Sometimes some applications on Android do not suit the user for some reason. An example is annoying ads. And it happens that way - everyone is good at the program, but only the translation in it is either crooked, or completely absent. Or, for example, the program is trial, but there is no way to get the full version. How to change the situation?
Introduction
In this article, we will talk about how to disassemble an APK with an application, look at its internal structure, disassemble and decompile the bytecode, and also try to make several changes to applications that can bring us this or that benefit.
To do all this yourself, you will need at least a basic knowledge of the Java language, in which Android applications are written, and the XML language, which is used everywhere in Android - from describing the application itself and its access rights to storing strings that will be displayed on the screen. You will also need the ability to handle specialized console software.
So, what is the APK package in which absolutely all software for Android is distributed?
Application decompilation
In this article, we only worked with disassembled application code, however, if you make more serious changes to large applications, it will be much more difficult to understand the smali code. Fortunately, we can decompile the dex code into Java code, which, although not original and not compilable back, is much easier to read and understand the logic of the application. To do this, we need two tools:
- dex2jar - translator of Dalvik bytecode to JVM bytecode, based on which we can get Java code;
- jd-gui is a decompiler itself that allows you to get readable Java code from JVM bytecode. Alternatively, you can use Jad (www.varanecas.com/jad); although it is quite old, in some cases it generates more readable code than Jd-gui.
They should be used like this. First, we launch dex2jar, specifying the path to the apk package as an argument:
%dex2jar.sh mail.apk
As a result, the mail.jar Java package will appear in the current directory, which can already be opened in jd-gui to view the Java code.
Arranging APK packages and getting them
An Android application package is essentially a regular ZIP file that does not require any special tools to view the contents and unpack. It is enough to have an archiver - 7zip for Windows or console unzip in Linux. But that's about the wrapper. What's inside? Inside, we generally have the following structure:
- META-INF/- contains a digital certificate of the application, certifying its creator, and checksums of the package files;
- res/ - various resources that the application uses in its work, such as images, a declarative description of the interface, and other data;
- AndroidManifest.xml- description of the application. This includes, for example, the list of required permissions, the required version of Android, and the required screen resolution;
- classes.dex- compiled application bytecode for the Dalvik virtual machine;
- resources.arsc- also resources, but of a different kind - in particular, strings (yes, this file can be used for Russification!).
The listed files and directories are, if not in all, then, perhaps, in the vast majority of APKs. However, there are a few more less common files/directories worth mentioning:
- assets- analogue of resources. The main difference is that to access a resource, you need to know its identifier, while the list of assets can be obtained dynamically using the AssetManager.list() method in the application code;
- lib- native Linux libraries written with the help of NDK (Native Development Kit).
This directory is used by game manufacturers, where they put their game engine written in C/C++, as well as by creators of high-performance applications (for example, Google Chrome). Understood the device. But how to get the package file of the application of interest? Since it is not possible to get APK files from the device without rooting (they are in the / data / app directory), and rooting is not always advisable, there are at least three ways to get the application file to your computer:
- APK Downloader extension for Chrome;
- Real APK Leecher app;
- various file hosting and warezniki.
Which one to use is a matter of taste; we prefer to use separate applications, so we will describe the use of Real APK Leecher, especially since it is written in Java and, accordingly, it will work even in Windows, even in nix.
After starting the program, you need to fill in three fields: Email, Password and Device ID - and select a language. The first two are the e-mail and password of your Google account that you use on the device. The third is the device ID, and you can get it by dialing the code on the dialer # #8255## and then finding the line Device ID. When filling out, you need to enter only the ID without the android- prefix.
After filling in and saving, the message “Error while connecting to server” often pops up. It has nothing to do with Google Play, so feel free to ignore it and look for packages that interest you.
