Help with reverse engineer android

K

komangulo

Newbie
Joined
Apr 11, 2014
Messages
13
Reaction score
1
hello, I'm looking for a guide or video tutorial on how to properly reverse engineer android.
Once I download the project with apktools I do not see any document gradle , from which to launch the emulator.
If someone can give me a hand or tell me where there is a course or similar I appreciate it.
 
Advertise on BHW
I can say only that I haven't reverse engineer instruction but I can tell you "how" and it's a lot harder than making app from scratch or reskin source code. You need a lot of knowledge about coding.

1. First you need to extract all resources, xmls, blablabla with some 7zip
2. Then you need to create Android Studio project from scratch, paste resources
3. Then convert dex to jar, using tool called dex2jar
4. Open jar in some android decompiler for example jdgui
5. By checking source code, restore it in new project method by method, variable by variable. Please note, you will have many missing parts from decompilation, you need to code them from scratch

It's very time consuming and requires understanding what developer though. Better to understand feature and code them yourself, much faster.

You will not have any gradle file! It's only instruction for Android Studio, how to create APK but apk files haven't gradle file.
 
TL;DR: Moral of the story: You will probably restore a junkie code for some low developer/ newbie company after some hard work that has no real market value.
Most developers today use pro guard to obfuscate their code
Any serious gamer in this field takes care first and foremost of his own code
By the end of this post, most folks will laugh at me. Since the following is deprecated it will get you banned easily.
if you can't learn java, there is kotlin try it it has a great potential for the future
But for historical purposes, I am wrting this.

1- Reverse an apk back to original source code.
Use jadx gui. There is an option to restore project to gradle.
Problem is you need some serious working to get it work, that, if you are lucky and the code isn't obfuscated
If you are persistent enough you can understand the logic behind the app, get some working classes, methods etc.

2- inject your ads into the app mainly admob and reupload: (working but useless as of today)
2-1- use apktool to decompile the app apktool d app.apk
2-2 change app name
2-3- use an editor/ search and replace command: sed etc search for the package name change it. then replace dots with slashes and append L (Big L) at the beginning of the package and replace with your own.
example:
original package: com.company.app your package: com.company2.app2
- replace com.company.app with com.company2.app2
- replace L/com/company/app with L/com/company2/app2
2-4 change folder names:
company becomes company2 and app becomes app2
2-5 change resources
2-6 look for ca-app to change ad ids
2-6 build apk: apktool b app -o newapp.apk
2-7 sign apk by using apk signer (google it)
 
astrid.cason said:
TL;DR: Moral of the story: You will probably restore a junkie code for some low developer/ newbie company after some hard work that has no real market value.
Most developers today use pro guard to obfuscate their code
Any serious gamer in this field takes care first and foremost of his own code
By the end of this post, most folks will laugh at me. Since the following is deprecated it will get you banned easily.
if you can't learn java, there is kotlin try it it has a great potential for the future
But for historical purposes, I am wrting this.

1- Reverse an apk back to original source code.
Use jadx gui. There is an option to restore project to gradle.
Problem is you need some serious working to get it work, that, if you are lucky and the code isn't obfuscated
If you are persistent enough you can understand the logic behind the app, get some working classes, methods etc.

2- inject your ads into the app mainly admob and reupload: (working but useless as of today)
2-1- use apktool to decompile the app apktool d app.apk
2-2 change app name
2-3- use an editor/ search and replace command: sed etc search for the package name change it. then replace dots with slashes and append L (Big L) at the beginning of the package and replace with your own.
example:
original package: com.company.app your package: com.company2.app2
- replace com.company.app with com.company2.app2
- replace L/com/company/app with L/com/company2/app2
2-4 change folder names:
company becomes company2 and app becomes app2
2-5 change resources
2-6 look for ca-app to change ad ids
2-6 build apk: apktool b app -o newapp.apk
2-7 sign apk by using apk signer (google it)
Click to expand...
Haha
 
Depending on what it is written, some apps are using webviews, so they are coded in javascript. You can rename the apk to zip and can see many files present straight out there.
 
astrid.cason said:
TL;DR: Moral of the story: You will probably restore a junkie code for some low developer/ newbie company after some hard work that has no real market value.
Most developers today use pro guard to obfuscate their code
Any serious gamer in this field takes care first and foremost of his own code
By the end of this post, most folks will laugh at me. Since the following is deprecated it will get you banned easily.
if you can't learn java, there is kotlin try it it has a great potential for the future
But for historical purposes, I am wrting this.

1- Reverse an apk back to original source code.
Use jadx gui. There is an option to restore project to gradle.
Problem is you need some serious working to get it work, that, if you are lucky and the code isn't obfuscated
If you are persistent enough you can understand the logic behind the app, get some working classes, methods etc.

2- inject your ads into the app mainly admob and reupload: (working but useless as of today)
2-1- use apktool to decompile the app apktool d app.apk
2-2 change app name
2-3- use an editor/ search and replace command: sed etc search for the package name change it. then replace dots with slashes and append L (Big L) at the beginning of the package and replace with your own.
example:
original package: com.company.app your package: com.company2.app2
- replace com.company.app with com.company2.app2
- replace L/com/company/app with L/com/company2/app2
2-4 change folder names:
company becomes company2 and app becomes app2
2-5 change resources
2-6 look for ca-app to change ad ids
2-6 build apk: apktool b app -o newapp.apk
2-7 sign apk by using apk signer (google it)
Click to expand...
I was planing to use this method to test accounts.
I just find it very time consuming once I make an app from scratch just to get a ban..
I doubt that google can differ from an app built using apktool and an app build using android studio ?

back in 2015 when I was first banned with a fake dmca
I found out later about 6 month or so that some of my apps that were stolen
probably using apktool and the developer was not banned.
based on same apps will lead to prior violations but it did not.

Any insights on this ?
 
Advertise on BHW
You must log in or register to reply here.
Sign up now!

Main Menu

Home Main Forum List Black Hat SEO White Hat SEO BHW Newbie Guide Blogging Black Hat Tools Social Networking Downloads

Marketplace

Content / Copywriting Hosting Images, Logos & Videos Proxies For Sale SEO - Link building SEO - Packages Social Media Social Media - Panels Web Design Misc

Making Money

Affiliate Programs Hire a Freelancer Making Money Pay Per Click Site Flipping

BlackHatWorld

BHW Merch Forum Suggestions & Feedback Introductions Lounge Dispute Resolution

Other

Domain Name Forum IM Journeys Web Hosting Newsletter
Back
Top