1
00:00:00,270 --> 00:00:02,580
‫Instructor: Hi. Within this lecture,

2
00:00:02,580 --> 00:00:03,413
‫we are going to see

3
00:00:03,413 --> 00:00:05,550
‫how we can use JADX

4
00:00:05,550 --> 00:00:09,600
‫in order to complete our reverse engineering process.

5
00:00:09,600 --> 00:00:12,870
‫We have already used APK tool,

6
00:00:12,870 --> 00:00:15,540
‫in order to see the Dalvik byte codes,

7
00:00:15,540 --> 00:00:17,280
‫and manipulate the app

8
00:00:17,280 --> 00:00:19,080
‫in a way that we want,

9
00:00:19,080 --> 00:00:20,760
‫and then rebuild it

10
00:00:20,760 --> 00:00:23,550
‫to create a new APK,

11
00:00:23,550 --> 00:00:27,720
‫and then sign it to use in our emulator.

12
00:00:27,720 --> 00:00:31,320
‫But sometimes it's not sufficient for us.

13
00:00:31,320 --> 00:00:32,190
‫For example,

14
00:00:32,190 --> 00:00:34,590
‫in big projects,

15
00:00:34,590 --> 00:00:36,000
‫in big apps,

16
00:00:36,000 --> 00:00:38,580
‫we may want to see the source codes

17
00:00:38,580 --> 00:00:40,860
‫if we are able to.

18
00:00:40,860 --> 00:00:42,540
‫And in order to do that,

19
00:00:42,540 --> 00:00:44,850
‫we are going to use JDAX.

20
00:00:44,850 --> 00:00:46,200
‫As I've told you before

21
00:00:46,200 --> 00:00:48,630
‫APK tool is used

22
00:00:48,630 --> 00:00:49,740
‫in order to

23
00:00:49,740 --> 00:00:52,020
‫get the Dalvik Byte codes.

24
00:00:52,020 --> 00:00:55,350
‫And then rebuild the app afterwards.

25
00:00:55,350 --> 00:00:56,670
‫But sometimes,

26
00:00:56,670 --> 00:00:59,190
‫it's fairly easy to

27
00:00:59,190 --> 00:01:00,690
‫see source codes

28
00:01:00,690 --> 00:01:04,530
‫in order to define any vulnerabilities,

29
00:01:04,530 --> 00:01:07,320
‫or any cling that we want,

30
00:01:07,320 --> 00:01:09,510
‫we're using JDAX.

31
00:01:09,510 --> 00:01:12,600
‫So I'm going to delete this MyReverseApp,

32
00:01:12,600 --> 00:01:14,970
‫or I'm just going to close it down,

33
00:01:14,970 --> 00:01:16,020
‫and then delete it.

34
00:01:16,020 --> 00:01:17,100
‫Okay?

35
00:01:17,100 --> 00:01:18,570
‫Like this.

36
00:01:18,570 --> 00:01:19,590
‫And,

37
00:01:19,590 --> 00:01:22,110
‫I'm going to close this down

38
00:01:22,110 --> 00:01:24,210
‫because we don't needed anymore.

39
00:01:24,210 --> 00:01:28,200
‫In fact, I'm going to delete everything from here

40
00:01:28,200 --> 00:01:32,160
‫because we don't want to use manipulated APK.

41
00:01:32,160 --> 00:01:34,567
‫So I'm going to open my "App",

42
00:01:34,567 --> 00:01:36,157
‫"build",

43
00:01:36,157 --> 00:01:37,020
‫"outputs",

44
00:01:37,020 --> 00:01:38,400
‫and APK.

45
00:01:38,400 --> 00:01:40,602
‫Like this, okay?

46
00:01:40,602 --> 00:01:43,530
‫And find the original APK that we have generated,

47
00:01:43,530 --> 00:01:45,720
‫and copied in my Desktop.

48
00:01:45,720 --> 00:01:47,670
‫So, if you don't have those,

49
00:01:47,670 --> 00:01:50,100
‫if you deleted it for some reason,

50
00:01:50,100 --> 00:01:52,920
‫you're more than welcome to regenerate it again

51
00:01:52,920 --> 00:01:54,903
‫within inside of Android studio.