Review and modification
Let's say you found a package you are interested in, downloaded it, unpacked it ... and when you tried to view some XML file, you were surprised to find that the file is not a text file. How to decompile it and how to work with packages in general? Is it really necessary to install the SDK? No, you don't need to install the SDK. In fact, for all the steps to unpack, modify, and package APK packages, the following tools are needed:
- ZIP archiver for unpacking and packing;
- smali- assembler/disassembler of Dalvik virtual machine bytecode (code.google.com/p/smali);
- aapt- a tool for packing resources (by default, resources are stored in binary form to optimize application performance). Included with the Android SDK, but can be obtained separately;
- Signer- a tool for digitally signing a modified package (bit.ly/Rmrv4M).
You can use all these tools separately, but this is inconvenient, so it is better to use higher-level software built on their basis. If you're on Linux or Mac OS X, there's a tool called apktool . It allows you to unpack resources into their original form (including binary XML and arsc files), rebuild the package with modified resources, but it does not know how to sign packages, so you will have to run the signer utility manually. Despite the fact that the utility is written in Java, its installation is rather non-standard. First you need to get the jar file itself:
$ cd /tmp $ wget http://bit.ly/WC3OCz $ tar -xjf apktool1.5.1.tar.bz2
$ wget http://bit.ly/WRjEc7 $ tar -xjf apktool-install-linux-r05-ibot.tar.bz2
$ mv apktool.jar ~/bin $ mv apktool-install-linux-r05-ibot/* ~/bin $ export PATH=~/bin:$PATH
If you work on Windows, then there is an excellent tool for it called Virtual Ten Studio , which also accumulates all these tools (including apktool itself), but instead of a CLI interface, it provides the user with an intuitive graphical interface with which to perform operations for unpacking, disassembling and decompiling in a few clicks. This tool is Donation-ware, that is, windows sometimes appear with a proposal to obtain a license, but this, in the end, can be tolerated. It makes no sense to describe it, because you can understand the interface in a few minutes. But apktool, due to its console nature, should be discussed in more detail.
Consider apktool options. In short, there are three main commands: d (decode), b (build) and if (install framework). If everything is clear with the first two commands, then what does the third one, the conditional operator, do? It unpacks the specified UI framework, which is needed when you dissect a system package.
Consider the most interesting options of the first command:
- -s- do not disassemble dex files;
- -r- do not unpack resources;
- -b- do not insert debugging information into the results of disassembling the dex file;
- --frame-path- use the specified UI framework instead of the built-in apktool. Now consider a couple of options for the b command:
- -f- forced assembly without checking changes;
- -a- specify the path to aapt (the tool for building the APK archive) if for some reason you want to use it from another source.
Using apktool is very simple, all you need to do is specify one of the commands and the path to the APK, for example:
$ apktool d mail.apk
After that, all the extracted and disassembled package files will appear in the mail directory.
Preparation. Disable ads
Theory is, of course, good, but why is it needed if we do not know what to do with the unpacked package? Let's try to apply the theory for our own benefit, namely, we modify some software so that it does not show us ads. For example, let it be Virtual Torch - a virtual torch. For us, this software is perfect, because it is full of annoying ads and is simple enough not to get lost in the wilds of code.
So, using one of the above methods, download the application from the market. If you decide to use Virtuous Ten Studio, just open the APK file in the application and unpack it, for which create a project (File -> New project), then select Import File from the context menu of the project. If your choice fell on apktool, then it is enough to execute one command:
$ apktool d com.kauf.particle.virtualtorch.apk
After that, a file tree will appear in the com.kauf.particle.virtualtorch directory, similar to the one described in the previous section, but with an additional smali directory instead of dex files and an apktool.yml file. The first one contains the disassembled code of the application's executable dex file, the second one contains service information needed by apktool to assemble the package back.
The first place we need to look is, of course, AndroidManifest.xml. And here we immediately meet the following line:
It is easy to guess that she is responsible for granting the application permissions to use the Internet connection. In fact, if we just want to get rid of ads, it will most likely be enough for us to ban the application from the Internet. Let's try to do it. Delete the specified line and try to compile the software using apktool:
$ apktool b com.kauf.particle.virtualtorch
The resulting APK file will appear in the com.kauf.particle.virtualtorch/build/ directory. However, it cannot be installed because it does not have a digital signature and file checksums (it simply does not have a META-INF/ directory). We have to sign the package with the apk-signer utility. Launched. The interface consists of two tabs - on the first (Key Generator) we create keys, on the second (APK Signer) we sign. To create our private key, fill in the following fields:
- Target File- keystore output file; it usually stores one pair of keys;
- Password And Confirm- password for storage;
- Alias- name of the key in the repository;
- Alias password And Confirm- secret key password;
- Validity- Validity period (in years). The default value is optimal.
