SlideShare a Scribd company logo

Basic reverse engineering steps about .apk file

Download as PPTX, PDF
Carl Lu
Carl Lu

The document provides steps for reverse engineering an Android APK file, including decompiling the APK to obtain Smali code and manifest files, modifying files, recompiling, and signing the APK. It also describes using dex2jar and Java Decompiler tools to decompile DEX files to Java code for modifying higher level code.

TechnologyEducation
1 of 24
The Basic Reverse Engineering Steps About APK Carl Adler IDSL - Dep. IM - NTUST
What’s in the .apk file?
What’s in the META-INF?
What’s in the res?
Before We Start… First, download all the yellow files shown in figure below.
Put the tools together Extract all the files you downloaded, and choose aapt.exe, apktool.bat and apktool.jar, just copy them and move those files into the same file(it’s optional, but I think it can make your work more convenient).
Does it work? Moving to the folder where the files you post them, then, open the cmd window, type command “apktool -version” to ensure the tool really works.
Install framework Ensure that you’ve already prepared an app.apk file, then type in the command “apktool if BMICalculator.apk” and you may see something like below.
Decompile your .apk file Type in command “apktool d xxx.apk path_you_want_to_put_the_output_file”.
Decompile your .apk file Let’s check the result…
Decompile your .apk file In this way, you’ll get smali file and AndroidManifest.xml.
Recompile your .apk file After you modify the code, use the following command to recompile. “apktool b path_your_decompiled_source path_you_want_to_put_the_recompile_apk”
Recompile your .apk file And you’ll see a folder named “build” in the decompiled path.
Recompile your .apk file And the new .apk file is also located at the path you specify.
Wait, not yet. You MUST follow this step. Or else the app won’t work and when you try to push it into system, the rom will be stuck in bootloop XD(Please use the signapk you downloaded before to execute the following command). java –jar signapk.jar certificate.pem key.pk8 your_repackaged_apk your_final_apk_after_sign
It’s done, but… You might not want to edit the smali code, maybe you want to edit some higher-level code, extract the following two yellow file you downloaded before and put to the location you want.
Using dex2jar Type in the following command: jar xvf your_apk xxx.dex
Using dex2jar Type in the following command: d2j-dex2jar xxx.dex And you’ll see a xxx-dex2jar.jar file.
Using dex2jar Type in the following command: jar xvf xxx-dex2jar.jar
Using dex2jar And you may see two folder was generated, one is named with the top-level package name, and the other one is android.
Using JD Open Java Decompiler, choose File -> Open File…
Using JD Choose the .class file we extracted with dex2jar tool.
Using JD It’s the original java code.
END

Recommended

Extract source code from an Android apk file
Extract source code from an Android apk fileExtract source code from an Android apk file
Extract source code from an Android apk file
Biwin John
 
Laravel Code Generators and Packages
Laravel Code Generators and PackagesLaravel Code Generators and Packages
Laravel Code Generators and Packages
Povilas Korop
 
Getting root with benign app store apps vsecurityfest
Getting root with benign app store apps vsecurityfestGetting root with benign app store apps vsecurityfest
Getting root with benign app store apps vsecurityfest
Csaba Fitzl
 
Console Apps: php artisan forthe:win
Console Apps: php artisan forthe:winConsole Apps: php artisan forthe:win
Console Apps: php artisan forthe:win
Joe Ferguson
 
React Ecosystem
React EcosystemReact Ecosystem
React Ecosystem
Craig Jolicoeur
 
Let the contribution begin
Let the contribution beginLet the contribution begin
Let the contribution begin
SeongJae Park
 
Get started with git and github
Get started with git and githubGet started with git and github
Get started with git and github
Anna-Christina Kolandjian
 
Continuous integration with Git & CI Joe
Continuous integration with Git & CI JoeContinuous integration with Git & CI Joe
Continuous integration with Git & CI JoeShawn Price
 

Recommended

Extract source code from an Android apk file
Extract source code from an Android apk fileExtract source code from an Android apk file
Extract source code from an Android apk file
Biwin John
 
Laravel Code Generators and Packages
Laravel Code Generators and PackagesLaravel Code Generators and Packages
Laravel Code Generators and Packages
Povilas Korop
 
Getting root with benign app store apps vsecurityfest
Getting root with benign app store apps vsecurityfestGetting root with benign app store apps vsecurityfest
Getting root with benign app store apps vsecurityfest
Csaba Fitzl
 