52
00:01:56,010 --> 00:01:56,843
‫Then,

53
00:01:56,843 --> 00:02:01,140
‫I'm going to decompile this using JDAX.

54
00:02:01,140 --> 00:02:03,960
‫So, we haven't done this yet, right?

55
00:02:03,960 --> 00:02:08,960
‫And using JDAX is as easy as using APK tool.

56
00:02:09,120 --> 00:02:12,669
‫So, all we have to do is run JDAX and

57
00:02:12,669 --> 00:02:14,550
‫yive appropriate parameters

58
00:02:14,550 --> 00:02:16,800
‫in order to decompile this APK

59
00:02:16,800 --> 00:02:18,813
‫so that we can see the source code.

60
00:02:19,901 --> 00:02:21,360
‫And, there are sometimes

61
00:02:21,360 --> 00:02:22,590
‫that we see the source code,

62
00:02:22,590 --> 00:02:25,110
‫and there are sometimes we don't see the source code.

63
00:02:25,110 --> 00:02:27,480
‫We're going to have a look into that as well.

64
00:02:27,480 --> 00:02:29,490
‫Make sure, you're on Desktop,

65
00:02:29,490 --> 00:02:33,107
‫or you're on your folder that your APK is in,

66
00:02:33,107 --> 00:02:35,040
‫and then run this.

67
00:02:35,040 --> 00:02:36,900
‫jadx -d,

68
00:02:36,900 --> 00:02:40,200
‫and d stands for decompile one more time.

69
00:02:40,200 --> 00:02:41,033
‫Okay?

70
00:02:41,033 --> 00:02:42,690
‫Like in the APK tool,

71
00:02:42,690 --> 00:02:46,200
‫but this time we have only dash

72
00:02:46,200 --> 00:02:49,560
‫in front of "d" as a difference, okay?

73
00:02:49,560 --> 00:02:54,510
‫And another difference will be the output folder

74
00:02:54,510 --> 00:02:57,603
‫for our decompiled app,

75
00:02:58,986 --> 00:02:59,970
‫as like this, okay?

76
00:02:59,970 --> 00:03:00,803
‫Here.

77
00:03:00,803 --> 00:03:03,090
‫And then the app name itself.

78
00:03:03,090 --> 00:03:06,360
‫So, it will create an app debug folder,

79
00:03:06,360 --> 00:03:10,620
‫and it will decompile app-debug.apk for us.

80
00:03:10,620 --> 00:03:13,020
‫As you can see, once I hit enter

81
00:03:13,020 --> 00:03:16,200
‫app debug folder is created over here.

82
00:03:16,200 --> 00:03:19,470
‫Of course, you can name it anything you want.

83
00:03:19,470 --> 00:03:21,390
‫So, this is done for being

84
00:03:21,390 --> 00:03:23,940
‫Right now, I have decompiled

85
00:03:23,940 --> 00:03:25,560
‫app over here.

86
00:03:25,560 --> 00:03:27,270
‫If I double click on that

87
00:03:27,270 --> 00:03:28,980
‫I can see the contents.

88
00:03:28,980 --> 00:03:33,480
‫And it's very similar to APK tool in a way.

89
00:03:33,480 --> 00:03:35,820
‫Like, we see the same folders,

90
00:03:35,820 --> 00:03:38,130
‫we see most of the same files

91
00:03:38,130 --> 00:03:40,167
‫one more time like

92
00:03:40,167 --> 00:03:43,080
‫AndroidManifest over here. Okay?

93
00:03:43,080 --> 00:03:45,570
‫And I can open the manifest with

94
00:03:45,570 --> 00:03:50,460
‫anything that I want that I can see the exact same result

95
00:03:50,460 --> 00:03:52,080
‫over here,

96
00:03:52,080 --> 00:03:56,100
‫and of course if you cannot get anything out of APK tool,

97
00:03:56,100 --> 00:04:00,480
‫you can try to get it with JDAX tool, and vice versa

98
00:04:00,480 --> 00:04:02,910
‫in order to see the Android manifest,

99
00:04:02,910 --> 00:04:05,640
‫and drawables and resources.

100
00:04:05,640 --> 00:04:06,540
‫Okay?

