How to hack (reverse engineer) an Android App
What do we mean when we talk about hacking or crackingAndroid apps to get their paid versions for free or to remove ads or enable paid features?
How do so many websites give away premium apks and apps for free? How do they crack them?
The answer to all of these questions is just 2 words - Reverse Engineering.
Reverse engineering refers to the art of opening up an application or a piece of software from the bottom up; that is, peeling it layer by layer until we reach the very core mechanisms of the app. At this point, we can figure out ways in which various app components work together and look at exploits to take advantage of these interdependencies.
Now, let's look at how we can reverse engineer an Android app.
There are a number of ways to get an APK. If you have an app you'd like to reverse-engineer on your Android, you can use a file manager like ASTRO to save a backup to an SD card. It's also possible to connect your Android to a computer and then use the Android Debugging Bridge to transfer the app to your PC. You can also use online tools to suck APKs out of Google Play.
Fora noted that because some data can be lost in the decompiling process, it's better to use a decompiler that was made with Android in mind. This skips the JAR step, converting DEX directly to Java.
For people uninterested in tracking down all those tools on their own, I suggest you use Santoku. This is a special distribution of Linux from viaForensics that comes preloaded with all the tools you need to pull apart, modify, and repackage an Android application. It's a powerful digital forensics tool. Use the Androguard tool to reverse engineer your Android app. Reverse engineering the app is almost done now. you have the code right in front of you. Play with it as you want.
How do so many websites give away premium apks and apps for free? How do they crack them?
The answer to all of these questions is just 2 words - Reverse Engineering.
Now, let's look at how we can reverse engineer an Android app.
Getting the APK file
The first step to reverse-engineering an app, is to get the apk file. Android apps (or APKs) are really just ZIP files with a new extension. Inside is everything the app needs to run—from the code to any media it might need.There are a number of ways to get an APK. If you have an app you'd like to reverse-engineer on your Android, you can use a file manager like ASTRO to save a backup to an SD card. It's also possible to connect your Android to a computer and then use the Android Debugging Bridge to transfer the app to your PC. You can also use online tools to suck APKs out of Google Play.
If none of these, then you can simply download the apk from over the internet from a trusted website.
Pulling It Apart
Once you have an APK to work with, you'll need to convert it into something more usable. For this, we have two options.- Disassemble your target with a tool like Apktool, which will convert the APK's compiled application code file (Dalvik Executable, or DEX) into an assembly language like Smali.
- Or decompile the apk, which converts the DEX into a Java Archive (JAR), and then to Java.
Fora noted that because some data can be lost in the decompiling process, it's better to use a decompiler that was made with Android in mind. This skips the JAR step, converting DEX directly to Java.
For people uninterested in tracking down all those tools on their own, I suggest you use Santoku. This is a special distribution of Linux from viaForensics that comes preloaded with all the tools you need to pull apart, modify, and repackage an Android application. It's a powerful digital forensics tool. Use the Androguard tool to reverse engineer your Android app. Reverse engineering the app is almost done now. you have the code right in front of you. Play with it as you want.
Rapid Reverse
If you fell asleep during the last few paragraphs, this is where you wake up. Using Santoku, take up an Android app of your choice and take it apart.
Now you will be able to browse the code for the app, tweak whatever you want, make changes and then recompile, sign the app and install it on a device. All of this and no one will ever detect the app has been tampered with!
Comments
Post a Comment