Android Application Reverse Engineering

Lets develop a source code from (android)apk executable : Reverse engineering approach
There are 5 steps of cracking any type of android application code.

1. Having an executable(apk) with us.

One way to download APK file is, go to google playstore copy the URL of the application and paste it in the urlhttp://apps.evozi.com/apk-downloader/   OR http://downloader-apk.com/ OR http://apkleecher.com/  and download it. We can also achieve this by using chrome extension Extension Link

2. Find the “.dex” file in apk by opening *.apk with Winrar.

Apk to dex conversion.
Tool : Winrar or Winzip or 7zip – Open apk file in winrar . Once you extact it you we see many files. Android Manifesto file,classes.dex and others. Classes.dex is dalvik executable file which can be understandable to android virtual machine. Dex file which is the main file from whole application. Extract it somewhere in your folder.  Download Winrar here

12

3. Convert *.dex to *.jar file using dex2jar software.

Now, we need to convert  .dex file into .jar file. We will use dex2jar-0.0.9.15 tool in order to do this. But make sure your dex file has to be in the folder where this dex2jar executable file is.

Download Dex2jar here

So this is how conversion can be done.

3

4. Open the *.jar file with “JD-GUI or CAVAJ java decompiler” to see all class files and its source java code

Now we will decompile the jar file in order to get class files which are java files. And for that we will be using the JD GUI tool. It can be done as follows:

Download JD GUI tool here at http://jd.benow.ca/
Cavaj decompiler

4

Opening converted jar classes file in the JD GUI tool
6

Thus how you see the whole source code of android application. You can even save in a notepad by simply clicking file save source or file save sources.

5. Copy the source code to a file and save it as *.java  OR export the project.

Step By Step Procedure for Android Pen testing Setup

step1:

For only x64 bit os add support of x86 libraries by executing below commands

sudo dpkg –add-architecture i386

sudo apt-get update

sudo apt-get install ia32-libs

For 32bit os nothing to just : sudo apt-get update

step2: Download the android ADT Bundle from google site.extract that zip file to any location then goto adt bulndle folder to the path /sdk/platform-tools and execute the commands below

link: http://developer.android.com/sdk/index.html

./adb

./adb start-server

step3: starting a android emulator or connecting an android mobile

To create a new virtual android emulator : goto adt-bundle folder to /eclipse and execute the eclipse

./eclipse

in Eclipse window , goto Menu–>Window–>Android Virtual Device manager , this will open a new window to create new android emulator

then click on the NEW button –> create a new android emulator to test and select the emulator

emulator settings

start

and click on start button , now the emulator works as new android mobile device to test the application

emulator

(OR)

To add android mobile device to adt tools:

connect the device through USB cable , make sure that debugging enabled in the mobile

step4: Checking wheather the device/emulator connected to adb shell

goto the path /sdk/platform-tools and type below

./adb

./adb devices

*above command will show the available devices , here we created one virtual android emulator that will show here or connected mobile device will appear here

step5:

To install new apk file to test , type the below command

./adb install test-app.apk

step6: Connecting to Proxy

To test the app’s we need one proxy tool to test , burpsuite or paros etc . start the proxy (eg., ip 127.0.0.1, port 8080) , then configure the same setting in the emulator/mobile . For this goto settings –>more –>Mobile networks–>Access Point Names –>GPRS —>give the proxy ip and port(eg., ip 127.0.0.1, port 8080)

proxy

step7: open the android app , try operating that app , each request will go through the Proxy . Test the app like the normal web application