Repackaging apk file with smali and baksmali

We may require to repack an apk for the various reasons. One of the most common being to bypass SSL Pinning.

Source: https://reverseengineering.stackexchange.com/questions/8044/repackaging-apk-file-using-baksmali-and-smali

 

  • #!/bin/bash -e
    if ! [ "$1" ]; then
        echo "usage: $0 <file.apk>"
        exit -1
    fi
    
    fn=${1%.apk}
    target_apk=$fn.apk
    apktool d -f "$target_apk" -o smali
    echo "Done."
    
  • compile-apk
    #!/bin/bash -e
    if ! [ "$1" ]; then
        echo "usage: $0 <original.apk>"
        exit -1
    fi
    
    fn=${1%.apk}
    
    rm -f $fn.unaligned.apk $fn.smali.apk
    rm -rf smali/build
    
    apktool b -f smali/ -o $fn.unaligned.apk
    jarsigner -verbose -sigalg MD5withRSA -digestalg SHA1 -keystore ~/.android/debug.keystore  -storepass android  $fn.unaligned.apk  androiddebugkey
    zipalign -v 4 $fn.unaligned.apk $fn.smali.apk
    rm -rf smali/build
    

    Steps for manual approach

 

  • Unzip
    $ unzip test.apk
  • Baksmali
    $ baksmali classes.dex -o smaliClasses
  • Smali
    $ smali smaliClasses -o classes.dex
  • Zip -r
    $ zip -r test.apk AndroidManifest.xml classes.dex res/ resources.arsc
  • Jarsign
    $ java -jar signapk.jar testkey.x509.pem testkey.pk8 test.apk test-patched.apk
  • Zipalign
    $ zipalign -v 4 test-patched.apk final-apk.apk

 

 

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s