ApkMod

ApkMod is a small but handy toolset that makes the process of modifying APK files less time consuming.

Disclaimer

You are responsible for what you do with this piece of code. You are further advised to not use it for anything illegal/immoral.

Terminology

• apk: short for "Android package"; installer files for the Android operating system; essentially zip files
• dex: a binary format; short for "Davlik executable"; executable files for the Android operating system
• smali: a human-readable representation of disassembled Android bytecode; literally means sheepherding
• compilation: generating bytecode from Java code; usually involves minification
• minification: changing the names of variables, methods, classes, etc. into shorter and meaningless names to "minify" the size of the generated bytecode
• decompilation: generating Java code from bytecode; usually involves meaningless names because of minification
• modification: changing the resources and/or smali files within an apk
• alignment: in newer versions of Android, apk files must be aligned to 4kb for optimization purposes
• signing: apk files go through a process called signing which involes a keystore to ensure their integrity against modification
• keystore: a small binary file acting as a private key used to decrypt or "sign" apk files

Software requirements

• Required:
  • apktool: to decode/encode APK files
  • zipalign: to align APK files
  • apksigner: to sign APK files
  • Any text editor
• Optional:
  • adb: to install and run APK files on your physical Android devices
  • Android Studio: to install and run APK files on your virtual devices
  • JD-GUI: to decompile smali into Java

Step-by-step guide

• Create a new directory and copy your APP.apk file into it.
• Generate a keystore there using apksigner
• Copy mod.conf in it and edit in these values:
  • APP_NAME: name of the APK file without the .apk
  • PACKAGE_NAME: fully qualified name of the main package of the app
  • KS_NAME: name of the keystore file without the .jks
  • KS_PASS: the password of your keystore
• Run apkmod-decompile.sh
• Optional: Connect your physical Android device, with USB debugging enabled; make sure adb recognizes it
• Repeat this process until satisfied with the result:
  • Apply your changes to smali files
  • Run apkmod-recompile.sh (or apkmod-rerun.sh if device is connected)
  • Test the modified app

How to modify smali files

Simple tricks:

• .line X are useless, they only serve the purpose of helping debuggers understand which Java lines correspond to which smali lines
• # ... can be used to make comments e.g. to temporarily disable a line without deleting it
• Insert const-string pX, "your string" anywhere to replace any variable with your own value.
• Use strings.xml and public.xml to piece together which strings correspond to which smali files. Makes figuring out which smali files and where within them to modify much easier.
• vX are the working variables within the method, while pX are the inputs passed to it.

See this cheatsheet for more info.