💾 Archived View for jacksonchen666.com › posts › 2023-08-06 › 17-57-42 › index.gmi captured on 2023-09-28 at 15:58:07. Gemini links have been rewritten to link to archived content

View Raw

More Information

⬅️ Previous capture (2023-09-08)

➡️ Next capture (2023-11-04)

-=-=-=-=-=-=-

Android APKs Shenanigans

2023-08-06T17:57:42Z (last updated 2023-08-12T10:50:19Z)

Today I got nerd-sniped by... myself?

What I wanted to do is play the 2023 April Fools chart in Phigros. However, the chart is exclusive to version 2.5.1 which is definitely not the current version my Phigros install is on.

Phigros 2023 April Fools chart

I tried to find an APK which doesn't conflict with my current Phigros install. However, I didn't find one. So I made my own.

First, I had to obtain the APK. I just used Aurora Store, did a manual download, and grabbed it from my phone's filesystem (assuming the downloads were externally available).

Aurora Store

I used APKEditor to turn the APK file (which is a JAR file in disguise (which is a ZIP file in disguise)) into something that is more human readable. That includes converting the AndroidManifest.xml file from a binary file to an XML file.

APKEditor

The command I specified is the decode command, which turns an APK file into an extracted and human readable (AKA not binary) version of it. It's kind of like decompiling.

After the APK was decompiled, I went ahead and searched for "Phigros".

It resulted in some files, and I opened those files.

For things that looked like an application ID, I changed the application ID with something different so that it doesn't clash with existing Phigros installs.

In my case, I found application ID in these files (within the decompiled thing):

I also wanted to change the app name so that it is easy to differentiate. I found the app title in these files:

Of course in reality, this probably wouldn't apply to you unless you did exactly the same thing as what I did.

After all the necessary changes (and combining the files from the OBB (another ZIP file containing stuff to add on top of the APK)), I used the build subcommand of the APK editor to turn the decompiled folder back into an APK.

So now I have an APK. Signing will be required for the app to be installable.

To sign an APK, you'll need a signing key. And here's the commands I used to generate the signing key:

umask 077
keytool -genkey -v -keystore phigros-custom.keystore -alias phig -keyalg RSA -keysize 4096 -validity 1000000

The last command will create a file called `phigros-custom.keystore` at your current working directory, and ask for a password (which can be anything if the keystore does not exist). The key also lasts a million days, which should be long enough to practically never expire on you (unless you somehow manage to live for more than 2700 years, also considering if it even matters to you in 2700 years).

Sources:

https://stackoverflow.com/questions/50705658/how-to-sign-an-apk-through-command-line/#50706137

Next, signing the APK.

In the apksigner documentation, it says to use zipalign before using apksigner. Here's an example command (Replace filenames appropriately):

zipalign

apksigner

zipalign -v -p 4 target.apk aligned.apk

After that, the APK can be signed.

apksigner sign --ks phigros-custom.keystore --in aligned.apk --out signed.apk

If you use a different keystore filename, replace appropriately.

You can omit the --in and --out arguments and replace that big chunk with just the input filename.

And after that, it should be possible to install the APK on your Android device.

public inbox (comments and discussions)

public inbox archives

(mailing list etiquette for public inbox)