Decompiling SDKs

You can decompile the SDK’s library jar file after you download the SDK using the JD-GUI decompiler. Alternatively, if the SDK is already in your app, take the following steps that are similar to what we’ve already covered in earlier chapters, although this time you don’t need to pull the APK off the device. You need to export it to the filesystem:

1. Build using your favorite IDE.

2. Export your APK; if you’re using Eclipse, right-click on the project and choose Android Tools->Export Unsigned Package.

3. dex2jar your APK. See Chapter 1 if you need to review how to do this.

4. Open the apk_de2jar.jar file in JD-GUI.

After you have the source code in JD-GUI, search for the following strings to see whether there is any extra user ...

Get Bulletproof Android™: Practical Advice for Building Secure Apps now with the O’Reilly learning platform.

O’Reilly members experience books, live events, courses curated by job role, and more from O’Reilly and nearly 200 top publishers.