Decompile an APK

Last year I built a simple Android app (with Android Studio) that I use on my Firesticks.
Rather stupidly I never added the source files to my backup routine.
This was only discovered following a hard drive crash and a data restore to the replacement drive.
I wanted to update an image in the APK but without the source this was not possible.
I was going to start a new project to recreate the APK but then I learnt of an application called ApkTool.
This app allows you to decompile an existing APK, update images (and change other parts of the original source) and then compile back to an APK.
This worked really well and took me just took 30 minutes from start to finish.
It saved me a day or two of writing code, which was overkill just to change an image.

I wanted to document this process so have decided to do it here in case others can benefit from this process.
Note: This method described here is only intended to be used for an APK that you have lost the source code for.
There are both ethical and legal reasons why you should not use the process for an APK which you do not own the source.

These instructions are written for Windows 10.
You can easily modify them to use on Linux or Mac (but you are on your own with that).
There are other methods to decompile an APK, edit images and recompile it (including GUI ones but I prefer to do this manually).
Likewise there are other methods to sign the zip file than the one used below (apksigner for example).
The method described here works for me but feel free to look for alternatives.

Prerequisites

  • A folder as a working directory for the decompiled APK files (I use d:\decompile but use any folder name and location you prefer).
  • A folder for storing the original APK file you wish to decompile (I use d:\decompile\original-apk).
  • Java SE Runtime Environment (ApkTool is a Java app so you need Java to be installed on your PC).
    I use the Windows 64-bit version, jre-8u281.
    If you do not already have Java runtime installed, download it here and install it.
  • Java SE Development Kit (contains tools to sign the APK).
    I use the Windows 64-bit version, jdk-8u281.
    If you do not have already have this, download it here and install it.
  • ApkTool (current version v2.5.0). Download here and save it to the decompile folder created above (rename the downloaded file to apktool.jar).
  • The APKTool Windows wrapper script. Download here (right click, and choose Save link as… apktool.bat). Save the file to the decompile folder created above.

    Note: You can alternatively move the above two files (apktool.jar and apktool.bat) to a folder in your System path or add the decompile folder your Environment Variables System PATH variable.
    I prefer not to do either and change to the decompile folder (in the command prompt window) before running the necessary commands.
  • The Android SDK Build-Tools (to align the APK for optimal loading).
    Note: You can skip this step if you will not be uploading the APK to the Google Playstore.
    I have this installed through Android Studio.
    It is supposedly possible to install the tools without installing Android Studio by downloading just the command line tools (but you are on your own with this).
    This can be downloaded here (browse to the Command Line Tools only section at the bottom of the page).
    Further tasks need to be completed after this.
    I have never done it this way and recommend installing Android Studio and install the Build Tools from within Android Studio.

Procedure

Note: All of the following commands needs to be run from an Adminstrator command prompt.
They also need to be run from the directory/folder where ApkTool is located (e.g. d:\decompile).
If you close and reopen the command prompt window at all during the process be sure to start a new one in administrator mode and change (cd) to the decompile folder.

Decompile the APK

  1. Copy the apk file you wish to modify to the d:\decompile\original-apk folder (or wherever else you will be storing it).
    The apk I will be decompiling is named flakie-app.apk (so the file path is: d:\decompile\original-apk\flakie-app.apk).
    Then run:

    apktool d d:\decompile\original-apk\flakie-app.apk

    Dependent on the size of your apk file this will take anything for a few seconds to a few minutes to complete.
    When finished there will be a new sub-folder in the decompile folder with the same name as your apk (minus the apk file extension).
    So in my case the new folder is named flakie-app (the path is: d:\decompile\flakie-app).

Locate and Change the Original Image

  1. Find the original image you wish to change (in the decompiled folder created above).
    Use Windows Explorer for this (it helps to change the view to Icon view. I use Large Icon view).
    The image could be in multiple locations.
    You will need to replace the image in all the locations you find it.
    Images are stored in subfolders of the res folder (e.g. d:\decompile\flakie-app\res).
    The first folder to check would be the drawable folder (e.g. d:\decompile\flakie-app\res\drawable).
    Other folders to check could be: drawable-hdpi, drawable-ldpi, drawable-mdpi, drawable-xhdpi, drawable-xxhdpi, drawable-xxxhdpi (or variants of these names).
    It is recommended to check all the drawable folders.
    If you are replacing an icon image in could be in the mipmap folder/s, e.g. mipmap-hdpi, mipmap-ldpi, mipmap-mdpi, mipmap-xhdpi, mipmap-xxhdpi, mipmap-xxxhdpi (or variants of the names). Check all mipmap folders.
    Whatever the image type, the image is likely to have different dimensions in each of these folders (they are folders for supporting different screen sizes).
    You should check the dimensions of each image you find and replace it with an image of identical dimensions, in the same folder you find it in.

