Function: decompile apk to reduce permissions and re-sign
Scenario: A lot of software applications may lead to payment (for example, text messages, call numbers) or leakage of privacy (for example, access to Address Book) permissions, which makes people feel uneasy. For example, fetion, moji weather, iReader, and so on are all listed here. In order to give you peace of mind, you need to do some cracking work to reduce the permissions of the application and restrict its operations.
Tool: apktool-install-windows-2.2_r01-3.tar.bz2 (http://code.google.com/p/android-apktool/downloads/list)
Tool: (JDK) keytool.exe generates the signature keystore
Tool: (JDK) jarsigner.exe is used to sign the apk.
Tool: (optional) D: \ android-sdk-windows \ tools \ zipalign.exe optimizes the packaged application, making interaction between Android and the application more efficient at runtime.
Operation:
1. decompile the APK file demo.apk to the demo directory.
Apktool. bat d demo.apk demo
2. Modify...
2.1 reduce permissions: Modify the demo directory demoAndroidManifest. xml file, locate the tag, and comment out unnecessary permissions. (Reference: http://hb.qq.com/a/20101115/001156.htm developers do not know the Android permission description)
2.2 remove advertisement: for example, Smart Monitor Pro_2.3.16.apk
Android: layout_width = "fill_parent"
Android: layout_height = "wrap_content"
App: keywords = "girl friends monitor women sex
Adult gift electron wallpaper ring
Shirt Android application game
Sport football soccer world cup"
/>
Change
Android: layout_width = "wrap_content"
Android: layout_height = "wrap_content"
Android: width = "1dip"
Android: height = "1dip" app: keywords = ""/>
2.3 remove advertising: such as Hi-MSN.apk
Android: layout_width = "fill_parent"
Android: layout_height = "wrap_content"
Android: layout_alignParentBottom = "true"/>
Changed:
Android: layout_width = "fill_parent"
Android: layout_height = "wrap_content"
Android: layout_alignParentBottom = "true"
Android: width = "1dip"
Android: height = "1dip"/>
3. Re-compile the demo Directory into an apk file.
Apktool. bat B demo
4. Find the demo.apk in the demo \ dist directory and change it to demo_unsign.apk.
5. (optional) modify the content of the apksigner.input.txt file to generate the key pair and certificate and sign the apk. If it already exists, no modification is required. (Modify apksigner. bat to remove the downstream comments)
Type apksigner.input.txt | keytool-genkey-alias % JKS %-keystore % JKS %-storepass % PWD %-keypass % PWD %-keyalg RSA-validity 20000
6. Modify the settings in the apksigner. bat script (set APP = demo) and run apksigner. bat to sign demo_unsign.apk to generate the demo_signed_final.apk file.
7. Delete the original apk application on your phone and reinstall demo_signed_final.apk.
---------------------------------------- ### Apksigner. bat file
@ Rem ### apksigner. bat
@ Rem http://www.cnblogs.com/qianxudetianxia/archive/2011/04/09/2010468.html Android Learning Series (1) -- sign the App (for apk signature)
@ Rem http://www.blogjava.net/zhaojianhua/archive/2011/06/23/352887.html Android APK Signature
@ Set JKS = android. keystore
@ Set PWD = 111111
@ Set APP = demo
@ Set APK0=%APP%_unsign.apk
@ Set OUT1=%APP%_signed.apk
@ Set OUT2=%APP%_signed_final.apk
@ Rem type apksigner.input.txt | keytool-genkey-alias % JKS %-keystore % JKS %-storepass % PWD %-keypass % PWD %-keyalg RSA-validity 20000
@ If exist % OUT1 % del % OUT1 %
@ If exist % OUT2 % del % OUT2 %
@ Echo ##########################
@ Echo ### Signer.0 ### paiapkapps.apk
@ Echo ##########################
@ Jarsigner.exe-verbose-keystore % JKS %-storepass % PWD %-keypass % PWD %-signedjar % OUT1 % APK0 % JKS %
@ Jarsigner.exe-verify % OUT1 %
@ Echo ##########################
@ Echo ### Signer.1 ### % OUT1 %
@ Echo ##########################
@ D: \ android-sdk-windows \ tools \ zipalign.exe-v 4% OUT1 % OUT2 %
@ Jarsigner.exe-verify % OUT2 %
@ Echo ##########################
@ Echo ### Signer.2 ### % OUT2 %
@ Echo ##########################
@ Pause
---------------------------------------- Apksigner.input.txt File
Username
Org
Org
Beijing
Beijing
Cn
Y