Modifying React Native APK
Intro
React native is a JavaScript framework supported by facebook to create hybrid application (combine native & web apps). For developers, React Native is the right choice for creating iOS and Android applications quickly and efficiently, because React Native can compile applications to Android and iOS with only a few changes, namely the use of devices API such as cameras, bluetooth, etc.
Like apk in general, the contents of the compiled apk will resemble native apps, which have the following contents:
▹assets →application assets
- index.android.bundle → compiled react native application (minified javascript)
▹lib →compiled code that is platform dependent
▹META-INF →META files
▹res →uncompiled resources, such as font, layout, animation, etc
- AndroidManifest.xml → application metadata
- classes.dex → compiled java class
- resources.arsc → precompiled resources
Modifying applications is generally done to avoid root detection or protection that runs on applications without communicating with the backend server
Content
How To
To be able to modify the application we only need to change the contents of index.android.bundle file
In order to edit the contents of index.android.bundle without destroying the apk, we have to edit without extracting … here’s step by step how to edit directly from the zip:
- Change extension from .apk to .zip
- Open with 7zipFM
- Edit index.android.bundle and save
- Change extension from .zip to .apk
- Done
How to read source code easier
- beautify index.android.bundle
- Use search to find string
- Trace parent function of annoying string
Warning (based from experience)
- Extracting file and recompressing will corrupt the apk
Example
For example, an application that detects the timezone and updates it to the latest version every time an application is used. Here is a display of the application
To be able to bypass the error popup, we need to delete the function that calls the popup … after looking for the function that calls the error message, it was found that the contents of case 11 are security checking carried out by the application, so we need to delete the contents of case 11.
After editing the contents of index.android.bundle don’t forget to save the file, and rename the extension to .apk
when it has finished changing, we try to install the application again … but after the application is running, there is an auto update that forces the application to be updated, so the error popup “Timezone tidak otomatis” appears again
In the same way, we can remove the function that calls the update popup by editing index.android.bundle again.. After searching for the string “Aplikasi versi baru ditemukan”, it was found that the function “fetchVersi” did a version check and performed an update, so we need to remove this function call
After editing, saving, and changing the file extension to apk, we try to re-install the application, and the application can run normally