Knowledge Center
Reverse engineering techniques involve extraction of source code and various resources from the Android Package (APK) file. There are numerous tools available for assistance in decompiling an APK file, such as Apktool, dex2jar, jd-gui, and JAD. It has become easy to hack an Android mobile application. The hacker can disable advertising and even detach it from various verification services. Some might wish to hack the app in order to find out the working and special features of an application, either to make a better app or reproduce it. It is crucial to ensure highest level of security to prevent mobile apps from reverse engineering.
Both Objective-C and Java language compilers embed definitions of the class interfaces and the relationships among the classes in the binaries. Such information is one of the first things an attacker seeks when attacking an app. The Objective-C runtime lets an application modify its mapping from a selector to an implementation. An attacker can take advantage of this feature to monitor a system library interface and intercept calls to decryption methods. The application will pass the appropriate key as a parameter to these methods and the attacker will successfully grab the key. It is crucial to layer the self-defenses and implement them appropriately, so that a mobile app can become highly resilient against attacks even on rooted or jailbroken devices.