APK Decompilation: A Beginner's Guide for Reverse Engineers

This guide will help you learn what is an APK and how to decompile it. After reading this article, you'll be able to decompile APK files and figure out what's inside them. You don't need to be a programmer to follow this guide. But, having the know-how of Android development, Java, and some basic Linux commands will be very helpful. This guide is not just for beginners, even experienced reverse engineers can use this information to investigate/audit an Android app. What is an APK? An Android Package file (.apk) is a compressed archive file that contains all of the data and resources needed by an application to run on your Android device. APK file is typically created when the developer wants to share the app with others or to upload it on Google Play. Basically, an APK file is used to install an app onto your phone or tablet. Here's the official Android documentation on . how to build a project's APK file What is APK Decompilation? APK decompilation is the process of reverse engineering an APK file to retrieve its source code. APK decompilation is useful for understanding how an Android app works, especially if you're interested in ethical hacking or penetration testing. How to Decompile an APK File? Decompiling or reverse-engineering an APK file is not as complicated as it sounds. There are several free and open source APK decompiler tools available for doing this. But, the three most popular ones are: JADX Apktool Bytecode Viewer Basically, each of these APK decompilers works differently and has its own pros and cons. So, you have to select them according to your requirements. For example, JADX is quick and convenient but sometimes resource files are partially missing in its output. So, JADX has some reliability issues. On the other hand, Apktool returns source code in detail with complete resource files. Similarly, Bytecode Viewer analyzes files slower but offers more features such as 6 decompilers, 2 assemblers, 3 disassemblers, 2 APK converters, etc. If you want to discover all the available options (i.e. open source, online, Windows, Mac, Linux, and Android apps) then definitely check out this ultimate list of tools. Here, you'll get information about the features as well as the pros/cons of each APK decompiler. best APK decompiler Anyways, in this article, I will show you . how to decompile an APK using JADX Decompile an APK using JADX Step 1:- Download/Install Java and JADX At first, you must download and install Java 11 or later (64-bit version) on your PC. You can for Windows, Mac, and Linux. In my case, I’ve installed Java 18 on my Windows 10 PC. download it from here After that, download the . At the time of writing this article, the latest version of JADX is 1.4.3. latest release of JADX from GitHub Step 2:- Extract the .zip File Basically, JADX is packed with a command-line utility as well as a GUI application. The Command line utility is mostly used when you want to provide an APK decompiler as a service. Whereas, the JADX GUI app is more convenient to decompile a specific APK and view its source code and resources in a better user interface. The behind-the-scenes working of both tools is the same so it is just a matter of personal preference or requirements. Simply unpack the .zip file of the downloaded JADX release in an empty folder. Here’s the list of extracted files and folders. Now, go to the “bin” directory. The content of this folder will be something like this: Here’s the description for all these files. – The Command Line version of JADX jadx – The Command Line version of JADX for Windows jadx.bat – The Graphical UI version of JADX jadx-gui – The Graphical UI version of JADX for Windows jadx-gui.bat On Windows, run .bat files with rights because otherwise on some computers JADX won't even start. On Linux and Mac, open jadx or jadx-gui files. Note:- Administrator Step 3:- Get Your Desired .apk File It’s time to get the .apk file that you want to decompile. For the sake of this tutorial, I have downloaded a from APKPure. Calculator App APK File Step 4:- Using JADX GUI Here’s how the JADX GUI app looks on Windows when you open the file. Basically, it is asking you to select a .apk file for decompilation. jadx-gui.bat Now find your .apk file using the file explorer popup, select it, and then hit the “Open” button. JADX will now automatically decompile the selected APK file. The results will be displayed in an IDE-style explorer (on the left side). At this point, you can navigate the source code and the resources used to create the app using the left side panel. Step 5:- Using JADX Command Line Utility To use JADX in the command line, simply open a new command prompt window with privileges. Now, switch to the “bin” directory of JADX using “cd”. For example: Administrator cd C:\Users\Furqan\Downloads\jadx-1.4.3\bin Structure of Command:- Now let’s have a look at the structure of the JADX command that we will use to decompile an APK file. jadx -d [path-of-output-folder] [path-of-apk-file] – Access command line utility jadx – An option that enables us to specify the output directory. -d – Replace this with the actual path of the output directory where you want the result of the decompilation process. [path-of-output-folder] – Replace this with the path of an input file. The input file can be of these types (.apk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab). [path-of-apk-file] For example, in my case, I’ll execute this command: jadx -d "C:\Users\Furqan\Downloads\calculator" "C:\Users\Furqan\Downloads\Samsung Calculator_v12.0.05.5_apkpure.com.apk" Output:- After executing the above command it will take some time for processing and then place the decompiled files/folders inside the output folder you specified. Conclusion In this article, you learned the basics of APK Decompilation. I talked about why you might want to use something like APK Decompiler and what it can do for your reverse engineering work. I talked about three different APK decompilers JADX, Apktool, and Bytecode Viewer. And for the sake of this tutorial, I used JADX to give you an overview of how APK decompilation works. Now, it’s your turn to implement this app reverse engineering knowledge for something awesome. Maybe go for some bug bounty programs and help companies improve their app security.

APK Decompilation: A Beginner's Guide for Reverse Engineers

Too Long; Didn't Read

Companies Mentioned

@trulyfurqan

RELATED STORIES