Thursday, October 3, 2013
Android APK reverse engineeringThis article will explain how to decompile APK file and get all resource like picture, xml from it.
Part A - Get resource (image, sound and xml files)
Step 1 - Get Android APK ToolAndroid APK Tool is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications; it makes possible to debug smali code step by step. You can download it here. You have to download 2 files:
- Library: apktool1.5.2.tar.bz2
- Your OS dependence (Linux, Windows, Mac): apktool-install-***-r05-ibot.tar.bz2
Step 2 - Decompile your APK with APK ToolSince I'm running APK tool in Ubuntu, I'll take it for my example. Open Terminal and run command:
apktool d your_app_name.apkAfter finish, you will get:
- All resource, xml files.
- SMALI source code. Yes, it's not in JAVA language, but in SMALI, an assembly-based language. You can check this SMALI beginner guide.
Part B - Get JAVA source code
Step 1 - Extract APK file to get DEX fileAPK file is actually a ZIP file. Just change .apk extension into .zip extension. e.g. your_app_name.apk -> your_app_name.zip.
Then extract it, then you will get a folder contains this file: class.dex.
Step 2 - Convert class.dex to .JAR file
- Download dex2jar tool.
- Run command: dex2jar.sh classes.dex
- You will get a new file: classes_dex2jar.jar
Step 3 - Read .JAR file to get JAVA source code
- Download jd-gui.
- Run jd-gui, open result .jar file in above step, named classes_dex2jar.jar.
- Then you can browse the JAVA source code of your Android app.