Modifying the source code of an android application using an apk file

It just so happened that the comic book and manga reader application that I use on my android smartphone after the update began to show ads at the end of each chapter of the comic book. This application was available on Google Play a couple of years ago (the paid version of which I bought), but was deleted due to "copyright infringement", after which it went underground and became distributed through the developer's website. Alas, I did not find any worthy alternatives to this application on android and iOS, but I didn’t really want to watch ads, especially since I already bought the version without ads. For some reason, the developer himself did not make it possible to disable it, but did not respond to requests to add such an opportunity. Therefore, I had to look for alternative methods to disable it. The first thing that came to mind is that android applications are written in java, which means that there is a possibility that the author did not obfuscate his application and you can try to decompile it. After a little thought, I started to work.

First, the apk file of the application itself was downloaded . Then a short search on the Internet led me to the site . With it, you could download the apk file with the application and get a set of source codes at the output. Alas, decompilation into java classes is not quite ideal, and therefore I could not completely restore the application project in the IDE (Idea), but this allowed me to analyze the structure of the project and figure out how it works. After the analysis, two promising methods were found in the class - placeAdViewIfNeeded and removeAdViewIfNeeded .

PlaceAdViewIfNeeded method code:

if (adViewPlaced || adView == null)
} else
    android.widget.RelativeLayout.LayoutParams layoutparams = new android.widget.RelativeLayout.LayoutParams(-2, -2);
    layoutparams.addRule(13, -1);
    viewgroup.addView(adView, layoutparams);
    adViewPlaced = true;

The simplest thing that came to mind after reading the code was to remove everything superfluous and leave only the return call;

But, as already mentioned, even if I changed something in the java class, I could not eventually compile the application in the IDE. Therefore, I had to look for an alternative. It turned out that smali-files that are created during the decompilation process also allow, after making the necessary changes, to re-assemble the modified application. Alas, the site that was given above, allowed only to receive source codes, but not to collect new ones. Therefore, I had to look for ways to do it myself. ApkTools
Utility Found, which allowed you to decompile and compile apk files. In addition, aapt.exe utility was required, which was taken from the standard SDK for android in the android-sdk \ build-tools \ 20.0.0 folder.

For the convenience of calling the utility from under windows, the apktool.bat script was created:

@echo off
set PATH=%CD%;%PATH%;
java -jar "%~dp0\apktool.jar" %1 %2 %3 %4 %5 %6 %7 %8 %9

To decompile the application, the following commands were executed:

apktool if <appName>.apk
apktool d <appName>.apk

After that, the BaseReaderFragment.smali file was found in the received sources and the methods we needed were changed as follows:

.method protectedplaceAdViewIfNeeded(Landroid/view/ViewGroup;)V
    .locals 3
    .param p1, "layoutAds"    # Landroid/view/ViewGroup;
    const/4 v2, -0x2return-void
.end method
.method protectedremoveAdViewIfNeeded(Landroid/view/ViewGroup;)V
    .locals 1
    .param p1, "layoutAds"    # Landroid/view/ViewGroup;
    .line 149const/16 v0, 0x8return-void
.end method

Next came the turn of building the apk file from the sources.

You can do this with the following command:

apktool b <AppSourceDir>

But that is not all. For the application to be installed, it had to be digitally signed. The easiest way to do this is to download the archive which contains the utility for signing applications and digital certificates for it.

Unpack the archive, execute the command:

java -jar signapk.jar certificate.pem key.pk8 <path-of-the-folder-contaning-the-apk>.apk <path-of-the-new-signed-apk>.apk

The resulting apk file can be downloaded to your phone to check our modified application. However, in the process of testing the changes, it turned out that the ads are no longer showing, but the page itself is being created to display them, which is not very pleasant. The application code was again analyzed, the BaseSeamlessReaderFragment class was found , and the appendPages method was found in it .

It was clear that the line:

addPage(new MangaPage(i - 1, null, chapteritem, true), false);

creates an additional page, in addition to those that are in the manga chapter, with the parameter responsible for showing ads. It was decided to delete this line and see the result. Again, look at the similar smali-file ( BaseSeamlessReaderFragment $ 4 ) and delete the line:

invoke-virtual {v6, v7, v10}, Lorg/mangawatcher/android/fragments/BaseSeamlessReaderFragment;->addPage(Lorg/mangawatcher/android/fragments/BaseSeamlessReaderFragment$MangaPage;Z)V

Again, we build the apk file from the sources and sign our application. After installing and testing the application, the advertising screen finally disappeared, which was the ultimate goal.

This example shows that, if necessary, you can quite simply and quickly modify existing Android applications to add missing functionality to them, or vice versa to remove some unwanted features in situations where there is no access to the source. I hope he helps people who find themselves in a similar situation and do not want to put up with it, find a solution to the problem.

Also popular now: