Hans
Security
Magazine
Vol I

Grab It Now

Article

COUNT
2469

Kick your Droid – Android Reverse Engineering

Posted On : Jun 04th 2013 by Taufique Azad

Well, Android is a very popular as well users one of favorite OS everyone is trying to buy an Android phone!) I don’t have an Android cell phone but, let’s see if I can get my hands dirty with this Linux+java clean room engineered platform.

Various attackers use this technique to inject their own malicious code in the app and the again compiling it and spreading the app.

 

Tools Required : - 

Android SDK: The Android SDK provides you the API libraries and developer tools necessary to build, test, and debug apps for Android.

You can download it from here: -

http://developer.Android.com/sdk/index.html

 

Dex2jar: It is a tool which is used when working with android .dex and java .jar files.

You can download it from here: -

http://code.google.com/p/dex2jar/

 

Java decompiler: This tool opens up the entire coding.

You can download it from here: -

http://java.decompiler.free.fr/

 

Smali and baksmali: smali/baksmali is an assembler/disassembler for the dex format

You can download it from here: -

http://code.google.com/p/smali/

 

**You can use your any android app to see source code**

Method 1.

open the command prompt and type “cd “.

Then type “cd c:androiddex2jar-0.0.9.7″. (Here “C:androiddex2jar-0.0.9.7” is the path of dex2jar tool in my drive, this may be different for you). Press enter.

 

Now type “dex2jar c:androidFaceniffclasses.dex“. Here “c:androidFaceniffclasses.dex” is the path of the classes.dex file which your will surely be in the extracted folder of the android app.

 

You will notice a new executable jar file in the unzipped folder of app. Now open that app with “jd.gui” (Java decompiler) and you will be able to see the source code of android app.


Method 2.

Here the interesting file for us is classes.dex, which contains the compiled vm codes. We are going to disassemble the dex file with baksmali. Commands are pretty simple as you can see from screen shots.


If everything worked fine, we will have a folder structure similar to Java packages. Interesting .smali files are located at '\com\example\helloandroid'. Open all the .smali files into your favorite text editor.

 


 

Now we can use another utility which converts dex files to jar files so that we can use Java decompilers to see much more abstracted code.

 

You can also see this link to learn more about android reverse engineering.

https://code.google.com/p/android-apktool/



Thanks and stay tune ..!!

Powered By: Sevenza SEO