Apktools For Mac

Posted on |



  1. Apktool For Macbook
  2. Apktool For Mac
  3. Apktool For Mac
  4. Apktool For Mac

Preceding text This paper introduces the process of decompiling APK with powerful APK-Multi-Tool on Windows platform, and then recompiling to APK after modifying smali source code. Recently, it has been entrusted to crack an apk. Fortunately, the three software used are cross-platform, and the MAC is also appropriate. Here is a record of the things and processes used on the mac.
A total of three softwares are needed. In order to find the latest version, the official website is also put behind.

I have created a modded apk using api tool but when i try to install it, it doesn't install. When I rechecked and compared it with old api I found out my apt wasn't signed. I searched a lot but co. Follow these procedures to install the MDX Toolkit and XenMobile App SDK for iOS and Android. Perform the following steps on a computer running macOS. You might want to take a look at e.g. Apktool, which is written in Java and will run on a Mac - the linked page even contains the installation instructions. You might also want to take a look at APKInspector (written in Python, it seems). Not having a Mac, I cannot say for sure whether it will run on it.

  1. Apktool: http://ibotpeaches.github.io/Apktool/install/ Latest version 2.0.1
  2. dex2jar: https://github.com/pxb1988/dex2jar Latest version 2.0
  3. JD-GUI: http://jd.benow.ca/ Latest version 1.4.0
    The installation of these three software Apktool is slightly troublesome, and the others are all OK, basically downloaded and decompressed can be used.

Installation of Apktool on MAC

1, in Official website link Here we find the following:
Basically follow the six steps above. The first step is to download a shell script with the name 'apktool' and No. sh suffix. You can copy it to sublimetext and save it.
2. Download the latest apktool-2 On bitbucket:
3. Rename the downloaded jar file 'apktool.jar'
4. Put the shell scripts 'apktool' and 'apktool.jar' in the '/usr/local/bin' directory
5. Increase the executable permissions of these two files, chmod a+x file
6. Execute shell apktool.
After installation, you can run apktool-v to view version information:

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25

Installation of dex2jar and JD-GUI

These two are downloaded directly, then decompressed on ok:

That's all for software installation. Here's the cracking process. In order to check whether it can be cracked, we first decompile with Apktool to avoid our last empty scene. Only when Apktool can decompile/decompile, can our cracking be meaningful.
1. Create a new apk folder, put the APK to be decoded into it, and then run the command in this directory: apktool d hongbao.apk

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12

The catalogue is as follows:
Then run the command to compile the apk:
apktool b hongbao (hongbao is a decompiled folder)

Apktool For Macbook

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7


The builds and dists above are generated in the process of compiling the apk. The compiled APK is in the dist directory. Opening the build/apk folder will find that the META-INF folder under the original folder is missing:
This means that the apk file in dist is not signed, which will be discussed later.
2. We need to use dex2jar to convert apk into jar file, essentially classes.dex in apk into jar. Add executable permissions to d2j_invoke.sh/d2j-dex2jar.sh in dex2jar. Then go into the dex2jar folder and run:
./d2j-dex2jar.sh /Users/yanzi/apk/hongbao.apk
Get the hongbao-dex2jar.jar file.
3. Open the JD-GUI and drag hongbao-dex2jar.jar in to see the source code.
By looking at the java source code and comparing smali files, after modification, compile back to ok!

How to manually add a signature to the apk?

The decompiled apk is unsuccessful to install and is always prompted
Failure [INSTALL_PARSE_FAILED_UNEXPECTED_EXCEPTION]
The essence is no signature.
1. Generate signatures:

  • 1

Note: The above - keystore is followed by the name of the signature file, and - alias is an alias, in general - keystore followed by - alias is the same, but in fact the two do not matter, which is why I deliberately made a difference.
2. Adding signatures to apk:

  • 1

Be careful:
1. The last 'hongbao' is the one behind - alias. It must be consistent.
2. Without the signature of - digestalg SHA1 -sigalg MD5withRSA, the installation of apk is also unsuccessful. It is said that the error of INSTALL_PARSE_FAILED_NO_CERTIFICATES will be reported without - tsa.

