Security - RE

Apktool

Android RE.

apk

  • AndroidManifest.xml
  • classes.dex
  • res/
  • lib/
  • META-INF

arsc: Android package Resource file.

hacking approach

  • unzip apk & disassemble classes.dex
  • perform static analysis on the app
  • inject byte-code into the app
  • reassemble classes.dex & zip/sign apk

dex: dalvik executable

apktool

1
2
apktool d RecentContest_beta.apk
apktool b RecentContest_beta

RecentContest

contests.

To remove Private access contests from the json result, just insert the following lines after :cond_1 of file JsonStringAnalysis.smali 

1
2
3
4
5
6
7
const-string v8, "Private"

invoke-virtual {v0, v8}, Ljava/lang/String;->equals(Ljava/lang/Object;)Z

move-result v8

if-nez v8, :try_end_0

testsign

1
java -jar testsign.jar RecentContest_beta.apk RecentContest_beta-signed.apk

smali

Types

  • V: void
  • Z: boolean
  • B: byte
  • S: short
  • C: char
  • F: float
  • I: int
  • J: long
  • D: double
  • [: array

Classes

  • full name space slash separated
  • prefixed with L
  • suffixed with ;
1
Lcom/example/myapp/MyClass;

Methods

.method keyword method-name parameters/return

1
.method private delayedAnimationFrame(J)Z

Registers

  • .locals
  • .parameters

Opcodes

  • invoke-super vx, vy, …
  • new-instance vx
  • invoke-direct vx, vy, …
  • const-string vx
  • invoke-virtual vx, vy, …
  • return-void

dex2jar

jd-gui