如何将Android DEX(虚拟机字节码)文件反编译成相应的Java源代码?


当前回答

我建议大家去这里看看: https://github.com/JesusFreke/smali

它提供了BAKSMALI,这是用于DEX文件的最优秀的逆向工程工具。 它是由JesusFreke制作的,他为Android创造了著名的rom。

其他回答

在使用dex2jar/apktool时,有时会出现坏代码,最明显的是在循环中。为了避免这种情况,可以使用jadx,它可以将dalvik字节码反编译成java源代码,而不需要像dex2jar那样先创建.jar/.class文件(我认为apktool使用dex2jar)。它也是开源的,正在积极开发中。它甚至有一个GUI,专为GUI爱好者设计。试一试!

下载APK文件后,您需要执行以下步骤以获得可编辑的java代码/文档。

Convert your apk file to zip (while start your download don't go with "save" option , just go with "save as" and mention your extension as .zip) by doing like this you may avoid APKTOOL... Extract the zip file , there you can find somefilename.dex. so now we need to convert dex -> .class To do that, you need "dex2jar"(you can download it from http://code.google.com/p/dex2jar/ , after extracted, in command prompt you have to mention like, [D:\dex2jar-0.09>dex2jar somefilename.dex] (Keep in mind that your somefilename.dex must be inside the same folder where you have keep your dex2jar.) Download jad from http://www.viralpatel.net/blogs/download/jad/jad.zip and extract it. Once extracted you can see two files like "jad.exe" and "Readme.txt" (sometimes "jad.txt" may there instead of "jad.exe", so just rename its extension as.exe to run) Finally, in command prompt you have to mention like [D:\jad>jad -sjava yourfilename.class] it will parse your class file into editable java document.

Android逆向工程是可能的 . 按照以下步骤从apk文件中获取.java文件。

步骤1。使用dex2jar

从。apk文件生成。jar文件 命令:dex2jar sampleApp.apk

步骤2。使用JD-GUI反编译.jar

它会反编译。class文件,也就是说,我们会从apk中得到模糊的。java文件。

需要澄清的是,根据你想要实现的目标,你可以采取两种主要的方法:

将Dalvik字节码(dex)反编译为可读的Java源代码。正如fred提到的,使用dex2jar和jd-gui可以很容易地做到这一点。得到的源代码对于阅读和理解应用程序的功能是有用的,但可能不会产生100%可用的代码。换句话说,您可以读取源代码,但不能真正地修改和重新打包它。请注意,如果源代码使用proguard进行了混淆,那么最终的源代码将更加难以理清。

The other major alternative is to disassemble the bytecode to smali, an assembly language designed for precisely this purpose. I've found that the easiest way to do this is with apktool. Once you've got apktool installed, you can just point it at an apk file, and you'll get back a smali file for each class contained in the application. You can read and modify the smali or even replace classes entirely by generating smali from new Java source (to do this, you could compile your .java source to .class files with javac, then convert your .class files to .dex files with Android's dx compiler, and then use baksmali (smali disassembler) to convert the .dex to .smali files, as described in this question. There might be a shortcut here). Once you're done, you can easily package the apk back up with apktool again. Note that apktool does not sign the resulting apk, so you'll need to take care of that just like any other Android application.

如果你走的是一条小路线,你可能想尝试APK Studio,它是一个IDE,可以自动执行上面的一些步骤,帮助你反编译和重新编译APK,并将其安装到设备上。

简而言之,你的选择是要么反编译成Java,后者可读性更强,但可能不可逆;要么反汇编成smalli,后者更难阅读,但更灵活地进行更改和重新打包修改后的应用。你选择哪种方法取决于你想要实现的目标。

最后,大胆的建议也是值得注意的。这是一个重新定位的工具,可以将.dex和.apk文件转换为java .class文件,这样就可以使用典型的java静态分析工具来分析它们。

我用过

Dex2jar + jd-gui javadecompilers.com enjarify Apktool

但没有比谷歌自己的工具更好的了

1)Android Studio 2.x: 构建>分析apk

2)Android Studio 3.0: 配置文件或调试APK