Things I Learned Today - our daily eureka-moments

Programming .NET VS2010 Web Windows VS2012 S3 Search SQL SqlMetal Accessibility Amazon Android App BBQ EBS EC2 Exchange Food Garmin Geocaching GPS Grill Java Linq Lucene MVC PowerShell

Decompiling an android application - Carr, 13.05.2011

Due to perfectly legit circumstances, let's say suspicion of malware, I wanted to take a peek under the hood of an app running on my android device. It was apparantly exchanging data with a webservice, and my goal was to figure out what, where and how.

Here are the steps i followed to take a peek at the source code, on my unrooted phone. There is probably obfuscation and other security measures out there I haven't encountered yet, so your mileage may vary wildly.

1) Android apps are packaged as single .APK file. To grab it, I used ASTRO File Manager which lets you back up applications. It dumped an .APK file on the sdcard, which i transferred to my desktop.

2) Your APK file contains a .dex file (Dalvik executable). Download dex2jar, and run it on your APK (dex2jar.bat your.application.apk). This should produce a .JAR file.

3) Download another tool: JD-GUI, a lovely graphical java decompiler. Run it and open your .JAR file.


Tags: Android Programming Java App
Nobody has commented on this post yet. Feel free to be the first!