» » » » » Reverse Engineering an Android application

Reverse Engineering an Android application

Reverse Engineering an Android application
Di Posting Oleh : Crew Blog
Kategori : Android penetration testing Android reverse engineering dex2jar dinesh


Introduction:

The Android compiler suite compiles the developer's Java files into class files, and then the class files are converted into dex files. Dex files are bytecode for the DalvikVM which is a non-standard JVM that runs on Android applications. The XML files are converted into a binary format that is optimized to create small files. The dex files, binary XML files, and other resources, which are required to run an application, are packaged into an Android package file. These files have the .apk extension, but they are just ZIP files. Once the APK package is generated, it is signed with a developer's key and uploaded onto the Androidmarket via Google's website from where the user can download these APK files and install them on the Android device.

Requirements:

  • Tool to unpack the .apk file : 7zip
  • Tool to convert the .dex to a .jar file : dex2jar
  • GUI tool for Java decompilation : JD-GUI
  • The android apk file.

Detailed Steps:

Step 1: You can get the apk file matching your application to be reversed from the location /data/app/<application-name>. If you want, you can even use the tool AppSender from GooglePlay on your device which allows you to export any apk mapped to your application on your device as per your choice.
Step 2: Extract the apk file using 7zip to view the contents of the .apk file. The .dex and the .xml files that were discussed earlier in the article are shown in below figure.




Step 3: The next step will render a better view of the code using the 'dex2jar' tool. A dex2jar tool kit converts the Dalvik executable .dex files into Java .class files.

The 'classes.dex' file from our application is dropped into the dex2jar's directory and converted using the command, dex2jar.bat classes.dex.

This creates the 'classes.dex.dex2jar.jar' file in the same directory as shown in below figure.




Step 4: To view the readable format of the class files, we use the tool, JD-GUI. Open the 'classes.dex.dex2jar.jar' file using JD-GUI.


This depicts a systematic view of the complete source code of the Android application.

Step 5: After obtaining the complete source of the application, you can perform the actual analysis of the source and check whether something is amiss.


References and Good Reads: