Android Tricks: How to Decompile an Apk file

While learning how to program, it is inevitable to turn to reverse engineering, to learn the way that how others solve problem. There is no exception when learning development on Android platform. Here we talk about three main methods to decompile an Apk file.

android-apktool

Where to get: 

1. Official website 

How to use:  

Dowload the apktool.bz2 and decompress it with bzip2(might be other format, never mind)

#bzip2 -d apktool.bz2

Then you will get two files: apktool, which is a shell script and apktool.jar the core. We use scriptapktool rather than the Jar. Here is to decompile an apk file to some directory:

./apktool d[ecode] [options] <file.apk> [<out dir>]

It will create a directory in <out dir> with the same name to apk file. Inside the directory, you can see almost as the same hierarchies as the source hierarchies when developing. Here is an example:

#./apktool d EffectiveAndroid.apk

#ls EffectiveAndroid

AndroidManifest.xml apktool.yml  res   smali

In the decoded directory, there is an AndroidManifest.xml, res which is the same to /res in development source and smali is equavilent to /src in development source, except these are *.smali codes instead of *.java codes. The *.xml files are text format and the same to ones when compiling. The codes are in a different coding--- smali which is also easy to read and modify.

This tool also supports re-compile the decompiled sources

into an apk file, which enables us to modify the apk files. For more info, please refer the help info.

This is the most convenient way from my standpoint. It decodes both the resources file and source codes for us in just one step. All other two ways need more than one.

dex2jar + jd+ AXMLPrinter2

Where to get: 

1. official website: dex2jar                jd        AXMLPrinter2                  

2. CSDN resources             dex2jar              jd        AXMLPrinter2     

How to use: 

1. Unzip the tool after downloading it, u can seedex2jar.bat anddex2jar.sh, which are scripts. That are the tool we gonna use. Unziping AXMLPrinter2.zip, there areAXMLPrinter2and AXMLPrinter2.jar,and same here, we use script AXMLPrinter2 

2. rename *.apk file to *.zip, and unzip it;

3. After unziping, you will get a directory whose name is the same to apk file, in which you can see four things: AndroidManifest.xml, /res, classes.dex and /assets 

4. use dex2jar.bat ordex2jar.sh to decompile the classes.dex file

#./dex2jar.sh classes.dex

5. use jd(Java Decompiler) to decompile the *.jar into Java source codes. It might be not correct and the same to original sources, but absolutely readable and referenceable.

#./jd-gui classes.jar

6. use AXMLPrinter2 to decompile the *.xml resources. The XML resources after unziping the Apk file are in binary format, which is unreadable for human. And dex2jar can decode *.dex only. So use AXMLPrinter2 to turn binary XML to text format.

The advantage of this tool is that you can see Java sources. The disadvantage is that this tool can only decompile an Apk file, but cannot re-compile, which means you cannot modify the apk in this way. It is ONLY for you to reference or learning.

baksmali/smali + AXMLPrinter2

Where to get: 

1. Official websites:  baksmali/smali              AXMLPrinter2                                

How to use: 

1. After downloading tools, unzip it, you will getbaksmali.jar,smali.jar,baksmaliandsmali,we use baksmaliandsmali which are shell scripts. Unziping AXMLPrinter2.zip, there are AXMLPrinter2 and AXMLPrinter2.jar, and same here, we use script AXMLPrinter2 

2. rename *.apk file to *.zip, and unzip it

3. After unziping, you will get a directory whose name is the same to apk file, in which you can see four things: AndroidManifest.xml, /res, classes.dex and /assets 

4. Use baksmali to decode classes.dex to smali codes. After decoding, in the output folder, there are the same hierarchies to the source folder /src in development, except the code is *.smali instead of *.java

./baksmali <dex-file>  -o <out dir>

5. The resources XMLs are in binary format, use AXMLPrinter2 to decode it to text format.

This tool also supports re-compile. with smali scripts you can re-compile the *.smali into a dex file:

./smali *.smali|<dir containing *.smali>  <out-dex>

Comparing the three methods, I prefer apktool most. It is powerful and easy to use. The only drawback of this tool is that it can only decodes into smali codes. But smali codes are also readable, referenceable and modifiable.

Finally, there are powerful tools indeed. But we should use them in a virtue way such reference, learning or localization. 

Have fun in android app reverse engineering trip.

This article discusses how to de-compile and modify an apk in great detail.