Reversing Android APK File

APK-Ripped

APK Ripped

This article is about reversing Android APK file and more interestingly reversing the code packed inside it. It would be more beneficial if you have had some basic Android knowledge.

** Precaution: use the tools below legally, I am not responsible for any legal consequences.

As you might have known, APK is the abbreviation  of “Android PacKage”, which stores almost everything and is also the installer of an Android app. By itself, the file is a compressed zip package, hence you can easily open an APK file easily with any archive software such as 7Zip, Ark, … and you’ll get to see a file structure similar to the following screenshot: Inside an apk The res folder is not compiled, which means you can extract those resources from any arbitrary Android app. Moreover, the compiled source codes are store in classes.dex file, which we will explore how to reverse it to readable source codes.

1. Convert apk to Smali.

This is the fastest way if you want to get the general logic of an app via Smali language. All you need to do is download and install apktool:

  • Windows:
    1. Download apktool-install-windows-* file
    2. Download apktool-* file
    3. Unpack both to your Windows directory
  • Linux:
    1. Download apktool-install-linux-* file
    2. Download apktool-* file
    3. Unpack both to /usr/local/bin directory (you must have root permissions)
  • Mac OS X:
    1. Download apktool-install-macos-* file
    2. Download apktool-* file
    3. Unpack both to /usr/local/bin directory (you must have root permissions)

Follow the above instruction, what we will get after extract the two package file are:

apktool extracted

I use Kubuntu, so I will copy the three files to /usr/local/bin:

Copy

Everything is ready by now, so we execute the apktool command to extract apk file:

apktool execute

The syntax is:

And here are what we get after reversing Android APK file:

after extract

There is a folder named smali instead of classes.dex. Inside the folder, the original package structure of the project is preserved, and instead of java files, there are smali files. You might need to learn smali language to make sense of these files. Here is the example:

This is an extremely quick method to catch the glimpse of the app’s logic. However, Smali is somewhat awkward to Java guys like me. Therefore, to fully understand the codes, we should use another method which convert APK file to java codes.

2. Convert APK file to java codes:

To get work done, there are more complicated steps we have to take:

  1. Extract the APK file to get the DEX file.
  2. Compress DEX file to JAR file using dex2jar tool.
  3. Decompile JAR file to JAVA file using Java Decompiler.

After extracting the APK file, download the dex2jar bundle and extract it, you might want to copy everything into /usr/local/bin (if you use Linux) or the directory mentioned in the installing apktool section. Run the command below to convert DEX to JAR file:

We will get a JAR file which name is classes-dex2jar.jar. Download and extract Java Decompiler (remember to choose the GUI version), run the file jd-gui and get the window:

jdgui

Open the JAR file above with this tool, you will get what you want:

jdgui_1
[Source: http://thuongnh.com]

References

1. https://code.google.com/p/android-apktool/

2. http://forum.xda-developers.com/showthread.php?p=44543858

3. http://java.decompiler.free.fr/

4. http://code.google.com/p/dex2jar/

SSS Full-stack Engineer

Love Silicon Straits and want to know more about our company culture, working environment or job vacancies?
Find out more at careers.siliconstraits.vn.

Silicon Straits
Be Challenged. Be Inspired. Be Different.




Posted by

on September 2, 2013

in

Comments

Follow us for more later

or subscribe with