Console Apps: php artisan forthe:win
Console Apps: php artisan forthe:winConsole Apps: php artisan forthe:win
Console Apps: php artisan forthe:win
Joe Ferguson
 
React Ecosystem
React EcosystemReact Ecosystem
React Ecosystem
Craig Jolicoeur
 
Let the contribution begin
Let the contribution beginLet the contribution begin
Let the contribution begin
SeongJae Park
 
Get started with git and github
Get started with git and githubGet started with git and github
Get started with git and github
Anna-Christina Kolandjian
 
Continuous integration with Git & CI Joe
Continuous integration with Git & CI JoeContinuous integration with Git & CI Joe
Continuous integration with Git & CI JoeShawn Price
 
Take a Stroll in the Bazaar
Take a Stroll in the BazaarTake a Stroll in the Bazaar
Take a Stroll in the Bazaar
Myles Braithwaite
 
Apache Ant
Apache AntApache Ant
Apache AntAli Bahu
 
Apache ANT vs Apache Maven
Apache ANT vs Apache MavenApache ANT vs Apache Maven
Apache ANT vs Apache Maven
Mudit Gupta
 
Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Unit testing @ WordPress Meetup Tilburg 7 januari 2014Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Barry Kooij
 
Making it Work Offline: Current & Future Offline APIs for Web Apps
Making it Work Offline: Current & Future Offline APIs for Web AppsMaking it Work Offline: Current & Future Offline APIs for Web Apps
Making it Work Offline: Current & Future Offline APIs for Web Apps
Natasha Rooney
 
Android Lab
Android LabAndroid Lab
Android Lab
Leo Nguyen
 
Debugging Your Plone Site
Debugging Your Plone SiteDebugging Your Plone Site
Debugging Your Plone Site
cdw9
 
Is Your App Hackable for droidcon Berlin 2015
Is Your App Hackable for droidcon Berlin 2015Is Your App Hackable for droidcon Berlin 2015
Is Your App Hackable for droidcon Berlin 2015
Licel
 
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Conference
 
Apache Ant
Apache AntApache Ant
Apache Ant
hussulinux
 
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Cogapp
 
Apache Ant
Apache AntApache Ant
Apache AntVinod Kumar V H
 
Debugging NET Applications With WinDBG
Debugging NET Applications With WinDBGDebugging NET Applications With WinDBG
Debugging NET Applications With WinDBG
Cory Foy
 
Apache ant
Apache antApache ant
Apache antYuriy Galavay
 
Codeception presentation
Codeception presentationCodeception presentation
Codeception presentation
Andrei Burian
 
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QAFest
 
Writing simple buffer_overflow_exploits
Writing simple buffer_overflow_exploitsWriting simple buffer_overflow_exploits
Writing simple buffer_overflow_exploits
D4rk357 a
 
Selenium-Browser-Based-Automated-Testing-for-Grails-Apps
Selenium-Browser-Based-Automated-Testing-for-Grails-AppsSelenium-Browser-Based-Automated-Testing-for-Grails-Apps
Selenium-Browser-Based-Automated-Testing-for-Grails-Apps
chrisb206 chrisb206
 
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
Future Processing
 
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
Mintak Son
 
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
GangSeok Lee
 
Seguridad en Android
Seguridad en AndroidSeguridad en Android
Seguridad en Android
Jose Manuel Ortega Candel
 

More Related Content

What's hot

Take a Stroll in the Bazaar
Take a Stroll in the BazaarTake a Stroll in the Bazaar
Take a Stroll in the Bazaar
Myles Braithwaite
 
Apache Ant
Apache AntApache Ant
Apache AntAli Bahu
 
Apache ANT vs Apache Maven
Apache ANT vs Apache MavenApache ANT vs Apache Maven
Apache ANT vs Apache Maven
Mudit Gupta
 
Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Unit testing @ WordPress Meetup Tilburg 7 januari 2014Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Barry Kooij
 
Making it Work Offline: Current & Future Offline APIs for Web Apps
Making it Work Offline: Current & Future Offline APIs for Web AppsMaking it Work Offline: Current & Future Offline APIs for Web Apps
Making it Work Offline: Current & Future Offline APIs for Web Apps
Natasha Rooney
 
Android Lab
Android LabAndroid Lab
Android Lab
Leo Nguyen
 
Debugging Your Plone Site
Debugging Your Plone SiteDebugging Your Plone Site
Debugging Your Plone Site
cdw9
 
