Question

Now that you understand the main components of an Android application, you’ll need to know how to process the APK file and extract the Android source code. Besides using a web proxy to inspect the traffic to and from your test device, you’ll need some tools that are essential to analyzing Android applications. This section doesn’t go into the specifics of how to use these tools, but rather when and why to use them. The rest you can easily figure out by using each tool’s documentation pages.

现在，您已经理解了 Android 应用程序的主要组件，需要知道如何处理 APK 文件并提取 Android 源代码。除了使用 Web 代理检查测试设备的流量之外，您还需要一些必要的工具来分析 Android 应用程序。本节不涉及如何使用这些工具的具体细节，而是介绍何时以及为什么要使用它们。其余部分您可以通过使用每个工具的文档页面轻松查找到。

Android Debug Bridge

The Android Debug Bridge ( ADB) is a command line tool that lets your computer communicate with a connected Android device. This means you won’t have to email application source code and resource files back and forth between your computer and your phone if you want to read or modify them on the computer. For example, you can use ADB to copy files to and from your device, or to quickly install modified versions of the application you’re researching. ADB’s documentation is at https://developer.android.com/studio/command-line/adb/ .

Android 调试桥（ADB）是一种命令行工具，可使您的计算机与连接的 Android 设备通信。这意味着如果您想在计算机上阅读或修改应用程序源代码和资源文件，您无需在计算机和手机之间来回发送电子邮件。例如，您可以使用 ADB 将文件复制到和从设备中复制出来，或快速安装正在研究的应用程序的修改版本。ADB 的文档位于 https://developer.android.com/studio/command-line/adb/。

To start using ADB, connect your device to your laptop with a USB cable. Then turn on debugging mode on your device. Whenever you want to use ADB on a device connected to your laptop over USB, you must enable USB debugging. This process varies based on the mobile device, but should be similar to choosing Settings ▶ System ▶ Developer Options ▶ Debugging . This will enable you to interact with your device from your laptop via ADB. On Android version 4.1 and lower, the developer options screen is available by default. In versions of Android 4.2 and later, developer options need to be enabled by choosing Settings ▶ About Phone and then tapping the Build number seven times.

要开始使用 ADB，请用 USB 电缆将设备连接到笔记本电脑。然后在设备上打开调试模式。每当您想要在通过 USB 连接到笔记本电脑的设备上使用 ADB 时，都必须启用 USB 调试。此过程因移动设备而异，但应类似于选择“设置”▶“系统”▶“开发者选项”▶“调试”。这将使您能够通过 ADB 从笔记本电脑与您的设备交互。在 Android 版本 4.1 及以下版本中，默认情况下可用开发者选项屏幕。在 Android 4.2 及以后的版本中，需要通过选择“设置”▶“关于手机”，然后点击“版本号”七次来启用开发者选项。

On your mobile device, you should see a window prompting you to allow the connection from your laptop. Make sure that your laptop is connected to the device by running this command in your laptop terminal:

在您的移动设备上，您应该看到一个窗口提示您允许来自笔记本电脑的连接。请确保您的笔记本电脑通过在笔记本电脑终端运行此命令将其连接到设备上：

adb devices -l

Now you can install APKs with this command:

现在您可以使用此命令安装 APK：

adb install PATH_TO_APK

You can also download files from your device to your laptop by running the following:

您也可以通过运行以下步骤，从您的设备下载文件到您的笔记本电脑：

adb pull REMOTE_PATH LOCAL_PATH

Or copy files on your laptop to your mobile device:

将文件从您的笔记本电脑复制到移动设备：

adb push LOCAL_PATH REMOTE_PATH

Android Studio

Android Studio is software used for developing Android applications, and you can use it to modify an existing application’s source code. It also includes an emulator that lets you run applications in a virtual environment if you don’t have a physical Android device. You can download and read about Android Studio at https://developer.android.com/studio/ .

Android Studio 是用于开发 Android 应用程序的软件，您可以使用它来修改现有应用程序的源代码。它还包括一个模拟器，允许您在虚拟环境中运行应用程序，如果您没有物理 Android 设备。您可以在 https://developer.android.com/studio/下载和阅读有关 Android Studio 的信息。

Apktool

Apktool , a tool for reverse engineering APK files, is essential for Android hacking and will probably be the tool you use most frequently during your analysis. It converts APKs into readable source code files and reconstructs an APK from these files. The Apktool’s documentation is at https://ibotpeaches.github.io/Apktool/ .

Apktool 是一个反编译 APK 文件的工具，对于 Android 黑客来说非常重要，它可能是你在分析过程中使用最频繁的工具。它将 APK 转换成可读的源代码文件，并从这些文件中重构 APK。Apktool 的文档位于 https://ibotpeaches.github.io/Apktool/。

You can use Apktool to get individual files from an APK for source code analysis. For example, this command extracts files from an APK called example.apk :

你可以使用 Apktool 从 APK 中获取单个文件以进行源代码分析。例如，以下命令从名为 example.apk 的 APK 中提取文件：

$ apktool d example.apk

Sometimes you might want to modify an APK’s source code and see if that changes the behavior of the app. You can use Apktool to repackage individual source code files after making modifications. This command packages the content of the example folder into the file example.apk :

有时候，您可能想修改一个 APK 的源代码，并查看应用程序的行为是否发生了变化。您可以使用 Apktool 在进行修改后重新打包单个源代码文件。此命令将 example 文件夹中的内容打包到 example.apk 文件中：

$ apktool b example -o example.apk

Frida

Frida ( https://frida.re/ ) is an amazing instrumentation toolkit that lets you inject your script into running processes of the application. You can use it to inspect functions that are called, analyze the app’s network connections, and bypass certificate pinning.

Frida（https://frida.re/）是一个令人惊叹的仪器工具包，可以让你将脚本注入到应用程序正在运行的进程中。您可以使用它来检查所调用的函数，分析应用程序的网络连接，并绕过证书挂钩。

Frida uses JavaScript as its language, so you will need to know JavaScript to take full advantage of it. However, you can access plenty of premade scripts shared online.

Frida 使用 JavaScript 作为其语言，因此您需要了解 JavaScript 才能充分利用它。但是，您可以访问许多在线共享的现成脚本。

Mobile Security Framework

I also highly recommend the Mobile Security Framework ( https://github.com/MobSF/Mobile-Security-Framework-MobSF/ ), or the MobSF , for all things mobile app testing. This automated mobile application testing framework for Android, iOS, and Windows can do both static and dynamic testing. It automates many of the techniques that I talk about in this chapter and is a good tool to add to your toolkit once you understand the basics of Android hacking.

我也强烈推荐移动安全框架（https://github.com/MobSF/Mobile-Security-Framework-MobSF/）或称为 MobSF，用于所有移动应用程序测试。这个针对 Android、iOS 和 Windows 的自动化移动应用程序测试框架可以进行静态和动态测试。它自动化了本章中介绍的许多技术，并且是一个很好的工具，在您了解 Android 黑客攻击的基础知识后，添加到您的工具包中。