Apktool: A tool for reverse engineering Android apk files

Apktool is a tool used for Android application reverse engineering, and for creating malware by infecting legitimate apps. 

Apktool is one of the most important tools that must be included in an Android penetration tester's arsenal.

Install and Configure for Apktool

Apktool is widely available for Windows, Mac, and Linux platforms. Before we install Apktool in the system let's know its features and its requirement.

Features

• Disassembling resources to their nearly original form (including resources. arsc, classes.dex, 9.png. and XMLs)
• Rebuilding decoded resources back to binary APK/JAR
• Organizing and handling APKs that depend on framework resources
• Smali Debugging (Removed in 2.1.0 in favor of IdeaSmali)
• Helping with repetitive tasks

Requirements

• Java
• Basic knowledge of Android SDK, AAPT, and Smali

Apktool for Windows

Before installing Apktool on your Windows machine make sure, Java is already installed on your system. If not yet installed click on here.

To verify Java is installed on your system just type the following command:

 

Microsoft Windows[Version 6.3.9600]

(c) 2013 Microsoft Corporation. All right reserved.

C:\users\mrdev> java --version

java 15.0.2 2019-07-16

Java(TM) Runtime Environment (build 15.0.2+10)

Java HotSpot(TM) 64-Bit Server VM(build 15.2.2+10, mixed mode, sharing)

C:\users\mrdev>

Follow a few steps to run and install Apktool:

1. Create a new folder on C:\ Drive. Name the folder "apktool". Download the Windows wrapper script file, and paste the script on the notepad. Save it to C:\apktool\ folder as apktool.bet.

2. Download apktool-2 (find the newest here). Move the downloaded file to the C:\apktool\ folder. Rename the downloaded jar to apktool.jar.

3. If you do not have access to Apktool, then you have to add that directory to your Environment Variables System PATH variable.

Right-Click on This PC > Click Properties > Advanced System Settings > Environment Varibale.

4. Double click on Path and paste the path of the system variable. Put a semicolon (;) and paste the path C:\apktool. For Windows 10 users just paste no need semicolon. 

5. To Run Apktool, open Command Prompt (Press CTRL + R and type cmd) and type apktool.

Apktool for Linux

Apktool comes pre-installed with Kali Linux. If you have any other Linux just follow my steps:

1. Download the Linux wrapper script and paste it into any text editor. Save it as apktool.

linuxlite ~ nano apktool

2. Download apktool-2 (find the newest here). Rename downloaded jar to apktool.jar.

3. Create a new directory and move both files (apktool.jar & apktool), and make sure both files are executable (chmod +x).

linuxlite ~ mkdir apktool

linuxlite ~ sudo mv apktool apktool.jar apktool

linuxlite ~ cd apktool

linuxlite ~ | apktool chmod +x apktool apktool.jar

linuxlite ~ | apktool

3.  Move apktool directory to /usr/local/bin (root needed).

linuxlite ~ cd ..

linuxlite ~  sudo mv apktool /usr/local/bin 

4. Try running apktool via cli.

If you are a Kali Linux user no need to worry just go to Application > Reverse Engineering > Apktool.

> Executing "apktool"

Picked up _JAVA_OPTIONS: -Dawt.useSystemAAFontSettings=on -Dswing.aatext=true 

Apktool v2.4.1-dirty - a tool for reengineering Android apk files

with smali v2.4.0-dev and baksmali v2.4.0-dev

Copyright 2014 Ryszard Wiśniewski <[email protected]>

Updated by Connor Tumbleson <[email protected]>

usage: apktool

 -advance,--advanced   prints advance information.

 -version,--version    prints the version then exits

usage: apktool if|install-framework [options] <framework.apk>

 -p,--frame-path <dir>   Stores framework files into <dir>.

 -t,--tag <tag>          Tag frameworks using <tag>.

usage: apktool d[ecode] [options] <file_apk>

 -f,--force              Force delete destination directory.

 -o,--output <dir>       The name of folder that gets written. Default is apk.out

 -p,--frame-path <dir>   Uses framework files located in <dir>.

 -r,--no-res             Do not decode resources.

 -s,--no-src             Do not decode sources.

 -t,--frame-tag <tag>    Uses framework files tagged by <tag>.

usage: apktool b[uild] [options] <app_path>

 -f,--force-all          Skip changes detection and build all files.

 -o,--output <dir>       The name of apk that gets written. Default is dist/name.apk

 -p,--frame-path <dir>   Uses framework files located in <dir>.

For additional info, see: http://ibotpeaches.github.io/Apktool/

For smali/baksmali info, see: https://github.com/JesusFreke/smali

Usage of Apktool

For demo purposes, I have an apk file on my desktop.

Use debug mode (d) to decode the given apk file (/Desktop/test.apk):

┌──(mrdev㉿kali)-[~/Desktop]

└─$ apktool d test.apk

It will create a new directory on your desktop.

Open that file.

Using Apktool, you inject malicious code inside this application and many more. You learn them in my upcoming article, so stay connected with us.

Use build mode (b) to build the apk again (/Desktop/test):

┌──(mrdev㉿kali)-[~/Desktop]

└─$ apktool b test

To find the apk, Go to this Path ( /Desktop/test/dist). 

Learn more in my upcoming article.