I am going to discuss how we can see the source code of the android apps and may be modify/hack according to our own convenience. Various attackers use this technique to inject their own malicious code in the app and the again compiling it and spreading the app.
- Dex2jar: It is a tool which is used when working with android .dex and java .jar files.
- Jd-gui: This tool opens up the entire coding of .apk file.
You can Download both these tools from here.
In this article I will be taking example of faceniff.apk, but you can take any app of your choice.
Steps involved in reverse engineering android app:
Change the extension of android app to “faceniff.apk.zip“.
Unzip the file using any unzipping software.
Now open the command prompt and type “cd “.
Then type “cd c:androiddex2jar-0.0.9.7″. (Here “C:androiddex2jar-0.0.9.7” is the path of dex2jar tool in my drive, this may be different for you). Press enter.
Now type “dex2jar c:androidFaceniffclasses.dex“. Here “c:androidFaceniffclasses.dex” is the path of the classes.dex file which your will surely be in the extracted folder of the android app.
You will notice a new executable jar file in the unzipped folder of app. Now open that app with “jd.gui” and you will be able to see the source code of android app.
About the Author – Shikhil Sharma is an engineering student who is pursuing his engineering in Computer Science. He has great interest in Cyber Security, Hacking, Penetration Testing, SEO and Vulnerability Assessment and loves to write about them.