Decompiling Android Apps

Lets take some stuff apart! This will be a brief over view and demo of what it takes to decompile Android apps on a Mac. There are lots of guides and blogs for Windows so I thought it would useful to have one for Mac users. First I will give you a list and breakdown of the tools I use. From there I will show you the step by step process of how to decompile. Finally I will show you an example of a decompiled app and some of the fun things you can find! Lets start hacking!

Tools and Requirements

  • A Mac
  • An internet connection
  • Java SDK and JRE
  • Android SDK
  • Apktool

Setup and Installations

Java

The fist thing you are going to need to do is make sure you have Java's SDK and JRE on your machine. You can easily download them from here This should be easy just follow the instructions on the Java website and you'll be good to go.

SDK

Next up is the Android SDK. We will be working with APK files (Android Application Package. This is the file format used to distribute and install application software and middleware onto Google's Android operating system). You can download it here

Apktool

This is the awesome sauce that actually does the decompiling. It is a command line Java application that will decompile and compile Android APK files. here is the link. It also has some really good documentation which I always really appreciate and is worth giving a once over.

Extracting

Now I am going to assume you don't just have APK files laying around on your machine so we are going to need to get some if we want to actually decompile anything. This is where Apk Extractor comes in handy. It is an easy to use handy little tool for, you guessed it, extracting application APK files from your Android phone. Just follow the easy instructions and pull down whatever apps you want to decompile.

Execution

With everything downloaded we are ready to get to action. This is going to seem a bit anticlimactic because of how powerful Apktool is but just bare with me. Open a terminal window and run...

$ apktool d <someapk.apk>

After running this command you will end up with a new directory on your desktop with the decompiled app in it!

Having Fun!

So whether or not you find this part fun is subjective. I seem to be a hacking masochist who enjoy sifting through gibberish and tons of files and folders looking for the bread crumb. Below are some screen shots of what you can expect a decompiled app to look like. I have also highlighted a couple good places to look when trying to find low hanging fruit like api keys etc.

And thats it folks! That is all it takes. Have fun and remember, everything can be hacked!

decompiled app

(^ Above is what the directory will look like. Here I have decompiled Uber ^)

without suite

(This eyesore is the result of trying to read any of these files without the Andoird Studio. This is why I had you download it!)

APK Stuff 1

(Ahhhhh doesn't that look much nicer?)

Apk Stuff 2

(Here is another example of some of the goodies you get to sift through when just straight decompiling your apps)

APK Keys

(These don't seem to be super valuable BUT its stuff like this that might lead to more valuable things. It also shows they might just be willy-nilly with their third party vendor keys! Good luck hunting!)