Is Your App Hackable for droidcon Berlin 2015
Is Your App Hackable for droidcon Berlin 2015Is Your App Hackable for droidcon Berlin 2015
Is Your App Hackable for droidcon Berlin 2015
Licel
 
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Conference
 
Apache Ant
Apache AntApache Ant
Apache Ant
hussulinux
 
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Cogapp
 
Debugging NET Applications With WinDBG
Debugging NET Applications With WinDBGDebugging NET Applications With WinDBG
Debugging NET Applications With WinDBG
Cory Foy
 
Codeception presentation
Codeception presentationCodeception presentation
Codeception presentation
Andrei Burian
 
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QAFest
 
Writing simple buffer_overflow_exploits
Writing simple buffer_overflow_exploitsWriting simple buffer_overflow_exploits
Writing simple buffer_overflow_exploits
D4rk357 a
 
Selenium-Browser-Based-Automated-Testing-for-Grails-Apps
Selenium-Browser-Based-Automated-Testing-for-Grails-AppsSelenium-Browser-Based-Automated-Testing-for-Grails-Apps
Selenium-Browser-Based-Automated-Testing-for-Grails-Apps
chrisb206 chrisb206
 
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
Future Processing
 
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
Mintak Son
 

What's hot (20)

Take a Stroll in the Bazaar
Take a Stroll in the BazaarTake a Stroll in the Bazaar
Take a Stroll in the Bazaar
 
Apache Ant
Apache AntApache Ant
Apache Ant
 
Apache ANT vs Apache Maven
Apache ANT vs Apache MavenApache ANT vs Apache Maven
Apache ANT vs Apache Maven
 
Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Unit testing @ WordPress Meetup Tilburg 7 januari 2014Unit testing @ WordPress Meetup Tilburg 7 januari 2014
Unit testing @ WordPress Meetup Tilburg 7 januari 2014
 
Making it Work Offline: Current & Future Offline APIs for Web Apps
Making it Work Offline: Current & Future Offline APIs for Web AppsMaking it Work Offline: Current & Future Offline APIs for Web Apps
Making it Work Offline: Current & Future Offline APIs for Web Apps
 
Android Lab
Android LabAndroid Lab
Android Lab
 
Debugging Your Plone Site
Debugging Your Plone SiteDebugging Your Plone Site
Debugging Your Plone Site
 
Is Your App Hackable for droidcon Berlin 2015
Is Your App Hackable for droidcon Berlin 2015Is Your App Hackable for droidcon Berlin 2015
Is Your App Hackable for droidcon Berlin 2015
 
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
Shift Remote: Mobile - Devops-ify your life with Github Actions - Nicola Cort...
 
Apache Ant
Apache AntApache Ant
Apache Ant
 
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
Test-driven Development with Drupal and Codeception (DrupalCamp Brighton)
 
Apache Ant
Apache AntApache Ant
Apache Ant
 
Debugging NET Applications With WinDBG
Debugging NET Applications With WinDBGDebugging NET Applications With WinDBG
Debugging NET Applications With WinDBG
 
Apache ant
Apache antApache ant
Apache ant
 
Codeception presentation
Codeception presentationCodeception presentation
Codeception presentation
 
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
QA Fest 2018. Adam Stasiak. React Native is Coming – the story of hybrid mobi...
 
Writing simple buffer_overflow_exploits
Writing simple buffer_overflow_exploitsWriting simple buffer_overflow_exploits
Writing simple buffer_overflow_exploits
 
Selenium-Browser-Based-Automated-Testing-for-Grails-Apps
Selenium-Browser-Based-Automated-Testing-for-Grails-AppsSelenium-Browser-Based-Automated-Testing-for-Grails-Apps
Selenium-Browser-Based-Automated-Testing-for-Grails-Apps
 
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
[QE 2018] Adam Stasiak – Nadchodzi React Native – czyli o testowaniu mobilnyc...
 
