Thursday, 17 September 2015

Having Fun With Android ADB(Android Debug Bridge)

This is a fun how to guide. I have always wanted to see what certain applications look like under the hood. ADB as Google's definition is a versatile command line tool that lets you communicate with an emulator instance or connected Android-powered device. So know that we know what ADB is time for fun. The following guides were performed only on my own application please note it is a offence to perform on anyone else code.
Reverse Engineering Android Apps (Using Ubuntu Linux)
This guide assumes you have the android sdk downloaded and installed. Once completed installation plug android device in and open a terminal.

Set ADB in terminal path variable
export PATH=$PATH:/path/to/sdk/platform/tools

Run ADB from terminal with interactive shell
adb shell

Use package manager to view all applications and services running on device
pm list packages - list all the packages on the device
pm list features - list all the features on the device

Only interested in Packages
pm path package_name - displays path to the apk for an app

Pulling apk from device
adb pull /system/app/ApplicationName.apk

Decompiling Apk With APKTool

Download APKTool 2 files:
apktool1.5.2.tar.bz2 (
apktool-install-linux-r04-brut1.tar.bz2 (

Install APK Tool
Extract all folders anywhere
Move aapt, apktool and apktool.jar to /usr/local/bin
Make all three executable sudo chmod +x filename

Decompile Target APK
apktool d ___.apk (whatever application you pulled from your device)
This tool can now allow to view all resource files inside an apk, if we want to view the java class files then we will use dex2jar to build a jar from the apk

Decompiling with Dex2Jar
Download Dex2Jar
Extract the zip file anywhere

Build Jar From APK
./home/user/dex2jar-version/ /home/user/someApk.apk

Use a jar viewer to view jar folder
extract downloaded file
run ./jd-gui in terminal
open jar created from dex2jar and start browsing code

moved ./jd-gui to usr/local/bin for global access
That's it you should now be able to view any source code, however if the application you've decompiled is using proguard the code will be obfuscated and you will need to remap the classes on your own.