How to Decompile an APK or Dex File on Android Platform

How to decompile an APK or DEX file on Android platform?

You need Three Tools to decompile an APK file.

  1. Dex2jar - Tools to work with android .dex and java .class files

  2. ApkTool - A tool for reverse engineering Android apk files

  3. JD-GUI - Java Decompiler is a tools to decompile and analyze Java 5 “byte code” and the later versions.

for more how-to-use-dextojar. Hope this will help You and all! :)

How to decompile DEX into Java source code?

It's easy

Get these tools:

  1. dex2jar to translate dex files to jar files

  2. jd-gui to view the java files in the jar

The source code is quite readable as dex2jar makes some optimizations.

Procedure:

And here's the procedure on how to decompile:

Step 1:

Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar

d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex

Note 1: In the Windows machines all the .sh scripts are replaced by .bat scripts

Note 2: On linux/mac don't forget about sh or bash. The full command should be:

sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk

Note 3: Also, remember to add execute permission to dex2jar-X.X directory e.g. sudo chmod -R +x dex2jar-2.0

dex2jar documentation

Step 2:

Open the jar in JD-GUI

The decompiled source

Is there a way to get the source code from an APK file?

Simplest way: use the online tool Decompiler, upload the apk and get the source code.

Procedure for decoding .apk files, step-by-step method:

Step 1:

  1. Make a new folder and copy over the .apk file that you want to decode.

  2. Now rename the extension of this .apk file to .zip (rename from filename.apk to filename.zip) and save it. Now you can access the classes.dex files. At this stage, you are able to see drawables, but not the .xml and .java files.

Step 2:

  1. Now extract this .zip file in the same folder or a new folder.

  2. Download dex2jar (Don't download the code, click on the releases button that's on the right, then download that) and extract it to the same folder or a new folder.

  3. Move the classes.dex file into the dex2jar folder.

  4. Now open Command Prompt and change the directory to that folder. Then write d2j-dex2jar classes.dex (for Mac or Ubuntu write ./d2j-dex2jar.sh classes.dex) and press enter. You now have the classes.dex.dex2jar file in the same folder.

  5. Download java decompiler, Right click on jd-gui, click on Open File, and open classes.dex.dex2jar file from that folder: Now you get the class files.

  6. Save all of these class files (In jd-gui, click File -> Save All Sources) by src name. At this stage, you get the Java code but the .xml files are still unreadable.

Step 3:

Now open another new folder

  1. Put in the .apk file which you want to decode

  2. Download the latest version of apktool AND apktool install window (both can be downloaded from the same link) and place them in the same folder

  3. Open the Command Prompt

  4. Now run command apktool if framework-res.apk (if you don't have it get it here)and next

  5. apktool d myApp.apk (myApp.apk denotes the filename that you want to decode)

Now you get a file folder in that folder and can easily read the .xml files.

Step 4:

It's not any step, just copy the contents of both folders (both new folders) to the single one

AND ENJOY THE SOURCE CODE!

How can I programmatically decompile dex files within Android?

You can browse the sourcecode of the ShowJava application here. It looks like he is using the the Dex2Jar tool. The decompilation starts in a BackgroundService and all the magic happens in some special Jar classes. I do not know if this code comes from a library or if all this code is created by him. Look at the ExtractJar and the DecompileJar method than it shouldn't be to hard to understand what's going on.

Reverse engineering from an APK file to a project

There are two useful tools which will generate Java code (rough but good enough) from an unknown APK file.

  1. Download dex2jar tool from dex2jar.

  2. Use the tool to convert the APK file to JAR:
    Windows:

     $ d2j-dex2jar.bat demo.apk
     dex2jar demo.apk -> ./demo-dex2jar.jar

    MacOS / Linux:

     $ d2j-dex2jar.sh -f demo.apk -o demo.jar

  3. Once the JAR file is generated, use JD-GUI to open the JAR file. You will see the Java files.

The output will be similar to:

JD GUI

Then you can use other tools to retrieve the AndroidManifest.xml and resource files (like images, translations, etc...) from the APK file.

  • Apktool

     $ java -jar apktool.jar -q decode -f demo.apk -o outputDir

  • AXMLParser

     $ apkinfo demo.apk

  • NinjaDroid

     $ ninjadroid demo.apk --all --extract

apptool decompile with AND APKTOOL

Procedure for decoding .apk files, step-by-step method:

Step 1:

 1). Make a new folder and copy over the .apk file that you want to decode.
 2). Now rename the extension of this .apk file to .zip (e.g. rename from filename.apk to filename.zip) and save it.
 3). Now you can access the classes.dex files, etc. At this stage you are able to see drawables but not xml and java files, so continue.