Attachments mentioned in the article are downloaded:

Change from: http://blog.csdn.net/yanzi1225627/article/details/48215549

Posted on Wed, 02 Jan 2019 23:51:08 -0500 by TKKP

Kali Linux is a Linux based operating system, mostly used in penetration testing. Kali.org has recently released its new update with some extra functionalities. There are different types of tools that are present in Kali Linux to perform different operations.

Types of tools in Kali Linux

1. Information Gathering: These software or applications have a job of collecting and formatting the data in a form that could further be used. This is similar to cookies used by different websites or your browsing history used by Google to personalize every advertisement and providing the best services to you. Kali operating system provides these tools to the developer and penetration testing community to help in gathering and formulating captured data.
Some of the tools are:

  • Nmap
  • Zenmap
  • Stealth scan

Nmap is the most famous in these tools. Go to “Applications” then in “Information Gathering”, you will find these tools.

Apktools

2. Vulnerability Analysis: Vulnerability is a state or condition of being exposed to the possibility of being attacked or harmed in one or the other way. These tools are used to check a system or machine for any kind of flow and vulnerability available in them, which could lead to any security breach and data loss. These tools also help in fixing those vulnerability as identification make the user aware of the flow.
For example: If windows release its new operating system, before providing it into the end-user they send for vulnerability analysis and fixes.
Some of the tools:


  • Bed
  • Ohrwurm
  • Powerfuzzer
  • Sfuzz
  • Siparmyknife

All these tools are very common in the community. Go to “Applications” then in “Vulnerability Analysis”, you will find these tools.

3. Web Application Analysis: Web Application is a dynamic response web page that helps in a better and interactive client-server relationship. These tools identify and access websites through the browser to check any bug or loophole present, which could lead any information or data to lose.
For example, there is a website with a payment gateway then these web analyzers check if sufficient authentication and authorization present of the site. These web application uses:

  • SQL injections
  • Denial of service
  • URL manipulation

Some of the tools are:

  • Burpsuite
  • Httrack
  • Sqlmap
  • Vega
  • Webscarab
  • Wpscan

Burpsuite, vega, and web scarab are some most famous tools. Go to “Applications” then in “Web Application Analysis”, you will find these tools.

4. Database Assessment: These applications are made to access the database and analyze it for different attacks and security issues. These assessment shows some opportunities for improvement and changes. They develop a report of the analysis done on the database system. They perform:

  • Configuration checking
  • Examining user account
  • Privilege and role grants
  • Authorization control
  • Key management
  • Data encryption

Some of the tools are:

  • Bbqsl
  • Jsql injection
  • Oscanner
  • Sqlmap
  • Sqlninja
  • Tmscmd10g

Sqlmap is the most famous database assessment tool. This tool injects SQL injection for scanning, detecting, and exploitation. Go to “Applications” then in “Database Assessment”, you will find these tools.

5. Password Attacks: These are basically a collection of tools that could handle the wordlist or password list to be checked on any login credentials through different services and protocols. Some tools are wordlist collectors and some of them are the attacker. Some of the tools are:



  • Crewl
  • Crunch
  • Hashcat
  • John
  • Johnny
  • Medusa

John the Ripper and Medusa are the most famous tools. Go to “Applications” then in “Password Attacks”, you will find these tools.

6. Wireless Attacks: These tools are wireless security crackers, like breaking wifi – routers, working and manipulating access points. Wireless attacks are not limited to password cracking these are also used in information gathering and knowing behavior of victims over the internet.
For example, the Victim is connected to a compromised access point or a fake access point then it can be used as a Man-in-The-Middle attack. Some of the tools are:

  • Aircrack-ng
  • Fern- wifi –cracker
  • Kismet
  • Ghost Phisher

Aircrack-ng and Ghost Phisher are the most famous tools. Go to “Applications” then in “Wireless Attacks”, you will find these tools.

