How to Crack an Android App (APK File) – Part 1

This may be a bit unrelated to PHP, but it is code, and I think some may find this information useful. You phone does NOT need to be rooted for this to work. This was done on Windows. My directions will reflect that.

First a little disclaimer:
Please do not use this information to violate any laws. I am not responsible if you do.

OK, the purpose of this guide is to show you how to reverse engineer Android applications such as games. I’m not going to go into much detail on anything else, as I want to keep this guide simple. But this method can be used to alter just about anything you like in an APK application.

If you, like me, have ever played those annoying, addictive Android games that never end, and may even require you to pay money to advance, this is a work around — especially if you like to cheat.

Tools Needed
Please download and install the following programs if you don’t already have them. Your success will depend on this.

xdaAutoTool
Android SDK

The Android SDK also contains an emulator. This is useful if you would like to test your work on the emulator before installing the APK on your Android device.

Let’s Begin
OK, you have the SDK installed, and have downloaded xdaAutoTool. You now need a copy of the APK file you would like to modify. I’m going to assume that you can locate the APK file. If you have difficulty, Google is your friend.

Step One – Decompiling The APK File
Open the xdaAutoTool folder and run the program. It will prompt you to install a file called “framework-res.apk.” Ignore this. Close the program.
In the xdaAutoTool folder you we see a bunch of folders appear after the program ran. Look for one called “_INPUT_APK.” Put your APK file in the folder and run the program again. Press “Decompile All” located on the left side of the program window.

xdaAutoTool will decompile the APK file and create a new directory in the _INPUT_APK folder.

Step Two – Finding Your Target
Are you ready to be introduced to Smali code? Don’t worry! It isn’t too difficult once you realize what’s going on in the code. Java can’t be decompiled back into the original source code, it can, however, be decompiled into something called Smali code.
Navigate back to the _INPUT_APK directory and open the new folder (it will have the same name as the APK file). Once there, you will see a directory named “smali.” This is your target. Depending on your intentions, you will need to sift through the various files and folders in the smali directory until you locate the code you would like to modify.
For example, if you are trying to increase the firepower of a turret in an Android game, you will need to find the file for that turret. These directories are structured. You will probably see quite a few directories containing files used for advertisements, etc. One you discover the actual game directory, everything you need to alter will be in there.

Please continue to Part 2

1 Comment

  1. Derek says:

    I’m getting an error when I try to run the .exe file saying “MSCOMCTL.OCX or one of its dependencies not correctly registered. So then I looked on the XDA download page and it says underneath the download “1) Go to /Res/
    2) Run FileRegister.exe to register these ocx files
    If you are using latest w7 it may probably be registering in the wrong path so register manually.” I try running the .exe file which actually has a different name (AAA_register_ocx.exe) and it gives me another error “Make sure the binary is stored at the specified path or debug it to check for problems with the binary or dependent .dll files. Problem is, I have no idea what they are saying in that error message. I looked online but haven’t had much luck with resolutions. I’m more of a linux guy. Can somebody please help?

Leave a comment