# baby\_steps BABY STEPS First, lets break down the apk java -jar apktool\_2.1.1.jar d Now, let's break down the apk again to get the classes.dex and turn it into a .jar file. ./dj2-dex2jar.sh -o Now lets run JD-GUI, select the from above, and run it. This will help decompile some code that is very similar to the original source code. java -jar baksmali-2.1.1.jar After running this command, the output results will be placed into a directory called out. java -jar smali-2.1.1.jar source-directory-containing-smali-code/ This will Take the smali code and turn it into a dex file 1. Run dex2jar as seen above, and turn the apk into a . jar file ./dj2-dex2jar.sh -o 2. Use apktool to retrieve the AndroidManifest.xml file java -jar apktool\_2.1.1.jar d 3. Look at the AndroidManifest.xml file and gather some information about the app. Look at the permissions and intents. IE - Intenet permission etc etc. keywords - files, access, user, password 4. When you find something interesting in the AndroidManifest.xml file, load the from above usage with dex2jar, with JD-GUI and check the contents of your juicy file you found in step 3 5. --- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://0xdecaf2bad.gitbook.io/red-team-notes/84-mobile/baby_steps.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.