Lets develop a source code from (android)apk executable : Reverse engineering approach
There are 5 steps of cracking any type of android application code.
1. Having an executable(apk) with us.
One way to download APK file is, go to google playstore copy the URL of the application and paste it in the urlhttp://apps.evozi.com/apk-downloader/ OR http://downloader-apk.com/ OR http://apkleecher.com/ and download it. We can also achieve this by using chrome extension Extension Link
2. Find the “.dex” file in apk by opening *.apk with Winrar.
Apk to dex conversion.
Tool : Winrar or Winzip or 7zip – Open apk file in winrar . Once you extact it you we see many files. Android Manifesto file,classes.dex and others. Classes.dex is dalvik executable file which can be understandable to android virtual machine. Dex file which is the main file from whole application. Extract it somewhere in your folder. Download Winrar here
3. Convert *.dex to *.jar file using dex2jar software.
Now, we need to convert .dex file into .jar file. We will use dex2jar-0.0.9.15 tool in order to do this. But make sure your dex file has to be in the folder where this dex2jar executable file is.
So this is how conversion can be done.
4. Open the *.jar file with “JD-GUI or CAVAJ java decompiler” to see all class files and its source java code
Now we will decompile the jar file in order to get class files which are java files. And for that we will be using the JD GUI tool. It can be done as follows:
Thus how you see the whole source code of android application. You can even save in a notepad by simply clicking file save source or file save sources.
5. Copy the source code to a file and save it as *.java OR export the project.
For only x64 bit os add support of x86 libraries by executing below commands
sudo dpkg –add-architecture i386
sudo apt-get update
sudo apt-get install ia32-libs
For 32bit os nothing to just : sudo apt-get update
step2: Download the android ADT Bundle from google site.extract that zip file to any location then goto adt bulndle folder to the path /sdk/platform-tools and execute the commands below
step3: starting a android emulator or connecting an android mobile
To create a new virtual android emulator : goto adt-bundle folder to /eclipse and execute the eclipse
in Eclipse window , goto Menu–>Window–>Android Virtual Device manager , this will open a new window to create new android emulator
then click on the NEW button –> create a new android emulator to test and select the emulator
and click on start button , now the emulator works as new android mobile device to test the application
To add android mobile device to adt tools:
connect the device through USB cable , make sure that debugging enabled in the mobile
step4: Checking wheather the device/emulator connected to adb shell
goto the path /sdk/platform-tools and type below
*above command will show the available devices , here we created one virtual android emulator that will show here or connected mobile device will appear here
To install new apk file to test , type the below command
step6: Connecting to Proxy
To test the app’s we need one proxy tool to test , burpsuite or paros etc . start the proxy (eg., ip 127.0.0.1, port 8080) , then configure the same setting in the emulator/mobile . For this goto settings –>more –>Mobile networks–>Access Point Names –>GPRS —>give the proxy ip and port(eg., ip 127.0.0.1, port 8080)
step7: open the android app , try operating that app , each request will go through the Proxy . Test the app like the normal web application