Monday, 26 September 2016

Reverse engineering part 2: apktool

After getting the apk file (see article: Reverse engineering part 1: getting the apk file) it's time to disassemble it and analyze its content.
The tool I will talk about is called apktool and can be downloaded from https://ibotpeaches.github.io/Apktool/, where you can also read the complete documentation. Apktool is especially useful to analyze resource files (xml layout files, Manifest, drawables, xml animation files, strings).

Apktool

Apktool is a tool for reverse engineering 3rd party, closed, binary Android apps. It can decode resources to nearly original form and rebuild them after making some modifications. It also makes working with an app easier because of the project like file structure and automation of some repetitive tasks like building apk, etc.

Reverse engineering

After installing apktool you'll find the apktool.bat file that can be run from the command line.
You just have to type:
apktool d filename.apk
(replace filename.apk with the actual file name of the apk file)

and apktool disassembles the apk file in a folder where you can find all the resource files perfectly readable.

For example, I ran apktool for Whatsapp and this is the result:

In the "res" folder you can have a look at almost every resource file of the app:


This is the layout file settings_security.xml of Whatsapp. As you can see the file is completely readable.

This is another example: the animation defined in design_fab_out.xml, that fades out a FloatingActionButton:
Analyzing the file you can find out how the animation is achieved: animating alpha from 1 to 0 and the scale of the FAB from 1 to 0. Very easy!

Conclusion

Apktool is a very powerful utility especially if you want to analyze the resource files of an app. If you have found an app with a beautiful design, or a fancy animation, and want to find out how they are made, apktool is the tool to use.

Wednesday, 21 September 2016

Reverse engineering part 1: getting the apk file

Reverse engineering, also called back engineering, is the processes of extracting knowledge or design information from anything man-made and re-producing it or re-producing anything based on the extracted information. The process often involves disassembling something (a mechanical device, electronic component, computer program, or biological, chemical, or organic matter) and analyzing its components and workings in detail.

As far as Android is concerned, suppose we have full-working Android app and we would like to find out how a particular layout is structured, how a specific animation is coded, how a visual effect is made. We can do that by reverse-engineering the apk file and extract useful information from it.

There are different tools for doing that and in the following articles we'll have a look at some of the most widely used.
Reverse engineering

Getting the apk file

The first step to reverse-engineer an Android app is getting the apk file, in order to disassemble and analyze it using the different tools available.

From the web

The easiest way to obtain the apk file of a particular app is using one the many online resources available.
For example, using this website:

you can paste the Google Play Store Url of the app you're interested in, and the service lets you download the apk file to your pc.
If you download an apk file from the web, like the online service previously mentioned, be aware of the risk of possible viruses or other malware.

From the smartphone

You can also very easily extract the apk file from an app installed on your smartphone.
To do that we can use the adb.exe utility of the Android Sdk platform (you can find it in the folder: Android\sdk\platform-tools).

Just connect the device to your pc and type the following commands in command line...

adb shell pm list packages 
to obtain a list of the apps (packages) installed and find the package you are interested in

adb shell pm path your-package-name
replace "your-package-name" with the name of the desired package
to get the full package name and the name of the app

adb pull full_path_of_the.apk
replace "full_path_of_the.apk" with the full package name of the apk file obtained with the previous command
to get the apk file in the folder where the command is executed


Monday, 19 September 2016

How to blur an image using Renderscript

RenderScript is a framework for running computationally intensive tasks at high performance on Android. RenderScript is primarily oriented for use with data-parallel computation, although serial workloads can benefit as well. The RenderScript runtime parallelizes work across processors available on a device, such as multi-core CPUs and GPUs.
RenderScript is especially useful for applications performing image processing, computational photography, or computer vision.
Let's see how you can use Renderscript to effectively blur an image.
Blurred image

Integrating Renderscript with Gradle

To add the Renderscript support library to your Android Studio project just add the following lines to build.gradle (module: app).
android {
    ...
    defaultConfig {
        renderscriptTargetApi 19
        renderscriptSupportModeEnabled true
    }
    ...
}


Code to blur the image

Now create the utility class BlurBuilder that uses RenderScript to blur the image:
/*
 * Copyright (c) - Software developed by iClaude.
 */

package com.flingsoftware.personalbudget.utilita;


import android.content.Context;
import android.graphics.Bitmap;
import android.support.v8.renderscript.Allocation;
import android.support.v8.renderscript.Element;
import android.support.v8.renderscript.RenderScript;
import android.support.v8.renderscript.ScriptIntrinsicBlur;


/**
 * This class is used to blur a Bitmap.
 * The static method blur takes a Bitmap as input e returns a blurred version of if.
 */
public class BlurBuilder {
    private static final float BITMAP_SCALE = 0.4f;
    private static final float BLUR_RADIUS = 7.5f;


    public static Bitmap blur(Context context, Bitmap image) {
        int width = Math.round(image.getWidth() * BITMAP_SCALE);
        int height = Math.round(image.getHeight() * BITMAP_SCALE);

        Bitmap inputBitmap = Bitmap.createScaledBitmap(image, width, height, false);
        Bitmap outputBitmap = Bitmap.createBitmap(inputBitmap);

        RenderScript rs = RenderScript.create(context);
        ScriptIntrinsicBlur theIntrinsic = ScriptIntrinsicBlur.create(rs, Element.U8_4(rs));
        Allocation tmpIn = Allocation.createFromBitmap(rs, inputBitmap);
        Allocation tmpOut = Allocation.createFromBitmap(rs, outputBitmap);
        theIntrinsic.setRadius(BLUR_RADIUS);
        theIntrinsic.setInput(tmpIn);
        theIntrinsic.forEach(tmpOut);
        tmpOut.copyTo(outputBitmap);

        return outputBitmap;
    }
}

As you can see the class exposes a static method, "blur", that takes the original Bitmap as a parameter and returns the blurred version of the image.
You can adjust the constants BITMAP_SCALE and BLUR_RADIUS to control the amount of blurriness.

Blurring the image

Now, if you have a Bitmap you can blur it using the following code (remeber to do this in a separate thread to avoid locking the UI):
Bitmap origBitmap = ...
Bitmap blurredBitmap = BlurBuilder.blur(mContext, origBitmap);
myImageView.setImageBitmap(blurredBitmap );