Android APK forensic

Android apps’ APK could be easily retrieved after mobile has been rooted, by using ADB, File Manager, email, etc.

After got the APK, it could uses dex2jar to work with the classes.dex to investigate the details of the Java codes.

1. Extract the classes.dex from the APK by WinRAR, 7Zip, etc.

2. use “dex2jar" to de-compile the classes.dex to the jar file.
command: dj-dex2jar.bat classes.dex
3. use Java Decompiler to examine the Java source.

classes-dex2jar.jar de-compliled from RMapsExt3.1.5 (Special make for China which based from RMaps)

Tools reference:
1. dex2jar - Tools to work with android .dex and java .class files.

# The developer fixed the problem immediately after the bug reported yesterday.
And here is the new build.

2. JAVA environment must be installed in which for dex2jar to work.

3. Java Decompiler



Related Posts Plugin for WordPress, Blogger...