How to recompile an Android app via Apktool and successfully execute the application?

I want to test the behavior of a recompiled APK on an Android Device without any changes.
After I decompiled using Apktool 2.4.1 with default flags, then compiled without any errors/warning I signed the recompiled Apk and installed it on a non-rooted device.

I tried to run the Apk on the device but sadly it failed, it has stuck on the loading of the main screen.

I think maybe it fails to load the main activity, which I’ve seen some weird logs via Logcat.

As part of a project, I need to bypass SSL Pinning on this mobile App, I’m on my baby steps of learning some tools and reversing.
sadly atm in my company there is no one who can help.
That’s why I’m trying to research for a solution on the internet and trying to figure out maybe if you guys can help me.

This app got SSL pinning, root detection, and emulator detection (pictures can be attached if needed).
already tried to install on a different rooted device with Xposed and SSL pinning bypass package.

I had some ideas for reversing that I wanted to test on the app with specific changes like adding libraries of Frida to the source files of the Apk and recompile or try to change the source code and make the Apk accept any cert or something like that.

From a short surf on the web, I have found a post that describes 3 ways that were possible to implement SSL Pinning,

https://www.netguru.com/codestories/3-ways-how-to-implement-certificate-pinning-on-android

While I was using Jadx to search for OkHttp and CertificatePinner I have not found any reference for these.
tried to look in the manifest and in the resource for XML "Network Security Configuration" didn’t find as well

what leaves us with the last option which is TrustManager.

I have attached some pictures and info about my process,
I would be more than glad to receive any help or suggestions from you!

Apktool 2.4.1
d2j-apk-sign.bat from Dex-tools-2.1-snapshot
Samsung J7 Android 8.1
using Burp proxy and generated my own Certificate ( NVISO ) will be seen in the logs of logcat
I have changed in the logcat Pastebin the name of the original package name to "com.original.noncompiled.mobile"

and in the recompiled Pastebin to "com.re.compiled.mobile" for the customer’s privacy.

In Burp certificate issue while running Original Application via proxy

Device Screenshot with an error after I run Original Application via proxy

Logcat after I executed the Original Application and got the SSL Pinning issue.

com.original.noncompiled.mobile

https://pastebin.com/JAmyD96x

Recompilation and the Signing of the Apk

Stucked here for ever

In addition, Burp never showed me a certificate error for the Application URL, which means it never tried to communicate. I’m pretty sure we can see something that may refer to it in the log.

Logcat after I executed the Recompiled Application and seen the stuck window of the Apk.

com.re.compiled.mobile

https://pastebin.com/EixNsTUz

Source: Android Questions

LEAVE A COMMENT