Tuesday, April 10, 2012

android reverse tools - ART

here's a cool tool i was shown the other day. it's an easy-mode gui for all your decompiling and recompiling needs. ordinarily this would be rather unimpressive. it's not too hard to write a little wrapper for some java commands, but he/she really put some polish on this.

not only does it come with everything you need, including java and bits of the android sdk, but it even has a slick manual and a complete walk-through for my lesson0.crackme0.

here's a screen shot of the app:

here's the link to download (24mb): http://ul.to/or3kme6t
virus scan: https://www.virustotal.com/file/f6ac4279161b666811d80736a7a23790709c5b3ccb36a8f83dd138d9601eb480/analysis/1334082130/

as a first exercise, i recommend that you update the apktool included with the pack. it may have gone out of date. you can update the other components if you're so inclined but it might not help much.

if you have any trouble decompiling or compiling, remember it's using apktool under the hood so trouble shoot apktool first.

and if you want some more crackmes to try, here's deurus' profile on crackmes.de: http://crackmes.de/users/deurus


  1. I had already tried it :) really good tool! I'm writing something simple to help in decompiling *.so files.

    Really happy about the update of the blog!


  2. you're writing a guide? cool! do a good job and i'll post it here. :D

    sometimes real life gets in the way and i don't get to update often. either that, or i am too busy learning new things. ;)

  3. Hell yeah! .so files are my weak point in reversing android ATM

  4. Thank you for sharing this android reverse program :)

  5. Ahah I'm trying to write a guide, but I think I have many other things to learn :) so, @Anonymous, would you like to help me? :)

    Sorry guys but I'm concentrated on another project at the moment. I'm writing an "Online Checkers" in Java for my graduation exam :)

  6. There is another tool like this, search XDAAutoTool. It is free and can decompile, recompile and alot more.

  7. Works ok but i have some problem with zipalinged that erase all files but do not create final one. Dont know why. Any ideas? i am using windows7

  8. how to download apps from PlayShop to test cracking methods?

    1. This comment has been removed by a blog administrator.

  9. Rick: thanks for the tip.

    Anonymous #1: not sure. ask deurus.

    Anonymous #2: the only official way to get them is to pay for them. we wont discuss how to get apks without paying for them here.

  10. HyT0m said:

    Hello! I'm trying to mod a apk but i have problems to recompile it, can you help me please? :)

    When i decompile its all ok:
    I: Baksmaling...
    I: Loading resource table...
    I: Decoding resources...
    I: Loading resource table from file: C:\Users\XX\apktool\framework\1.apk
    I: Copying assets and libs...
    Presione una tecla para continuar . . .

    But to recompile i get this:
    Exception in thread "main" brut.androlib.AndrolibException: brut.directory.Direc
    toryException: java.io.FileNotFoundException: C:\Users\XX\Desktop\ART_by_deur
    us\decompiled_aplications\supi (El sistema no puede encontrar el archivo especif
    at brut.androlib.Androlib.readMetaFile(Unknown Source)
    at brut.androlib.Androlib.build(Unknown Source)
    at brut.androlib.Androlib.build(Unknown Source)
    at brut.apktool.Main.cmdBuild(Unknown Source)
    at brut.apktool.Main.main(Unknown Source)
    Caused by: brut.directory.DirectoryException: java.io.FileNotFoundException: C:\
    Users\XX\Desktop\ART_by_deurus\decompiled_aplications\supi (El sistema no pue
    de encontrar el archivo especificado)
    at brut.directory.ZipRODirectory.(Unknown Source)
    at brut.directory.ZipRODirectory.(Unknown Source)
    at brut.androlib.res.util.ExtFile.getDirectory(Unknown Source)
    ... 5 more
    Caused by: java.io.FileNotFoundException: C:\Users\XX\Desktop\ART_by_deurus\d
    ecompiled_aplications\supi (El sistema no puede encontrar el archivo especificad
    at java.util.zip.ZipFile.open(Native Method)
    at java.util.zip.ZipFile.(Unknown Source)
    at java.util.zip.ZipFile.(Unknown Source)
    ... 8 more
    Presione una tecla para continuar . . .

    I have tried with other apps and no problem! Its not a system app.

  11. HyT0m, have you tried updating the apktool contained in art and also deleting framework/1.apk?

    it is complaining that this does not exist: C:\Users\XX\Desktop\ART_by_deur

    can you confirm it does exist?

    having you tried using just apktool by itself?

  12. HyT0m say:

    Yes, de directory exists.
    i tried using using apktool by it self, with apk multitool, i tried to rename to zip and with smali decomplile de dex file... i tried it all. Its not the first time that this occurs :(

    The first time that this occurs was with the Lastpass Dolphin Plugin, finaly i desist. I think that the problem was that is not app, is a plugin.
    But with this time is app that i cracked in the earlier version, but with the new i cant recompile it.

  13. HyT0m, the app may be detected by anti-virus as a hack tool or something similar. you may need to disable anti-virus. if it is just detected as a hack tool, that is ok. but if you downloaded from an untrusted source, scan with an online tool before installing to phone.

  14. HyT0m:
    Yes, it's a hacking tool (but not a virus :)). It is for scan a wifi and search for vulneravilities, to sniff and make a Man in The Middle.. its very interesant! :D
    i can send you the earlier version that i crack (i think it is still usable)

  15. Hi lohan+, I'm trying to output a boolean from a program to logcat. This is what I'm trying:

    Existing code (Normally returns v0 right after this)
    invoke-virtual {v0}, Lcom/smoke/d/c;->m()Z

    move-result v0

    Added code:
    const-string v5, "mytag"

    invoke-virtual {v0}, Ljava/lang/Object;->toString()Ljava/lang/String;

    move-result-object v6

    invoke-static {v5, v6}, Lcom/smoke/d/lohanLog;->Log(Ljava/lang/String;Ljava/lang/String;)V

    But the app just keeps force closing when I start it up...

