How to decompile, recompile, and sign an APK
Context
Android Operating system was launched in 2008. There are lots of Android apps that have been deprecated by the original developer but it still are useful for users.
In this post you will learn how to decompile, recompile, and resign an APK. This knowledge will allow you to modify apps without having access to the code. For example: You could patch an old app to make it work with the latest Android releases.
Take in care that some apps are protected by law and should not be modified.
The steps of this tutorial have been tested in Ubuntu 22.04.
Steps
Install the required tools
You will use these tools:
- Java JRE and JDK
- Android Debug Bridge (ADB)
- APKTool 2.6.1
- APKSigner
You can get the tools pasting this code in a console:
sudo apt update
sudo apt install default-jre openjdk-11-jdk-headless adb apksigner
wget https://bitbucket.org/iBotPeaches/apktool/downloads/apktool_2.6.1.jar
wget https://raw.githubusercontent.com/iBotPeaches/Apktool/master/scripts/linux/apktool
sudo mv apktool_2.6.1.jar /usr/local/bin/apktool.jar
sudo mv apktool /usr/local/bin/apktool
sudo chmod +x /usr/local/bin/apktool.jar
sudo chmod +x /usr/local/bin/apktool
Decompile the APK
-
Open a console and navigate to the folder that contains the APK you want to modify.
-
Execute the command
apktool d [YOU_APK_FILE]to decompile the application. The code will be saved in a new folder with the same name of the APK file.Here you have an example of a successful execution of the command. The app code is saved in
com.calculator.android.apkfolder.branyac@ubuntu-builder:~/$ apktool d com.alculator.android.apk I: Using Apktool 2.6.1 on com.calculator.ndroid.apk I: Loading resource table... I: Decoding AndroidManifest.xml with esources... I: Loading resource table from file: /home/branyac/.local/share/apktool/framework/1.apk I: Regular manifest package... I: Decoding file-resources... I: Decoding values */* XMLs... I: Baksmaling classes.dex... I: Baksmaling classes2.dex... I: Copying assets and libs... I: Copying unknown files... I: Copying original files... I: Copying META-INF/services directory -
Navigate to the folder with the decompiled code. Inside that folder there will be others: one called
smaliand one or more with a name started withsmali_classes. These folders contain the application code in SMALI language.SMALI is the intermediate language that is translated by the Android ART Virtual Machine to a code that can be understood by the device that is executing the app.
Make the modifications in the SMALI code with your favorite text or code editor.
There are other methods to decompile Android APK. Some of them are capable even of decompiling to Java language, which is more readable, but I prefer to modify SMALI code because it can be recompiled successfully in most cases.
For example: When decompiling an APK to Java you will have to manually search the libraries used by the application which is a troublesome process and sometimes even impossible because some apps use secret proprietary libraries. You won’t have this problem when recompiling SMALI code.
Recompile and get a new APK
To recompile you just have to execute apktool b [SMALI_FILES_FOLDER]. It will create the APK in [SMALI_FILES_FOLDER]/dist/ folder.
In this example the smali code to be recompiled is in a folder called com.calculator.android.apk:
branyac@ubuntu-builder:~/$ apktool b com.calculator.android.apk
I: Using Apktool 2.6.1
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether sources has changed...
I: Checking whether resources has changed...
I: Building resources...
I: Building apk file...
I: Copying unknown files/dir...
I: Built apk...
If you get this error message when recompiling: error: brut.androlib.AndrolibException: brut.common.BrutException: could not exec (exit code = 1) it is caused because the application you are modifiying was compiled using modern Android. To fix this error execute apktool with --use-aapt2 parameter. For example: apktool b --use-aapt2 com.calculator.android.apk
The APK generated by Apktool is useless until you sign it in the next step.
Sign the APK
Android uses signatures to check that the APK comes from a secure source and to detect corruption or manipulations. In this step you will learn how to generate a developer key to sign the APK.
-
Use keytool to generate the public key and the private key needed for signing.
The next example creates a folder named
keysand uses keytool to create the keystore for signing:branyac@ubuntu-builder:~/$ mkdir keys branyac@ubuntu-builder:~/$ keytool -genkey -v -keystore keys/androidpersonal.keystore -alias AndroidPersonalKeystore -keyalg RSA -validity 1000 -
Now use apksigner to sign the apk using the keystore you created in the previous step:
branyac@ubuntu-builder:~/$ apksigner sign -ks ./keys/androidpersonal.keystore --v1-signing-enabled true --v2-signing-enabled true ./com.calculator.android/dist/com.calculator.android.apk
Install the APK
The APK you created must be installed connecting an Android mobile phone to your pc with an USB cable and using a method called ‘sideloading’.
-
First enable USB debugging on the Android phone where the app will be installed. Here you have the instructions: Configure on-device developer options
-
Connect the Android Phone to your computer using a USB cable.
- Execute this command to disable Android check that enforces installation of APKs from secure sources (AKA: Google Play Store):
branyac@ubuntu-builder:~/$ adb shell settings put global verifier_verify_adb_installs 0 -
And finally execute
adb install [APK_FILE]to sideload the app.Example:
branyac@ubuntu-builder:~/$ adb install ./com.calculator.android/dist/com.calculator.android.apk
