阅读量:0
APKTool 介绍
APKTool 是一个开源的、跨平台的反编译、回编译 Android 应用程序的工具。它能够将 APK 文件解压并还原成 Android 应用程序的资源文件和 Smali 代码,还能将修改后的资源文件和 Smali 代码重新打包成 APK 文件。APKTool 是 Android 应用程序开发和逆向开发的重要工具之一,它能够帮助开发者对 APK 文件进行修改、分析和定制,也能够帮助安全研究人员和黑客对应用程序进行逆向工程和漏洞分析。
APKTool需要java环境支持,请先安装好java环境,可以使用 java -version,java版本尽量在1.8以上;
APKTool 的主要功能包括:
- 解压 APK 文件:APKTool 能够将 APK 文件解压为应用程序的源代码和资源文件。解压后的资源文件包括 AndroidManifest.xml、res 目录、assets 目录等;解压后的源代码包括 Java 代码和 Smali 代码。
- 反编译 APK 文件:APKTool 能够将 APK 文件反编译为 Java 代码和 Smali 代码。反编译后的 Java 代码和 Smali 代码能够帮助开发者了解应用程序的逻辑和实现方式,也能够帮助安全研究人员和黑客分析应用程序的漏洞和安全性。
- 重打包 APK 文件:APKTool 能够将修改后的源代码和资源文件重新打包成 APK 文件。重打包后的 APK 文件可以直接安装到 Android 设备上运行,也可以用于二次开发、分析和测试。
- 支持多语言:APKTool 能够处理多语言的应用程序,它支持多种语言的资源文件,可以方便地进行多语言的应用程序开发和本地化。
- 支持自定义:APKTool 提供了多种配置选项,可以根据需要自定义应用程序的打包和解包过程,也可以定制应用程序的资源文件和 Smali 代码。
APKTool 下载
首先下载apktool.bat和apktool.jar
官网地址:https://ibotpeaches.github.io/Apktool/install/
下载说明:
- 下载Windows包装脚本(右键单击,将链接另存为apktool.bat)
- 下载apktool-2(在此处查找最新版本)
- 将下载的jar重命名为apktool.jar
- 将两个文件(apktool.jar和apktool.bat)移动到Windows目录(通常为C://Windows)
- 如果您没有访问C://Windows的权限,可以将这两个文件放在任何位置,然后将该目录添加到环境变量系统PATH变量中。
- 尝试通过命令提示符运行apktool
>apktool D:\wxds450>echo off Apktool 2.9.1 - a tool for reengineering Android apk files with smali v3.0.3 and baksmali v3.0.3 Copyright 2010 Ryszard Wiśniewski <brut.alll@gmail.com> Copyright 2010 Connor Tumbleson <connor.tumbleson@gmail.com> usage: apktool -advance,--advanced Print advanced information. -version,--version Print the version. usage: apktool if|install-framework [options] <framework.apk> -p,--frame-path <dir> Store framework files into <dir>. -t,--tag <tag> Tag frameworks using <tag>. usage: apktool d[ecode] [options] <file_apk> -f,--force Force delete destination directory. -o,--output <dir> The name of folder that gets written. (default: apk.out) -p,--frame-path <dir> Use framework files located in <dir>. -r,--no-res Do not decode resources. -s,--no-src Do not decode sources. -t,--frame-tag <tag> Use framework files tagged by <tag>. usage: apktool b[uild] [options] <app_path> -f,--force-all Skip changes detection and build all files. -o,--output <dir> The name of apk that gets written. (default: dist/name.apk) -p,--frame-path <dir> Use framework files located in <dir>. For additional info, see: https://apktool.org For smali/baksmali info, see: https://github.com/google/smali使用APKTool 反编译
使用一个现有的apk文件wxdu450.apk,在Adroid 4.4手机上安装会出现解析错误,拷贝到d:\wxds450下,进行反编译。
D:\wxds450>apktool d wxdu450.apk I: Using Apktool 2.9.1 on wxdu450.apk I: Loading resource table... I: Decoding file-resources... I: Loading resource table from file: C:\Users\u\AppData\Local\apktool\framework\1.apk W: Cant find 9patch chunk in file: "b/b16.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "b/b14.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "e/b17.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "b/b17.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "e/b15.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "a5/b14.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "e/b16.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "a5/b17.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "a5/b16.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "e/b14.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "b/b15.9.png". Renaming it to *.png. W: Cant find 9patch chunk in file: "a5/b15.9.png". Renaming it to *.png. I: Decoding values */* XMLs... I: Decoding AndroidManifest.xml with resources... I: Regular manifest package... I: Baksmaling classes.dex... I: Baksmaling classes2.dex... I: Baksmaling classes3.dex... I: Baksmaling classes4.dex... I: Baksmaling classes5.dex... I: Copying assets and libs... I: Copying unknown files... I: Copying original files... 反编译结果,生成一个wsdu450子目录,
