So i have an android app (payqwiq) which has root detection. Using magisk i have managed to get my phone to pass safetynet and i can use android pay, however this payqwiq app still throws an error.
I was recommended in the magisk support thread to decompile the apk and check for dependencies and if it is checking for props and told to Google it.
So i used apktools to decompile the apk and poured over the smali files. I found a method in LaunchActivity.smali that looked promising but i cannot for the life of me figure out what it is actually checking for.
Please could i have some help with what to look for?
You can use jadx to decompile the classes.dex file within an APK file to Java.
Related
I am currently working on an android app but my hard drive unfortunately crashed and I lost all the data on it... I am trying to recover my source code from the debug APK I had installed on my phone (using dex2jar and jd-gui) however, it seems like the classes are not present in the classes.dex and classes2.dex (both files are tiny and do not contain any of the classes in my code, see photo).
I used apk extractor to get the apk from my installed app and I cant seem to get anything close to my original classes... I am wondering if I am doing something wrong to get the APK from the installed app; any help would be greatly appreciated.
Thanks.
For de-compiling your APK to Java classes you can go to this site -
http://www.javadecompilers.com/apk
Just upload your apk and click on decompile. It should work for you !
I have developed an Android app in Android studio and have uploaded its apk in Google Play Store as well. But I had lost all the files(java+xml) of the app.
Now I only have the apk from play store and also the apk before uploading to Google Play Store (apk before performing encryption).
Now I want to get all the java files and xmls of the app for updating the app. I have tried all the steps mentioned by previous StackOverflow questions but I was not able to get the Java files properly. I was able to get the xmls properly. Java files I got was somewhat not understandable format (partially compiled/transformed)
So my question here is can I get all java files as normal java files without any compilation/transformation?
Please help guys. Thanks a ton in advance
Nope, you can't. Unless going through reverse engineering process, something like dex2jar...
The first step is to extract your APK archive and copy the file named classes.dex to some other directory. Next you need to convert your dex file into jar format.
For that you can use this library. Bear in mind that you have to build it first using gradle.
The final step is to decompile your java class files into proper java files. Use this tool.
Voila, you have your source code. That is if you haven't used Proguard to obfuscate your code.
I am looking for a way to make changes to my apk file - These changes should make the apk harder to reverse engineer.
I am already running Proguard to obfuscate the code.
From what I see there are Dexguard and Dexprotect that add encryption for your classes and resources. Is there a simple way to add encryption by your self to the resource folder?
I have also found from old answers HoseDex2Jar. This tool will protect your code from decompiling. The answers were 4 years old and now I could not find this tool. The website is still online but it seems that they have redesigned their software. Is there a new solution like this?
On Jelly Bean it seems that you can encrypt the apk. But it only works if you install the apk from adb - so it can not be used in production(where users download the app from google play)
https://nelenkov.blogspot.ro/2012/07/using-app-encryption-in-jelly-bean.html
Thanks
I'm building phonegap app using phonegap-build.
I need to make some changes to the manifest of the android apk.
After i download the apk of my phonegap build, i rename it to .zip file to see the contents of the file.
When i open it, there i see the xml file there, and when i open that one, it has encoding problem.
This is what i see:
I understand it's a binary, but i need to see the content in plain english, if possible.
1) How can i encode it to see what is the content of this file properly?
2) After a change that i do on it, can i "decode" it back to binary?
So from what you wrote you wrote, you want to edit the AndroidManifest.xml from an APK file AFTER you built it, which is quite complicated. I suggest you editing the source AndroidManifest.xml and then re-building the APK. If you can't do this then please do the following.
(1) First, download and install Apktool. It is a free Android tool for decompiling and recompiling apps quickly. It provides access to .class files, resources and XML's. Here's a tutorial on how to install Apktool.
(2) Then you want to decompile your APK file (tutorial).
(3) Edit the AndroidManifest.xml file.
(4) Re-build the application (tutorial).
(5) Finally, you will have your APK file but it will be mostly useless as it is un-signed. You can't install un-signed apps as you will get an error (it may be possible to force-install it using root or adb tho) and you can't publish them. To sign it you can check out this link.
IMPORTANT INFORMATION: Your app will have to be signed with the same certificate with which it was signed the first time, otherwise it will be considered a different app. Not completely tho, you will have to un-install previous versions in order to install this one.
And yes, I know it's a very long and time-taking process but it is supposed to be, only if you have the source you should be able to edit the app.
As mentioned above, the tool you are looking for is Apktool.
You need to use --force-manifest flag when you decompile to decode AndroidmManifest.xml.
I compiled and ran a project on my phone through eclipse which is still install there currently. While doing some directory cleaning I accidentally deleted the source code so the only remaining version of the code is in the apk installed on my phone. Is there anyway to export the app back to my computer?? It isn't signed or anything either.
Thanks!
You can set up to be able to copy files on/off your phone via the USB connection - heres where you can look to find it:
Does Android keep the .apk files? if so where?
Then after you get the .apk off look at these questions for decompiling:
Is it possible to decompile an Android .apk file?
decompiling DEX into Java sourcecode
You CAN pull the APK off of the phone, but it's going to be Java Bytecode, not your source code (regardless of whether or not it's signed). You would have to reverse-engineer the classes to retrieve your code. If it's not a VERY large app, I'd say your time would best be spent simply re-creating it.