Menu
How can one decompile Android DEX (VM bytecode) files into corresponding Java sourcecode?
538
Command-line and GUI tools for producing Java source code from Android Dex and apk files. Decompile Dalvik bytecode to java classes from APK, dex, aar, aab and zip files. Decode AndroidManifest. xml and other resources from resources.
Get these tools:
dex2jar to translate dex files to jar files
jd-gui to view the java files in the jar
The source code is quite readable as dex2jar makes some optimizations.
And here's the procedure on how to decompile:
Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar
d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex Note 1: In the Windows machines all the
.shscripts are replaced by.batscripts
Note 2: On linux/mac don't forget about
shorbash. The full command should be:
sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk Note 3: Also, remember to add execute permission to
dex2jar-X.Xdirectory e.g.sudo chmod -R +x dex2jar-2.0
dex2jar documentation
Open the jar in JD-GUI
133
To clarify somewhat, there are two major paths you might take here depending on what you want to accomplish:
Decompile the Dalvik bytecode (dex) into readable Java source. You can do this easily with dex2jar and jd-gui, as fred mentions. The resulting source is useful to read and understand the functionality of an app, but will likely not produce 100% usable code. In other words, you can read the source, but you can't really modify and repackage it. Note that if the source has been obfuscated with proguard, the resulting source code will be substantially more difficult to untangle.
The other major alternative is to disassemble the bytecode to smali, an assembly language designed for precisely this purpose. I've found that the easiest way to do this is with apktool. Once you've got apktool installed, you can just point it at an apk file, and you'll get back a smali file for each class contained in the application. You can read and modify the smali or even replace classes entirely by generating smali from new Java source (to do this, you could compile your .java source to .class files with javac, then convert your .class files to .dex files with Android's dx compiler, and then use baksmali (smali disassembler) to convert the .dex to .smali files, as described in this question. There might be a shortcut here). Once you're done, you can easily package the apk back up with apktool again. Note that apktool does not sign the resulting apk, so you'll need to take care of that just like any other Android application.
If you go the smali route, you might want to try APK Studio, an IDE that automates some of the above steps to assist you with decompiling and recompiling an apk and installing it on a device.
In short, your choices are pretty much either to decompile into Java, which is more readable but likely irreversible, or to disassemble to smali, which is harder to read but much more flexible to make changes and repackage a modified app. Which approach you choose would depend on what you're looking to achieve.
Lastly, the suggestion of dare is also of note. It's a retargeting tool to convert .dex and .apk files to java .class files, so that they can be analyzed using typical java static analysis tools.
35
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With
