Decompiling an Android App

If you have an apk, there are several tools for reverse engineering it.

A first options is apktool, which transforms the apk in a directory structure. The resources are there, so one can examine them, and also change some and recompile. The .class files are substituted by smali files (see project smali), which are human-readable and understandable, even though is not the original java code.

The second option is more conventional, and goes back all the way to the java code (which however might have been obfuscated). It’s based on two tools:

  • dex2jar,  which converts Android’s Dalvik executables into a Java jar files.
  • JD-GUI,  which decompiles jar files into java source files (any jar, not just android stuff).

Ken Kinder describes the step by step the two options in an interesting post (His link to JD-GUI seems broken, the one provided above works fine).

A third possibility is to use the Dexter is an on-line static android application analysis tool. You need to create an account, then you create a project, upload the apk, and it will give you interesting statistics and class diagrams.

Advertisements
Tagged with: , ,
Posted in Android, Java, Programming

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s

%d bloggers like this: