The App installation Package we downloaded is Apk file (Android Application Package). Through the Apk file, we can also get the application code and resource files to modify the application.

So how do we get these files? This requires Android decompilation.

01 Required software

  • Apktool decompiles XML and dex files and can repackage compiled projects into APK. The official speed is sometimes erratic, it can also be downloaded from my web disk: link password :xkao

  • Dex2jar converts classes.dex to a “. Jar “file

  • Jd-gui View the. Jar file. Official download address: Jd-gui My web disk: link password :xkao

02 Apktool

You can decompile apk files using Apktool, but you can also decompress them by simply changing the apk extension to “. Zip “and get some resource files.

  • The meta-INF saves the App signature information
  • Dex is the executable file of the Dalvik virtual machine, which needs to be converted into a JAR file using dex2jar
  • Androidmanifest.xml Android manifest file, which provides the necessary information for the Android system.
  • Assets store some resources, files, fonts, sounds, etc.
  • Lib stores third-party libraries
  • Original stores undecompiled androidmanifest.xml files
  • Res stores resource files, such as images, colors, characters, etc.
  • Smali Smali stores Smali code compiled from Java. Smali is equivalent to the language running on Android virtual machines.

Some resource files can be extracted directly, but androidmanifest.xml and other XML files are garbled. Decompilation using Apktool can restore the contents of these files to the maximum extent.

02-1 Installing Apktool

Windows:

  • Download the script file here or from my web disk link and change the name ** “apktool.bat” ** (no need to change the name if you download it from my web disk)

  • Go here or to my web disk link to download apktool and change the name to ** “apkTool.jar” **

  • Move ** “apktool.jar” and “apktool.bat” ** to a Windows directory (usually under C:// Windwos)

  • Enter it on the command line

$ apktool
Copy the code

If there is a

Jar and apktool.bat must be added to the environment variables of the system.

Mac OS:

  • Download the script file here or from my web disk link and change the name ** “apktool” ** (no need to change the name if you download it from my web disk).

  • Go here or to my web disk link to download apktool and change the name to ** “apkTool.jar” **.

  • Move ** apktool and ** apktool.jar to /usr/local/bin

  • On the cli, go to the /usr/local/bin directory and run the following commands

$ chmod a+x d2j_invoke.sh
$ chmod a+x d2j-dex2jar.sh
Copy the code
  • Enter it on the command line
$ apktool
Copy the code

appear

The installation is successful.

02-2 Decompile Apk

  • CD to apK directory
  • The input
$ apktool d test.apk
Copy the code

When finished, you get a file containing the resource file and code:

Note: the dex file is decompiled directly into the smali file, whereas the.dex file is needed.

Run again at this point:

$ apktool d -s -f test.apk
Copy the code

-d Decompiles apK files

-s does not decompile the dex file, but preserves it

-f If the target folder exists, delete it and decompile it again

You get a folder like this:

02-3 Package and sign the new Apk

To demonstrate how to repackage and sign the modified Apk file, I wrote a simple Demo: after changing the background of the Demo, package and sign it.

Here’s what the initial application looks like:

  • Decompile using Apktool

  • Open the generated directory and make changes. Change bg.jpg to another prepared image (be sure to name it the same).

  • repack
$ apktool b b_test -o newtest.apk
Copy the code

-b indicates that build b_test is the directory where the decompiled file resides. -o specifies the new file name, in this case “newtest.apk”.

  • Get the new APK file

Note: The APK file cannot be installed at this point and needs to be signed.

  • Sign the new Apk:
$ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore testjks -storepass password newtest.apk aliasName
Copy the code

The signature file is generated by myself, so I can't use Apk's original signature to sign it.

Now try installing Apk:

As you can see, the background resource has been successfully replaced with the second image we set up.

03 dex2jar

Download and unzip dex2JAR

  • Copy the classes.dex file from the previous step (and sometimes also classes2.dex, if there are too many methods, just like classes.dex) into the directory where dex2jar was unzipped.

  • Run from the command line:

$ sh d2j-dex2jar.sh classes.dex
Copy the code

If prompted:

d2j-dex2jar.sh: line 36: ./d2j_invoke.sh: Permission denied
Copy the code

perform

$ sudo chmod +x d2j_invoke.sh
Copy the code

Then execute again

$ sh d2j-dex2jar.sh classes.dex
Copy the code

Run successfully and generate classes-dex2jar.jar in the current directory.

04 jd-gui

Once you have jD-GUI installed, use it to open classes-dex2jjar. Jar and you can see the decomcompiled Java code!

The code here is not obfuscated, so the names are easy to recognize. If you download an APK file from the app market, the decompilated code is mostly obfuscated code.

Out of respect for developers and for the sake of maintaining the stability of apps, please do not modify other people’s apps, but use this technology for technical reasons only!

Welcome to the author of this article:

Scan code to pay attention to and reply to “dry goods”, and obtain thousands of GIGABytes of Android, iOS, JavaWeb, big data, artificial intelligence and other learning resources sorted by me.