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
LetSwift 2017 - 토스 iOS 앱의 개발/배포 환경
 

Viewers also liked

[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
GangSeok Lee
 
Seguridad en Android
Seguridad en AndroidSeguridad en Android
Seguridad en Android
Jose Manuel Ortega Candel
 
Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)
ClubHack
 
Dissecting Android APK
Dissecting Android APKDissecting Android APK
Dissecting Android APK
Cysinfo Cyber Security Community
 
Decompiling Android
Decompiling AndroidDecompiling Android
Decompiling Android
Godfrey Nolan
 
How to Analyze an Android Bot
How to Analyze an Android BotHow to Analyze an Android Bot
How to Analyze an Android Bot
Priyanka Aash
 
AVTOKYO2012 Android Malware Heuristics(en)
AVTOKYO2012 Android Malware Heuristics(en)AVTOKYO2012 Android Malware Heuristics(en)
AVTOKYO2012 Android Malware Heuristics(en)雅太 西田
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
Justin Hoang
 
Identifying and Collecting Digital Evidence Webinar
Identifying and Collecting Digital Evidence WebinarIdentifying and Collecting Digital Evidence Webinar
Identifying and Collecting Digital Evidence WebinarCase IQ
 
2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing
2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing
2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing
Stephan Chenette
 
Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmap
securityxploded
 
Android malware analysis
Android malware analysisAndroid malware analysis
Android malware analysis
Jason Ross
 
Reverse Engineering Android Application
Reverse Engineering Android ApplicationReverse Engineering Android Application
Reverse Engineering Android Application
n|u - The Open Security Community
 
How to reverse engineer Android applications—using a popular word game as an ...
How to reverse engineer Android applications—using a popular word game as an ...How to reverse engineer Android applications—using a popular word game as an ...
How to reverse engineer Android applications—using a popular word game as an ...
Christoph Matthies
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
nullowaspmumbai
 
WhatsApp Forensic
WhatsApp ForensicWhatsApp Forensic
WhatsApp Forensic
Animesh Shaw
 
Advanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to AndroidAdvanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to Android
securityxploded
 
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware AnalysisAndriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
n|u - The Open Security Community
 
Android Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsAndroid Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsMoe Tanabian
 
Learning by hacking - android application hacking tutorial
Learning by hacking - android application hacking tutorialLearning by hacking - android application hacking tutorial
Learning by hacking - android application hacking tutorial
Landice Fu
 

Viewers also liked (20)

[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
[2014 CodeEngn Conference 11] 김호빈 - Android Bootkit Analysis EN
 
Seguridad en Android
Seguridad en AndroidSeguridad en Android
Seguridad en Android
 
Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)Hacking your Droid (Aditya Gupta)
Hacking your Droid (Aditya Gupta)
 
Dissecting Android APK
Dissecting Android APKDissecting Android APK
Dissecting Android APK
 
Decompiling Android
Decompiling AndroidDecompiling Android
Decompiling Android
 
How to Analyze an Android Bot
How to Analyze an Android BotHow to Analyze an Android Bot
How to Analyze an Android Bot
 
AVTOKYO2012 Android Malware Heuristics(en)
AVTOKYO2012 Android Malware Heuristics(en)AVTOKYO2012 Android Malware Heuristics(en)
AVTOKYO2012 Android Malware Heuristics(en)
 
Hacking your Android (slides)
Hacking your Android (slides)Hacking your Android (slides)
Hacking your Android (slides)
 
Identifying and Collecting Digital Evidence Webinar
Identifying and Collecting Digital Evidence WebinarIdentifying and Collecting Digital Evidence Webinar
Identifying and Collecting Digital Evidence Webinar
 
2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing
2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing
2013 Toorcon San Diego Building Custom Android Malware for Penetration Testing
 
Reversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future RoadmapReversing & Malware Analysis Training Part 13 - Future Roadmap
Reversing & Malware Analysis Training Part 13 - Future Roadmap
 
Android malware analysis
Android malware analysisAndroid malware analysis
Android malware analysis
 
Reverse Engineering Android Application
Reverse Engineering Android ApplicationReverse Engineering Android Application
Reverse Engineering Android Application
 
How to reverse engineer Android applications—using a popular word game as an ...
How to reverse engineer Android applications—using a popular word game as an ...How to reverse engineer Android applications—using a popular word game as an ...
How to reverse engineer Android applications—using a popular word game as an ...
 
