How and what exactly converts the java byte-code to dex file in Android ?
I know that the only part Android people have done to save them from licensing issues, making the system fast for execution, low memory need and other more features as it is register based VM.
But what name I can tell to the part it doing so?
Go through bellow url and read all details
Detail URL
The general process for a typical build is outlined below:
The Android Asset Packaging Tool (aapt) takes your application resource files, such as the AndroidManifest.xml file and the XML files for your Activities, and compiles them. An R.java is also produced so you can reference your resources from your Java code.
The aidl tool converts any .aidl interfaces that you have into Java interfaces.
All of your Java code, including the R.java and .aidl files, are
compiled by the Java compiler and .class files are output.
The dex tool converts the .class files to Dalvik byte code. Any 3rd party libraries and .class files that you have included in your project are also converted into .dex files so that they can be packaged into the final .apk file.
All non-compiled resources (such as images), compiled resources, and
the .dex files are sent to the apkbuilder tool to be packaged into
an .apk file.
Once the .apk is built, it must be signed with either a debug or release key before it
can be installed to a device.
Finally, if the application is being signed in release mode, you
must align the .apk with the zipalign tool. Aligning the final .apk
decreases memory usage when the application is running on a device.
I have an enterprise app which I am deploying manually (no Google Play) which uses a number of .so libraries for mapping (ArcGIS). However, the .so files (arm, armv7a, x86) in the libs folder blow the .apk size out from 3mb to 21mb. I dont particularly want to remove one of the .so files (removing support for that architecture), or mess around with one .apk per architecture.
Can anyone think of a way I can update my app without including the .so files in each update .apk?
Yes, you can have the Java portion of your app manually download the appropriate .so files into your app's internal storage folder and mark them executable.
You will then have to load them with System.load() and the full pathname of the .so file, rather than System.loadLibrary() and the trimmed library name.
The biggest issue here is that you are now responsible for matching the ABI's yourself, and more importantly, providing your own protection against being tricked into installing a modified or imposter library which might do something nefarious in the name of your app and using it's permissions.
Of course you have to make sure not to try to call any of the native methods before you have installed them.
You could also consider delivering the .so files as binary assets each in its own skeleton .apk having a shared user id (and matching certificate) as your main .apk
Or you could simply make platform-specific .apk's for each target, containing only one .so, and have your distribution system pick the right ones (though that doesn't help with the upgrade problem).
How can one decompile Android DEX (VM bytecode) files into corresponding Java source code?
It's easy
Get these tools:
dex2jar to translate dex files to jar files
jd-gui to view the java files in the jar
The source code is quite readable as dex2jar makes some optimizations.
Procedure:
And here's the procedure on how to decompile:
Step 1:
Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar
d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex
Note 1: In the Windows machines all the .sh scripts are replaced by .bat scripts
Note 2: On linux/mac don't forget about sh or bash. The full command should be:
sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
Note 3: Also, remember to add execute permission to dex2jar-X.X directory e.g. sudo chmod -R +x dex2jar-2.0
dex2jar documentation
Step 2:
Open the jar in JD-GUI
To clarify somewhat, there are two major paths you might take here depending on what you want to accomplish:
Decompile the Dalvik bytecode (dex) into readable Java source. You can do this easily with dex2jar and jd-gui, as fred mentions. The resulting source is useful to read and understand the functionality of an app, but will likely not produce 100% usable code. In other words, you can read the source, but you can't really modify and repackage it. Note that if the source has been obfuscated with proguard, the resulting source code will be substantially more difficult to untangle.
The other major alternative is to disassemble the bytecode to smali, an assembly language designed for precisely this purpose. I've found that the easiest way to do this is with apktool. Once you've got apktool installed, you can just point it at an apk file, and you'll get back a smali file for each class contained in the application. You can read and modify the smali or even replace classes entirely by generating smali from new Java source (to do this, you could compile your .java source to .class files with javac, then convert your .class files to .dex files with Android's dx compiler, and then use baksmali (smali disassembler) to convert the .dex to .smali files, as described in this question. There might be a shortcut here). Once you're done, you can easily package the apk back up with apktool again. Note that apktool does not sign the resulting apk, so you'll need to take care of that just like any other Android application.
If you go the smali route, you might want to try APK Studio, an IDE that automates some of the above steps to assist you with decompiling and recompiling an apk and installing it on a device.
In short, your choices are pretty much either to decompile into Java, which is more readable but likely irreversible, or to disassemble to smali, which is harder to read but much more flexible to make changes and repackage a modified app. Which approach you choose would depend on what you're looking to achieve.
Lastly, the suggestion of dare is also of note. It's a retargeting tool to convert .dex and .apk files to java .class files, so that they can be analyzed using typical java static analysis tools.
