Patching an app with malware has become very handy and easy for all Android apps with the ease of availability of tools, alternative app stores, and web hostings. We learned throughout this chapter how to assess different types of vulnerabilities; in this section, we will see the steps of how an app can be potentially decompiled and built back with backdoors:
Download the app from Play Store or any marketplace to Genymotion or any real device.
Decompile the app using APKTool (
apktool d <anyfile.apk>
).Analyze the application for strings such as HTTP, HTTPS, FTP, and so on, either using custom scripts or viewing it manually from the
/res/
folder after decompilation.Convert the
.apk
file to a.jar
file using dex2Jar to view the source code; for a presentable format, you can load them into JD-GUI.Change the source code or insert malicious code and then compile the file back again using APKTool (
apktool b <nameofthefolder>
).Sign the application using APKAnalyzer or jarsigner...