Morioh
Login
Chaz Homenick

Chaz Homenick

3 years ago

This is the first article in this series “What’s inside my app”_, _this series will focus on reverse-engineering and strip android apps down to their original base code -or at least try to get the original one. In each article i will be picking an android app from the play store, decompile it and lay for you all the things underneath it hood.

Feel free to suggest if you have any app and challenge me to reverse engineer it for you.

In today’s article, we will be talking about **“Who touched my phone?”**android app. The app has over 1 Million downloads and over 23K reviews most of them 5 stars reviews.

Who touched my phone? (WTMP) is an application with a focus on privacy, it will record for you those who are trying to snoop on your phone without you noticing, using your front camera in the background. The records on the app will allow you to see when, who and what apps did this person used while you are away.

Once you’ve installed the app, your open it, go through the different permissions dialog and then you start the app. You can dismiss the app as it’ll be running on the background, once your device went to sleep and the screen is off, it then start recording when who ever pick the phone and start using it, first by taking a picture of the person using it and also recording all the apps that person went through.

Summary of the App

Now this is the fun part where we’ll decompile and reverse engineer the app, for that i will be using a tool that i created Decompile My Apk , it’s an easy to use shell script which combines couple of other tools that helps in the process of retrieving the Java Classes from the Apk.

The repo structure, from first sight it looks well structured, lot of permissions-we’ll talk on that in a while, activities, fragments, Job scheduler, Services.

The app is developed under the MVVM (Model, View, ViewModel) architecture with Dagger for dependency injection, Data Binding (to bind UI components in your layouts to data sources) , Navigation and Lifecycle component (which is part of the Jetpack components that can manage complex navigation, transition animation and provides classes and interfaces that let you build lifecycle-aware components — which are components that can automatically adjust their behavior based on the current lifecycle state of an activity or fragment). The App also support multiple languages.

#android-app-development #apk #reverse-engineering #android

What’s inside : Who touched my phone? Android App

android.jlelse.eu

What’s inside : Who touched my phone? Android App

This is the first article in this series “What’s inside my app”, this series will focus on reverse-engineering and strip android apps down…

1.35 GEEK