Android APK Modification

An APK file is a ZIP file with the files inside with certain structure so it can serve as installer.
So for a basic modification, you can just rename the file to “.ZIP” extract the files and do whatever you want and then archive it again as a zip and rename back to APK.
If you preserve the structure, it should work, and in that way you can modify some things…

If you are looking for getting into the code you will need to decompile the file with some kind of tool, for this case I used “Apktool” that is an Android decompiler.
Then you can take a look inside (some of*) the code, modify and recompile it. Taking note that Android installers need to be signed so it can be installed without hassle, and for that will use “jarsigner”.

#install java sdk, install apk tool

apktool d someapp.apk -o someapp_disassembled

#mod code
#use a editor (text,graphics,etc) to modify code files

apktool b someapp_disassembled/ -o someapp_modded.apk

#create your own signature (this have to be done only one time)
keytool.exe -genkey -v -keystore my-release-keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 365

jarsigner.exe -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-keystore someapp_modded.apk alias_name

* Not all code will be decompiled, there are static libraries (“.so”,etc) and java files (“.jar” with “classes.dex”) that are not decompiled
So if you also need to step into the deep code…
For static “.so” libraries you will need a disassembler for the platform that is based the APK (usually ARM), in this case you can use IDA. (Use of IDA not covered on this post)
For “.jar” files you will need something like “dex2jar” that decompile the classes, and something to read the classes like “jd-gui”. (Use of these tools not covered on this post)
And as compilation of these files vary a lot, I recommend that if you want to change something on those files, just use a binary editing tool.

Even if you can unarchive an APK and archive it back using a archive tool (Winrar,etc), it is not recommended, because not all the files inside an APK are archived on the same way. For example there are some resources that are archived without compression (stored), and doing that can cause the app to crash. (If it tries to read a file that it think that is not compress and it is) [Ex: “This file can not be opened as a file descriptor; it is probably compressed”]
Sign an APK with your custom signature could make it unable to be installed, you can replace the signature with the original and force android not to check the signature (And/or hot replace, “base.apk” on the device app folder) (Not covered on this post, take a look of “lucky patcher”)
Some apps share data with other apps of the same author, so again, if you are unable to install, try to delete (if is possible) any other application that might cause conflict. If the conflicting app cannot get installed because it is preloaded with the OS you can try to use tool to unistall system apps, or (recommend) switch the ROM to a custom one that does not have anything installed…
If something crash or does not work, does not install, etc. check the logs, their are your friend. (Ex. “ADB install” gives your the exact error [one one word] of why it fail)


? //TODO


This entry was posted in Android, Medium Technical and tagged , , , , , , , . Bookmark the permalink.

Comments are closed.