1. Inside DVM
Tools
Real life hacking
Obfuscation
Nick Bova
@mykola_bova
Nov 14 2013

2. Basic flow
<Picture on flipchart – possible ways>

3. How to get *.apk files for installed
applications?
One of options - MyAppSharer

4. Tool for sharing Android screen

5. Tool for sharing Android screen
Tool for sharing Android screen
http://droid-at-screen.ribomation.com/
java -jar F:adbnbdroidAtScreen-1.0.2.jar

6. What is adb?

7. How to get *.apk files from smart
phone?
<Example 1>
One of options –
adb shell
ls /sdcard/MyAppSharer
adb pull /sdcard/MyAppSharer .

8. How to convert *.apk *.jar file?
<Example 2>
dex2jar.bat com.adobe.reader.apk
https://code.google.com/p/dex2jar/

9. How to convert *.jar file *.java files?
<Example 3>
jd-gui
http://jd.benow.ca/
If not enough – use JAD

10. How to unzip *.apk files?
<Example 4>
One of options – WinRAR
Hello, cap 

11. How to disassemble classes.dex file?
< Example 5 >
One of options – dexdump.exe
F:androidsdkbuild-tools17.0.0dexdump.exe
-d -f -h classes.dex > classes.dex.out.1

12. Real Life example (1)
Ljbeetle
Open source LiveJournal client for Android
https://bitbucket.org/dotCypress/ljbeetle/wiki/Home
https://play.google.com/store/apps/details?id=c
om.dotcypress.ljbeetle&hl=ru

13. Real Life example (1)
Автор – Виталий Домников
@dotcypress
Hates java and Android 

14. Real Life example (2)
1) analytics
com.flurry.android
http://support.flurry.com/index.php?title=Analy
tics

15. Real Life example (3)
2) using http for uploading images
package com.dotcypress.ljbeetle.upload;
public String upload(String paramString)
http://pics.livejournal.com/interface/simple

16. Additional tools
What is your suggestion(s)? <flipchart>

17. smali
https://code.google.com/p/smali/
https://code.google.com/p/smali/source/brows
e/examples/HelloWorld/HelloWorld.smali
<Example 200 Additional>

18. smali tests
https://android.googlesource.com/platform/ext
ernal/smali/+/0856f098c0c7296fba137e8f5d0
39482060cb5cd/smali-integrationtests/src/test/smali/junit-tests
<Example 200 Additional>

19. smali examples
https://code.google.com/p/smali/source/brows
e/#git%2Fexamples%2FMethodOverloading

20. Beginner’s guide to smali coding
http://forum.xdadevelopers.com/showthread.php?t=2193735
http://forum.xdadevelopers.com/showpost.php?p=39218738&postcount=2
http://forum.xdadevelopers.com/showpost.php?p=39218750&postcount=3
http://forum.xdadevelopers.com/showpost.php?p=39218761&postcount=4
http://forum.xdadevelopers.com/showpost.php?p=39228373&postcount=6

21. Smalli Hello World
java -jar F:adbtoolssmali-2.0.2.jar -o
classes.dex HelloWorld.smali
F:adbadb.exe push HelloWorld.zip /sdcard/
F:adbadb.exe shell mkdir /sdcard/dalvik-cache
F:adbadb.exe shell ANDROID_DATA=/sdcard
dalvikvm -cp /sdcard/HelloWorld.zip
HelloWorld

22. dedexer
http://dedexer.sourceforge.net
Create folder dedexer.out
java -jar F:adbddx1.26.jar -o -D -r -d
./dedexer.out classes.dex
<Example 201 Additional>

23. dexter
Dexter
http://dexter.dexlabs.org/
Web tool
<Example 202 Additional>

24. Android apps
- DexDump
- Dexplorer

25. Hello World java
javac HelloWorld.java
F:androidsdkbuild-tools17.0.0dx.bat --dex -output="F:adbExample 200 Additional
Smaliclasses.dex" HelloWorld.class
zip HelloWorld.zip classes.dex
F:adbadb.exe push HelloWorld.zip /sdcard/
F:adbadb.exe shell mkdir /sdcard/dalvik-cache
F:adbadb.exe shell ANDROID_DATA=/sdcard
dalvikvm -cp /sdcard/HelloWorld.zip HelloWorld