The remaining fields, in general, are optional - but you must fill in at least one.
WARNING
To sign an application with apk-signer, you must install the Android SDK and specify the full path to it in the application settings.
All information is provided for informational purposes only. Neither the editors nor the author are responsible for any possible harm caused by the materials of this article.
Now you can sign the APK with this key. On the APK Signer tab, select the newly generated file, enter the password, key alias and password for it, then find the APK file and boldly click the "Sign" button. If everything goes well, the package will be signed.
INFO
Since we signed the package with our own key, it will conflict with the original application, which means that when we try to update the software through the market, we will get an error.
Only third-party software needs a digital signature, so if you are modifying system applications that are installed by copying them to the /system/app/ directory, then you do not need to sign them.
After that, we drop the package on the smartphone, install and run. Voila, the ad is gone! Instead, however, a message appeared that we do not have the Internet or do not have the appropriate permissions. In theory, this could be enough, but the message looks annoying, and, to be honest, we just got lucky with a stupid application. A well-written software will most likely clarify its credentials or check for an Internet connection and otherwise simply refuse to start. How to be in this case? Of course, edit the code.
Typically, application authors create special classes for displaying advertisements and call methods of these classes during the launch of the application or one of its "activities" (in simple terms, application screens). Let's try to find these classes. We go to the smali directory, then com (in org there is only the open graphic library cocos2d), then kauf (exactly there, because this is the name of the developer and all his code is there) - and here it is, the marketing directory. Inside we find a bunch of files with the smali extension. These are classes, and the most notable of them is the Ad.smali class, by the name of which it is easy to guess that it displays ads.
We could change the logic of its work, but it would be much easier to stupidly remove calls to any of its methods from the application itself. Therefore, we exit the marketing directory and go to the neighboring particle directory, and then to virtualtorch. The MainActivity.smali file deserves special attention here. This is a standard Android class that is generated by the Android SDK and set as the entry point to the application (analogous to the main function in C). Open the file for editing.
Inside is the smali code (local assembler). It is rather confusing and difficult to read due to its low-level nature, so we will not study it, but simply find all mentions of the Ad class in the code and comment them out. We drive in the string "Ad" in the search and get to line 25:
Field private ad:Lcom/kauf/marketing/Ad;
Here, a field ad is created to store an object of class Ad. We comment by setting the ### sign in front of the line. We continue the search. Line 423:
New-instance v3, Lcom/kauf/marketing/Ad;
This is where the object is created. We comment. We continue the search and find in lines 433, 435, 466, 468, 738, 740, 800 and 802 calls to the methods of the Ad class. We comment. Look like that's it. We save. Now the package needs to be assembled back and checked for its performance and the presence of advertising. For the purity of the experiment, we return the line removed from AndroidManifest.xml, collect the package, sign it and install it.
Our guinea pig. Visible advertising 
Op-pa! Advertising disappeared only while the application was running, but remained in the main menu, which we see when we launch the software. So, wait, but the entry point is the MainActivity class, and the advertisement disappeared while the application was running, but remained in the main menu, so the entry point is different? To reveal the true entry point, we reopen the AndroidManifest.xml file. And yes, it contains the following lines:
They tell us (and, more importantly, Android) that an activity named Start should be launched in response to the generation of an intent (event) android.intent.action.MAIN from the android.intent.category.LAUNCHER category. This event is generated when you tap on the application icon in the launcher, so it defines the entry point, namely the Start class. Most likely, the programmer first wrote an application without a main menu, the entry point to which was the standard MainActivity class, and then added a new window (activity) containing the menu and described in the Start class, and manually made it an entry point.
