Archive for the ‘Android’ Category

Decompiling Android APKs

January 28, 2013

So last week needed to take a look at an existing app in the google play store to see if it was generated using one of the Mobile Enterprise Application Platforms (Appcellerator, / PhoneGap, etc.)  tools.   (Example below is actually one of my own apps…  just for demonstration purposes.)    Figured I’d add it to the blog so all the steps are in one place.   The other mentions I found on how to do it were scattered about.

  1.  Get the APK you want to decompile off of your android device:   Connecting the device to your computer and launching the DDMS in Eclipse won’t actually show you the contents of /data where installed apks and apps are installed unless you root your device.    That seemed like a pain… so instead, I found this:
    1. Install app sender on the device:  AppSender 2.0 (Share APK)
    2. Ensure that  the device ISN’T connected to your computer.   (AppSender thinks it needs the SD card in order to run, and this is unmounted when plugged in on USB. (at least with Moto Droid Razr max 2.3.6 and Mac OS X 10.7.5)
    3. Find the app you want to get off the phone in the list that AppSender presents and tap it.
    4. Tap “Email Attachment”     device-2013-01-28-110728
    5. Send it to yourself using the Mail Intent of your choice.
    6. Save the attached APK file off somwhere on your computer.
  2. Download and install dex2Jar  on your computer:
  3. Run dex2Jar on the APK:     (This will get you as far as class files on your computer.)
    $ ./ ../com.tasteseller-1.apk
    this cmd is deprecated, use the d2j-dex2jar if possible
    dex2jar version: translator-
    dex2jar ../com.tasteseller-1.apk -> ../com.tasteseller-1_dex2jar.jar
  4. Download JD-GUI  and Install on your computer. (Java Decompiler)
  5. Run JD-GUI…     Open the jar file:  File->Open File… (select the jar file from above:)
  6. Browse the Code:   (obviosuly if the original APK was obfuscated the results here last step may be totally illegible…   but happily it did just fine on the app I needed to check out.)
    Screen Shot 2013-01-28 at 11.34.20 AM
  7. There is no Step 7.   That was everything!

The follow up article:     How to obfuscate Android Code so that this isn’t doable.