Whether the Android system can only install APK files, that is, Android reverse is APK reverse engineering. Find out how APK comes from, that is, after java code is compiled, packaged and signed, it becomes an APK file. Let’s say app (application), and then Android reverse, which is from Apk file reverses the previous operation to get java code. In fact, this is not accurate, but in order to understand it, why is it inaccurate? Because generating an APK is not only java code, but also some other image and audio resource files. In addition to Java code, there are also some other resource files from APK. Now, let’s find out which is better, Android reverse or PC reverse.
Whether the Android system can only install APK files, that is, Android reverse is APK reverse. Find out how APK comes from, that is, after java code is compiled, packaged and signed, it becomes an APK file. Let’s say app (application), and then Android reverse, which is from Apk file reverses the previous operation to get java code. In fact, this is not accurate, but in order to understand it, why is it inaccurate? Because generating an APK is not only java code, but also some other image and audio resource files. In addition to Java code, there are also some other resource files from APK.
1.According to the resource file and androidmanifest Generate r.java file from XML
2.Process Aidl and generate the corresponding java file. If there is no Aidl, skip
3.Compile all the source codes under the SRC directory of the project source code (main project, Library), and the java files generated by r.java and Aidl will also be compiled to generate the corresponding class files
4.Package the class file generated in step 3 DEX file
5.Package the resource file to generate the initial APK
6.Add the generated in step 4 Add DEX file to APK to generate unsigned package
7.APK signature
By dragging APK into jadx as mentioned above, we can see what we want, and then check the source code and resource files in APK to analyze code security vulnerabilities and processes. Now you will find that there is no editing function in jadx, that is, jadx is just a tool to get the source code and resource files. If I want to modify the code or let APK load my own files, I need to use apktool.
1.Enter the directory where apktool is located
2.apktool d app. apk
A folder with the same name as APK will be generated in this directory, which is the source code and resource files. The copyright belongs to the author. For commercial reprint, please contact the author for authorization. For non-commercial reprint, please indicate the source. After decompilation, you can add your own ideas, modify the picture or use the code editing tool to modify the code logic. At this time, the code is smail.
Smail: the syntax of all the code decompiled is different from that of Java. It is similar to assembly. It is the register language used by Android virtual machine, but in jadx, the source code is in the form of Java, just two representations of one thing.
Classes. dex:classes. DEX is a Java bytecode file generated after compiling the Java source code. Dex2jar decompiles DEX into jar. You can read the source code using jadx.
Resources. arsc:resources. ArsC has a fixed format, including resource index and string resource pool.
AndroidManifest. XML: manifest file, which describes the name, version, permission, referenced library file and other information of the application.
Assets: the assets directory can store some configuration files (such as WebView local resources, picture resources, audio and video resources, etc.), which will not be compiled and are consistent with the files in the original project. The contents of these files can be obtained through relevant APIs during program operation.
Lib: the subdirectory under the Lib directory stores some so files generated by C / C + + code compilation corresponding to the mobile phone CPU architecture, which are generally used for JNI development.
Meta-inf: signature information is stored in the meta-inf directory to ensure the integrity of APK package and the security of the system.
Res: the res directory stores the compiled resource files. Although it is similar to the res directory hierarchy under the original project directory, it is actually compiled and processed. Only picture resources are consistent with the original project. Other types of resources are compiled and processed and cannot be viewed directly.
If you have smail language foundation or Android development foundation, after modifying the source code or adding other resource files, you can repackage, sign, publish and install now.
Android reverse is not necessarily more promising than PC reverse, but it is still quite good at least now. Moreover, this technology is also needed for jobs such as web penetration security and python crawler, such as app side penetration and app side data crawling; At present, it is quite considerable. I also have some friends who have been working in PC reverse for many years and have learned that there are many PC reverse now, and they are also turning to IOT and Android reverse. There is also a certain industry trend. However, no matter what, it’s always good to know more than one technology. There’s one more choice.