Search Whitehat Blog

Tuesday, 1 April 2014

Reverse Engineering Android APK.

Android Apk files

Android Apk file extension is an android operating systems executable normally referred to as applications. If further understanding , Apk (Android packaging) is a package that contains program files that lets the Apk run in the operating system.

To be a able to reverse engineer an apk , we will first want to know what it is contained in the package, An Apk contains the following ;

  • res

  • META-INF

  • lib

  • assets

  • classes.dex

  • Android manifest 

    The above contents contains different files that includes signing , the XML files ,images and icons that gives the graphical layout of an android application. The most important content that has the source code of an Apk is the classes.dex file. This is where our interest lies. 

    So we have to decompile it to the source programming language - normally java but before we do that we first have to make sure we have all requirements . We must have the following,

     An Apk file (Android app- open source)

    Winrar for windows (windows)

    Apk tool.zip (windows)

    Dex2jar.exe(windows)

    STEP 1

    • Install all the windows softwares above (get their tutorials if it looks new to you)

    • Rename your apk extension to zip. Eg name.apk to name.zip

    • This enables you to open the app in winrar unpackaging software. As shown in the image bellow

    • Extract file to a folder ie on your desktop e.tc


     

    STEP 2

    • We are going to decompile the classes.dex file using Dex2jar program to get java source code

    NB

    • Performing this requires you to have java programming skills.

    STEP 3

    • After you have decompiled and  edited the java script, at times you may use Apk tool to get the .smali file (not for the Novice reverse engineers) so as to edit the java strings. Editing is called  debugging .

    • After recompiling the codes , you have to change the java classes to classes.dex. 

    This is done using Apktool or Eclipse SDK (check manual on how to convert java classes to classes.dex by pressing F1 in Eclipse) 

    STEP 4

    • Replace the classes.dex with the new one in the mothe folder.

    • Zip it using Winrar to get a zipped file.

    • Change the extension Zip to Apk file.

    STEP 5

    • Now you need to sign your APK file.


    • When publishing an application you need to sign the .apk file with a certificate using a private key. The Android system uses the certificate to identify the author of an application and establish trust relationship between applications. The classic way of doing this was to use keytool then sign it with jarsigner but because most of us don’t have a keystore we can use a alternative called SignAPK.

    GET THE STEP BY STEP PROCEDURE TO REVERSE AN APK APP BY THE USE OF APKTOOL HERE

 

Posted by at No comments:

Best URL shortening Sites.


 Hey friends today am here to share some interesting web url shortening technique. You may be wondering what this could be .To explain this , I am going to give a simple example.

Long Url : Facebook.com
After shortening: Fb.com

At times the url may be too long and it makes it look so bulky to share or reffer them later . Bellow are some of the sites that lets you paste and process your long url to a shorter one in seconds. walaaah! 

wait! my favorite one is number 8.


1) Su.pr 

 The Official URL Shortener from Stumble Upon and one of the best available in the market.
- Help to Increase traffic.
- Real time analytics showing how many people click through the links and how many people came through StumbleUpon.
- Suggest the best posting time based on past data.
- Tells the number of retweets and reviews.
- History Viewer.
- Sharing functionality

2) Goo.gl 

 Official URL shortener from Google.
- Reliable and trusted.
- Shows real time click analytics on hourly, daily, weekly, monthly and all time basis of all the short Google links.
- Public Stats

3) Bitly

- View complete, real-time traffic & analytics data.
- Sharing functionality
- Bitly is available via website, browser extensions, mobile web, & numerous third-party tools.
- Build good traffic.

4) Tinyurl:

- Browser toolbar
- Hide Affiliate URLs
- Preview Feature

5) Budurl
 Budurl comes with lot of additional premium features apart from shortening the link.
- Emails to prospects & clients
- QR Code integration for print campaigns
- Use their Mobile Micro-Sites to drive traffic for mobile campaigns
- Schedule your Tweets
- Detailed stats of Blog posts & comments on sites
- Links to PDFs and other files on my website and in emails
- Affiliate links
- Advertising links

6) Is.gd:

- Make URLs easier to read aloud using our custom shortened URL facility or our pronounceable URL facility.
- Make QR codes of shortened URL links.

7) Cli.gs:

- Custom Links
- Private Detailed stats
- Displays geolocation data as a map rather than a chart.
- Sharing feature

8. Shorturl
  •  rated as the best
  • gives options to modify your url domain
  • get it at shorturl.com

Posted by at No comments:
Location: Nairobi, Kenya
Subscribe to: Comments (Atom)