Modifying an APK File

4 minute read

Decompiling and recompiling an APK can be easily done using Apktool.

๐Ÿงพ Problem

You have an .apk file that you want to view/edit these following contents:

  • Resources such as strings.xml or other drawables
  • App configurations such as AndroidManifest.xml
  • Source codes such as Java classes

This post is not intended for piracy and other non-legal uses. This post could be used for localizing, adding features, supporting custom platforms, analyzing applications.

๐Ÿ’ก Solution

๐Ÿ›  Materials needed

.apk file that you want to decompile.

Donโ€™t have the .apk file?

If the app is listed on the Google Play Store, you can use websites such as apkpure.com, apkmirror.com.

If itโ€™s not listed but installed on your Android device, you can use APK extracting apps such as Apk Extractor to get the .apk file for the app.

Warning: APK decompiliation using Apktool might not work properly for apps encrypted with ProGuard or other methods.

๐Ÿ“š Prerequisites

You would need basic knowledge of using the Android SDK and how an Android app is built.

Java JRE/JDK

At least Java 1.8 should be installed to use Apktool. If you intend to rebuild the app, you would need JDK to use the command keytool and jarsigner.

To check your Java version, run java -version on command prompt. To install Java, click here.

To install JDK, click here.

Apktool

Click here to learn how to install Apktool for Windows, Linux and macOS.

If you want to use the command apktool globally, you can install Apktool on C:/Windows. But if you plan to only use it for a short time, you can install Apktool on your project folder to only use it in the folder.

Apktool Online (optional)

If you only intend to decompile the app without rebuilding the app to the .apk format, you can use Apktool online without installing Apktool on your computer.

If you intend to build the app with the changes you made, you need to install Apktool.

APK Decompiler (optional)

If you intend to analyze the source codes such as Java classes, you need to use dex2jar compiler. You can use it online from here.

Tip: I recommend using both Apktool and APK decompiler in order to trace which resource is used where and how.

๐Ÿ“‡ Step-By-Step Guide

Step 1. Preparing project folder

Put your .apk file in a project folder of your choice. In this tutorial, the project folder is named as \proj.

Your project folder would look like this:

proj
+-- app.apk     // the app to decompile
+-- apktool.bat
+-- apktool.jar

In this tutorial, I installed the Apktool locally in the project folder. Therefore apktool.bat and apktool.jar exists in the same folder.

Step 2. Decompiling the .apk file

Decompile app.apk using Apktool.

.\apktool.bat d app.apk

In this tutorial, I used Windows PowerShell for command prompt.

After execution, you will see the \app folder created by Apktool. In the folder, you can see all the resources such as AndroidManifest.xml and the resource directory \res and its contents in original form.

If you want to edit AndroidManifest.xml or the resource, you can edit and overwrite to the original file.

Decompiling with readable source code

Source code is decompiled to .smali files, making it unreadable. So if you want to read the source code, you have to use the APK Decompiler using dex2jar compiler.

Open APK Decompiler on your browser, and choose your .apk file with the Choose File option. Decompile the file by clicking on Upload and Decompile button.

After the processing is done, download the results by clicking on Save button. Download the .zip file to the project folder and unzip it.

Step 3. Recompiling the app

Recompile \app into app.apk using Apktool.

.\apktool.bat b app

The built APK would be located in \app\dist. The changes you made in the \app folder is applied to the new APK file.

Step 3.1. Creating a key for signing

To install the edited APK to an Android device, you need to sign it with a signature key. Create a key using keytool, a tool provided as a part of JDK.

keytool -genkey -v -keystore release.keystore -alias alias_name -keyalg RSA -keysize 2048 -validity 10000

Enter password, name, organization information, address for the new keystore. This will generate release.keystore, and this will be used to sign your new app.

The password will be used as a passphrase to sign the app.

Step 3.2. Signing the app

Sign the APK with the generated key using jarsigner, a tool provided as a part of JDK.

jarsigner -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore release.keystore app/dist/app.apk alias_name

Enter the passphrase for your keystore. This will sign and update the apk file \app\dist\app.apk.

Step 4. Installing the app

Locate and install the apk file \app\dist\app.apk to your device of choice.

If you donโ€™t see changes after installing the app, double check whether you installed the updated version in \dist, not the original APK file.