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat DasNull Mumbai Meet_Android Reverse Engineering by Samrat Das
Null Mumbai Meet_Android Reverse Engineering by Samrat Das
 
WhatsApp Forensic
WhatsApp ForensicWhatsApp Forensic
WhatsApp Forensic
 
Advanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to AndroidAdvanced Malware Analysis Training Session 8 - Introduction to Android
Advanced Malware Analysis Training Session 8 - Introduction to Android
 
Andriod Pentesting and Malware Analysis
Andriod Pentesting and Malware AnalysisAndriod Pentesting and Malware Analysis
Andriod Pentesting and Malware Analysis
 
Android Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android AppsAndroid Forensics: Exploring Android Internals and Android Apps
Android Forensics: Exploring Android Internals and Android Apps
 
Learning by hacking - android application hacking tutorial
Learning by hacking - android application hacking tutorialLearning by hacking - android application hacking tutorial
Learning by hacking - android application hacking tutorial
 

Similar to Basic reverse engineering steps about .apk file

Part 4 Scripting and Virtualization (due Week 7)Objectives1. .docx
Part 4 Scripting and Virtualization (due Week 7)Objectives1. .docxPart 4 Scripting and Virtualization (due Week 7)Objectives1. .docx
Part 4 Scripting and Virtualization (due Week 7)Objectives1. .docx
karlhennesey
 
Appium- part 1
Appium- part 1Appium- part 1
Appium- part 1
Mithilesh Singh
 
Practical%2006%20Big%20data%20analytics.pptx
Practical%2006%20Big%20data%20analytics.pptxPractical%2006%20Big%20data%20analytics.pptx
Practical%2006%20Big%20data%20analytics.pptx
SanketPatel295815
 
Pemrograman mobile menggunakan ionic framework
Pemrograman mobile menggunakan ionic frameworkPemrograman mobile menggunakan ionic framework
Pemrograman mobile menggunakan ionic framework
Puguh Rismadi
 
Impl installation manual
Impl installation manualImpl installation manual
Impl installation manual
Alkis Vazacopoulos
 
1.Display the commands(s) used to do the following (and show the.docx
1.Display the commands(s) used to do the following (and show the.docx1.Display the commands(s) used to do the following (and show the.docx
1.Display the commands(s) used to do the following (and show the.docx
elliotkimberlee
 
Direction of building ns2 using cygwin under windows system
Direction of building ns2 using cygwin under windows systemDirection of building ns2 using cygwin under windows system
Direction of building ns2 using cygwin under windows systemyahyaoui hamdi
 
Malware analysis
Malware analysisMalware analysis
Malware analysisDen Iir
 
exp-7-pig installation.pptx
exp-7-pig installation.pptxexp-7-pig installation.pptx
exp-7-pig installation.pptx
vishal choudhary
 
Suji May12
Suji May12Suji May12
Suji May12ksujitha
 
Project eprom progr
Project eprom progrProject eprom progr
Project eprom progr
Anurag Farkya
 
Can someone put this code in a zip file. I tried running it last tim.pdf
Can someone put this code in a zip file. I tried running it last tim.pdfCan someone put this code in a zip file. I tried running it last tim.pdf
Can someone put this code in a zip file. I tried running it last tim.pdf
fedosys
 
Cloud Foundry Command Line
Cloud Foundry Command LineCloud Foundry Command Line
Cloud Foundry Command Line
Julia R Nash
 
Cross-platform Desktop Apps development using HTML, CSS, JS with Electron
Cross-platform Desktop Apps development using HTML, CSS, JS with ElectronCross-platform Desktop Apps development using HTML, CSS, JS with Electron
Cross-platform Desktop Apps development using HTML, CSS, JS with Electron
Esinniobiwa Quareeb
 
Apache Kafka Setup with Zookeeper - SkillAnything.pdf
Apache Kafka Setup with Zookeeper - SkillAnything.pdfApache Kafka Setup with Zookeeper - SkillAnything.pdf
Apache Kafka Setup with Zookeeper - SkillAnything.pdf
SkillAnything
 
CDS Filtering Program - User Manual
CDS Filtering Program - User ManualCDS Filtering Program - User Manual
CDS Filtering Program - User Manual
Yoann Pageaud
 
Play Framework in EC2
Play Framework in EC2Play Framework in EC2
Play Framework in EC2
kamarul kawnayeen
 
11 unix osx_commands
11 unix osx_commands11 unix osx_commands
11 unix osx_commands
Macinfosoft
 
Mantis Installation for Windows Box
Mantis Installation for Windows BoxMantis Installation for Windows Box
Mantis Installation for Windows Box
guest34a3a419
 

Similar to Basic reverse engineering steps about .apk file (20)

