How to Reverse Engineer an APK file to get the actual source code

You can use Dex2Jar to convert APK into a JAR file then open it using JD-JUI

Basic Usage

1. Download dex2jar from http://code.google.com/p/dex2jar/downloads/list
2. Extract dex2jar-version.zip to a folder. for example /home/panxiaobo/, C:\

unzip -x dex2jar-version.zip -d /home/panxiaobo

3. use dex2jar to generate .jar file. dex2jar will generate a file named someApk_dex2jar.jar in the same folder of someApp.apk.

   linux sh /home/panxiaobo/dex2jar-version/dex2jar.sh /home/panxiaobo/someApk.apk
   windows C:\dex2jar-version\dex2jar.bat someApk.apk

4. use a decompiler to view the source.
• jd-gui
• JAD

Whoops this is so bad! Is it working for any APK ?

Yes, Correct ! Its not problem with Android babay! Its the nature of Java Itself. So we can blame Java for this, =)

Whats the Solution to prevent getting hacked my APKs ?

Obfuscation is the solution. that simply means Confusing the hacker to read the code, at-least less understanding by confusing the Application Logic.

Pro-Guard is the Tool for Android. It will do that scramble for us. =)

 Learn more about how to protect code from hackers!

Securing Android LVL Applications - Licensing with Google APIs