    Any suggestions?


    1. And btw, I'm just trying it this way, because using lohanLog's Log(Object;String) method causes the same problem...

      Thanks again

    2. hello EvanVanVAn, m()Z returns a primitive boolean type, not a java/lang/Boolean object. so later on when you try to call toString on it, you will get an error because v0 is only a primitive boolean. make sense?

      also, Object.toString() returns a hash code. you do not want this. Boolean.toString() will give you want you want, but you would have to convert v0 to a Boolean like this:
      new-instance v6, Ljava/lang/Boolean;
      invoke-direct {v6, v0}, Ljava/lang/Boolean;->(Z)V
      invoke-virtual {v6}, Ljava/lang/Boolean;->toString()Ljava/lang/String;
      move-result-object v6

      i based the smali off of this java:
      boolean v0 = false;
      Boolean b = new Boolean(v0);

      i tested what the android compiler would do with this, to see if it was cleaner:
      boolean a = false;
      Log.d("tag", "" + a);

      and it creates a StringBuilder and append(Z) the boolean and then convert the StringBuilder to string. interesting, but not much better than converting to Boolean, unless you are doing it several thousand times. then maybe one is faster than the other.

      you could use the above boolean to Boolean convert or, if using lohanLog, just use log(Z) instead of log(Ljava/lang/String)

      understanding the error message that immediately preceded the force close would help you, also. they are sometimes difficult to penetrate but worth it in the long run.

    3. Thanks alot man, yeah I knew it had to be a primitive vs object problem. Should have remembered, converting all those ints -> Integers. Didn't do it nearly as often with Booleans I don't think. Makes alot of sense though.

      Thanks again for the website and great tutorials (I wish there more! beggars can't be choosers though :) )

  16. such would be awesome if available to Ubuntu users

  17. Hello,
    I'm decompiling a .dex file Using the following command:
    java -jar baksmali.jar -o dexout classes.dex

    I didn't edit any of the code then recompiled it using the following command:
    java -Xmx512M -jar smali.jar dexout -o new-classes.dex

    Now, when I make a diff comparison between classes.dex and new-classes.dex, I notice that there is a big difference (Using Hex WorkShop and Some Other Comparison Software)

    Keeping in mind that the functionality of the two files will be the same.
    But for some reason, I want them to be the same, please let me know how can that be done?

  18. Anonymous,
    different compilers produce different results. the original classes.dex you are working with was most likely produced by the compiler in the android-sdk. the only way, really, to produce the exact same result is to also use the android compiler from source. using baksmali to decompile and then smali to compile again will, naturally, produce very different results in all but the most trivial of cases.

    why, exactly, would you need to do something so pointless as to decompile and recompile without making any changes to the smali or even the original what so ever?

  19. I was just making a test, I wanted to check if I get the exact same result, then I would make the change, then compare and then make a patch to the original file.

  20. how can i insert signature like "Hacked By Me" in my testapk?

    .method public onCreate(Landroid/os/Bundle;)V
    .locals 4
    .parameter "savedInstanceState"

    const/4 v0, 0x1

    const-string v1, "Cracked by bigGenius"

    invoke-static {p0, v1, v0}, Landroid/widget/Toast;->makeText(Landroid/content/Context;Ljava/lang/CharSequence;I)Landroid/widget/Toast;

    move-result-object v0

    invoke-virtual {v0}, Landroid/widget/Toast;->show()V

    Please explain me in detail. how can this be implemented?

  21. Link is not downloadable now, Please send me the new link for the software.


  22. "Access to the path 'C:\WINDOWS\aapt.exe' is denied" - What shiuld I do?

    1. Just copy aapt.exe to %Windows% folder, or add path to aapt.exe into PATH from Enviroment variables


  23. Hmm, it seems like your site ate my first comment (it was extremely long) so I guess I’ll just sum it up what I had written and say, I’m thoroughly enjoying your blog. I as well as an aspiring blog writer, but I’m still new to the whole thing. Do you have any recommendations for newbie blog writers? I’d appreciate it.
    Advanced AWS Interview Questions And Answers, Top 250+AWS Interviews Questions and Answers 2018
    Advanced AWS Interview questions and answers | Top 110 AWS Interview Question and Answers
    Advanced AWS Training in Bangalore | Best Amazon Web Services Training in Bangalore
    Advanced AWS Training in Pune | Best Amazon Web Services Training in Pune
    Advanced AWS Online Training | Best Online AWS Certification Course in india

  24. Such an excellent and interesting blog, Do post like this more with more information, This was very useful, Thank you.
    Aviation Academy in Chennai
    Aviation Courses in Chennai
    best aviation academy in chennai
    aviation institute in chennai

  25. The site was so nice, I found out about a lot of great things. I like the way you make your blog posts. Keep up the good work and may you gain success in the long run.
    python course institute in bangalore
    python Course in bangalore
    python training institute in bangalore

  26. I found your blog while searching for the updates, I am happy to be here. Very useful content and also easily understandable providing.. Believe me I did wrote an post about tutorials for beginners with reference of your blog.

    rpa training in chennai |rpa course in chennai|
    rpa training in bangalore | best rpa training in bangalore | rpa course in bangalore | rpa training institute in bangalore | rpa training in bangalore | rpa online training

  27. I read this post two times, I like it so much, please try to keep posting & Let me introduce other material that may be good for our community.
    Best Devops training in sholinganallur
    Devops training in velachery
    Devops training in annanagar
    Devops training in tambaram


Do NOT post about or link to specific apps!