Feasibility Analysis of Android SDK tampering with APK files

The android.apk file is actually a zip file that can be opened directly with WinRAR.

As shown in:

Includes a META-INF directory

A res directory

An androidmanifest. xml

A classes. Dex

 

 

Androidmanifest. XML must be defined and contained by each application. It describes the application name, version, permission, referenced library file, and other information. For example, to upload an APK to Google market, configure the XML file.

META-INF directory

The META-INF directory stores signature information to ensure the integrity of the APK package and system security. When eclipse compiles an APK package, it will do a verification calculation for all the files to be packaged, and put the calculation result under the META-INF directory. When the APK package is installed on the Android platform, the Application Manager checks the file in the package according to the same algorithm. If the verification result is inconsistent with the content in the META-INF, the system will not install this APK. This ensures that the files in the APK package cannot be replaced at will. For example, after obtaining an APK package, if you want to replace an image, a piece of code, or a piece of copyright information, it is basically impossible to directly decompress, replace, and re-package the package. This increases the difficulty of virus infection and malicious modification, and helps protect the security of the system.

Classes. Dex File

Classes. Dex is a Java bytecode file generated after Java source code compilation. However, because the Dalvik Virtual Machine Used by Android is incompatible with the standard Java virtual machine, the DEX file is different from the class file, regardless of the file structure or opcode. Currently, common Java decompilers cannot process Dex files.

The android simulator provides dexdump, A decompilation tool for Dex files. First, start the android simulator, and use the ADB push upload simulator to view the DEX file. Then, log on to the simulator using the ADB shell, find the DEX file to be viewed, and execute dexdump XXX. Dex.

Dedexer is another decompilation tool for Dex files that can be found online. Dedexer can read files in Dex format and generate an output similar to assembly language. This output is similar to the output of Jasmin [], but contains the Dalvik bytecode. We will introduce dedexer in details in the next section.

Res directory

The res directory stores resource files.

Resources. ARSC

The compiled binary resource file.

For the format of Dex, see: http://www.retrodev.com/android/dexformat.html

 

 

 

Decompress the APK file and decompile it:

Images and other multimedia files: No compilation, no need to decompile.

Layout and other binary XML files: Use axmlprinter to convert them into readable XML files: Java-jar axmlprinter2.jar main. xml> new_main.xml
Tool: http://code.google.com/p/android4me/downloads/list

Is directly printed out a main. xml

The same applies to androidmanifest. xml or other XML files.

 

Class file decompilation:
The android simulator provides dexdump, A decompilation tool for Dex files. First, start the android simulator, and use the ADB push upload simulator to view the DEX file. Then, log on to the simulator using the ADB shell, find the DEX file to be viewed, and execute dexdump XXX. Dex.

 

Then find the dex to be opened

 

Then we can see the code after disassembly:

Dedexer is another decompilation tool for Dex files that can be found online. Dedexer can read files in Dex format and generate an output similar to assembly language. This output is similar to the output of Jasmin [], but contains the Dalvik bytecode.

 

 

Resources. ARSC: I used this file.

The androidresedit software compiled by hanhua prodigal can view all the fields in it.

Using notepad to open a file is garbled.

 

Open as shown in

 

The above is the detailed structure analysis of the APK file.

If you replace and modify the resource files in the APK file, for example, when you perform a Chinese-like operation

Need to sign it again

 

The specific content that can be replaced is the resource file under the res file.

In addition, images in resource files under Res and other multimedia files: Without compilation, you do not need to decompile them. In this way, you can easily obtain images in some good APK applications and decode XML files, you can restore the XML file of the original application to obtain its interface layout file.

 

After replacement, you only need to use the auto-sign tool to sign it again, first, delete the signature file under the META-INF folder

 

 

Delete cert. Rasa cert. SF

Only the manifest. MF file is left.

Then use the auto-sign tool to re-sign it.

 

The Calling format is as follows:

@ Echo off <br/> echo auto-sign created by Dave da illest 1 <br/> echo update.zip is now being signed and will be renamed to update_signed.zip <br/> JAVA-jar signapk. jar testkey. x509.pem testkey. pk8 update.zip update_signed.zip <br/> echo signing complete </P> <p> pause <br/> exit <br/> 

The re-signed APK package can be installed on the mobile phone as normally as the original package.