Android NDK possibility of decompiling native code

java android eclipse android-ndk
13,368

Solution 1

Decompiling native to source code is (probably, I wasn't trying it) possible, there are some tools like this https://www.hex-rays.com/products/decompiler/

It's possible to reconstruct project from apk but code will be obfuscated (weird class and method names). You may check your app against apk2gold (https://github.com/lxdvs/apk2gold)

As for your last question, with a little effort - yes.

Solution 2

Is is possible to decode native code compiled

No.

is it possible from the apk to reconstruct the project

Yes, a lot of it. Extracting .class files is easy, decompiling mostly too. An obfuscation step in your build process will make this a lot more difficult.

However, constant values and initilizers are very easy to come by from a compiled class. Don't try something like private static String SECRET = "sesame123";. This is not at all difficult to reverse engineer. - The same is, by the way, valid for .so files too.

is it possible to use the .so files in the apk file again to reconstruct the project

No.

It depends on what you mean with "project". The functions and signatures of your native library are probably easy to recover from the corresponding (compiled) Java class in any case. The (source-)code is basically "lost" for good after compilation to native code. If someone knows how to use your shared library though (easy to figure out, see above), he would be able to use it in whatever app he likes.

To sum it up:

a) The source code cannot be reconstructed from compiled native code.

b) Java source is much easier to reconstruct from compiled .class files; obfuscation of the code can make it harder.

c) Any functionality your app may have, native or not, can quite easily be extracted and exploited by another app the attacker may write.

See also: http://en.wikipedia.org/wiki/Security_through_obscurity

Share:
13,368
Admin
Author by

Admin

Updated on June 04, 2022

Comments

  • Admin
    Admin almost 2 years

    Is is possible to decode native code compiled and liked to android through ndk ?

    and is it possible from the apk to reconstruct the project and import it to eclipse (or any other IDE)?

    is it possible to use the .so files in the apk file again to reconstruct the project or with another project if the java native function declaration is done appropriately?

Recents

Why Is PNG file with Drop Shadow in Flutter Web App Grainy?
How to troubleshoot crashes detected by Google Play Store for Flutter app
Cupertino DateTime picker interfering with scroll behaviour
Why does awk -F work for most letters, but not for the letter "t"?
Flutter change focus color and icon color but not works
How to print and connect to printer using flutter desktop via usb?
Critical issues have been reported with the following SDK versions: com.google.android.gms:play-services-safetynet:17.0.0
Flutter Dart - get localized country name from country code
navigatorState is null when using pushNamed Navigation onGenerateRoutes of GetMaterialPage
Android Sdk manager not found- Flutter doctor error
Flutter Laravel Push Notification without using any third party like(firebase,onesignal..etc)
How to change the color of ElevatedButton when entering text in TextField

Related

Type 'jint' could not be resolved, and JNIEnv, jclass
AndroidRuntime Caused by: java.lang.unsatisfiedLinkError: Couldn't load tfp_jni: findLibrary returned null
Button.setOnClickListener(this); error
"WebDriver cannot be resolved to a type" error in Android WebDriver java code
“Activity has leaked window that was originally added here”
Android NDK : No JNI_OnLoad found in ... skipping init : But there is JNI_OnLoad
Android - .getInputStream() keeps on crashing
speex support in android
'Open Declaration' in Eclipse navigates to class files instead of to source files for Android Libraries
Changing the location of indicator in ExpandableListView causing problems