How to decompile android APK app files

February 5, 2013
Android

AndroidThis is a simple tutorial of extracting APK file of any app available in market and then decompiling it to Java source. This can be helpful for those who perform code review (for security vulnerabilities) on apps whose source code is not available  or to do some reverse engineering. You need to remember that Decompilation of APK file is possible, but it might be difficult to understand the code if it is obfuscated.

1) Acquiring the APK file

First of all you need to get access to your APK file. One of ways to do it is to use ES File Explorer File Manager which you can download from Google Play Store.

After installing the program, click the right icon from top right menu called AppMgr to get acccess to your installed applications. Find the application you want to get access to it’s APK file, long tap it and press backup.

It will create that backup APK file to your SD card into .\backups\apps folder. For the test I’m using my own app called FlagQuiz.

Legality

Software reverse engineering is done to retrieve the source code of a program because the source code was lost or is not available, to study how the program performs certain operations, to improve the performance of a program, to fix a bugs or to identify malicious content in a program such as a virus. Reverse engineering for the purpose of copying or duplicating programs may constitute a copyright violation. In some cases, the licensed use of software specifically prohibits reverse engineering.

Please note that laws for reverse engineering differ in different countries, so you should always check your countries laws before doing it. (http://en.wikipedia.org/wiki/Reverse_engineering#Legality) for that purpose for this tutorial I’m using my own developed app.

Using Titanium Backup

snap20130205_211327Another way is an app called Titanium Backup which also includes your apps settings to your backup. In order to do that you need your phone or android device to be rooted. Having settings files and database included can help a lot to understand better how the program works.

If you are using Titanium Backup it will backup your APK with settings file, and sql database to your sd card folder .\TitaniumBackup.

2) How to decompile Android APK file

After getting hands on the APK file in ways described before you need to decompile it. You need to remember that Decompilation of APK file is possible, but it might be difficult to understand the code if it is obfuscated. An APK is simply a zip file with a set of classes and resources. Those classes are compiled into a .dex file. That .dex file contains code is Java virtual machine code. It is possible to translate dex file to jars using the several tools.

In this tutorial I’m showing you how to do it with a tool called dex2jar. Which you can download it from here. After downloading the program uncompress the package to a folder, in my case it’s called dex2jar.

After that you need to open Command Prompt (if you are using windows) by opening start menu and typing cmd and pressing enter. First navigate to the folder where is your dex2jar folder. In my case it’s on C:\dex2jar so I type cd C:\dex2jar and press enter. My APK file is also located in dex2jar folder after that I type dex2jar FlagQuiz_1.1.apk to start decompiling it.

3) Using Java decompiler to view .jar files.

After doing this, you can simply view the source of the file using a Java decompiler. For that purpose I’m using a small program called JD-GUI.  JD-GUI is a standalone graphical utility that displays Java source codes of “.class” files. You can browse the reconstructed source code with the JD-GUI for instant access to methods and fields. The program is free for non-commercial use.