these-ammii/thesis
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages 1 Wiki Activity Actions

wip soa tools
Some checks failed
/ test_checkout (push) Failing after 1s
Details

Browse source
This commit is contained in:
Jean-Marie Mineau 2025-07-07 12:38:53 +02:00
parent d369cfb187
commit 65baae4d0d
Signed by: histausse
GPG key ID: B66AEEDA9B645AD2
4 changed files with 71 additions and 1 deletions
Download patch file Download diff file Expand all files Collapse all files

51
2_background/X_tools.typ Normal file
View file

@ -0,0 +1,51 @@
#import "../lib.typ": todo, APK, IDE, SDK, DEX, ADB, ART, eg, XML, AXML
== Android Reverse Engineering Tools <sec:bg-tools>
Due to the specificities of Android, the usual tools for reverse engineering are not enough.
#todo[blabla intro in @sec:bg-tools]
#todo[References in @sec:bg-tools]
=== Android Studio <sec:bg-android-studio>
The whole Android developement ecosystem is packaged by Google in the #IDE Android Studio.
In practice, Android Studio is a source-code editor that wrap arround the different tools of the android #SDK.
The #SDK tools and packages can be installed manually with the `sdkmanager` tool.
Among the notable tools in the #SDK, they are:
- `emulator`: an Android emulator.
This tools allow to run an emulated Android phone on a computer.
Although very usefull, Android emulator has several limitation.
For once, it cannot emulate another achitecture.
An x86_64 computer cannot emulate an ARM smartphone.
This can be an issue because a majority of smartphone run on ARM processor.
Also, for certain version of Android, the proprietary GooglePlay libraries are not available on rooted emulators.
Lastly, emulators are not designed to be stealthy and can easily be detected by an application.
Malware will avoid detection by not running their payload on emulators.
- #ADB: a tool to send commands to Android smartphone or emulator.
It can be used to install applications, send instructions, events, and generally perform debuging operations.
- Platform Packages: Those packages contains data associated to a version of android needed to compile an application.
Especially, they contains the so call `android.jar` files.
- `d8`: The main use of `d8` is to convert java bytecode files (`.class`) to Android #DEX format.
It can also be used to perform different level of optimization of the bytecode generated.
- `aapt`/`aapt2` (Android Asset Packaging Tool): This tools is used to build the #APK file.
Behind the scene, it we convert #XML to binary #AXML and ensure the right files have the right compression and alignment. (#eg some ressource files are mapped in memory by the #ART, and thus need to be aligned and not compressed).
- `apksigner`: the tool used to sign an #APK file.
=== Apktool <sec:bg-apktool>
Apktool is a *reengineering tool* for Android #APK files.
It can be used to disassemble an application: it will extract the files from the #APK file, convert the binary #AXML to text #XML, and use smali/backsmali to convert the #DEX files to smali, an assembler-like langage that match the Dalvik bytecode instructions.
The main strenght of Apktool is that after having disassemble an application, the content of the application can be edited and reassemble into a new #APK.
=== Androguard <sec:bg-androguard>
Androguard is a python library for parsing and analysing #APK files.
=== Jadx <sec:bg-jadx>
=== Soot <sec:bg-soot>
=== Frida <sec:bg-frida>