This is actually nothing very new, but what probably a lot of people do for a long time already. You can use this technique to do security reviews, to crack license mechanisms of apps, check how easy it is to modify your own app or do malware research. I’m not saying you should or shouldn’t do any of these. As usually tested on Mac OSX only but should work on Linux or other Unix, too.<\/p>\n
You need the following folder structure (or simply download the Android-app-disassembling-reassembling.zip<\/a>):<\/p>\n After you run the disassemble.sh file you find the smali code for your app in the “outputs\/smali-output” directory. Now you can change the app as you like. Here are three suggestions:<\/p>\n After you have done all your modifications, run reassemble.sh. There will be an apk file you can install on your device (see the last message that reassemble.sh will print). If you have added IGLogger, you will see a line in logcat that prints the secret key (for example run “adb logcat|grep -i IGLogger”).<\/p>\n Happy hacking Here’s the disassemble.sh that will disassemble your apk file to smali code:<\/p>\n Here’s the reassemble.sh code that will reassemble your app to a signed and ready to be installed Android app apk file:<\/p>\n This is actually nothing very new, but what probably a lot of people do for a long time already. You can use this technique to do security reviews, to crack license mechanisms of apps, check how easy it is to … Continue reading \n
\n
\nfloyd<\/p>\n\r\n#!\/bin\/bash\r\nORGWD=`pwd`\r\n\r\n#Configurable Parameters\r\nAPKLOCATION=$ORGWD\/apks-to-process #where the APK files are stored that should be processed\r\n\r\n#Disassembling\r\nSMALI_TARGET=$ORGWD\/outputs\/smali-output #Where to save the results\r\nAPKTOOLSTART="java -jar $ORGWD\/external-tools\/apktool.jar" #The apktool\r\n\r\n########\r\n#Normally you should not need to change anything below here\r\n########\r\n\r\n#Look for the files to dissassemble\r\ncd $APKLOCATION\r\nFILES=`ls *.apk`\r\n\r\nif [ -e $SMALI_TARGET ]\r\nthen\r\n echo "[ERROR] Please delete\/rename $SMALI_TARGET folder first!"\r\n exit\r\nelse\r\n mkdir $SMALI_TARGET\r\nfi\r\n\r\nfor f in $FILES\r\ndo\r\n echo "[INFO] Disassembling $f" \r\n $APKTOOLSTART d $f $SMALI_TARGET\/$f\r\ndone\r\n\r\ncd $ORGWD\r\n\r\n<\/pre>\n
\r\n#!\/bin\/bash\r\nORGWD=`pwd`\r\n\r\n#Configurable Parameters\r\nAPKLOCATION="$ORGWD\/outputs\/faked-apks" #where the APK files will be stored that should be produced\r\n\r\n#Reassembling\r\nSMALI_TARGET="$ORGWD\/outputs\/smali-output" #Where to get the apps to reassemble\r\nAPKTOOLSTART="java -jar $ORGWD\/external-tools\/apktool.jar" #The apktool\r\n\r\n########\r\n#Normally you should not need to change anything below here\r\n########\r\n\r\n#Look for the files to dissassemble\r\ncd "$SMALI_TARGET"\r\nFILES=`ls`\r\n\r\nif [ -e "$APKLOCATION" ]\r\nthen\r\n echo "[ERROR] Please delete\/rename $APKLOCATION folder first!"\r\n exit\r\nelse\r\n mkdir "$APKLOCATION"\r\nfi\r\n\r\nfor f in $FILES\r\ndo\r\n echo "[INFO] Reassembling $f" \r\n $APKTOOLSTART b "$SMALI_TARGET\/$f" "$APKLOCATION\/$f"\r\n if [ ! -f "$APKLOCATION\/someone.keystore" ]\r\n then\r\n keytool -genkey -noprompt -dname "CN=example.ch, OU=floydsReassembling, O=example, L=example, S=example, C=CH" -storepass password -keypass password -alias someone -validity 100000 -keystore "$APKLOCATION\/someone.keystore" -keyalg RSA -keysize 2048\r\n fi\r\n jarsigner -verbose -storepass password -keypass password -sigalg SHA1withRSA -digestalg SHA1 -keystore "$APKLOCATION\/someone.keystore" "$APKLOCATION\/$f" someone\r\n mv "$APKLOCATION\/$f" "$APKLOCATION\/$f.unaligned"\r\n zipalign -v 4 "$APKLOCATION\/$f.unaligned" "$APKLOCATION\/$f"\r\ndone\r\n\r\necho "TODO:"\r\necho "adb install \\"$APKLOCATION\/$f\\""\r\n\r\ncd "$ORGWD"\r\n<\/pre>\n","protected":false},"excerpt":{"rendered":"