[ANDROID](Reversing) From APK to JAR to JAVA Code :)
A volte è utile sapere cosa mettono dentro centri dentro alcune applicazioni android, sempre più spesso infettate.
E’ bello capire come si diffondono eventuali virus, analizzare eventuali botnet .
Direttamente da stackoverflow.com un utente ci spiega alla larga come effettuare questa operazione.
step 1:
make a new folder and put .apk file (which you want to decode) now rename this .apk file with extension .zip (eg:rename from filename.apk to filename.apk.zip) and save it..now you get classes.dex files etc…at this stage you are able to see drawable but not xml and java file…so cont…
step 2:
now extract this zip apk file in the same folder(in this eg or case NEW FOLDER). now dowmload dex2jar from this link http://code.google.com/p/dex2jar/ and extract it to the same folder (in this case NEW FOLDER)…..now open command prompt and reach to that folder (in this case NEW FOLDER)….after reaching write “dex2jar classes.dex” and press enter…..now you get classes.dex.dex2jar file in the same folder……now download java decompiler from http://java.decompiler.free.fr/?q=jdgui and now double click on jd-gui and click on open file then open classes.dex.dex2jar file from that folder…now you get class file…save all these class file (click on file then click “save all sources” in jd-gui)..by src name….at this stage you get source…but xml files are still unreadable…so cont…
step 3:
now open another new folder and put these files
put .apk file which you want to decode
download apktool v1.x AND apktool install window using google and put in the same folder
download framework-res.apk file using google and put in the same folder
Open a command window
Navigate to the root directory of APKtool and type the following command: apktool if framework-res.apk
apktool d “fname”.apk (“fname” denotes filename which you want to decode)
now you get a file folder in that folder and now you can easily read xml files also.
step 4:
it’s not any step just copy contents of both folder(in this case both new folder)to the single one
and now enjoy wid source code…
Ecco ora vediamo in modo completo come effettuare queste operazioni :)
Io sono su archlinux ma i comandi non saranno molto diversi :)
Copiamo il nostro file apk in una nuova cartella e rinominiamola in .zip.
cd $HOME
mkdir reverse
mv FILE.apk reverse/new.zip
Estraiamo il contenuto:
unzip new.zip
Adesso scarichiamo dex2jar da qui:
http://code.google.com/p/dex2jar/
Decomprimiamolo in $HOME.
Ora andiamo in $HOME:
cd $HOME
cd dex-*
Digitiamo:
sh dex2jar.sh ../reverse/*.dex
Possiamo dargli anche direttamente il file apk :)
Adesso nella cartella reverse abbiamo il file NAME.jar.
Ora scarichiamo jdgui da qui:
http://java.decompiler.free.fr/?q=jdgui
Estraiamolo in $HOME/jdgui:
cd $HOME/jdgui
chmod +x jd-gui
Dipendenze:
pacman -Syu lib32-gtk2
Lanciamo jdgui:
./jd-gui
Ora da jdgui apriamo il file jar precedentemente creato.
Questo metodo è la traduzione dello step 2 e 1 il più semplice e potente dal mio punto di vista :)
Altri tools per fare il reverse di file apk sono:
Entrambi i tools da me usati e quelli citati sono disponibili in una macchina virtuale basata su ubuntu adatta al reverse per applicazioni android :)
This VirtualBox-ready VM includes the latest Android malware analysis tools as follows:
- Androguard
- Android sdk/ndk
- APKInspector
- Apktool
- Axmlprinter
- Ded
- Dex2jar
- DroidBox
- Jad
- Smali/Baksmali
DOWNLOAD IMAGE FRO Virtual Machine
Related posts:
- [Android]Debian 6 && Metasploit 4 on Galaxy S I9000
- [Metasploit]Sun Java Web Start Plugin Remote Code Excution
- [CVE-2011-3544]Metasploit: Java Remote untrusted Java Web Start
- [CVE-2010-1297]Metasploit:Flash Player 9x, 10.0 Remote code Excution
- [JAVA]Http Basic Authentication
This entry was posted on Tuesday, December 13th, 2011 at 4:14 pm and is filed under Android, GNU/Linux, Software. You can follow any responses to this entry through the RSS 2.0 feed. You can leave a response, or trackback from your own site.
Tagged with: android • reverse • virus
Pingback: [Android Pentest Lab]Analyze Emulator Traffic