Aim:

To learn to:

1. Decompile the Android App File (.apk) into Java code (.java)
2. Disassemble the Dex File (.dex) into Dalvik Opcodes (.smali)
3. Use of tools like adb(Android Debug Bridge), dex2jar, jd-gui, etc.

Besides above things, this tutorial introduces you to the basics of reverse engineering on Android platform.

Tools Needed:

• Android SDK (for adb and Emulators )
• EasyAPKDisassembler ( Its batch utility created by some XDA member that supports disassembling, converting binary XML to textual XML, APKtool assembly/disassembly, Signing/Designing Certificates, etc)
• Dex2jar
• WinRAR or any archive tool (with .zip file support)
• jd-gui or any other Java decompiler.

Steps for DISASSEMBLING (.dex to .smali) :

1. Copy the target APK file ( TestHelloWorld.apk ) to "platform-tools" folder inside the main "android-sdk" folder. For e.g. On my machine Android SDK is in "D:\Program Files(x86)\Android\android-sdk\platform-tools"

2. Copy the Command Prompt(cmd.exe) from your system files into "platform-tools" folder and double click it to type following commands:

D:\Program Files (x86)\Android\android-sdk\platform-tools>adb devices
List of devices attached
emulator-5554   device

D:\Program Files (x86)\Android\android-sdk\platform-tools>adb install TestHelloW
orld.apk
24 KB/s (5546 bytes in 0.220s)
        pkg: /data/local/tmp/TestHelloWorld.apk
Success

3. "adb devices" tells us the list of running emulators.

4. We install the APK package with "adb install TestHelloWorld.apk" command.

5. Lets check and see the app in emulator:

6. Download and extract "EasyApkDisassembler.V1.3.1.zip" in a folder anywhere you like. Also copy the "TestHelloWorld.apk" in the same folder.

7. Open "TestHelloWorld.apk" with WinRAR or any other archive tool that supports the ZIP format as .APK is nothing but a .ZIP file with a different extension. From this file extract the "classes.dex" into the same dir where you extracted the "EasyApkDisassembler.V1.3.1.zip" files :

8. Start "EasyApkDisassembler.EN.bat" , press option 2 and give the name of the file as "TestHelloWorld.apk" :

9. Now the "classes.dex" file is disassembled into the same folder with a name as "out_TestHelloWorld.apk". This folder contains all the disassembled source code in Dalvik Opcodes format (.smali) files :

10. Navigate to "\out_TestHelloWorld.apk\com\example\android\helloactivity\" :

11. You will see many .smali files. Open the "HelloActivity.smali" file in Notepad or any other text editor you like :

.class public Lcom/example/android/helloactivity/HelloActivity;
.super Landroid/app/Activity;
.source "HelloActivity.java"


# direct methods
.method public constructor ()V
    .registers 1

    .prologue
    .line 27
    invoke-direct {p0}, Landroid/app/Activity;->()V

    .line 28
    return-void
.end method


# virtual methods
.method public onCreate(Landroid/os/Bundle;)V
    .registers 3
    .parameter "savedInstanceState"

    .prologue
    .line 35
    invoke-super {p0, p1}, Landroid/app/Activity;->onCreate(Landroid/os/Bundle;)V

    .line 39
    const/high16 v0, 0x7f02

    invoke-virtual {p0, v0}, Lcom/example/android/helloactivity/HelloActivity;->setContentView(I)V

    .line 40
    return-void
.end method

Steps for DECOMPILING (.dex to .java) :