Trending

Android Application Security Testing Part-4: Structure of Android Package Kit (apk)

September 26, 2018


Structure of Android Package Kit:
          Android Package Kit (APK) is the package file format used by the Android operating system for distribution and installation of mobile apps. User can download and install an Android application from either an official source (such as Google Play Store), or from some other (unofficial or third party) site.
            A user or developer can also install an APK file directly to a device (that is, not via download from the network) from a desktop computer, using a communication program such as adb, or from within a file manager app in a process known as sideloading. By default, the ability to install from unofficial sites or directly from a desktop or file manager is disabled for security reasons on most Android devices. Users can enable it by changing the setting "Unknown sources" in the Settings menu.
            An APK file contains all of that program's code (such as .dex files), resources, assets, certificates, and manifest file. As is the case with many file formats, APK files can have any name needed, provided that the file name ends in ".apk".
AndroidManifest.xml:
  • The AndroidManifest.xml file containing all configuration information about the application and defined security parameters.
  • Simply we can say that, it is the control file that tells the system what to do with all the top-level components (specifically activities, services, broadcast receivers, and content providers) in an application.
  • When you build the application, the AndroidManifest.xml file is generated either with the default permissions or with the permissions that you have set.
  • This file may be in Android binary XML that can be converted into human-readable plaintext XML with tools such as android-apktool, or Androguard.
Classes.dex:
  • This is essentially the executable file containing the Dalvik bytecode of the application. It is the actual code that will run on the Dalvik Virtual Machine.
  • The dot (.) class files or code files are compiled in the dex file format understandable by the Dalvik virtual machine and by the Android Runtime.
META-INF directory:  This folder contains the certificate of the application; Where signature data is stored,
  • MF: The Manifest File
  • RSA: The certificate of the application.
  • SF: The list of resources and SHA-1 digest of the corresponding lines in the MANIFEST.MF file.
lib: the directory containing the compiled code that is specific to a software layer of a processor, the directory is split into more directories within it:
  • armeabi: compiled code for all ARM based processors only
  • armeabi-v7a: compiled code for all ARMv7 and above based processors only
  • x86: compiled code for X86
  • mips: compiled code for MIPS processors only
assets: Allows the developer to place files in this directory that they would like bundled with the application. E.g. font file (.ttf)
res: Contains all the application activity layouts, images used, and any other files that the developer would
like accessed from code in a structured way.
resources.arsc:  It is a file containing precompiled resources, such as binary XML for exampleResources can be compiled into this file instead of being put into the res folder. Also contains any application strings.
Useful Links:
https://en.wikipedia.org/wiki/Android_application_package
https://developer.android.com/guide/topics/permissions/overview.html
http://docs.kony.com/konylibrary/visualizer/visualizer_user_guide/Content/AndroidManifest_File.htm







No comments

Subscribe to: Post Comments ( Atom )