101
00:04:06,540 --> 00:04:08,310
‫But, there is a big difference

102
00:04:08,310 --> 00:04:09,989
‫which is the source code,

103
00:04:09,989 --> 00:04:12,420
‫and we're going to have a look into that.

104
00:04:12,420 --> 00:04:13,290
‫So,

105
00:04:13,290 --> 00:04:15,480
‫Android manifest is the same,

106
00:04:15,480 --> 00:04:16,650
‫and over here,

107
00:04:16,650 --> 00:04:19,440
‫I'm opening everything with text editor,

108
00:04:19,440 --> 00:04:22,140
‫and I'm not using Android Studio.

109
00:04:22,140 --> 00:04:23,310
‫But most of the time,

110
00:04:23,310 --> 00:04:26,340
‫it would be a good idea to use

111
00:04:26,340 --> 00:04:29,790
‫any kind of ID or script editor

112
00:04:29,790 --> 00:04:33,630
‫in order to see the content in a better way.

113
00:04:33,630 --> 00:04:35,820
‫I will show you how to do that.

114
00:04:35,820 --> 00:04:37,890
‫Just have a look at these resources,

115
00:04:37,890 --> 00:04:39,690
‫and you can see the values,

116
00:04:39,690 --> 00:04:40,860
‫and the

117
00:04:40,860 --> 00:04:41,820
‫layouts

118
00:04:41,820 --> 00:04:44,670
‫as we have seen in APK tool.

119
00:04:44,670 --> 00:04:45,503
‫Okay?

120
00:04:45,503 --> 00:04:47,430
‫For example, in these values folder

121
00:04:47,430 --> 00:04:48,510
‫we have

122
00:04:48,510 --> 00:04:50,520
‫some important files

123
00:04:50,520 --> 00:04:51,810
‫like strings,

124
00:04:51,810 --> 00:04:53,430
‫XML styles,

125
00:04:53,430 --> 00:04:57,840
‫XML. For example, if you're trying to

126
00:04:57,840 --> 00:05:00,330
‫really decompile an app,

127
00:05:00,330 --> 00:05:02,790
‫one of the first things that you should look at

128
00:05:02,790 --> 00:05:05,280
‫is this string.xml in which

129
00:05:05,280 --> 00:05:07,800
‫you can find some values,

130
00:05:07,800 --> 00:05:10,200
‫and even maybe passwords depending on

131
00:05:10,200 --> 00:05:12,720
‫the developer him or herself.

132
00:05:12,720 --> 00:05:14,340
‫Okay?

133
00:05:14,340 --> 00:05:17,670
‫The values folder is an important folder,

134
00:05:17,670 --> 00:05:21,840
‫and we get the same result in APK tool as well by the way.

135
00:05:21,840 --> 00:05:25,050
‫But if we come over here to sources folder,

136
00:05:25,050 --> 00:05:25,883
‫okay?

137
00:05:25,883 --> 00:05:27,300
‫You will see the Android,

138
00:05:27,300 --> 00:05:30,480
‫and AndroidX libraries one more time

139
00:05:30,480 --> 00:05:33,660
‫but if you come to your package name like this,

140
00:05:33,660 --> 00:05:37,170
‫you'll see your MainActivity.java.

141
00:05:37,170 --> 00:05:40,170
‫So, over here we used to get smalley

142
00:05:40,170 --> 00:05:42,510
‫which is Dalvik byte code files

143
00:05:42,510 --> 00:05:45,180
‫but this time we get the java files.

144
00:05:45,180 --> 00:05:46,013
‫Right?

145
00:05:46,013 --> 00:05:47,010
‫Like this.

146
00:05:47,010 --> 00:05:49,230
‫So, what we want to do is

147
00:05:49,230 --> 00:05:52,140
‫open this MainActivity.java

148
00:05:52,140 --> 00:05:53,490
‫in an editor.

149
00:05:53,490 --> 00:05:56,280
‫So, we can open this in an text edit,

150
00:05:56,280 --> 00:06:00,030
‫or anything that can read a text really

151
00:06:00,030 --> 00:06:03,000
‫but it's a good idea to open this

152
00:06:03,000 --> 00:06:05,160
‫in an Android Studio environment,

153
00:06:05,160 --> 00:06:07,770
‫or any script editor so that

154
00:06:07,770 --> 00:06:10,740
‫we can actually see them in a better way.

