Convert a decompilation document

Android decompilation data sorting

Made by Lee Wandong rayleeya@gmail.com

Monday in Beijing

I. decompilation Flowchart

Ii. How to use the tool (command)

Preparations

Assume that my working directory is $ androiddecompile. several important odex files in IMG (or compiled from source code) are copied to the working directory: core. odex, ext. odex, framework. odex, android. policy. odex, services. odex (you can also put it in another directory, which is specified by setting bootclasspath. The default directory is the current directory. For more information about bootclasspath, see baksmali help ).

 

Download the following tool to $ androiddecompile:

Baksmali:

Http://code.google.com/p/smali/downloads/list

 

Smali:

Http://code.google.com/p/smali/downloads/list

 

Dex2jar:

Http://code.google.com/p/dex2jar/downloads/list

 

JD-GUI (Java decompile GUI ):

Http://java.decompiler.free.fr /? Q = jdgui <! -- [If! Supportnestedanchors] --> <! -- [Endif] -->

 

Autosign:

Http://d.download.csdn.net/down/2768910/fjfdszj

 

Apktool

Http://code.google.com/p/android-apktool/downloads/list

 

Assume that we have an application. After compiling and translating the corresponding class files, we can find two app.apk files and App. odex files and put them under $ androiddecompile.

 

1. Use baksmali. jar to break down odex files into smali files

$ Java-jar baksmali-1.2.5.jar-x app. odex

If it succeeds, an out directory will be generated under $ androiddecompile, which contains some files suffixed with ". smali" and will not be further explored here.

 

2. Use smali. jar to convert the smali file in the out/directory to classes. Dex

$ Java-xmx512m-jar smali-1.2.5.jar out-O classes. Dex

Classes. Dex is the compiled class file format used by Dalvik Vm, which is available in normal APK files.

 

3. Use dex2jar to decompile classes. Dex into a jar file.

After extracting the downloaded dex2jar package, there will be dex2jar. sh (and dex2jar. BAT) file, for example, classes. dex file and dex2jar. SH is in the same directory. dex decompilation into a jar file:

$ Dex2jar. Sh classes. Dex

If the execution is successful, the decompiled file classes. Dex. dex2jar. jar will be generated in the current directory.

Dex2jar can be used to operate the DEX file or the APK file. Its usage rules are as follows:

Dex2jar file1.dexorapk file2.dexorapk...

 

4. Use the JD-GUI to view the decompiled JAR File

JD-GUI is a visual Java decompilation code viewer, which can decompile class files into java files in real time for viewing. Decompress the downloaded JD-Gui file, start the jd-Gui executable file in the execution directory, and load the decompiled classes. Dex. dex2jar. jar file in the previous step.

 

5. repackage the classes. Dex decompiled from odex with other resource files into a complete APK.

The above assumption is that the class file compiled by the application is stripped from the APK file. The following describes how to obtain the classes obtained in the above steps. dex and other files in the APK are repackaged into an available APK.

Running.

Then, you can generate a running APK file.

$ Java-jar signapk. Jar testkey. x509.pem testkey. pk8 app.apk app_signed.apk

 

6. Use apktool

There is also an apktool on the Internet, which can parse the APK, decompile the resource file, parse the class file into a smali file, and repackage the parsed file into an APK. Similar to the tools described above, the function is used as follows:

Apktool D app.apk and decompile app.apk to the folder and

Apktool B app re-creates an APK from the folder app and outputs it to ABC \ Dist \ out.apk.

The specific usage is not described here. Please refer to the official website or:

Http://www.geeka.net/2010/05/apktool-decode-android-google-code/

 

7. My $ androiddecompile directory files

 

 

Iii. Help information of some tools

1. baksmali help information

Usage: Java-jar baksmali. Jar [Options] <Dex-File>

Disassembles and/or dumps a DEX File

-?, -- Help prints the help message then exits.

-B, -- no-debug-Info specify twice for debug options

Don't write out debug info (. Local,

. Param,. Line, etc .)