D:\wxds450>dir wxdu450 Volume in drive D has no label. Volume Serial Number is 1234-5678 Directory of D:\wxds450\wxdu450 01/02/2024 11:16 PM <DIR> . 01/02/2024 11:16 PM <DIR> .. 01/02/2024 11:16 PM <DIR> res 01/02/2024 11:16 PM 26,279 AndroidManifest.xml 01/02/2024 11:16 PM <DIR> smali 01/02/2024 11:16 PM <DIR> smali_classes2 01/02/2024 11:18 PM <DIR> smali_classes3 01/02/2024 11:20 PM <DIR> smali_classes4 01/02/2024 11:21 PM <DIR> smali_classes5 01/02/2024 11:25 PM <DIR> assets 01/02/2024 11:25 PM <DIR> lib 01/02/2024 11:25 PM <DIR> kotlin 01/02/2024 11:25 PM <DIR> unknown 01/02/2024 11:25 PM <DIR> original 01/02/2024 11:26 PM 3,705 apktool.yml 2 File(s) 29,984 bytes 13 Dir(s) 79,236,169,728 bytes free找到要修改的文件,进行修改。
这里修改apktool.yml文件,将 minSdkVersion从21【对应Android version 5.0】改为19【对应Android version 4.4】。
sdkInfo: minSdkVersion: 21 targetSdkVersion: 28改为
sdkInfo: minSdkVersion: 19 targetSdkVersion: 28使用APKTool编译,重打包
D:\wxds450>apktool b wxdu450 D:\wxds450>echo off I: Using Apktool 2.9.1 I: Checking whether sources has changed... I: Smaling smali folder into classes.dex... I: Checking whether sources has changed... I: Smaling smali_classes2 folder into classes2.dex... I: Checking whether sources has changed... I: Smaling smali_classes3 folder into classes3.dex... I: Checking whether sources has changed... I: Smaling smali_classes4 folder into classes4.dex... I: Checking whether sources has changed... I: Smaling smali_classes5 folder into classes5.dex... I: Checking whether resources has changed... I: Building resources... I: Copying libs... (/lib) I: Copying libs... (/kotlin) I: Building apk file... I: Copying unknown files/dir... I: Built apk into: wxdu450\dist\wxdu450.apk新的文件生成在dist目录下,将新文件更名为wxdu450_0.apk,并移动到d:\wxds450下。
打包完成后会发现指定的目录下出现了打包好的nopassword.apk文件。但是这个apk没有签名,需要重新签名之后,才能安装。
使用APKTool生成签名
生成keystore
keytool、jarsigner 工具是JAVA JDK自带的,配置好JAVA环境即可!
输入命令:keytool -genkey -alias new.keystore -keyalg RSA -validity 20000 -keystore new.keystore,然后在输入两次最低六位数的密钥口令,例如123456,下面的信息直接Enter,最后y即可。
D:\wxds450>keytool -genkey -alias new.keystore -keyalg RSA -validity 20000 -keystore new.keystore Enter keystore password: Re-enter new password: What is your first and last name? [Unknown]: What is the name of your organizational unit? [Unknown]: What is the name of your organization? [Unknown]: What is the name of your City or Locality? [Unknown]: What is the name of your State or Province? [Unknown]: What is the two-letter country code for this unit? [Unknown]: Is CN=Unknown, OU=Unknown, O=Unknown, L=Unknown, ST=Unknown, C=Unknown correct? [no]: y Enter key password for <new.keystore> (RETURN if same as keystore password): Re-enter new password: Warning: The JKS keystore uses a proprietary format. It is recommended to migrate to PKCS12 which is an industry standard format using "keytool -importkeystore -srckeystore new.keystore -destkeystore new.keystore -deststoretype pkcs12".结果生成新文件new.keystore。
签名APK
未签名APK不能在安卓手机上安装,想要安装则想要对齐签名。
输入命令:jarsigner -verbose -keystore new.keystore -signedjar wxdu450_sign.apkwxdu450_0.apk new.keystore然后再输入密钥库的密码短语即你之前设置的密钥口令,即可签名!
D:\wxds450>jarsigner -verbose -keystore new.keystore -signedjar wxdu450_sign.apk wxdu450_0.apk new.keystore Enter Passphrase for keystore: adding: META-INF/MANIFEST.MF adding: META-INF/NEW_KEYS.SF adding: META-INF/NEW_KEYS.RSA signing: classes.dex signing: classes2.dex ...... ...... signing: pinyindb/pinyin_gwoyeu_mapping.xml signing: pinyindb/pinyin_mapping.xml signing: pinyindb/unicode_to_hanyu_pinyin.txt signing: src/com/qq/jce/wup/wup.properties jar signed. Warning: The signer's certificate is self-signed. No -tsa or -tsacert is provided and this jar is not timestamped. Without a timestamp, users may not be able to validate this jar after the signer certificate's expiration date (2078-10-06) or after any future revocation date. 结果生成新文件wxdu450_sign.apk,这个新文件就可以在Android4.4手机上安装而不出现解析错误。修改之后虽然能安装成功,但也只是能安装成功,还远远没有达到真正能用的水平:点击打开应用,直接闪退。如果要真的用起来,还需要解决很多问题。
