Ye Lin Kyaw The way of my life.

APK Tool and dex2jar

I got to find out how is the reverse engineering of Android APK. I had already known that APK is just a zipped folder but never explored it. After unpack the apk, I found that the source codes are compiled into Dalvik Virtual Machine code and the resources are also encoded together in resources.arsc. After google for while, I found android-apktool that is a tool for decompiling Dalvik machine code and encoded resources. I tried to decompile the simple HelloWorld.apk

$ apktool d HelloWorld.apk

Apktool can decompile all of the resource files and Dalvik machine code into smali. And I just tried to change the caption the button, build, signed and installed on my device. I did not try injecting code in smali for this time. The app is working fine with cracked button caption.

$ apktool b ./HelloWorld $ jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore ./HelloWorld.apk androiddebugkey

That means all of the resource files are totally unsecured. I also tried dex2jar. It can convert Delvik code to JVM Bytecode. I converted my apk to jar with dex2jar and tried to interpret the JVM Bytecode to Java source code with JD-GUI. JD-GUI generates the Java code almost the same as the original source code but the generated codes will be needed to fix some errors to work properly.

$ dex2jar.sh HelloWorld.apk

According to the testing, the assets on the apk are almost unsecured and the Dalvik machine codes are also not very difficult for reverse engineering. I have not tried apktool and dex2jar with ProGuard enabled apk. I will try and see how much ProGuard can confuse the reverse engineer.

comments powered by Disqus