[Tool Android] GDA Android Reversing Tool

[lwierzbicki]

Describe the issue Maybe it is worth to take a look and investigate this tool: https://www.kitploit.com/2020/02/gda-android-reversing-tool-new.html I think we haven't mentioned it anywhere in MSTG.

[cpholguera]

Looking nice! Thanks @lwierzbicki

[lwierzbicki]

I could check how it can possibly fit MSTG.

[cpholguera]

That'd be great, maybe a little overview here about how it's better/more useful in comparison with existing solutions or how it could enhance or replace them? What do you think?

[lwierzbicki]

That's a good hint. Anyway, I need to gather all that info and I will summarize it here. Then, we could decide what next ;)

[cpholguera]

Sounds perfect 👌

[lwierzbicki]

Tool is located here: https://github.com/charles2gan/GDA-android-reversing-Tool There are a few limitations:

• currently it is only supported on Windows (some previous versions triggers virus signatures in Windows Defender)
• source code is not available yet (however there are some plans for that in the future - based on notes from author)

Features:

• unpack and decompile apk file in one process (could replace apktool and dex2jar)
• can dump all strings and functions calls
• verify which app comoponent require requested Android Permissions (nice feature to determine if app really needs that Android Permission)
• can automatically go to entry point of app
• search capability of Java code (similiar to jd-gui)
• can add comments to Java code
• run-time switch between Java code and smali
• python scripting (can be used to extend functionality of the tool)
• double-click allow to go to function/method/classes declaration (cross-references)
• renaming function/method/classes
• multi-dex support
• in-app encrypt/decrypt functionality

From my perspective the tool combines functionality of apktool/unzip, dex2jar and jd-gui. Additionally it has some features of analyzers like MobSF. It can be a good replacement for some tools if limitations are not an obstacle.

What do you think?

[commjoen]

Looks great! However: Given the antivirus warnings, the closed nature of the tool and Windows only, it should not be a replacement for the mentioned tools. Perhaps a link in the tools section, after some in-depth testing would be a better fit?

[lwierzbicki]

During my testing no antivirus warnings popped up. The tool is really useful if you read/verify code of Android app. However I agree that we should wait until the tool become more open (open source would be the best).

[galapogos]

Version 3.70 on the linked github page above throws me a Windows Defender warning (Trojan:Win32/Occamy.C)