We open the file Start.smali and again look for the line "Ad", we find in lines 153 and 155 the mention of the FirstAd class. It is also in the source code and, judging by the name, it is responsible for displaying ads on the main screen. We look further, there is a creation of an instance of the FirstAd class and an intent, according to the context related to this instance, and then the label cond_10, the conditional transition to which is carried out exactly before creating an instance of the class:
If-ne p1, v0, :cond_10 .line 74 new-instance v0, Landroid/content/Intent; ... :cond_10
Most likely, the program somehow randomly calculates whether it is necessary to show ads on the main screen, and if not, jumps directly to cond_10. Ok, let's simplify her task and replace the conditional transition with an unconditional one:
#if-ne p1, v0, :cond_10 goto:cond_10
There are no more mentions of FirstAd in the code, so we close the file and re-assemble our virtual torch using apktool. Copy to smartphone, install, run. Voila, all ads are gone, congratulations to all of us.
Results
This article is just a brief introduction to the methods of opening and modifying Android applications. Many issues remained behind the scenes, such as removing protection, parsing obfuscated code, translating and replacing application resources, as well as modifying applications written using the Android NDK. However, having basic knowledge, understanding all this is only a matter of time.
Many of you know that the process of installing an Android application is simple - you open the Google Play store, find the desired program or game, click on the big "Install" button and that's it. However, Android apps come in packages that are also installed manually. These packages have the ".apk" extension and their practical applications are numerous. For example, you can easily backup applications that are also stored as apk files. This will even help you if suddenly an application or game disappears from Google Play, as it did with Flappy Bird. If desired, anyone can download the application and install it on their smartphone. It is also convenient to install apk files on devices that are artificially limited by the manufacturer (Amazon Kindle Fire or Nokia X).
However, how can I extract the installed apk file? You can easily find the application on the Internet, download and install it on your Android device. This method works great with free apps. Paid ones are protected from downloading for obvious reasons. Also, apps that download additional files after they've been installed should work just fine.
- 1. On your Android device, Google Play and download the app you want to extract.
- 2. Download the APK Extractor app. This is a free and easy to use app.
- 3. Open the APK Extractor app and point to any app you want to extract. You can mark several applications at once. The APK files will be saved in the ExtractedApks folder in the device's memory.
The extracted APK files can now be copied to another Android smartphone or tablet and installed using any file manager such as Astro or ES File Explorer.
Interpolation, interpolation- in computational mathematics, a method for finding intermediate values of a quantity from an existing discrete set of known values.
Many of those who deal with scientific and engineering calculations often have to work with sets of values obtained empirically or by random sampling. As a rule, on the basis of these sets, it is required to construct a function on which other obtained values could fall with high accuracy. Such a task is called approximation. Interpolation is a type of approximation in which the curve of the constructed function passes exactly through the available data points.
There are many finite difference interpolation methods. Most
common is Newton's method for "forward" interpolation (the Newton-Gregory method). The interpolation polynomial in this case has the form:
The coefficients C are found by the formula:
Program implementation in C#:
using System; namespace Interpolation( class Program…
The program is divided into two threads, one of which performs sorting, and the other redraws the graphical interface. After pressing the "Sort" button, the program calls the "RunSorting" method, in which the sorting algorithm is determined and a new thread is created with the sorting process running in it.
private void RunSo...
Today I want to show my Kacher, which I did during the last winter holidays. I will not describe the entire manufacturing process, since there are many articles on the Internet. I will write only about its main parameters.
Below are some photos taken during the assembly of the device.
The coil is wound with a wire of 0.08 mm approximately 2000 turns on a PVC pipe with a diameter of 50 mm and a height of 200 mm.
The platter from an old hard drive was used as a terminal. Everything else was assembled according to the scheme that is located at the very bottom of the page.
The first option was powered by an old computer power supply, 12 V. Then a separate power supply was made, 30 V and with built-in cooling.