Other Decompiled Folders

  1. There are lots other folders inside the res folder (and outside of it).
    Editing the contents of these folders is beyond the scope of these instructions but I will detail what I know about editing the contents of some of these folders.
    If you want to edit them then I recommend using Notepad++ to do so.
  • layout: These folders contain xml files for the different views for the apk.
    You can edit these xml files to change/remove the placement of views (relative and linear), buttons, images, text etc.
  • values. These folders contain xml files for the values for the resources that are used in the apk (strings, color, styles, dimensions etc).
    For example you could edit the strings.xml file to change the text that is displayed on the screen, possibly in multiple places, amongst other things.
  • Outside of the res folder you will also see smali folders.
    Editing the contents of these folders is even further beyond the scope of these instructions.
    These folders contain smali files (in Smali Assembly Language).
    ApkTool cannot directly convert the Java files from the apk but converts them to these smali files.
    You can edit these to change the Java functions in the apk but doing so is very difficult and simple mistakes will cause the program not to recompile (or crash when launching if it does compile).

Recompile the APK

  1. Use ApkTool to recompile the APK (to a temporary apk).

    apktool b flakie-app -o flakie-app.tmp.apk

    Dependent on the size of your apk file this will take anything for a few seconds to a few minutes to complete.
    If anything is wrong ApkTool will display an error which should guide you to fixing it.
    When it is complete you will have a new temporary apk file created in the root of the decompile folder (e.g. d:\decompile\flakie-app.tmp.apk).

Create a Keystore File

  1. Use the Java keytool to create a keystore to sign the apk and contents.
    Note: This process only has to be done once and you can use the same keystore for any future apk you may need to decompile/recompile.
  • You will need to think of a password for this (and not forget it).
    It does not need to be complicated and 6 character length is enough for this purpose.
    For this example I will just use: 123456.
  • You will also need to use an alias for the key.
    This can be your name, company name, or anything else.
    For this example I will use: flakie.
  • You will need a filename for the keystore in the format: <filename>.keystore (for this example I will just use: my-release-key.keystore).

“C:\Program Files\Java\jdk1.8.0_281\bin\keytool” -genkeypair -v -keystore my-release-key.keystore -alias flakie -keyalg RSA -keysize 2048 -validity 10000

You will be prompted for a password (I am using 123456).
You will be then prompted for: first name and last name, organizational unit, organization, City or Locality, State or Province and the two-letter country code for this unit.
You can choose to enter these details or just press Enter/Return to leave them blank.
At the end of the process you will be asked to confirm the details are correct.
Press Y and then Enter/Return to confirm.
Enter your password again when prompted.
The keystore will then be created in the decompile folder (e.g. d:\decompile\my-release-key.keystore). Keep it safe.
Ignore any warnings about a proprietary format.

Sign the APK

  1. Sign the APK using the keystore.

“C:\Program Files\Java\jdk1.8.0_281\bin\jarsigner.exe” -verbose -sigalg SHA1withRSA -digestalg SHA1 -keystore my-release-key.keystore flakie-app.tmp.apk flakie

The APK and contents will be signed.

Verify the Signing

  1. Verify the APK has been signed.

“C:\Program Files\Java\jdk1.8.0_281\bin\jarsigner.exe” -verify -verbose -certs flakie-app.tmp.apk

Do not worry about any errors that may appear.
We are only interested in the last line showing it is signed and will expire in 10,000 days (about 27 years and 4 months).
e.g. The signer certificate will expire on 2048-06-26.

Align the APK for Optimal Loading

  1. Finally align the APK for optimal loading and create a copy (without the .tmp in the name).
    You can skip this step if you will not be upoading the APK to the Google Playstore.
    If this is the case just rename the APK, to remove the .tmp part and use the APK as it is.

    If you intend to upload the APK to the Google Playstore then this step is mandatory.

“C:\Program Files (x86)\Android\android-sdk\build-tools\28.0.3\zipalign.exe” -v 4 flakie-app.tmp.apk flakie-app.apk

After a short while the APK will be optimised.
It will be located in the decompile folder (e.g. d:\decompile\flakie-app.apk).
You can delete the temporary apk file (the one with .tmp in the filename).
Then install the fixed apk file (you can use Flakie ADB GUI for this).