paint-brush
APK Decompilation: A Beginner's Guide for Reverse Engineersby@trulyfurqan
159,574 reads
159,574 reads

APK Decompilation: A Beginner's Guide for Reverse Engineers

by Muhammad Furqan Ul HaqJuly 27th, 2022
Read on Terminal Reader
Read this story w/o Javascript
tldt arrow

Too Long; Didn't Read

This guide will help you learn what is an APK and how to decompile it. An APK is a compressed archive file that contains all of the data and resources needed by an application to run on your Android device. APK decompilation is useful for understanding how an Android app works, especially if you're interested in ethical hacking or penetration testing. This guide is not just for beginners, even experienced reverse engineers can use this information to investigate/audit an Android application. After reading this article, you'll be able to. decompile APK files and figure out what's inside them.

Companies Mentioned

Mention Thumbnail
Mention Thumbnail
featured image - APK Decompilation: A Beginner's Guide for Reverse Engineers
Muhammad Furqan Ul Haq HackerNoon profile picture

This guide will help you learn what is an APK and how to decompile it. After reading this article, you'll be able to decompile APK files and figure out what's inside them.


You don't need to be a programmer to follow this guide. But, having the know-how of Android development, Java, and some basic Linux commands will be very helpful.


This guide is not just for beginners, even experienced reverse engineers can use this information to investigate/audit an Android app.


What is an APK?

An Android Package file (.apk) is a compressed archive file that contains all of the data and resources needed by an application to run on your Android device. APK file is typically created when the developer wants to share the app with others or to upload it on Google Play. Basically, an APK file is used to install an app onto your phone or tablet.


Here's the official Android documentation on how to build a project's APK file.


What is APK Decompilation?

APK decompilation is the process of reverse engineering an APK file to retrieve its source code. APK decompilation is useful for understanding how an Android app works, especially if you're interested in ethical hacking or penetration testing.


How to Decompile an APK File?

Decompiling or reverse-engineering an APK file is not as complicated as it sounds. There are several free and open source APK decompiler tools available for doing this. But, the three most popular ones are:

  1. JADX
  2. Apktool
  3. Bytecode Viewer


Basically, each of these APK decompilers works differently and has its own pros and cons. So, you have to select them according to your requirements.


For example, JADX is quick and convenient but sometimes resource files are partially missing in its output. So, JADX has some reliability issues. On the other hand, Apktool returns source code in detail with complete resource files.


Similarly, Bytecode Viewer analyzes files slower but offers more features such as 6 decompilers, 2 assemblers, 3 disassemblers, 2 APK converters, etc.


If you want to discover all the available options (i.e. open source, online, Windows, Mac, Linux, and Android apps) then definitely check out this ultimate list of best APK decompiler tools. Here, you'll get information about the features as well as the pros/cons of each APK decompiler.


Anyways, in this article, I will show you how to decompile an APK using JADX.


Decompile an APK using JADX

Step 1:- Download/Install Java and JADX


At first, you must download and install Java 11 or later (64-bit version) on your PC. You can download it from here for Windows, Mac, and Linux. In my case, I’ve installed Java 18 on my Windows 10 PC.


After that, download the latest release of JADX from GitHub. At the time of writing this article, the latest version of JADX is 1.4.3.

Step 2:- Extract the .zip File

Basically, JADX is packed with a command-line utility as well as a GUI application. The Command line utility is mostly used when you want to provide an APK decompiler as a service. Whereas, the JADX GUI app is more convenient to decompile a specific APK and view its source code and resources in a better user interface.


The behind-the-scenes working of both tools is the same so it is just a matter of personal preference or requirements.


Simply unpack the .zip file of the downloaded JADX release in an empty folder. Here’s the list of extracted files and folders.

Now, go to the “bin” directory. The content of this folder will be something like this:

Here’s the description for all these files.

  • jadx – The Command Line version of JADX
  • jadx.bat – The Command Line version of JADX for Windows
  • jadx-gui – The Graphical UI version of JADX
  • jadx-gui.bat – The Graphical UI version of JADX for Windows


Note:- On Windows, run .bat files with Administrator rights because otherwise on some computers JADX won't even start. On Linux and Mac, open jadx or jadx-gui files.


Step 3:- Get Your Desired .apk File

It’s time to get the .apk file that you want to decompile. For the sake of this tutorial, I have downloaded a Calculator App APK File from APKPure.

Step 4:- Using JADX GUI

Here’s how the JADX GUI app looks on Windows when you open the jadx-gui.bat file. Basically, it is asking you to select a .apk file for decompilation.

Now find your .apk file using the file explorer popup, select it, and then hit the “Open” button.

JADX will now automatically decompile the selected APK file. The results will be displayed in an IDE-style explorer (on the left side).

At this point, you can navigate the source code and the resources used to create the app using the left side panel.

Step 5:- Using JADX Command Line Utility

To use JADX in the command line, simply open a new command prompt window with Administrator privileges. Now, switch to the “bin” directory of JADX using “cd”. For example:


cd C:\Users\Furqan\Downloads\jadx-1.4.3\bin

Structure of Command:-

Now let’s have a look at the structure of the JADX command that we will use to decompile an APK file.


jadx -d [path-of-output-folder] [path-of-apk-file]


  • jadx – Access command line utility
  • -d – An option that enables us to specify the output directory.
  • [path-of-output-folder] – Replace this with the actual path of the output directory where you want the result of the decompilation process.
  • [path-of-apk-file] – Replace this with the path of an input file. The input file can be of these types (.apk, .dex, .jar, .class, .smali, .zip, .aar, .arsc, .aab).


For example, in my case, I’ll execute this command:


jadx -d "C:\Users\Furqan\Downloads\calculator" "C:\Users\Furqan\Downloads\Samsung Calculator_v12.0.05.5_apkpure.com.apk"

Output:-

After executing the above command it will take some time for processing and then place the decompiled files/folders inside the output folder you specified.

Conclusion

In this article, you learned the basics of APK Decompilation. I talked about why you might want to use something like APK Decompiler and what it can do for your reverse engineering work.


I talked about three different APK decompilers JADX, Apktool, and Bytecode Viewer. And for the sake of this tutorial, I used JADX to give you an overview of how APK decompilation works.


Now, it’s your turn to implement this app reverse engineering knowledge for something awesome. Maybe go for some bug bounty programs and help companies improve their app security.