Work with APKs
Some tools to work with APKs
Extract the APK from your device
-
With
APK Extractorapp- install an
APK Extractorapp from the Store - launch the app
- select the app you want to extract
- the app will create an
.apkfile
- install an
-
With
adb- install
adbon your computer - get the full app name with
adb shell pm list packages | grep APP_NAME - get the apk path with
adb shell pm path FULL_APP_NAME - pull the apk with
adb pull APK_PATH
- install
apktools
apktool can extract the .apk file into a directory with the resources and the classes
java -jar apktool.jar d APP_NAME.apkdex2jar
dex2jar can transform the .apk into a .jar file viewable by jd-gui
# download the latest release
# extract the zip file
d2j-dex2jar.sh APP_NAME.apkjd-gui
jd-gui can view the .jar file generated by dex2jar
java -jar jd-gui.jar APP_NAME-dex2jar.jarjadx
jadx can decompile the .apk file and view the source code
jadx -d out_folder APP_NAME.apk
jadx-gui # open the APK insideGet signatures of the APK
apksigner verify --print-certs example.apkAndroid keystore and keytool
The keystore is often a PKCS12 keystore type
# list the keys
keytool -keystore ~/path/to/keystore -list
# export the certificate
keytool -keystore ~/path/to/keystore -exportcert -alias key_alias -file exported_certificate.der
# convert JKS to PKCS12
keytool \
-importkeystore \
-srckeystore ~/path/to/keystore \
-destkeystore PRIVATE_KEYSTORE.p12 \
-srcstoretype JKS \
-deststoretype PKCS12 \
-srcstorepass $STORE \
-deststorepass key_out \
-srcalias key_alias \
-destalias key_alias \
-srckeypass $KEY \
-destkeypass key_out \
-noprompt
# export private key
openssl pkcs12 -in PRIVATE_KEYSTORE.p12 -nodes -nocerts -out private.key
# check the private.key file