personal-site/content/text/android-app-decompiling.txt

45 lines
1.1 KiB
Plaintext
Raw Normal View History

2021-10-14 07:42:11 +00:00
aka hacking apk reverse engineering
Guides:
https://blog.securityevaluators.com/how-to-view-tls-traffic-in-androids-logs-6a42ca7a6e55
https://archive.ph/zDaV6
- used during Lutron hacking
Tools:
$ sudo apt install adb apktool openjdk-11-jdk-headless zipalign
$ locate apktool
- replace apktool with new version:
- https://github.com/iBotPeaches/Apktool/releases
$ sudo mv /usr/share/apktool/apktool.jar /usr/share/apktool/apktool.jar.orig
$ sudo mv ~/Downloads/apktool_2.5.0.jar /usr/share/apktool/apktool.jar
Get APK file:
- find name of the app
$ adb shell pm list packages | grep covid
- find path of the app
$ adb shell pm path ca.ab.gov.covidrecordsverifier
- pull the apk
$ adb pull [path] .
Decompile:
$ apktool d application.apk -o output/
Compile:
$ apktool b output/ --use-aapt2 -o patched.apk
Sign:
- the following just once:
$ keytool -genkey -v -keystore release.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore release.keystore patched.apk alias_name
Install:
$ adb install patched.apk
Read logs:
$ adb logcat -c