“R” and “BuildConfig” are defaults, “MainActivity” is the only class I authored. Figure 2: Contents of my Hello World AppĪs you can see in Figure 2, I drilled into the “com.proofofconcepts…” folder and there are the three Java classes. Since this app is simple, there is just three Java classes listed to which I personally only wrote one in this case. Within an APK, the “MainActivity” is generally the introduction point a user is presented with when running an app on their mobile device. For the most part, I’d say it’s safe to skip these and look at the package name’s folder to see the code the author wrote. The android folders contain the development kit code used in my app. In using my sample “Hello World” APK I created, I see a few options that resonate with android packages, but I also see my package name as well. You can see the hierarchy in the left windowpane and the main windowpane is empty. Figure 1: Opening JADX’s GUIįrom here, target an APK you’d like to further investigate. If you completed the above step of creating an aliased command, simply type in “jadx-gui” in the terminal and you should be presented with the GUI version of JADX. Okay, now that we got all the fun stuff taken care of, let’s actually use JADX! If you have other users, they’ll need to do the same or do one of the other options that’d make this aliased command available but that’s beyond the scope of this post. Note that the aliased command is tied to the current user you performed this as. To be clear, instead of having to be in the “./jadx/build/jadx/bin/” directory, you can call jadx-gui from wherever you are. This essentially creates a command called “jadx-gui” and assigns it the value of where the actual jadx-gui command is located. This can be done by running:Īlias jadx-gui=’~//jadx/build/jadx/bin/jadx-gui’ That can get a bit messy depending on what command you run I suggest creating an “alias” for this. In order to use the graphical version (GUI), you’ll need to call “jadx-gui” from within the “build/jadx/bin/” directory. You’ll need to install git prior, run:įrom here, you’ll have a few directories that house different content. Still within the APKAnalysisTools folder (or whatever you named your directory), follow the three commands listed under the “Build from source” section. JDK should contain JRE as well per online resources, though I didn’t run into issues in running both commands.įinally, run the following command to ensure you have Java 8 or higher JDK is the Java Development Kit and this allows access to Java’s development kit. JRE is the Java Runtime Environment, which allows running Java code. Note that the JADX GitHub mentions “JDK 8 or higher must be installed” but I ran both commands above just in case. For me, I have a directory called “APKAnalysisTools” and this is where I am doing my APK testing. Open the terminal and go into whatever directory you want to use for reverse engineering purposes. JADX is used to convert DEX/Smali code into Java source code.Īt this point, I am assuming you’re in a VM running Ubuntu. This post will specifically cover the JADX tool, which was the most simple to install and use in my experience. I’ll explain how to go about getting set up using an Ubuntu VM. There are varying installation processes with each tool, but the most common installation among all was Java. In my testing, I used quite a few different tools and frameworks. Remember the code itself is in binary format and cannot be read within a text editor or other development environment. While it’s useful to an extent, it’s not helpful in reading and understanding the programming logic. My last blog post detailed how to unzip an APK archive and what contents are within. In continuation of the Android APK Reverse Engineering series, this post will cover how to actually start digging into an APK’s programming logic.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |