fbpx

Reverse Engineering APK an Android app

Reverse Engineering APK

Part 2

Note: If you haven’t seen part 1, You should view it once Smali Code Analysis for Android Hacking

What is Reverse Engineering APK?

Reverse engineering an APK (Android Package) file involves de-compiling and analyzing the compiled code of an Android application. It’s essential to note that reverse engineering can violate the terms of service of some applications and may be illegal in certain contexts. Make sure you have the right to reverse engineer the APK in question, and always respect intellectual property rights and laws

There are two methods to take an Android application part:

Decompile:

  • This method will restore the application to a replica of the source code, and we will be able to understand its components and how it works, but it will be hard to re-compile it again.
  • Tool – Jadx

Disassemble:

  • Using this method, we will take the application apart to some extent with the ability to edit its behavior and re-build it again, but all this will be in Smali instruction (hard to read).
  • Tool – APKtool

Alternatively you can use apktool to extract and disassemble resources directly from the APK archive and disassemble Java bytecode to Smali. apktool allows you to reassemble the package, which is useful for patching and applying changes to e.g. the Android Manifest.

Android Application build process

A tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.

Apk analysis workflow 



What we need installation 

  • JRE installed
  • APKtools
  • SignAPK

APKtool

DEX → SMALI

DeX2jar 

  • DEX → JAR → JAVA

Installation for Apktool → Linux

Step:1 Download Linux wrapper script 

URL https://github.com/iBotPeaches/Apktool/blob/master/scripts/linux/apktool

Step:2 Download apktool → apktool_2.6.1.jar

 URL https://bitbucket.org/iBotPeaches/apktool/downloads/

Step:3 Downloaded jar to apktool_2.6.1.jar

Step:3 Renamed downloaded jar to apktool_2.6.1.jar → apktool.jar

Step:4 Move the files apktool to /usr/local/bin (root needed)

Step:5 Move the files apktool.jar to /usr/local/bin (root needed)

Step:6 Observe that you need permission.

Step:7 Permission → chmod 777  apktool.jar.

Step:8 Download apk 

URL https://drive.google.com/u/0/uc?id=0Bx9OKN9cC4IKS0o4N2V2NzZiOUU&export=download

Step:9 Connect device to adb:

If you do not enable- first goto settings >> Developer options and enable debugging mode in device so that adb can communicate with the device → go to directory open terminal → adb devices

Step:10 install the apk – go to directory open terminal → 

adb install -r myapp.apk

Step:11 installed the apk in emulator

Step:12 Open the apk and fill the name and Observe that an authenticated name is required. 

Step:13 Observe that an authenticated user —> sabin. 

Step:14 Let’s start bypassing the authenticated user.

Step:15 Decompile this application → myapp.apk

Step:16 Observe that Decompiled this application —> click on the  smali folder.

Step:17 Go to smali file → com.example.sabin, Open folder myapplication → MainActivity.smali.

Step:18 Open this smali code and Observe that smali code : cond_0  const/4 v0, 0x0 condition = false 

Step:19 Observe that manipulation → 0x0 → 0x1 condition = true, and Save this file.

Step:20 Disassemble apk file → apktool b myapp  

Step:21 Go to disassemble apk file  – Open dist 

Step:22 Disassemble apk → right click open terminal.

Step:23 Generate a key for sign in → keytool -genkey -V -keystore key.keystore -alias APktool -keyalg RSA -keysize 2048 -validity 10000.

Step:24 Generated –> key.keystore → right click open terminal

Step:25  Signed APK → specify alias name → Apktool and password ->123456 → jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore key.keystore myapp.apk APktool

Step:26 Finally successfully signed Apk → myapp.apk

Step:27 Open the signed apk in emulator 

Step:28 Observe that bypassed authenticate → Sukesh is VIP user

How to Secure

Before we go into how to protect an Android app from reverse engineering, let’s look at how to prevent an Android app from being reverse-engineered. 

  • Tamper Detection
  • ProGuard Assistance
  • Use PBKDF2,bcrypt and scrypt hash algorithms
  • Secure User Credentials
  • Hide Api keys
  • use of whitelist commands
  • Database Encryption
  • Add Multi-Factor Security

That’s all for this blog, I hope you enjoyed reading this. In future I will write one more blog that will include some other techniques.

References:

https://www.slideshare.net/

https://www.kali.org/tools/apktool/


Leave a Reply

Your email address will not be published. Required fields are marked *

Surat

Certbar Security

Contact

Office No.

Work Inquiries

Interested in working with us?

Career

Looking for a job opportunity?

Register With:

Work Inquiries

Interested in working with us?

Career

Looking for a job opportunity?

Surat

Certbar Security

Contact

Office No.

Work Inquiries

Interested in working with us?

Career

Looking for a job opportunity?

Register With:

© 2016-[year], Certbar Security. All rights reserved.

© 2016-[year], Certbar Security. All rights reserved.

Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Join As:
Interested In Batch:
I agree to bring my own laptop
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.
Please enable JavaScript in your browser to complete this form.