Android APK reverse engineering in 7 small steps

Thursday, January 19, 2023    Post   156 words   1 min read

Step 1: install required tools

$ sudo apt install adb apktool openjdk-11-jdk-headless zipalign apksigner
# replace apktool with new version from https://github.com/iBotPeaches/Apktool/releases
$ sudo mv /usr/share/apktool/apktool.jar /usr/share/apktool/apktool.jar.original
$ sudo mv ~/Downloads/apktool_2.7.0.jar /usr/share/apktool/apktool.jar

Step 2: retrieve the APK file

# start by finding the name of the app
$ adb shell pm list packages | grep <APP_NAME>
# find path of the app
$ adb shell pm path <APP>
# and pull the APK file
$ adb pull <PATH> .

Step 3: decompile the APK

$ apktool d <APP>.apk -o output/

Step 4: recompile the APK

$ apktool b output/ --use-aapt2 -o patched.apk
$ zipalign 4 patched.apk patched2.apk

Step 5: sign the APK

$ keytool -genkey -v -keystore release.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
$ apksigner sign --ks release.keystore patched2.apk

Step 6: install the APK

$ adb install patched2.apk

Step 7: read logs

$ adb logcat -c

Step 8: there is no step 8