I'd actually recommend going here:
https://github.com/JesusFreke/smali
It provides BAKSMALI, which is a most excellent reverse-engineering tool for DEX files.
It's made by JesusFreke, the guy who created the fameous ROMs for Android.
Since Dheeraj Bhaskar's answer is relatively old as many years past.
Here is my latest (2019 year) answer:
Main Logic
from dex to java sourcecode, currently has two kind of solution:
One Step: directly convert dex to java sourcecode
Two Step: first convert dex to jar, second convert jar to java sourcecode
One step solution: dex directly to java sourcecode
Tools
jadx
Process
download jadx-0.9.0.zip, unzip it, in bin folder can see command line jadx or GUI version jadx-gui, double click to run GUI version: jadx-gui
open dex file
then can show java source code:
File -> save as gradle project
then got java sourcecode:
Two Step solution
Step1: dex to jar
Tools
dex2jar
Process
download dex2jar zip, unzip got d2j-dex2jar.sh, then:
apk to jar: sh d2j-dex2jar.sh -f ~/path/to/apk_to_decompile.apk
dex to jar: sh d2j-dex2jar.sh -f ~/path/to/dex_to_decompile.dex
example:
➜ v3.4.8 /Users/crifan/dev/dev_tool/android/reverse_engineering/dex-tools/dex-tools-2.1-SNAPSHOT/d2j-dex2jar.sh -f com.huili.readingclub8825612.dex
dex2jar com.huili.readingclub8825612.dex -> ./com.huili.readingclub8825612-dex2jar.jar
➜ v3.4.8 ll
-rw------- 1 crifan staff 9.5M 3 21 10:00 com.huili.readingclub8825612-dex2jar.jar
-rw------- 1 crifan staff 8.4M 3 19 14:04 com.huili.readingclub8825612.dex
Step2: jar to java sourcecode
Tools
jd-gui: most popular, but many code will decompile error
CRF: popular, minor code will decompile error
Procyon: popular, no code decompile error
GUI tool based on Procyon
Luyten:
Bytecode Viewer
others
Krakatau
Fernflower
old one: AndroChef
etc.
Process
here demo Procyon convert jar to java source code:
download procyon-decompiler-0.5.34.jar
then using syntax:
java -jar /path/to/procyon-decompiler-0.5.34.jar -jar your_to_decompile.jar -o outputFolderName
example:
java -jar /Users/crifan/dev/dev_tool/android/reverse_engineering/Procyon/procyon-decompiler-0.5.34.jar -jar com.huili.readingclub8825612-dex2jar.jar -o com.huili.readingclub8825612
using editor VSCode to open exported source code, look like this:
Conclusion
Conversion correctness : Jadx > Procyon > CRF > JD-GUI
Recommend use: (One step solution's) Jadx
for more detailed explanation, please refer my online Chinese ebook: 安卓应用的安全和破解
A more complete version of fred's answer:
Manual way
First you need a tool to extract all the (compiled) classes on the DEX to a JAR.
There's one called dex2jar, which is made by a chinese student.
Then, you can use jd-gui to decompile the classes on the JAR to source code.
The resulting source should be quite readable, as dex2jar applies some optimizations.
Automatic way
You can use APKTool. It will automatically extract all the classes (.dex), resources (.asrc), then it will convert binary XML to human-readable XML, and it will also dissassemble the classes for you.
Disassembly will always be more robust than decompiling, especially with
JARs obfuscated with Pro Guard!
Just tell APKTool to decode the APK into a directory, then modify what you want,
and finally encode it back to an APK. That's all.
Important: APKTool dissassembles. It doesn't decompile.
The generated code won't be Java source.
But you should be able to read it, and even edit it if you're familiar with jasmin.
If you want Java source, please go over the Manual way.
Sometimes you get broken code, when using dex2jar/apktool, most notably in loops. To avoid this, use jadx, which decompiles dalvik bytecode into java source code, without creating a .jar/.class file first as dex2jar does (apktool uses dex2jar I think). It is also open-source and in active development. It even has a GUI, for GUI-fanatics. Try it!
I have used
dex2jar + jd-gui
javadecompilers.com
enjarify
Apktool
But none beats google's own tools
1)Android Studio 2.x:
build> analyze apk
2)Android Studio 3.0:
Profile or Debug APK
Since no one mentioned this, there's one more tool: DED homepage
Install how-to and some explanations: Installation.
It was used in a quite interesting study of the security of top market apps(not really related, just if you're curious): A Survey of Android Application Security
Once you downloaded your APK file , You need to do the following steps to get a editable java code/document.
Convert your apk file to zip (while start your download don't go with "save" option , just go with "save as" and mention your extension as .zip) by doing like this you may avoid APKTOOL...
