Android Reverse Engineering

I seem to have a knack for finding the hardest problems to start with. Anyway I thought I would have a look at doing some android reverse engineering on a local transit app.

First you will need to get the apk application bundle for the app you want to have a look at. If you have the app installed on your phone this is really easy to do with adb.

$ adb shell
anddroid$ pm list packages
package:com.google.android.youtube
package:com.android.providers.telephony
...
package:com.android.documentsui
package:com.android.externalstorage
package:com.test.testapp

anddroid$ pm list packages | grep testapp
package:com.test.testapp
anddroid$ pm path com.test.testapp
package:/data/app/com.test.testapp/base.apk
anddroid$ exit
$ adb pull /data/app/com.test.testapp/base.apk

Now you will have the apps apk as base.apk and feed it to jadx. jadx is a dex to java decompiler with a pretty gui and the ability to deobfuscate code. When you fire up jadx with the apk you will get a complete break down of the apk bundle and decompiled classes.

JADX view

At this point you should see the decomiled classes, but as I said I am great at picking hard targets. There is some decompiled java here, but there are also mono packages and a load of dlls shipped in the assemblies directory.

As I said, great at picking hard targets. To get further with this I shall have to find a c# decompiler, they seem to be quite common.


Reading: Little Brother, Transmetropolitan

blog morning

Posted on