Device Diagram:
Resource Sharing (CORS) is a W3C specification that allows cross-domain communication in the browser. By building on top of the XMLHttpRequest object, CORS allows developers to work with the same idioms as single domain requests. The use case for CORS is simple. Imagine that alice.com has some data that bob.com wants to retrieve. This type of request is traditionally not allowed under the same browser origin policy. However, by supporting CORS requests, alice.com can add some special response headers that allow bob.com to access the data. As you can see from this example, CORS support requires coordination between the server and the client. Fortunately, if you are a client-side developer, you are protected from most of these details. The rest of this article shows how clients can make cross-origin requests and how servers can configure themselves to support CORS. Continued…
Many Android users know that using the Titanium Backup app, you can pull the app out of the device as an apk file. Today we will look at the method by which you can pull the apk file of the application directly from the Google Play Store.
The advantage of this method is that there is no need to pre-install the application on the device. Unfortunately, this method only works for free applications. So what we need:
1. Google Chrome
Create a second shortcut for Google Chrome on the desktop.
Right click on the shortcut and select "Properties". In the "Object" field, add the following commands separated by a space:
Ignore-certificate-errors
Allow-running-insecure-content
It will turn out something like this:
...\chrome.exe" --ignore-certificate-errors --allow-running-insecure-content
Click "Apply" and "OK".
After this operation, you need to restart the browser, while closing all running instances of the application.
2. Google account name and device ID
In fact, we are going to simulate downloading the application to the device, so you need to know your account name, that is, the name of your Google mailbox, as well as the ID number of your Android device.
Everything is clear with the box, but to find out the device ID, open the dialer on your smartphone and dial *#*#8255#*#*
On the screen that appears, you need to find the line "Device ID:"
The identification number is the combination of letters and numbers following "android-". For example, if you see “Device ID: android-1122aa33bb445577” in the line, then the combination “1122aa33bb445577” is the identifier. Write down this combination.
If for some reason you were unable to find out your Device ID using the above method, you can simply download the Device ID app from the Google Play Store.
3.apk downloader
Download a browser extension called APK Downloader.
In the window that appears, enter the address of our Google account, that is, the email address. Password (yeah, scary), as well as Device ID. After that, click "Login".
In the next window, select your country and mobile operator, and then click "Save Settings". Next, a window should appear with a message about the successful activation of the extension.
4.Google Play Store
Now go to our favorite Google Play Store and choose any free app. A characteristic green head with an arrow will appear on the right side of the browser address bar.
We click on this icon, and the application is successfully downloaded to the computer as an apk file. In fact, now we can create standalone distributions of free applications.
It is not possible to verify the absolute decency of the developer of the APK Downloader extension, so enter your account information at your own peril and risk. In addition, such actions fundamentally violate the terms of use of the Google Play Store.
The APK file with which we install games is packaged and extractable if necessary. This is very convenient, since already installed applications can be extracted into one file.
Often there are situations when, for example, you have completed the game and deleted it from your mobile device. But after a while they decided to play again. In order not to start the passage from scratch, it is enough to extract the ARC and use it when necessary. The entire process will be restored.
Extracting the APK comes in very handy when you need a Bluetooth friend. In order not to install a special program, you can use the method that will be given below.
Extraction of APK from installed applications is carried out using special software. A convenient file manager is perfect for this. Astro File Manager.
The file manager will help you manage the backup of the programs available on the device, view videos and images, and the task manager. To easily extract the installation ARC, you will need:
1. For Astro File Manager to function, you will need to install it on your device, for which you will need to look at Google Play. After the installation process is complete, you can get to work.
2. Launch Astro File Manager. A window will open on the screen indicating the available memory drives and a list of services in which you can register or log in.
3. Swipe to the left will open the main menu of the application. At the bottom left, click on the tool icon and go to Application Manager.
4. You will see a list with all installed programs and games.
5. To extract the ARC, press the special button located in the upper right corner. From the proposed options, select BACKUP. For clarity, I do this operation with .
Now you just need to wait for the process to finish. All resulting files will be located in the Backups - Apps folder. They are just as easy to install as regular APK files.
