Comprehensive Guide to Android Application Security Scanning and Reverse Engineering

Background : Many developers are unaware of the risks of insecure Android apps; basic reverse engineering techniques can compromise confidentiality and integrity, allowing extraction and modification of code and data.

1. Environment Setup

1.1 Install JDK : Download JDK 8 from Oracle, install, and configure JAVA_HOME and add it to PATH . Verify with java -version .

1.2 Install Android SDK : Download from the official site, add platform-tools and tools to PATH , and verify with emulator -version .

1.3 Install Android NDK : Download from the Android NDK page, extract, set ANDROID_NDK , and test with the provided hello-jni example.

1.4 Install Apktool, Jd‑gui, Dex2jar :

java -jar "%~dp0\apktool152.jar" d %1   %2 %4 %5 %6 %7 %8 %9
java -jar "%~dp0\apktool152.jar" b %1   Update.zip %4 %5 %6 %7 %8 %9

Download apktool from its Google Code page. Use the above commands for decoding and re‑encoding APKs.

Sign the rebuilt APK with signapk.jar :

java -jar   signapk.jar testkey.x509.pem testkey.pk8 update.zip update_signed.zip

1.5 Install Dex2jar and JD‑GUI : Use Dex2jar to convert classes.dex to a JAR, then open it with JD‑GUI to view decompiled Java code.

1.6 Install IDA : Use IDA to load .so libraries for disassembly and analysis.

1.7 Install WinHex : Edit binary files directly, searching and modifying hex values as needed.

1.8 Install Eclipse : Download the Java EE version, configure the Android SDK path via Help → Install New Software , and add the Android repository URL.

2. APK Reverse Engineering and Structure

2.1 APK Decoding (using the sample HelloJni.apk ):

@echo off
set str=%1
rd /q /s    %str:~0,-4%
set PATH=%CD%;%PATH%;
java -jar "%~dp0\apktool152.jar" d %1   %2 %4 %5 %6 %7 %8 %9

Echo Decode Complete

Running decodeapk.bat HelloJni.apk produces a folder with resources, smali code, and other assets.

2.2 APK Re‑encoding and Signing :

@echo off

del /a /f /s /q %1_rebuild.apk
set PATH=%CD%;%PATH%;
java -jar "%~dp0\apktool152.jar" b %1   Update.zip %4 %5 %6 %7 %8 %9

Echo Auto-sign Created By Dave Da illest 1
Echo Update.zip is now being signed and will be   renamed to update_signed.zip

java -jar signapk.jar testkey.x509.pem   testkey.pk8 update.zip update_signed.zip
del /a /f /s /q Update.zip
rename update_signed.zip %1_rebuild.apk

Echo Encode Complete

After execution, HelloJni_rebuild.apk is generated and ready for installation.

2.3 Modifying Smali Code : Edit HelloJni.smali to change string constants (e.g., replace "hello‑jni" with "Hello from APK" ) and rebuild to see UI changes.

2.4 APK Structure : An APK is a ZIP archive containing META-INF (signatures), res (resources), lib (native libraries), classes.dex (compiled bytecode), and after decoding, a smali folder with disassembled code. The apktool.yml logs the process.

2.5 Converting Dex to Java : Use Dex2jar to generate classes_dex2jar.jar , then open with JD‑GUI to view Java source, noting that control‑flow may be imperfect but sufficient for understanding structure.

Overall, the guide equips readers with the tools and commands needed to set up a reverse‑engineering environment, decode, modify, re‑encode, and analyze Android APKs for security testing purposes.