Android Pentesting –
`OAT to DEX`
Sushil Bhojwani (C|EH)
Null Chennai Meetup – December ’18cl
Topics to Discuss
• Dex files
• Dexing process
• OAT files
• Why oat2dex?
• What is boot.oat?
• Using OAT2DEX tool (Demo)
• DEX is abbreviation for Dalvik Executable
• Code which is ultimately executed by the Android Runtime.
• Every APK has a single classes.dex file, which references any classes or
methods used within an app.
• Essentially, any Activity, Object, or Fragment used within your
codebase, will be transformed into bytes within a Dex file that can be
run as an Android app.
• OAT is Ahead of Time
• OAT file is created by the Android
operating system in order to speed up the
loading time of an Android app (.APK file).
• When an app is installed, Android
automatically optimizes app data and
creates a corresponding OAT file.
• Android uses this file to load the app more
quickly, which creates a better experience
for the user.
• Android performs optimizations using a tool called dex2oat.
• When you install an application on a device running Android 5.0 or
later, dex2oat converts the Dalvik code located in the .ODEX file to
native code and stores it in an OAT file. Therefore, each app will have
a corresponding OAT file.
• dex2oat is typically located in the following directory on the Android
• Oat2dex is a tool useful for converting AOT compiled files to dex files,
which will be then helpful for us to analyze the source code.
• Link to tool: https://github.com/testwhat/SmaliEx
• Whenever a system app has to be tested, this tool plays a major role
as we don’t have the apk for system apps & also when we don’t have
classes.dex for any application.
What is boot.oat?
This file is created whenever a device’s system is upgraded or when the
phone is booted up for the first time after being purchased.
The boot.oat file is referenced by an app when the app calls a
framework application programming interface (API) method.
LETS MOVE ON TO DEMO
ANY QUESTIONS ?
For more insights do visit: