Plug-ins can be used to execute custom scrips. The value corresponding with an enumeration can easily be found by jumping to the declaration within Android’s code base. Comments can also be added in the way the analyst prefers, either using a comment block or a single line, as is shown below. This means that wrongly compiled code can manually be changed into the correct code. This way, all required files are quickly available during the analysis, without the need for tooling after the conversion has already taken place.Ĭode can be edited within Android Studio. The manifest, Java code, SMALI code, libraries, assets and resources are bundled within a single Android Studio project file.
This makes navigating based on the manifest’s declarations easier and faster.
Within the manifest, the declared classes can be instantly visited by jumping to the declaration of the class. This way, a clean decompiled sample can be used. Upon analysing a sample with lots of useless code, one can simply remove the unwanted code and save the Java files using the IDE. This instantly provides valuable insight which is not present in paid tools. The GUI is visualised within the IDE using the decoded XML file. It has been tested on Windows 10, Ubuntu 18.04 and MacOS Mojave but should work on all recent versions of Windows, MacOS and Linux distributions. Written in Java 8, AndroidProjectCreator is cross platform and cross architecture. Below, multiple advantages are given as well as some disadvantages in comparison to paid tools. Alternatively, one can watch a recording of my CONFidence 2020 talk that explains how to use APC. More details about this process can be found in this blog. How to contribute to AndroidProjectCreator?ĪndroidProjectCreator (APC) converts the APK to an Android Studio project.One can download the JAR file from this Github repository.
For those with a valid license, JEB3 Pro can also be used to decompile the APK. AndroidProjectCreator combines known open-source tools ( JD-CMD, part of JD-GUI, Fernflower, JAD-X, CFR, Procyon, Dex2Jar and APKTool) together with the power the Android Studio IDE to allow the analyst to use the combined advantages. When analysing an Android application, the minified and/or obfuscated code needs to be refactored in order for it to make sense.
0 kommentar(er)