-C, -- bootclasspath <bootclasspath> the bootclasspath jars to use,

Analysis. defaults

Core. jar: Ext. jar: Framework. jar: Andro

Id. Policy. jar: services. Jar. If

Value begins with a:, it will be

Appended to the default

Bootclasspath instead of replacing it

-D, -- bootclasspath-Dir <dir> the base folder to look for

Bootclasspath files in. defaults

The current directory

-F, -- code-offsets add comments to the Disassembly

Containing the Code offset for each address

-L, -- use-locals output the. Locals directive

The number of non-parameter

Registers, rather than the. Register

-O, -- output <dir> directive with the total number of register

The directory where the disassembled

Files will be placed. The default is out

-P, -- no-parameter-Registers use the v <n> syntax instead of

P <n> syntax for registers mapped

Method Parameters

-R, -- register-info <register_info_types> Print the specificed type (s)

Register information for each

Instruction. "ARGs, DEST" is

Default if no types are specified.

Valid values are:

ALL: all pre-and post-instruction registers.

Allpre: all pre-instruction registers

Allpost: all post-instruction registers

ARGs: any pre-instruction registers

Used as arguments to the instruction

DeST: the post-Instruction

Destination register, if any

Merge: any pre-instruction register

Has been merged from more than 1

Different post-instruction register

From its predecessors

Fullmerge: For each register that

Wocould be printed by merge, also show

The incoming register types that

Were merged

-S, -- sequential-labels create label names using

Sequential numbering scheme per

Label type, rather than using

Bytecode address

-V, -- version prints the version then exits

-X, -- deodex the given odex file. This

Option is ignored if the input file

Is not an odex File

 

2. Help information of smali

Usage: Java-jar smali. Jar [Options] [--] [<smali-File> | folder] *

Assembles a set of smali files into a DEX File

-?, -- Help prints the help message then exits. Specify twice

Debug options

-O, -- output <File> The Name Of The Dex file that will be written. The default

Is out. Dex

-V, -- version prints the version then exits

 

3. Auto-sign help information

Signapk. jar is a tool encoded with the Android platform source bundle.

Testkey. pk8 is the private key that is compatible with the recovery image encoded in this zip file

Testkey. x509.pem is the corresponding certificate/Public Key

 

Usage:

Java-jar signapk. Jar testkey. x509.pem testkey. pk8 update.zip update_signed.zip

 

4. apktool help information

Apktool v1.3.2-A Tool for reengineering Android APK files

Copyright 2010 Ryszard wi? Niewski <brut.alll@gmail.com>

Apache license 2.0 (http://www.apache.org/licenses/LICENSE-2.0)

 

Usage: apktool [-v | -- verbose] command [...]

 

Commands are:

 

D [ecode] [opts] <file.apk> [<dir>]

Decode <file.apk> to <dir>.

 

Opts:

 

-S, -- no-Src

Do not decode sources.

-R, -- no-res

Do not decode resources.

-D, -- debug

Decode in debug mode. Check project page for more info.

-F, -- force

Force Delete destination directory.

-T <tag>, -- frame-tag <tag>

Try to use framework files tagged by <tag>.

-- Keep-broken-res

Use if there was an error and some resources were dropped, e.g .:

"Invalid config flags detected. Dropping resources", but you

Want to decode them anyway, even with errors. You will have

Fix them manually before building.

B [uild] [opts] [<app_path>] [<out_file>]

Build an APK from already decoded application located in <app_path>.

 

It will automatically detect, whether files was changed and perform

Needed steps only.

 

If you omit <app_path> then current directory will be used.

If you omit <out_file> then <app_path>/Dist/<name_of_original.apk>

Will be used.

 

Opts:

 

-F, -- force-all

Skip changes detection and build all files.

-D, -- debug

Build in debug mode. Check project page for more info.

 

If | install-framework <framework.apk> [<tag>]

Install framework file to your system.

For additional info, see: http://code.google.com/p/android-apktool/

Iv. References

1. smali

Http://code.google.com/p/smali/

Http://www.geeka.net/2010/05/android-apk-odex-classes-dex/

 

2. apktool

Http://code.google.com/p/android-apktool/

Http://www.geeka.net/2010/05/apktool-decode-android-google-code/