Decompiling Android ペーパーバック – 2012/7/12
Kindle 端末は必要ありません。無料 Kindle アプリのいずれかをダウンロードすると、スマートフォン、タブレットPCで Kindle 本をお読みいただけます。
Decompiling Android looks at the the reason why Android apps can be decompiled to recover their source code, what it means to Android developers and how you can protect your code from prying eyes. This is also a good way to see how good and bad Android apps are constructed and how to learn from them in building your own apps. This is becoming an increasingly important topic as the Android marketplace grows and developers are unwittingly releasing the apps with lots of back doors allowing people to potentially obtain credit card information and database logins to back-end systems, as they don't realize how easy it is to decompile their Android code. In depth examination of the Java and Android class file structures Tools and techniques for decompiling Android apps Tools and techniques for protecting your Android apps What you'll learn How to download an Android app and decompile it into its original Java source and HTML5 and CSS code How to protect your Android apps so that others cannot decompile it To identify potential security threats that currently exist and how to avoid them What tools are available to decompile and protect Android apps The structure of a Java Classfile and an Android classfile How the standard JVM and the Dalvik JVM differ How to create your own Android decompiler and obfuscator Who this book is for This book is for Android developers and their managers. It's also for hackers and hobbyist types who wish to see how Android apps are constructed as a means of learning how to build Android apps. Table of Contents Laying the Groundwork Ghost in the Machine Inside the DEX File Tools of the Trade Decompiler Design Decompiler Implementation Case Studies
Godfrey Nolan is president of RIIS LLC, where he specializes in website optimization. He has written numerous articles for magazines and newspapers in the United States, the United Kingdom, and Ireland. Nolan has had a healthy obsession with reverse engineering bytecode since he wrote Decompile Once, Run Anywhere, which first appeared in Web Techniques in September 1997.
I have been developing for Android since 2009 and the topic of reverse engineering frequently emerges but I have never had time to properly research it. Thanks to this book, I feel I can confidently answer such questions and perhaps do a little reverse engineering myself if necessary. Well worth the price and time.
I enjoyed the topic and writing style/organization, and the author gives a nod to NELIAC (my first working language) as a bonus.
This book will not be for the average application developer, but if you are interested in android internals then I think you will not be disappointed.
While I always enjoy learning new things, I do value my time. When I came across this book, I was elated. I realized that the many disparate pieces of information I needed had been assembled in a single tome.
The book gives an excellent overview of Java/Dalvik decompiles - past and present. While having the latest and greatest is nice - you learn to appreciate them more when you know the history and evolution of such tools.
It covers, in depth, the use of existing tools that - piece by piece - transform an Android APK into Java source code. This information alone would have been a huge time to anybody seeking knowledge on the deconstruction of Android apps.
Beyond the discussion of existing decompilers, the main focus of the book is on the creation of custom tools to add to your reverse engineering tool belt. The book meticulously documents the process of decompiling an app. The appendix, to my delight, also includes a list of all the Java and Dalvik bytecodes.
While it is great to understand how to take apart an APK, it brings to light how vulnerable apps can be. Luckily, the book includes a chapter dedicated to the discussion of how to protect an app. Included, are several case studies using several existing utilities. In addition, there is general discussion on protection schemes, such as layout, control, and data obfuscation.
The book is well written and technically accurate. I highly recommend it to anybody interested in reverse engineering or those looking into creating, and protecting, their own Android apps.