Android reverse engineering: Difference between revisions

Android bytecode (similar to Java bytecode) allows for re-generating source code. As long as there are some readable symbols you might see what it is doing and even make some small changes for your own use. You can, however, run into limitations when the app is contacting remote servers.

• https://medium.com/swlh/reverse-engineering-and-modifying-an-android-game-apk-ctf-c617151b874c

Download the apktool. You will also need to have Java 1.8+ runtime installed on your machine.

• https://www.java.com/en/download/manual.jsp
• https://ibotpeaches.github.io/Apktool/install/

Decompile

ApkTool comes with a batch-file for for use with Windows. ApkTool generates Smali code which is assembler code for the Android bytecode. So, yes it is better to read, but no, not a lot better.

The following will create a folder "YourApplication" with the Smali source code files:

apktool.bat d YourApplication.apk

To understand the code it may help to also decompile using a JADX decompiler (online or on your machine). This will generate Java source code. Although better to read and understand, it is unlikely that you can rebuild the application with its results. It can be a big help to have it along with the Smali code.

• https://github.com/skylot/jadx
• http://www.javadecompilers.com/apk

Modify code

You can use (for example) Notepad++ to find patterns in the *.smali or *.java files and find were you want to make changes.

Re-build

You can rebuild the application package with ApkTool as follows:

apktool b YourModifiedApplicationFolder -o YourModifiedApplication.apk

Sign

In order to allow installation of the package with modified code you need to replace the original signature. This can be done with the Java Keytool and JarSigner but there is also a convenient little app that you can use:

• https://github.com/patrickfav/uber-apk-signer

Use it as follows (this will create a new apk file):

java -jar uber-apk-signer-1.2.1.jar --apks YourModifiedApplication.apk