Android Reverse Engineering - decompile .apk-.dex-.jar-.java

Reverse engineering of android java app using apktool, dex2jar, jd-gui to convert .apk file to .java.
By reverse engineering of android app (.apk file) we can get following :

  • understand how a particular UI in an App is constructed
  • reading AndroidManifest.xml - permissions, activities, intents etc in the App
  • native libraries and images used in that App
  • obsfucated code ( android SDK, by default, uses  ProGuard tool which shrinks, optimizes, and obfuscates your code by removing unused code and renaming classes, fields, and methods with semantically obscure names.
Required Tools :
Download the followings first.


Using ApkTool 
to extract AndroidManifest.xml and everything in res folder(layout xml files, images, htmls used on webview etc..)
Run the following command :
         >apktool.bat d sampleApp.apk
It also extracts the .smali file of all .class files, but which is difficult to read.
##You can achieve this by using zip utility like 7-zip.

Using dex2jar
to generate .jar file from .apk file, we need JD-GUI to view the source code from this .jar.
Run the following command :
    >dex2jar sampleApp.apk

Decompiling .jar JD-GUI
- it decompiles the .class files (obsfucated- in case of android app, but readable original code is obtained in case of other .jar file). i.e., we get .java back from the application.
Just Run the jd-gui.exe and File->Open to view java code from .jar or .class file.

2 comments :

Your Comment and Question will help to make this blog better...