Sunday, July 7, 2013

Lets develop a source code from executable : Reverse engineering approach

Why mobile security is important ?

Now a days world is becoming tiny with the latest inventions in gadgets. Hardwares are becoming smaller and smaller and their efficiency and usability is increasing rapidly.

There is a drastic growth in mobile application development in past 3 years.

Average 500% people are using mobiles for day 2 day transaction. From all those people 60% of people are not installing anti virus in their phone and 50% of mobile users jailbreak their phones. Number of chances are very high that mobile applications can be used in a wrong manner to harm other people.

Today I will demonstrate how to one android application can be reverse engineered.

There are basic 5 steps of cracking any type of mobile application code.

  1. Having an executable with us.
  2. Define which technology is used to create that.
  3. Find the object code from executable.
  4. Gather the class file from object code.
  5. Grab functions definitions from class files.
We will follow this same procedure to crack the code of any android application. There are a number of applications available on the internet. I am picking any one of them.

I am having a test apk file which says something like a GPs test file. It is an executable file of android application which's extension is *. apk

Our Methodology

Firstly, we will convert our apk file to dex file.
Secondly, we will derive jar file(object code) from dex file.
Finally, we will gather Java(class files) from our jar file.

1. Apk to dex conversion.
Tool : Winrar - Open apk file in winrar and find in Dex file which is the main file from whole application. Extract it somewhere in your folder.

Found Dex File
Extracted It in the same folder
Now, we need to convert this dex file into jar file. We will use dex2jar- tool in order to do this. But make sure your dex file has to be in the folder where this dex2jar executable file is.

So this is how conversion can be done.

Dex 2 jar conversion

Now we will decompile the jar file in order to get class files which are java files. And for that we will be using the JD GUI tool. It can be done as follows:

Opening converted jar classes file in the JD GUI tool

Thus how you see the whole source code of android application. You can even save in a notepad by simply clicking file save source or file save sources.

Thank you.

No comments: