Slide 1

Slide 1 text

Analyzing Android app binaries Pavlo Stavytskyi Google Developer Expert, Android

Slide 2

Slide 2 text

■ Google Developer Expert, Android About me 2

Slide 3

Slide 3 text

■ Google Developer Expert, Android ■ Mobile Infrastructure at Lyft About me 3

Slide 4

Slide 4 text

4 Agenda

Slide 5

Slide 5 text

■ Android package files Agenda 5

Slide 6

Slide 6 text

■ Android package files ■ Reverse engineering Android apps Agenda 6

Slide 7

Slide 7 text

7 Android package files

Slide 8

Slide 8 text

■ .apk .aab .aar files Android package files 8

Slide 9

Slide 9 text

■ .apk .aab .aar files ■ They are all .zip files Android package files 9

Slide 10

Slide 10 text

10 Demo

Slide 11

Slide 11 text

11 Reverse engineering Android apps

Slide 12

Slide 12 text

■ APK Analyzer Reverse engineering Android apps 12

Slide 13

Slide 13 text

■ APK Analyzer ■ dex2jar Reverse engineering Android apps 13

Slide 14

Slide 14 text

■ APK Analyzer ■ dex2jar ■ JD-GUI Reverse engineering Android apps 14

Slide 15

Slide 15 text

■ APK Analyzer ■ dex2jar ■ JD-GUI ■ Apktool Reverse engineering Android apps 15

Slide 16

Slide 16 text

16 APK Analyzer

Slide 17

Slide 17 text

17 Demo

Slide 18

Slide 18 text

18 dex2jar

Slide 19

Slide 19 text

■ brew install dex2jar dex2jar 19

Slide 20

Slide 20 text

■ brew install dex2jar ■ d2j-dex2jar app-release.apk dex2jar 20

Slide 21

Slide 21 text

■ brew install dex2jar ■ d2j-dex2jar app-release.apk ■ JD-GUI dex2jar 21

Slide 22

Slide 22 text

22 Demo

Slide 23

Slide 23 text

23 Apktool

Slide 24

Slide 24 text

■ brew install apktool Apktool 24

Slide 25

Slide 25 text

■ brew install apktool ■ apktool d app-release.apk Apktool 25

Slide 26

Slide 26 text

■ brew install apktool ■ apktool d app-release.apk ■ Make a change Apktool 26

Slide 27

Slide 27 text

■ brew install apktool ■ apktool d app-release.apk ■ Make a change ■ apktool b -f -d app-release Apktool 27

Slide 28

Slide 28 text

■ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000 Signing modified APK 28

Slide 29

Slide 29 text

■ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000 ■ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore app-release/dist/app-release.apk alias_name Signing modified APK 29

Slide 30

Slide 30 text

■ keytool -genkey -v -keystore my-release-key.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000 ■ jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore app-release/dist/app-release.apk alias_name ■ jarsigner -verify -verbose -certs app-release/dist/app-release.apk Signing modified APK 30

Slide 31

Slide 31 text

■ https://github.com/Morfly/compose-arch-sample Sample project 31

Slide 32

Slide 32 text

32 Q&A