Extract the zip file , there you can find somefilename.dex. so now we need to convert dex -> .class
To do that, you need "dex2jar"(you can download it from http://code.google.com/p/dex2jar/ , after extracted, in command prompt you have to mention like, [D:\dex2jar-0.09>dex2jar somefilename.dex] (Keep in mind that your somefilename.dex must be inside the same folder where you have keep your dex2jar.)
Download jad from http://www.viralpatel.net/blogs/download/jad/jad.zip and extract it. Once extracted you can see two files like "jad.exe" and "Readme.txt" (sometimes "jad.txt" may there instead of "jad.exe", so just rename its extension as.exe to run)
Finally, in command prompt you have to mention like [D:\jad>jad -sjava yourfilename.class] it will parse your class file into editable java document.
Android Reverse Engineering is possible
. Follow these steps to get .java file from apk file.
Step1 . Using dex2jar
Generate .jar file from .apk file
command : dex2jar sampleApp.apk
Step2 . Decompiling .jar using JD-GUI
it decompiles the .class files i.e., we'll get obfuscated .java back from the apk.
With Dedexer, you can disassemble the .dex file into dalvik bytecode (.ddx).
Decompiling towards Java isn't possible as far as I know.
You can read about dalvik bytecode here.
Recent Debian have Python package androguard:
Description-en: full Python tool to play with Android files
Androguard is a full Python tool to play with Android files.
* DEX, ODEX
* APK
* Android's binary xml
* Android resources
* Disassemble DEX/ODEX bytecodes
* Decompiler for DEX/ODEX files
Install corresponding packages:
sudo apt-get install androguard python-networkx
Decompile DEX file:
$ androdd -i classes.dex -o ./dir-for-output
Extract classes.dex from Apk + Decompile:
$ androdd -i app.apk -o ./dir-for-output
Apk file is nothing more that Java archive (JAR), you may extract files from archive via:
$ unzip app.apk -d ./dir-for-output
A lot has changed since most of these answers were posted. Now-a-days there a are many easy tools with GUI's, like these:
APK Easy Tool for Windows (GUI tool, friendly)
Bytecode Viewer - APK/Java Reverse Engineering Suite
URET Android Reverser Toolkit
Best place to find them is on the XDA Developers forum.
You might try JADX (https://bitbucket.org/mstrobel/procyon/wiki/Java%20Decompiler), this is a perfect tool for DEX decompilation.
And yes, it is also available online on (my :0)) new site: http://www.javadecompilers.com/apk/
This can be done in following five steps:
This gem does these things for you automatically even the installation of required tools
convert apk file to zip
unzip the file
extract classes.dex from it
use dex to jar to convert classes.dex into jar file
use jadx gui to open the jar file as java source code
Easiest method to decompile an android app is to download an app named ShowJava from playstore . Just select the application that needs to be decompiled from the list of applications. There are three different decompiler you can use to decompile an app namely -
CFR 0.110, JaDX 0.6.1 or FernFlower (analytical decompiler) .
If you're not looking to download dex2jar, then just use the apk_grabber python script to decompile any apk into jar files. Then you read them with jd-gui.
This question already has answers here:
What are .dex files in Android?
(3 answers)
Closed 7 months ago.
When opening an APK file with WinRar (software to open compressed files). I got a bunch of files packed inside the APK. Among them classes.dex is one. My question is what is the role of this file and if we modify/delete the same file will it affect the APK?
.dex file
Compiled Android application code file.
From Android API GUIDES
Android programs are compiled into .dex (Dalvik Executable) files, which are in turn zipped into a single .apk file on the device. .dex files can be created by automatically translating compiled applications written in the Java programming language.
And yes if you will delete those files it will effect APK.
classes.dex is essentially all of the application logic. Code of the given application is written in java and then compiled to class files, then these class files are cross compiled (with many optimisations) to dalvik VM format. Note that there also might be some .so files which are also application code but these are generated when NDK is used.
You can not delete this file. You could however change it by first running this utility https://github.com/JesusFreke/smali which will generate smali code from this compiled dex which is somewhat similar to java and could be understood. You could also use tools ApkOneClick or ApkMultiTool to get Java source from the smali files but these would probably not be perfect and will require further fixing. When you change the code you want you should build the classes.dex again and put them into existing zip/apk file you have. Note that then existing certificate files (META-INF) will not be valid anymore and you will need to delete this folder and resign the apk package in order to instal it on the phone or emulator.
For more info you could check this question too What are .dex files in Android?
Also this is a great tutorial on disassembling dex files using existing tools http://blog.vogella.com/2011/02/14/disassemble-android-dex
What is the role of this file?
The role of classes.dex in Android is similar to that of JAR files in plain Java. It's a file containing bytecodes. In Android case, the bytecode is Dalvik bytecode, which is different from Java bytecode.