155
00:06:10,740 --> 00:06:12,600
‫So, if you're on Kali Linux

156
00:06:12,600 --> 00:06:15,420
‫doing all of these things in a Kali Linux,

157
00:06:15,420 --> 00:06:18,660
‫then if it would be a little bit unpleasant for you

158
00:06:18,660 --> 00:06:21,150
‫to email everything

159
00:06:21,150 --> 00:06:23,790
‫to your host every time.

160
00:06:23,790 --> 00:06:26,760
‫So, I suggest you run this command,

161
00:06:26,760 --> 00:06:28,980
‫apt-get install geany,

162
00:06:28,980 --> 00:06:33,690
‫which is an installer for geany script editor, okay?

163
00:06:33,690 --> 00:06:37,020
‫And you can use geany in order to open

164
00:06:37,020 --> 00:06:38,490
‫activities,

165
00:06:38,490 --> 00:06:40,140
‫like java classes,

166
00:06:40,140 --> 00:06:41,340
‫kotlin classes,

167
00:06:41,340 --> 00:06:43,200
‫a Python files.

168
00:06:43,200 --> 00:06:45,513
‫Anything that comes to your mind.

169
00:06:46,629 --> 00:06:48,600
‫So, you can actually use geany by

170
00:06:48,600 --> 00:06:51,270
‫calling geany like this and hitting enter,

171
00:06:51,270 --> 00:06:53,370
‫it will pop open for you.

172
00:06:53,370 --> 00:06:56,610
‫Or you can just double-click on the java files,

173
00:06:56,610 --> 00:06:58,740
‫all right. Click on the java files,

174
00:06:58,740 --> 00:06:59,670
‫and say

175
00:06:59,670 --> 00:07:01,860
‫open with geany.

176
00:07:01,860 --> 00:07:03,870
‫So, let me show you what I mean.

177
00:07:03,870 --> 00:07:05,400
‫I'm gonna close this down,

178
00:07:05,400 --> 00:07:08,880
‫and I'm going to close this terminal down as well.

179
00:07:08,880 --> 00:07:12,480
‫And let me find this java file

180
00:07:12,480 --> 00:07:15,120
‫that I've have been talking about.

181
00:07:15,120 --> 00:07:15,953
‫Okay?

182
00:07:15,953 --> 00:07:17,283
‫In order to do that,

183
00:07:18,120 --> 00:07:19,320
‫I'm going to

184
00:07:19,320 --> 00:07:21,900
‫open my file system

185
00:07:21,900 --> 00:07:23,940
‫from here,

186
00:07:23,940 --> 00:07:24,773
‫and

187
00:07:24,773 --> 00:07:28,860
‫let's go to documents or downloads

188
00:07:28,860 --> 00:07:30,540
‫where I have stored it.

189
00:07:30,540 --> 00:07:33,240
‫Let me try to find it for a second.

190
00:07:33,240 --> 00:07:34,890
‫I believe it was under downloads.

191
00:07:34,890 --> 00:07:36,150
‫Yep, here we go.

192
00:07:36,150 --> 00:07:39,450
‫So, I see the MainActivitiy.java, okay?

193
00:07:39,450 --> 00:07:42,187
‫If I right-click, I will see the selection of

194
00:07:42,187 --> 00:07:43,620
‫"Open with Geany"

195
00:07:43,620 --> 00:07:44,880
‫from here,

196
00:07:44,880 --> 00:07:45,780
‫Okay?

197
00:07:45,780 --> 00:07:47,160
‫I will just click on this,

198
00:07:47,160 --> 00:07:48,900
‫and open up

199
00:07:48,900 --> 00:07:50,910
‫in geany editor.

200
00:07:50,910 --> 00:07:52,230
‫So, as you can see,

201
00:07:52,230 --> 00:07:54,240
‫it's the same view that we get

202
00:07:54,240 --> 00:07:55,950
‫in Android Studio

203
00:07:55,950 --> 00:07:59,550
‫so that we can see it in a better way.

