Reverse Engineering Android Apps for fun and profit
Submitted by Anshul Singhle (@anshul-singhle) on Sunday, 4 August 2013
Understand what the guts of an android app look like.
Learn some differences between the Dalvik VM and a JVM.
See some reverse engineering in action (which is a great way to learn stuff), and watch me inject my monitoring code into an arbitrary android app.
I am the co-founder and tech lead of Betaglide. Betaglide is a performance and usability analytics tool for Android.
Our product is a tool that allows you to glance into the inner workings of your app. It hooks into your application code to measure metrics like CPU/Memory/Network performance, User Touch Heatmaps etc. The cool part about this is that our monitoring code is injected into the apk automatically. This enables developers to quickly get a feel for what our tool does and they can then opt to include that code in themselves.
A crucial part of our tool is actually the Code Injection system. While building this I got firsthand experience using some very useful tools like apktool and smali. I will be introducing these tools as well as some alternatives in this talk.
Interestingly enough, these tools are powerful enough to not only view the Application bytecode but also to modify it. I will discuss some ways bytecode modification can be used to monitor interesting events in the application. I will also try and cover some other interesting things one can do using bytecode modification.
Need to have built an android app and be comfortable with the regular android/java dev tools (eclipse+ADT, adb, jar)
Nice-to-have: Experience with instrumentation on java; Familiarity with android reverse engineering (apktool, dex2jar); Understanding of Dalvik VM;
I am the Co-founder and tech lead of Betaglide - A mobile performance and usability analytics company.
I'm currently in my 5th year of studying Computer Science (B.Tech. + M.Tech) at IIT Kharagpur. Betaglide is my first startup. In my free time, I like hacking on python and Android.