9. 9. ANY QUESTIONS ? For more insights do visit: https://medium.com/@_sushil/oat2dex- android-pentesting-6f99e9c57198 THANKS!

×