This post is not intended for piracy and other non-legal uses .
Warning:APK decompilation using Apktool might not work properly for apps encrypted with ProGuard or other methods.
While searching for the process of decompiling and recompiling an app for a personal experiment app, I came across a lot of articles and blogs. Some of them either missed a few steps or used different tools. So, I thought about writing an article about decompiling and recompiling apps using apktool, combining all the information I gathered along with a sample representation.
The Basics
Apktool : A tool for reverse engineering Android APK files.
Keytool : For creating a new keystore file to sign the decompiled APK.
Apksigner : Used to sign the apk
Zipalign : Helps to align the decompiled files
Extra tools
JD-GUI : Java Decompiler
dex2jar : Tools to work with android .dex and java .class files.
Prerequisites
We can easily decompile the APK on Mac and Linux. For Windows, some tweaks are needed, which I haven’t tried yet. To begin the decompile, we need the JDK and Android SDK installed on our system.
To install the Apktool utility is very easy using Brew on Mac.
brew install apktoolThe detailed installation guide can be found in this link
Note : If you only intend to decompile the app without rebuilding the app to the .apk format, you can use Apktool online without installing Apktool on your computer.
The Experiment
I have the proguard enabled — Signed APK of an app which shows a text “Original App” in the screen
Aim of our experiment is to
* Decompile this APK
* Change the background color and text color
* Replace the text “Original App” to “Recompiled App”
* Successfully recompile and sign the app
Lets get into the lab
Stage 1 : Decompile
We can download the APK of any app from ApkMirror.com or other sites. Here, I am using the signed apk of my sample app “experiment_app.apk”
First, we need to decompile this APK. We can use the following command to decompile the APK using apktool.
apktool d [apk location] -o [output folder location where the decompiled files need to be stored]
After executing the above command, apktool created a new folder named “experimentapp_decompiled” in my documents directory.
Note: When specifying the folder location to store the decompiled files, avoid providing an existing folder name. Instead, provide a new folder name. Apktool will automatically create the folder and copy the files into it.
If you don’t want to decompile the resource files from the apk, use this command instead
apktool d -r -s [apk location] -o [output folder location where the decompiled files need to be stored]Stage 2 : Modifying files
I found the strings.xml and colours.xml in our decompiled files folder
We can open these resource files in Android Studio by dragging them into the window or by using any XML editor.
I changed the background color and text color to Red and Yellow, respectively. Then, I changed the text to “Recompiled app”.
Stage 3 : Recompile the decompiled resource to APK
After making the changes I am going to recompile the decompiled files to APK using the command:
apktool b [decompiled files root folder location]
Apktool will now compile the files and generate an APK. It will be stored under a new folder named “dist” in the same root folder where we stored the decompiled files.
Ah.. Ok I can see that..
Stage 4 : Zipalign the apk for the optimal loading
Zipalign is a zip archive alignment tool that helps ensure that all uncompressed files in the archive are aligned relative to the start of the file. Zipalign tool can be found in the “Build Tools” folder within the Android SDK path.
To zip align the APK , run the following command:
zipalign -v 4 [your recompiled apk ] [location to store zip aligned apk with apk name and extension]
Stage 5 : Create a new keystore file for signing the zip aligned APK
I used the following command to create a keystore file using keytool,this will prompt you to enter the password and details for the keystore
keytool -genkey -v -keystore [your keystore name] -alias alias_name -keyalg RSA -keysize 2048 -validity 10000
Stage 6 : Sign the app using apksigner
Apksigner tool, available in revision 24.0.3 and higher of the Android SDK Build Tools, lets you sign APKs and confirm that an APK’s signature will be verified successfully on all versions of the Android platform supported by that APK.
Apk signer can be found inside the “build tools” folder in the Android SDK path, along with ZipAlign.
Use the following command to sign the APK using apksigner
apksigner sign --ks [your keystore name] --v1-signing-enabled true --v2-signing-enabled true [your zip aligned apk location]
Note: We have to use apksigner instead of traditional jarsigner ,to make the app work on newer versions of android
Stage 7 : Verify the signed APK
The zip-aligned — signed APK can be verified using the same apksigner.
apksigner verify [signed apk location]
Stage 8 : Install the app
Install the verified apk using the adb command or manual install
adb install /Users/matrix/Documents/APK/experimentapp_zipaligned.apk
Wow! The app’s background and text color changed.
Experiment success …..
Note : If you wish to decompile any Java files, you can follow these steps. The .dex files can be found inside the decompiled folder. I skipped this because our main focus was to modify the resource files
Converting the Dex files into standard class files . Use the command
dex2jar [classes.dex file location decompiled folder]Now use the JD (Java Decompiler) to inspect the source.
jd-gui [classes-dex2jar.jar location]