Reverse Engineering Mobile Applications

There are many simple ways to do reverse engineering (first step towards Mobile application security). As of today, there are various mobile platforms available. We will keep our primary focus on Android, IOS, Windows and Blackberry.

Reverse engineering Android Mobile App (APK File):

1.   Select the APK file you want to reverse engineer. Using any extractor like 7zip, extract the files.
2.     Now you can see a file named classes.dex.
3.     Using the tool dex2jar to convert classes.dex into a readable jar.

Command : dex2jar.bat classes.dex

4. Now using any Java decompiler, you can open the newly converted file "classes_dex2jar". In my case i am using jdgui, a free tool.

5.     Now you can see all the packages and class files inside it.
6.     Look for hard-coded sensitive information in the code (if code is not obfuscated).
7.     Check BuildConfig.class to see if app is released in DEBUG mode. Also now you can check for other security controls.
8.     Open AndroidManifest.xml file to check permissions that an Android application requires during installation.

Reverse engineering IOS Mobile App (IPA File):

  1. Select the IPA file and extract it using 7zip.
  2. Now you can see Payload folder and PList files inside it.
  3. Check for sensitive data and scripts in Payload folder.
  4. You can also use Hopper Tool for reverse engineering IOS app.
  5. For intense analysis use XCode on MacBook.

Reverse engineering Windows 8 Mobile App (XAP File):

  1. Select the XAP file and extract it using 7zip.
  2. Now you have the list of DLLs.
  3. Use DLL decompiler to open the DLL files. I am using DotPeek by JetBrains.
  4. After opening the DLLs, you can see all the libraries and other part of code in clear-text.
  5. For further analysis you can install Visual Studio 2013 on Windows8 64-bit laptop with Windows Mobile SDK.
Reverse engineering Blackberry Mobile App (COD File):
  1. Using Blackberry JDE you can open the COD files.

Comments

  1. JM Crafts20 January 2020 at 06:05

    The main purpose of reverse engineering is to revel the competitor products. There are so many companies that provide reverse engineering services. If you want the best reverse engineering service in Houston then you can contact Onsite3D. They are the best company in Houston that provide the best reverse engineering. Reverse engineering Houston, Texas

    ReplyDelete
  2. Habib Around World27 February 2021 at 06:51

    I have learned a lot of thing from this blog post, I am very glad to see this information. Your writing style is very awesome. Please keep blogging. Ipa file

    ReplyDelete

Post a Comment

Popular posts from this blog

Source Code Review

Image
Introduction Source Code review is a process which discovers hidden vulnerabilities, design flaws, and verifies if key security controls are implemented. Code review helps developers learn the code base, as well as help them learn new technologies and techniques that grow their skill sets. In source code review we are using a combination of scanning tools and manual review to detect insecure coding practices, backdoor, injection flaws, cross site scripting errors, insecure handling of resources, weak cryptography etc. Many claims that this process is time consuming and too costly, but there is no doubt that this process is the fastest and most accurate way to find and diagnose many problems, mostly your code is the base from hackers are taking advantage. There are dozens of security problems that simply can’t be found any other way. A source code review is also the best way to detect intentional or accidental backdoors and logic bombs in applications that you acquire from thi
Read more

Cyber Security and DFIR Interview Questions

Cyber Security is an exotic field, and every next person wants to explore this domain and make a career in it, but the problem is they have no idea how to get in and even if they do, They don't have any idea on what type of questions they might face in an interview. Recently  @Miss_Malware  asked for everyone's favorites security analyst and DFIR interview question that gave me an idea to compile a list of questions which are asked in every interview one way or another. What follows is a list of questions which you may face in an interview. Note: All These questions have compiled with the help of @Miss_Malware's twitter thread, contribution from friends and very intelligent internet searches :P, All the relevant sources (Read those I remember) have been mentioned at end of the post. GENERAL What is DNS? Differentiate between TCP and UDP? How does HTTP handle state? Does TLS use symmetric or asymmetric encryption? What is "Risk"? What is "Risk
Read more