204
00:07:59,550 --> 00:08:02,850
‫Now, I can actually

205
00:08:02,850 --> 00:08:05,370
‫try to understand what's going on

206
00:08:05,370 --> 00:08:09,240
‫inside of this app looking at the source code.

207
00:08:09,240 --> 00:08:13,560
‫And, now you can use geany anytime you want to open

208
00:08:13,560 --> 00:08:15,090
‫like Android manifests,

209
00:08:15,090 --> 00:08:16,800
‫or any XML file,

210
00:08:16,800 --> 00:08:18,960
‫or any java or kotlin or

211
00:08:18,960 --> 00:08:20,970
‫any other code file.

212
00:08:20,970 --> 00:08:22,230
‫So, I'm gonna close this down,

213
00:08:22,230 --> 00:08:24,100
‫and continue with inside of

214
00:08:25,080 --> 00:08:26,700
‫my own MacBook.

215
00:08:26,700 --> 00:08:30,240
‫And I believe I have geany over here,

216
00:08:30,240 --> 00:08:34,290
‫so I can open it with geany in MacBook as well,

217
00:08:34,290 --> 00:08:35,670
‫like this.

218
00:08:35,670 --> 00:08:37,500
‫So, here you go.

219
00:08:37,500 --> 00:08:39,570
‫It's a little bit small,

220
00:08:39,570 --> 00:08:41,760
‫let me try to zoom in.

221
00:08:41,760 --> 00:08:42,593
‫Okay?

222
00:08:42,593 --> 00:08:44,373
‫So, we can see it in a better way.

223
00:08:45,240 --> 00:08:46,410
‫So, here you go.

224
00:08:46,410 --> 00:08:48,873
‫Now we see the source code.

225
00:08:49,980 --> 00:08:51,270
‫So, as you can see,

226
00:08:51,270 --> 00:08:53,520
‫we got the activity,

227
00:08:53,520 --> 00:08:55,260
‫we got the class name,

228
00:08:55,260 --> 00:08:57,060
‫we even get

229
00:08:57,060 --> 00:08:58,350
‫the

230
00:08:58,350 --> 00:09:00,630
‫source code of this java file.

231
00:09:00,630 --> 00:09:04,050
‫And, since this is a very small file

232
00:09:04,050 --> 00:09:05,100
‫like a

233
00:09:05,100 --> 00:09:07,500
‫maybe four or five lines of code or

234
00:09:07,500 --> 00:09:08,610
‫here

235
00:09:08,610 --> 00:09:11,250
‫it's little bit dull

236
00:09:11,250 --> 00:09:13,860
‫but we get to see what's going on like

237
00:09:13,860 --> 00:09:16,050
‫setting text to Hello World,

238
00:09:16,050 --> 00:09:16,950
‫and as you can see,

239
00:09:16,950 --> 00:09:20,013
‫it's not exactly the same thing.

240
00:09:20,940 --> 00:09:23,580
‫It's a little bit different than our

241
00:09:23,580 --> 00:09:25,530
‫original source code but

242
00:09:25,530 --> 00:09:27,390
‫we get the idea.

243
00:09:27,390 --> 00:09:28,223
‫Okay?

244
00:09:28,223 --> 00:09:29,520
‫So, it's like

245
00:09:29,520 --> 00:09:30,960
‫doing the same thing but

246
00:09:30,960 --> 00:09:32,490
‫in a different way.

247
00:09:32,490 --> 00:09:35,250
‫Maybe lines will be

248
00:09:35,250 --> 00:09:36,870
‫complicated like

249
00:09:36,870 --> 00:09:38,940
‫not will be the same thing.

250
00:09:38,940 --> 00:09:42,540
‫But you will still see the source code anyhow.

251
00:09:42,540 --> 00:09:45,300
‫And, I can actually copy and paste this

252
00:09:45,300 --> 00:09:47,550
‫into a new Android Studio project

253
00:09:47,550 --> 00:09:50,070
‫to create exact same app.

254
00:09:50,070 --> 00:09:50,903
‫And, this is

255
00:09:50,903 --> 00:09:54,810
‫one of the advantages of using JDAX as well.

256
00:09:54,810 --> 00:09:56,070
‫So, let's stop here,

257
00:09:56,070 --> 00:09:58,683
‫and continue within the next lecture.