Android download APK application
When auditing mobile application, sometimes apk file are not provided by your client, you have to get it yourself.
Three methods are available to download Android app:
- Using third party websites: unsafe method
- Using Android device: secure method
- Using Google Play API: automated method
Using third party websites
Many websites allow you to download apk files. You can easily find them with a web search.
Note that these websites can’t be fully trusted:
- APK are not always up to date
- Files could be modified to add malware or other stuff
Use it at your own risk.
Using Android device
You need :
- device with Google Play services. It can be a virtual device
adbtool on your computer
- Install target application from Google Play
- Make sure Android devices is accessible via
adbwithadb devicescommand - Then download
apkfrom device
# Find application package name if not already known
adb shell pm list packages
# Application package name can also be find in the Google Play URL
# Example `jp.takoboto` for `https://play.google.com/store/apps/details?id=jp.takoboto`
# Get package path
adb pm path <package name>
# Download apk
adb pull <package path> ./
Using Google Play API
We don’t directly communicate with Google Play API, we’ll use apkeep for that.
By default, apkeep download from APKPure. To download from Google Play, we need an AAS token. The documentation explain how to obtain it.
Once you have your token, download apk with these options:
apkeep -a <package name> -d google-play -e <gmail address> -t <aas token> .
Note that this method violate Terms of Services.
Conclusion
First and third method are risky. First one in terms of security, third one because Google may ban your Google account.
The best way is with an Android device to avoid any third party and remain in a normal use of Google services.