Analyzing Android App Binaries - GDG Silicon Slopes Aug 2022

Analyzing Android app binaries Pavlo Stavytskyi Google Developer Expert, Android

▪ Google Developer Expert, Android About me 2

▪ Google Developer Expert, Android ▪ Mobile Infrastructure at Lyft
About me 3

4 Agenda

▪ Android package ﬁles Agenda 5

▪ Android package ﬁles ▪ Reverse engineering Android apps Agenda
6

7 Android package ﬁles

▪ .apk .aab .aar ﬁles Android package ﬁles 8

▪ .apk .aab .aar files ▪ They are all .zip
files Android package files 9

10 Demo

11 Reverse engineering Android apps

▪ APK Analyzer Reverse engineering Android apps 12

▪ APK Analyzer ▪ dex2jar Reverse engineering Android apps 13

▪ APK Analyzer ▪ dex2jar ▪ JD-GUI Reverse engineering Android
apps 14

▪ APK Analyzer ▪ dex2jar ▪ JD-GUI ▪ Apktool Reverse
engineering Android apps 15

16 APK Analyzer

17 Demo

18 dex2jar

▪ brew install dex2jar dex2jar 19

▪ brew install dex2jar ▪ d2j-dex2jar app-release.apk dex2jar 20

▪ brew install dex2jar ▪ d2j-dex2jar app-release.apk ▪ JD-GUI dex2jar
21

22 Demo

23 Apktool

▪ brew install apktool Apktool 24

▪ brew install apktool ▪ apktool d app-release.apk Apktool 25

▪ brew install apktool ▪ apktool d app-release.apk ▪ Make
a change Apktool 26

▪ brew install apktool ▪ apktool d app-release.apk ▪ Make
a change ▪ apktool b -f -d app-release Apktool 27

▪ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA
-keysize 2048 -validity 10000 Signing modiﬁed APK 28

-keysize 2048 -validity 10000 ▪ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore app-release/dist/app-release.apk alias_name Signing modiﬁed APK 29

-keysize 2048 -validity 10000 ▪ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore app-release/dist/app-release.apk alias_name ▪ jarsigner -verify -verbose -certs app-release/dist/app-release.apk Signing modiﬁed APK 30

▪ https://github.com/Morfly/compose-arch-sample Sample project 31

32 Q&A

Analyzing Android App Binaries - GDG Silicon Sl...

Analyzing Android App Binaries - GDG Silicon Slopes Aug 2022

Pavlo Stavytskyi

More Decks by Pavlo Stavytskyi

Other Decks in Programming

Featured

Transcript

Analyzing Android app binaries Pavlo Stavytskyi Google Developer Expert, Android

▪ Google Developer Expert, Android About me 2

▪ Google Developer Expert, Android ▪ Mobile Infrastructure at Lyft

4 Agenda

▪ Android package ﬁles Agenda 5

▪ Android package ﬁles ▪ Reverse engineering Android apps Agenda

7 Android package ﬁles

▪ .apk .aab .aar ﬁles Android package ﬁles 8

▪ .apk .aab .aar ﬁles ▪ They are all .zip

10 Demo

11 Reverse engineering Android apps

▪ APK Analyzer Reverse engineering Android apps 12

▪ APK Analyzer ▪ dex2jar Reverse engineering Android apps 13

▪ APK Analyzer ▪ dex2jar ▪ JD-GUI Reverse engineering Android

▪ APK Analyzer ▪ dex2jar ▪ JD-GUI ▪ Apktool Reverse

16 APK Analyzer

17 Demo

18 dex2jar

▪ brew install dex2jar dex2jar 19

▪ brew install dex2jar ▪ d2j-dex2jar app-release.apk dex2jar 20

▪ brew install dex2jar ▪ d2j-dex2jar app-release.apk ▪ JD-GUI dex2jar

22 Demo

23 Apktool

▪ brew install apktool Apktool 24

▪ brew install apktool ▪ apktool d app-release.apk Apktool 25

▪ brew install apktool ▪ apktool d app-release.apk ▪ Make

▪ brew install apktool ▪ apktool d app-release.apk ▪ Make

▪ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA

▪ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA

▪ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA

▪ https://github.com/Morfly/compose-arch-sample Sample project 31

32 Q&A