If we modify/delete the same file will it effect the apk?
If you modify classes.dex, you are modifying the programs behavior, which may or may not work after a repackage. If you delete classes.dex, then your application doesn't have code and you shouldn't expect it to work.
.dex file in the apk is the compress file which is made up of all the java classes in the application code. Its different than jar file. A jar file is a collection of .class files which are isolated. If we unzip .jar, we get all the classes separately. On the other side, .dex file is a single file made up with all .class file from application code.
Code compilation flow :
multiple .java files --> multiple .classes files --> a single .dex file
.dex files are the executables which are executed by the DVM...Dalvik Virtual Machine, which is a Runtime for Android.
.dex will never include resources. Resources are separately maintained in the /res folder in .apk
Are the users able to convert the apk file of my application back to the actual code?
If they do - is there any way to prevent this?
First, an apk file is just a modified jar file. So the real question is can they decompile the dex files inside. The answer is sort of. There are already disassemblers, such as dedexer and smali. You can expect these to only get better, and theoretically it should eventually be possible to decompile to actual Java source (at least sometimes). See the previous question decompiling DEX into Java sourcecode.
What you should remember is obfuscation never works. Choose a good license and do your best to enforce it through the law. Don't waste time with unreliable technical measures.
Decompilation of APK file is possible. But it might be difficult to understand the code if it is obfuscated.
Use Aapt (part of the Android SDK) or AXMLParser (from AndroGuard) to analyse and view info of an APK File
Retrieves the content of the AndroidManifest.xml file
Shows various information (e.g. permissions, activities, services, broadcast receivers, ...)
Command:
Aapt
aapt dump badging sampleApp.apk
aapt dump permissions sampleApp.apk
aapt dump xmltree sampleApp.apk
AXMLParser
apkinfo sampleApp.apk
Use ApkTool or NinjaDroid to disassemble and view the resources of an APK File
Disassembles the bytecode to smali/assembly
Extracts the AndroidManifest.xml, the CERT.RSA file and everything in res folder (layout xml files, images, htmls used on webview etc..)
Command:
ApkTool
apktool.bat d sampleApp.apk
java -jar apktool.jar -q decode -f sampleApp.apk -o myOutputDir
NinjaDroid
ninjadroid MyApk.apk --all --extract myOutputDir/
NOTE: You can achieve something similar by using zip utility like 7-zip. But, these tools also extract the .smali files of all .class files.
Use dex2jar to decompile the DEX files of an APK File into Java code
Generates the .jar file from a .apk file (note that the Java code of Android apps is usually obfuscated)
Needs JD-GUI to view the source code from the output .jar file
Command:
dex2jar sampleApp.apk
d2j-dex2jar.sh -f sampleApp.apk -o myOutputDir/sampleApp.jar
Use JD-GUI to view the .jar file
Decompiles the .class files (obfuscated in a case of Android apps, but not in a case of other .jar files) and shows the corresponding Java code
I may also add, that nowadays it is possible to decompile Android application online, no software needed!
Here are 2 options for you:
http://www.decompileandroid.com/
http://www.javadecompilers.com/apk
Are the users able to convert the apk file of my application back to the actual code?
yes.
People can use various tools to:
analysis: your apk
decode/hack your apk
using FDex2 to dump out dex file
then using dex2jar to convert to jar
then using jadx to conver to java source code
If they do - is there any way to prevent this?
yes. Several (can combined) ways to prevent (certain degree) this:
low level: code obfuscation
using Android ProGuard
high level: use android harden scenario
such as
Tecent Legu=腾讯乐固
qihoo 360=360加固宝
More details can refer my Chinese tutorial: 安卓应用的安全和破解
Download this jadx tool https://sourceforge.net/projects/jadx/files/
Unzip it and than in lib folder run jadx-gui-0.6.1.jar file now browse your apk file.
It's done. Automatically apk will decompile and save it by pressing save button.
Hope it will work for you.
Thanks
Sometimes you get broken code, when using dex2jar/apktool, most notably in loops. To avoid this, use jadx, which decompiles dalvik bytecode into java source code, without creating a .jar/.class file first as dex2jar does (apktool uses dex2jar I think). It is also open-source and in active development. It even has a GUI, for GUI-fanatics. Try it!
Yes, there are tons of software available to decompile a .apk file.
Recently, I had compiled an ultimate list of 47 best APK decompilers on my website. I arranged them into 4 different sections.
Open Source APK Decompilers
Online APK Decompilers
APK Decompiler for Windows, Mac or Linux
APK Decompiler Apps
I hope this collection will be helpful to you.
Link: https://www.edopedia.com/blog/best-apk-decompilers/