codeniko/0_reverse engineering.md

## 0_reverse engineering.md

      
    Raw
  

              0_reverse engineering.md
            
          
    https://github.com/skylot/jadx for dex decompiling, no need to convert to jar with dex2jar https://github.com/pxb1988/dex2jar

https://www.evilsocket.net/2017/04/27/Android-Applications-Reversing-101/
Add android:debuggable="true" to decompiled AndroidManifest to allow debugging. Recompile, sign, and install after.
Tools

Apk Downloader

ApkTool for decompiling dex to smali

https://github.com/skylot/jadx for viewing apk file contents (java-fied)

Apk-Multi-tool various tools to do everything

Baksmali decompile dex to smali

~/Library/Android/sdk/build-tools/28.0.0/dx
Verify signature

openssl pkcs7 -in original/META-INF/SOMETHING.RSA -inform DER -print 
Decompile

apktool d -f APK_FILE -o OUTPUT_DIR or apktool d APK_FILE

Alternatively, use JADX (at github.com/skylot/jadx)

jadx -d {output folder} {apkfile}
Viewing smali to java code

Use jadx-gui APK_FILE
Recompile

apktool b -d APP_PATH OUTPUT_APK_FILE
Issues?

If have an issue like this: No resource identifier found for attribute 'keyboardNavigationCluster' in package 'android'

apktool empty-framework-dir --force
Signing APK with dummy signature

Use my script https://gist.github.com/codeniko/cdc8ff7dd4efc8fbceae55c0e6b165b0
The script will generate a key store file if not found, and sign your APK. Use as ./sign.sh APKFILE
Converting Java to Dex to Smali

Download baksmali-2.4.0.jar from links in README and see smali.sh file below
Converting Kotlin to Dex to Smali

Download baksmali-2.4.0.jar in README, and kotlinc with brew install kotlin and see ksmali.sh file below

  
## ksmali.sh
#!/bin/sh

# Convert kotlin code to smali
# Ex: ./ksmali.sh SomeKotlinFile.kt

OUT=out
TMP=/tmp/ksmali/
rm -rf "$OUT" "$TMP"
mkdir "$OUT"
mkdir "$TMP"
filename="${1%.*}"
dex="$filename.dex"
echo "Compiling, dexing, and Smali'ng $1"
kotlinc "$1" -d "$TMP"
dx --no-warning --no-strict --dex --output="$TMP$dex" $TMP*.class
java -jar ~/baksmali-2.4.0.jar d "$TMP$dex"
ls $OUT

## smali.sh
#!/bin/sh

# Convert java code to smali
# Ex: ./smali.sh SomeJavaFile.java

OUT=out
rm -rf "$OUT"
mkdir "$OUT"
filename="${1%.*}"
dex="$filename.dex"
class="$filename.class"
echo "Compiling, dexing, and Smali'ng $1"
javac "$1"
dx --dex --output="$dex" "$class"
java -jar ~/baksmali-2.4.0.jar d "$dex"
rm "$dex" "$class"
ls $OUT
	#!/bin/sh

	# Convert kotlin code to smali
	# Ex: ./ksmali.sh SomeKotlinFile.kt

	OUT=out
	TMP=/tmp/ksmali/
	rm -rf "$OUT" "$TMP"
	mkdir "$OUT"
	mkdir "$TMP"
	filename="${1%.*}"
	dex="$filename.dex"
	echo "Compiling, dexing, and Smali'ng $1"
	kotlinc "$1" -d "$TMP"
	dx --no-warning --no-strict --dex --output="$TMP$dex" $TMP*.class
	java -jar ~/baksmali-2.4.0.jar d "$TMP$dex"
	ls $OUT
	#!/bin/sh

	# Convert java code to smali
	# Ex: ./smali.sh SomeJavaFile.java

	OUT=out
	rm -rf "$OUT"
	mkdir "$OUT"
	filename="${1%.*}"
	dex="$filename.dex"
	class="$filename.class"
	echo "Compiling, dexing, and Smali'ng $1"
	javac "$1"
	dx --dex --output="$dex" "$class"
	java -jar ~/baksmali-2.4.0.jar d "$dex"
	rm "$dex" "$class"
	ls $OUT