Search icon CANCEL
Subscription
0
Cart icon
Your Cart (0 item)
Close icon
You have no products in your basket yet
Save more on your purchases! discount-offer-chevron-icon
Savings automatically calculated. No voucher code required.
Arrow left icon
Explore Products
Best Sellers
New Releases
Books
Videos
Audiobooks
Learning Hub
Newsletter Hub
Free Learning
Arrow right icon
timer SALE ENDS IN
0 Days
:
00 Hours
:
00 Minutes
:
00 Seconds
Arrow up icon
GO TO TOP
Mobile App Reverse Engineering

You're reading from   Mobile App Reverse Engineering Get started with discovering, analyzing, and exploring the internals of Android and iOS apps

Arrow left icon
Product type Paperback
Published in May 2022
Publisher Packt
ISBN-13 9781801073394
Length 166 pages
Edition 1st Edition
Languages
Tools
Arrow right icon
Author (1):
Arrow left icon
Abhinav Mishra Abhinav Mishra
Author Profile Icon Abhinav Mishra
Abhinav Mishra
Arrow right icon
View More author details
Toc

Table of Contents (13) Chapters Close

Preface 1. Section 1: Basics of Mobile App Reverse Engineering, Common Tools and Techniques, and Setting up the Environment
2. Chapter 1: Basics of Reverse Engineering – Understanding the Structure of Mobile Apps FREE CHAPTER 3. Chapter 2: Setting Up a Mobile App Reverse Engineering Environment Using Modern Tools 4. Section 2: Mobile Application Reverse Engineering Methodology and Approach
5. Chapter 3: Reverse Engineering an Android Application 6. Chapter 4: Reverse Engineering an iOS Application 7. Chapter 5: Reverse Engineering an iOS Application (Developed Using Swift) 8. Section 3: Automating Some Parts of the Reverse Engineering Process
9. Chapter 6: Open Source and Commercial Reverse Engineering Tools 10. Chapter 7: Automating the Reverse Engineering Process 11. Chapter 8: Conclusion 12. Other Books You May Enjoy

Android application fundamentals

Native Android applications are written mainly in Java or Kotlin. The Android SDK tools compile the code along with any data and resource files into an APK or an Android App Bundle. The compiled application is in a specific format, specified by the extension .apk. That is, an Android package is an archive file containing multiple application files and metadata.

Fun Fact

Rename the file extension of an APK to .zip and use unzip to open. You will be able to see its contents.

The following are the major components of an APK:

  • AndroidManifest.xml: The application manifest file containing app details such as the name, version, referenced libraries, and component details in XML format. The Android operating system relies on the presence of this file to identify relevant information about the application and related files.
  • Dalvik executable files (classes.dex files).
  • META-INF:
    • MANIFEST.MF (manifest file)
    • CERT.RSA (certificate of the application)
    • CERT.SF (list of resources with SHA-1 digest of the corresponding lines in the MANIFEST.MF file)
  • lib: This contains the compiled code that is specific to a selection of processors, as follows:
    • armeabi: Compiled code for all ARM-based processors
    • armeabi-v7a: Compiled code for all processors based on ARMv7 and above
    • x86: Compiled code for x86 processors
    • mips: Compiled code for MIPS processors
  • res: Resources that are not compiled into resources.arsc.
  • assets: Contains application assets.
  • resources.arsc: Pre-compiled resources.

    Important Note

    Java code in Android devices does not run in the Java Virtual Machine (JVM). Rather, it is compiled in the Dalvik Executable (DEX) bytecode format. A DEX file contains code that is ultimately executed by Android Runtime.

Let's see how to create a simple hello world application for Android and then unzip it to look at its components:

  1. Android apps are developed using Android Studio. Download and install the latest version of Android Studio from https://developer.android.com/studio:
Figure 1.5 – Creating a new project in Android Studio

Figure 1.5 – Creating a new project in Android Studio

  1. Let's choose the New Project option and select the Empty Activity option:
Figure 1.6 – Selecting project type

Figure 1.6 – Selecting project type

  1. On the next screen, fill in all the details as shown in the following screenshot. You can choose the name as you please:
Figure 1.7 – Project details

Figure 1.7 – Project details

  1. Once you click Finish, a new project will be created for a default activity/screen app.
  2. You can now try to run the app on any attached Android device, or the virtual Android emulator. For the latter, create a virtual Android device from the AVD menu.
  3. Once the app runs successfully, we will try to extract the application package for this app from Android Studio:
Figure 1.8 – Running the app on the emulator

Figure 1.8 – Running the app on the emulator

  1. To get the APK from Android Studio, go to the Build | Build Bundle(s)/APK(s) | Build APK(s) menu option. Once generated, navigate to the folder mentioned in the Locate option and copy the APK.
  2. Once the APK is copied, change the extension of the file to .zip:
Figure 1.9 – Diagram of rename process

Figure 1.9 – Diagram of rename process

  1. Use any archive tool to unzip the file and extract its contents:
    # unzip MARE-Chapter-1.zip

For reference, the result is as follows:

Figure 1.10 – Extracting the content of the APK, after renaming it to .zip

Figure 1.10 – Extracting the content of the APK, after renaming it to .zip

  1. Let's analyze the components inside the APK and compare it with the list here (Android application fundamentals):
Figure 1.11 – Extracted content of the APK

Figure 1.11 – Extracted content of the APK

The following diagram shows the processes of forward and reverse engineering an Android application:

Figure 1.12 – The forward and reverse engineering processes with an Android application

Figure 1.12 – The forward and reverse engineering processes with an Android application

Android applications are mainly developed using Java and Kotlin. The internals of an Android package are the same whether it is based on Java or Kotlin. Therefore, the approach to reverse engineer the application is also the same.

We've now learned about the fundamentals of Android applications. iOS apps are also packaged into a specific format and have a specific structure. Let's look into the iOS application fundamentals now.

You have been reading a chapter from
Mobile App Reverse Engineering
Published in: May 2022
Publisher: Packt
ISBN-13: 9781801073394
Register for a free Packt account to unlock a world of extra content!
A free Packt account unlocks extra newsletters, articles, discounted offers, and much more. Start advancing your knowledge today.
Unlock this book and the full library FREE for 7 days
Get unlimited access to 7000+ expert-authored eBooks and videos courses covering every tech area you can think of
Renews at $19.99/month. Cancel anytime
Banner background image