Part 4 Scripting and Virtualization (due Week 7)Objectives1. .docx
Part 4 Scripting and Virtualization (due Week 7)Objectives1. .docxPart 4 Scripting and Virtualization (due Week 7)Objectives1. .docx
Part 4 Scripting and Virtualization (due Week 7)Objectives1. .docx
 
Appium- part 1
Appium- part 1Appium- part 1
Appium- part 1
 
Practical%2006%20Big%20data%20analytics.pptx
Practical%2006%20Big%20data%20analytics.pptxPractical%2006%20Big%20data%20analytics.pptx
Practical%2006%20Big%20data%20analytics.pptx
 
Pemrograman mobile menggunakan ionic framework
Pemrograman mobile menggunakan ionic frameworkPemrograman mobile menggunakan ionic framework
Pemrograman mobile menggunakan ionic framework
 
Impl installation manual
Impl installation manualImpl installation manual
Impl installation manual
 
1.Display the commands(s) used to do the following (and show the.docx
1.Display the commands(s) used to do the following (and show the.docx1.Display the commands(s) used to do the following (and show the.docx
1.Display the commands(s) used to do the following (and show the.docx
 
Direction of building ns2 using cygwin under windows system
Direction of building ns2 using cygwin under windows systemDirection of building ns2 using cygwin under windows system
Direction of building ns2 using cygwin under windows system
 
Malware analysis
Malware analysisMalware analysis
Malware analysis
 
App engine install-windows
App engine install-windowsApp engine install-windows
App engine install-windows
 
exp-7-pig installation.pptx
exp-7-pig installation.pptxexp-7-pig installation.pptx
exp-7-pig installation.pptx
 
Suji May12
Suji May12Suji May12
Suji May12
 
Project eprom progr
Project eprom progrProject eprom progr
Project eprom progr
 
Can someone put this code in a zip file. I tried running it last tim.pdf
Can someone put this code in a zip file. I tried running it last tim.pdfCan someone put this code in a zip file. I tried running it last tim.pdf
Can someone put this code in a zip file. I tried running it last tim.pdf
 
Cloud Foundry Command Line
Cloud Foundry Command LineCloud Foundry Command Line
Cloud Foundry Command Line
 
Cross-platform Desktop Apps development using HTML, CSS, JS with Electron
Cross-platform Desktop Apps development using HTML, CSS, JS with ElectronCross-platform Desktop Apps development using HTML, CSS, JS with Electron
Cross-platform Desktop Apps development using HTML, CSS, JS with Electron
 
Apache Kafka Setup with Zookeeper - SkillAnything.pdf
Apache Kafka Setup with Zookeeper - SkillAnything.pdfApache Kafka Setup with Zookeeper - SkillAnything.pdf
Apache Kafka Setup with Zookeeper - SkillAnything.pdf
 
CDS Filtering Program - User Manual
CDS Filtering Program - User ManualCDS Filtering Program - User Manual
CDS Filtering Program - User Manual
 
Play Framework in EC2
Play Framework in EC2Play Framework in EC2
Play Framework in EC2
 
11 unix osx_commands
11 unix osx_commands11 unix osx_commands
11 unix osx_commands
 
Mantis Installation for Windows Box
Mantis Installation for Windows BoxMantis Installation for Windows Box
Mantis Installation for Windows Box
 

Recently uploaded

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
Alan Dix
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
Jemma Hussein Allen
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Thierry Lestable
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Jeffrey Haguewood
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
Product School
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
Laura Byrne
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
Prayukth K V
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
Product School
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Product School
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
Elena Simperl
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Product School
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
DianaGray10
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Ramesh Iyer
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
91mobiles
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
Alison B. Lowndes
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
Guy Korland
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
Sri Ambati
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
Elena Simperl
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
CatarinaPereira64715
 

Recently uploaded (20)

Epistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI supportEpistemic Interaction - tuning interfaces to provide information for AI support
Epistemic Interaction - tuning interfaces to provide information for AI support
 
The Future of Platform Engineering
The Future of Platform EngineeringThe Future of Platform Engineering
The Future of Platform Engineering
 
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
Empowering NextGen Mobility via Large Action Model Infrastructure (LAMI): pav...
 
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
Slack (or Teams) Automation for Bonterra Impact Management (fka Social Soluti...
 
How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...How world-class product teams are winning in the AI era by CEO and Founder, P...
How world-class product teams are winning in the AI era by CEO and Founder, P...
 
The Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and SalesThe Art of the Pitch: WordPress Relationships and Sales
The Art of the Pitch: WordPress Relationships and Sales
 
FIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdfFIDO Alliance Osaka Seminar: Overview.pdf
FIDO Alliance Osaka Seminar: Overview.pdf
 
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 previewState of ICS and IoT Cyber Threat Landscape Report 2024 preview
State of ICS and IoT Cyber Threat Landscape Report 2024 preview
 
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
AI for Every Business: Unlocking Your Product's Universal Potential by VP of ...
 
Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...Mission to Decommission: Importance of Decommissioning Products to Increase E...
Mission to Decommission: Importance of Decommissioning Products to Increase E...
 
Knowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and backKnowledge engineering: from people to machines and back
Knowledge engineering: from people to machines and back
 
Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...Designing Great Products: The Power of Design and Leadership by Chief Designe...
Designing Great Products: The Power of Design and Leadership by Chief Designe...
 
Connector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a buttonConnector Corner: Automate dynamic content and events by pushing a button
Connector Corner: Automate dynamic content and events by pushing a button
 
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...
 
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdfSmart TV Buyer Insights Survey 2024 by 91mobiles.pdf
Smart TV Buyer Insights Survey 2024 by 91mobiles.pdf
 
Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........Bits & Pixels using AI for Good.........
Bits & Pixels using AI for Good.........
 
GraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge GraphGraphRAG is All You need? LLM & Knowledge Graph
GraphRAG is All You need? LLM & Knowledge Graph
 
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
GenAISummit 2024 May 28 Sri Ambati Keynote: AGI Belongs to The Community in O...
 
When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...When stars align: studies in data quality, knowledge graphs, and machine lear...
When stars align: studies in data quality, knowledge graphs, and machine lear...
 
ODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User GroupODC, Data Fabric and Architecture User Group
ODC, Data Fabric and Architecture User Group
 

Basic reverse engineering steps about .apk file

  • 1. The Basic Reverse Engineering Steps About APK Carl Adler IDSL - Dep. IM - NTUST
  • 2. What’s in the .apk file?
  • 3. What’s in the META-INF?
  • 5. Before We Start… First, download all the yellow files shown in figure below.
  • 6. Put the tools together Extract all the files you downloaded, and choose aapt.exe, apktool.bat and apktool.jar, just copy them and move those files into the same file(it’s optional, but I think it can make your work more convenient).
  • 7. Does it work? Moving to the folder where the files you post them, then, open the cmd window, type command “apktool -version” to ensure the tool really works.
  • 8. Install framework Ensure that you’ve already prepared an app.apk file, then type in the command “apktool if BMICalculator.apk” and you may see something like below.
  • 9. Decompile your .apk file Type in command “apktool d xxx.apk path_you_want_to_put_the_output_file”.
  • 10. Decompile your .apk file Let’s check the result…
  • 11. Decompile your .apk file In this way, you’ll get smali file and AndroidManifest.xml.
  • 12. Recompile your .apk file After you modify the code, use the following command to recompile. “apktool b path_your_decompiled_source path_you_want_to_put_the_recompile_apk”
  • 13. Recompile your .apk file And you’ll see a folder named “build” in the decompiled path.
  • 14. Recompile your .apk file And the new .apk file is also located at the path you specify.
  • 15. Wait, not yet. You MUST follow this step. Or else the app won’t work and when you try to push it into system, the rom will be stuck in bootloop XD(Please use the signapk you downloaded before to execute the following command). java –jar signapk.jar certificate.pem key.pk8 your_repackaged_apk your_final_apk_after_sign
  • 16. It’s done, but… You might not want to edit the smali code, maybe you want to edit some higher-level code, extract the following two yellow file you downloaded before and put to the location you want.
  • 17. Using dex2jar Type in the following command: jar xvf your_apk xxx.dex
  • 18. Using dex2jar Type in the following command: d2j-dex2jar xxx.dex And you’ll see a xxx-dex2jar.jar file.
  • 19. Using dex2jar Type in the following command: jar xvf xxx-dex2jar.jar
  • 20. Using dex2jar And you may see two folder was generated, one is named with the top-level package name, and the other one is android.
  • 21. Using JD Open Java Decompiler, choose File -> Open File…
  • 22. Using JD Choose the .class file we extracted with dex2jar tool.
  • 23. Using JD It’s the original java code.
  • 24. END