7. Reverse Engineering: Reverse Engineering is to break down the layers of the applications or software. This is used in creating cracks and patches for different software and services. These tools reach the source code of the application, understand its working and manipulate according to needs. For example, Reverse engineering tools are also used by High-End companies to know the logic and idea behind the software. Some of the tools are:

  • Apktools
  • Ollydbg
  • Flasm

Most famous tools are ollydbg and apltools. Go to “Application” then in “Reverse Engineering”, you will find these tools.

8. Exploitation Tools: These tools are used to exploit different systems like personal computers and mobile phones. These tools can generate payloads for the vulnerable system and through those payloads information from the devices can be exploited.
For example, the Victim’s system is compromised using payloads over internet or installing it if physically accessible. Some of the tools are:

  • Armitage
  • Metasploit
  • Searchsploit
  • Beef xss framework
  • termineter

The most famous tool is Metasploit (there are courses to learn Metasploit alone). Go to “Applications” then in “Exploitation Tools”, you will find these tools.

9. Sniffing and Spoofing: Secretly accessing any unauthorized data over network is sniffing. Hiding real identity and creating fake identity and use it for any illegal or unauthorized work is spoofing. IP spoofing and MAC spoofing are two famous and mostly used attacks. Some of the tools are:

  • Wireshark
  • Bettercap
  • Ettercap
  • Hamster
  • Driftnet

The most used tool is Wireshark. Go to “Applications” then in “Sniffing and Spoofing”, you will find these tools.

10. Post Exploitation: These tools use back doors to get back to the vulnerable system i.e. to maintain access to the machine. As the name suggests these are useful or mostly used after an attack has previously been made on the victim’s machine.
For example, After an attack victim removed the vulnerability from the system, in this situation if attacker wants to access data again, then these tools are helpful. Some of the tools are:


  • MSF
  • Veil –Pillage framework
  • Powersploit

The most famous tool is Powersploit. Go to “Applications” then in “Post Exploitation Tools”, you will find these tools.

11. Forensics: These tools are used by forensic specialist to recover information from any system or storage devices. This helps in collecting information during evidence searching for any cybercrime. Some of the tools are:

Apktool For Mac

  • Autopsy
  • Binwalk
  • Galleta
  • Hashdeep
  • Volafox
  • Volatility

The most famous tool is Autopsy, it has also been used by security forces, many judicial and investigating officials. Go to “Applications” then in “Forensics”, you will find these tools.

12. Reporting Tools: After all the assessment and vulnerability testing analysts have to report all those to the client in an organised and authenticated way. These tools develop statistics and information to help in analysing. Some of the tools are:

  • Dradis
  • Faraday IDE
  • Pipal
  • Magictree

Most famous tools are faraday, Dradis, and Pipal. Go to “Applications” then in “Reporting Tools”, you will find these tools.

13. Social Engineering: As the name suggests these tools generate similar services that people use in daily life and extract personal information using those fake services. These tools use and manipulate human behavior for information gathering.
For example, Phishing is one of the example of social engineering, in this, a similar looking home page of any social platform is created and then login details are compromised. Some of the tools are:

  • SET
  • Backdoor-f
  • U3-pwn
  • Ghost Phisher

Apktool For Mac

The most famous social engineering tool is SET. Go to “Applications” then in “Social Engineering Tools”, you will find these tools.



Apktool For Mac

Recommended Posts:

If you like GeeksforGeeks and would like to contribute, you can also write an article using contribute.geeksforgeeks.org or mail your article to contribute@geeksforgeeks.org. See your article appearing on the GeeksforGeeks main page and help other Geeks.

Please Improve this article if you find anything incorrect by clicking on the 'Improve Article' button below.