How to reverse engineer an app?

Reverse engineering is the opposite of building or engineering an application; you break things down to see how they work. Developers incorporate reverse engineering techniques to solve tasks, from investigating bugs in code to ensuring smooth and easy legacy code maintenance.

Reverse engineering a mobile app or software analyses the compiled app to extract information about its source code. The goal of reverse engineering is to comprehend the code.

In computing, reverse engineering is understanding how things work and reusing the information to do something. It applies even to Android apps. You might reverse-engineer Android apps for many reasons.

How to reverse engineer an app?

Reverse engineering an app is done by getting the APK file, extracting it to our system by converting file extensions from “.apk” to “.zip”, and finally decompiling it by tools using Java Decompiler tools like JD JUI. 

Some APKs are hard to decompile because of the Gradle file. If you are one of the developers who hard-code secret keys or even store them in build, the Gradle file will prevent it from going into the hands of hackers or other developers.

Let me tell you about different terminologies used while reverse engineering an app.

1- Decompilation v/s Disassembly

Decompilation is converting software binaries to clear text format in a high-level language in which the source code is written so developers can read it.

Disassemblers, however, won’t convert the binary to a high-level language text. It is only a one-to-one translation of bytes to text and gives us instruction mnemonics, which humans can understand, but it is a little tricky compared to reading source code.

2- Generating DEX files from Java

To understand the reverse engineering process of Android apps, we should understand how apps are built.

• Developers write their source code in the Java programming language. These files will have an extension “.java”.
• These java files are given to the “javac” compiler, which generates “.class” files.
• These class files are given to the “dx” tool to generate “.dex” files.
• “.dex” files and other resources are packaged as a “.apk” file and run inside Dalvik Virtual Machine.

If you want to see the structure of the generated dex file, we can use the 010 editors.

Before we proceed, download the following tools:

010Editor

• Unzip an APK file. We can use the unzip command in *nix-based machines.
• Open classes. Dex using the 010 Editor.
• Load the downloaded dex template.
• Below is the figure with 010editor showing a dex file.

Reverse Engineering Android APK

So, let’s get started. For how to reverse engineer an app, we would need a few things beforehand —

• APK of the application.
• Some set of codes to execute.
• Java Decompiler Tool (JD JUI in this article) to view the decompiled code.

First Step — Get the APK and Copy It

We would need the APK of the application we want to reverse-engineer. There are many ways to do that, but I will suggest a simple way here. Download the app APK Extractor on your device and select the application from the list inside the application.

Once done, open any File Explorer and go to the ExtractedApks folder in the Internal Storage directory. There, you will find the APK. Copy that APK to your system, and we will proceed with the below steps.

Second Step — Get the Code and Study It

Once we have the APK, we will reverse it to know and see the code. That will enable us and give us insights into the structuring of the code and the security measures they have taken to avoid facing a reverse engineering attack.

Here, we will rename our {app}.apk file to {app}.zip and extract it. Inside the extracted folder, we will find the classes.dex file, which contains the application code.

Third Step — Use Decompiler Tool

We will use JD JUI, which is a simple Java Decompiler tool. Download and extract the zip. Run the JD-gui.exe and open the dex file, and Voila! We reverse-engineered the application!!

Types of App Development Kits

There are many different development kits for creating Android apps. This code for the app is contained in different file types based on which we used the development kit.

1- HTML/CSS/JavaScript

Frameworks such as PhoneGap or Ionic use HTML, CSS, and JavaScript to build the interface and many functions. Opening the APK, a folder assets/web folder will show HTML files and sub-folders familiar to web developers. All of these files can be opened and modified.

2- Java

The Android SDK (Software Development Kit) is based on Java. Creating an APK turns the Java code into DEX (Dalvik Executable) files. These are not directly editable but can be decompiled. The image and sound resources are generally still available for extraction and modification.

3- Other SDKs

Several SDKs can output Android apps. Some of these, such as Corona and Xamarin, use neither JavaScript nor Java. Corona uses Lua, and Xamarin uses C#.

Examining the APK files still reveals images, sounds, and DEX files. However, the app-specific code is not in the DEX files and is probably in files specific to the SDK.

APK Extraction Tools

There are several tools available to open and extract APK files.

1- Device Apps

Surprisingly, there are apps in Google Play Store that will open an APK on a device and allow the files to be examined and substituted. Some even claim to decompile the code.

2- PC Applications

There are several specific tools for APK extraction and rebuilding. Some Java decompilers can be downloaded. Here is a list of some:

• Apktool
• dex2jar
• Jd-GUI
• JAD

Reverse Engineering Software Examples

Reversing is complex. Yet software developers often turn to reverse engineering when faced with a challenging task: enhancing software security, making software compatible with third-party components, maintaining legacy code, and so on.

It’s hard to name the best software for how to reverse engineer an app – there are quite a few of them, and each resolves a specific task in the multistep reversing process. Below, we overview the nine main tools used for reverse engineering.

• IDA Pro, Hex-Rays
• CFF Explorer
• API Monitor
• WinHex
• Hiew
• Fiddler
• Scylla
• Relocation Section Editor
• PEiD

How to Reverse Engineer an iOS App?

We will learn how to reverse-engineer iOS apps using Xcode’s debugger. We will do so by exploring how Apple’s Maps app is built.

Before we start how to reverse engineer an app or debug apps, we need to disable our computer’s System Integrity Protection. In short, this setting is enabled by default and prevents us from debugging any iOS app in Xcode except our own.

• Restart your Mac in Recovery mode: immediately after your Mac turns on, press Command(⌘) + R. Release the keys when the Apple logo appears on the screen.
• Then, find the “Utility” and open the Terminal.
• Type csrutil disable; reboot. That will disable System Integrity Protection and restart your computer.

Finally, we are ready to reverse engineer a sample app, Apple Maps, in Xcode.

FAQS: How to reverse engineer an app?

Conclusion

When appropriately applied, reverse engineering can help you strengthen the security and improve the performance of your solution. However, quality reverse engineering is impossible without using the right tools and techniques.

In this article, “how to reverse engineer an app”, we have covered some of the best reverse engineering software. You can only use most of these tools for solving specific tasks, but combined, they provide you with all the capabilities necessary for extensive software analysis.

Contact us right now for the best quality work regarding mobile app reverse engineering.