Logo Questions Linux Laravel Mysql Ubuntu Git Menu
 

decompiling DEX into Java sourcecode

How can one decompile Android DEX (VM bytecode) files into corresponding Java sourcecode?

like image 538
Will Avatar asked Aug 08 '09 21:08

Will


People also ask

What is JADX GUI?

Command-line and GUI tools for producing Java source code from Android Dex and apk files. Decompile Dalvik bytecode to java classes from APK, dex, aar, aab and zip files. Decode AndroidManifest. xml and other resources from resources.


2 Answers

It's easy

Get these tools:

  1. dex2jar to translate dex files to jar files

  2. jd-gui to view the java files in the jar

The source code is quite readable as dex2jar makes some optimizations.

Procedure:

And here's the procedure on how to decompile:

Step 1:

Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar

d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex 

Note 1: In the Windows machines all the .sh scripts are replaced by .bat scripts

Note 2: On linux/mac don't forget about sh or bash. The full command should be:

sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk  

Note 3: Also, remember to add execute permission to dex2jar-X.X directory e.g. sudo chmod -R +x dex2jar-2.0

dex2jar documentation

Step 2:

Open the jar in JD-GUI

The decompiled source

like image 133
13 revs, 11 users 47% Avatar answered Oct 03 '22 02:10

13 revs, 11 users 47%


To clarify somewhat, there are two major paths you might take here depending on what you want to accomplish:

Decompile the Dalvik bytecode (dex) into readable Java source. You can do this easily with dex2jar and jd-gui, as fred mentions. The resulting source is useful to read and understand the functionality of an app, but will likely not produce 100% usable code. In other words, you can read the source, but you can't really modify and repackage it. Note that if the source has been obfuscated with proguard, the resulting source code will be substantially more difficult to untangle.

The other major alternative is to disassemble the bytecode to smali, an assembly language designed for precisely this purpose. I've found that the easiest way to do this is with apktool. Once you've got apktool installed, you can just point it at an apk file, and you'll get back a smali file for each class contained in the application. You can read and modify the smali or even replace classes entirely by generating smali from new Java source (to do this, you could compile your .java source to .class files with javac, then convert your .class files to .dex files with Android's dx compiler, and then use baksmali (smali disassembler) to convert the .dex to .smali files, as described in this question. There might be a shortcut here). Once you're done, you can easily package the apk back up with apktool again. Note that apktool does not sign the resulting apk, so you'll need to take care of that just like any other Android application.

If you go the smali route, you might want to try APK Studio, an IDE that automates some of the above steps to assist you with decompiling and recompiling an apk and installing it on a device.

In short, your choices are pretty much either to decompile into Java, which is more readable but likely irreversible, or to disassemble to smali, which is harder to read but much more flexible to make changes and repackage a modified app. Which approach you choose would depend on what you're looking to achieve.

Lastly, the suggestion of dare is also of note. It's a retargeting tool to convert .dex and .apk files to java .class files, so that they can be analyzed using typical java static analysis tools.

like image 35
Zach Lipton Avatar answered Oct 03 '22 03:10

Zach Lipton