52 lines
1.3 KiB
Plaintext
52 lines
1.3 KiB
Plaintext
aka hacking apk reverse engineering
|
|
|
|
|
|
Guides:
|
|
|
|
https://blog.securityevaluators.com/how-to-view-tls-traffic-in-androids-logs-6a42ca7a6e55
|
|
https://archive.ph/zDaV6
|
|
- used during Lutron hacking
|
|
|
|
Tools:
|
|
$ sudo apt install adb apktool openjdk-11-jdk-headless zipalign apksigner
|
|
$ locate apktool
|
|
- replace apktool with new version:
|
|
- https://github.com/iBotPeaches/Apktool/releases
|
|
$ sudo mv /usr/share/apktool/apktool.jar /usr/share/apktool/apktool.jar.orig
|
|
$ sudo mv ~/Downloads/apktool_2.5.0.jar /usr/share/apktool/apktool.jar
|
|
|
|
|
|
Get APK file:
|
|
- find name of the app
|
|
$ adb shell pm list packages | grep covid
|
|
- find path of the app
|
|
$ adb shell pm path ca.ab.gov.covidrecordsverifier
|
|
- pull the apk
|
|
$ adb pull [path] .
|
|
|
|
Decompile:
|
|
$ apktool d application.apk -o output/
|
|
|
|
Compile:
|
|
$ apktool b output/ --use-aapt2 -o patched.apk
|
|
$ zipalign 4 patched.apk patched2.apk
|
|
|
|
Sign:
|
|
- disable verification over USB in developer settings?
|
|
- the following just once:
|
|
$ keytool -genkey -v -keystore release.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
|
|
$ apksigner sign --ks release.keystore patched2.apk
|
|
|
|
Install:
|
|
$ adb install patched2.apk
|
|
|
|
|
|
Read logs:
|
|
$ adb logcat -c
|
|
|
|
|
|
Old instructions
|
|
----------------
|
|
|
|
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore release.keystore patched.apk alias_name
|