Step 2:

 1). Now extract this .zip file in the same folder (or NEW FOLDER).
 2). Download dex2jar and extract it to the same folder (or NEW FOLDER).
 3). Move the classes.dex file into the dex2jar folder.
 4). Now open command prompt and change directory to that folder (or NEW FOLDER). 5). Then write d2j-dex2jar classes.dex (for mac terminal or ubuntu write ./d2j-dex2jar.sh classes.dex) and press enter.
 6). You now have the classes.dex.dex2jar file in the same folder.
 7). Download java decompiler, double click on jd-gui, click on open file, and open classes.dex.dex2jar file from that folder: now you get class files.
 8). Save all of these class files (In jd-gui, click File -> Save All Sources) by src name. At this stage you get the java source but the .xml files are still unreadable, so continue.

Step 3:

 1). Now open another new folder

 2). Put in the .apk file which you want to decode
 3). Download the latest version of apktool AND apktool install window (both can be downloaded from the same link) and place them in the same folder
 4). Open a command window apktool d myApp.apk (where myApp.apk denotes the filename that you want to decode)
 5). now you get a file folder in that folder and can easily read the apk's xml files.

this solutions is extracted from this StactOverflow site Check Here

you can download all the required libraries from here libraries

Where are the android.jar platform class/dex files on a phone or tablet?

Since ART introduction, framework files are stored in optimized format. I'll go over all the releases since then.

Android 5 (Lollipop) till Android 7 (Nougat)

Till Android 8 (Oreo), the optimized dex files were shipped in oat format (which for simplicity can be thought as a container for multiple dex files).

baksmali supports disassembling oat files with a minor limitation:

As of v2.1.0, baksmali now supports deodexing ART oat files. The
minimum supported oat version is 56, which should generally correspond
to Android 6.0/Marshmallow. oat files earlier than this (e.g.
Lollipop) are explicitly not supported, due to some potential issues
related to field ordering.

baksmali's documentation includes detailed examples for how to disassemble framework classes. On Samsung S7 device (with Nougat), I had to first pull all the oat files from /system/framework/arm/ and then execute the following commands:

$ baksmali list dex boot-framework.oat
/system/framework/framework.jar

/system/framework/framework.jar:classes2.dex

/system/framework/framework.jar:classes3.dex

$ baksmali x boot-framework.oat
$ baksmali x boot-framework.oat/system/framework/framework.jar:classes2.dex
$ baksmali x boot-framework.oat/system/framework/framework.jar:classes3.dex
$ ls -l out/android/view/ViewGroup.smali
-rw-r--r-- 1 alex staff 506K Jul 24 12:53 out/android/view/ViewGroup.smali


Android >= Android 8 (Oreo)

Since Android 8 (Oreo), the format has changed, as per vdexExtractor documentation:

Vdex file format has been introduced in the Oreo (API-26) build. More
information is available here.



On Pixel 3 (with Android Pie) device, the android.view.ViewGroup class is stored in /system/framework/boot-framework.vdex optimized dex file. After pulling this file from the device, we can use vdexExtractor (for transforming vdex into dex) and then baksmali (for disassembling dex into smali files).

Note: as mentioned here, Android 9's (or later) files require some extra work:

The Android 9 (Pie) release has introduced a new type of Dex file, the
Compact Dex (Cdex).

Therefore I had to use vdexExtractor's tools/deodex/run.sh script, while for transforming Oreo's vdex files bin/vdexExtractor should be used directly:

~/vdexExtractor-0.5.2$ mkdir output
~/vdexExtractor-0.5.2$ tools/deodex/run.sh -i boot-framework.vdex -o output
[INFO]: Processing 1 input Vdex files

[INFO]: 1 binaries have been successfully deodexed

~/vdexExtractor-0.5.2$ ls output/vdexExtractor_deodexed/boot-framework/
boot-framework_classes.dex boot-framework_classes2.dex boot-framework_classes3.dex

~/vdexExtractor-0.5.2$ baksmali d output/vdexExtractor_deodexed/boot-framework/boot-framework_classes.dex
~/vdexExtractor-0.5.2$ baksmali d output/vdexExtractor_deodexed/boot-framework/boot-framework_classes2.dex
~/vdexExtractor-0.5.2$ baksmali d output/vdexExtractor_deodexed/boot-framework/boot-framework_classes3.dex
~/vdexExtractor-0.5.2$ ls -l out/android/view/ViewGroup.smali
-rw-r--r-- 1 alex staff 502K Jul 24 08:19 out/android/view/ViewGroup.smali


If you prefer Java sources, you can disassemble the dex files using (i.e.) jadx (instead of baksmali).

Decompile .smali files on an APK

No, APK Manager decompiles the .dex file into .smali and binary .xml to human readable xml.

The sequence (based on APK Manager 4.9) is 22 to select the package, and then 9 to decompile it. If you press 1 instead of 9, then you will just unpack it (useful only if you want to exchange .png images).

There is no tool available to decompile back to .java files and most probably it won't be any. There is an alternative, which is using dex2jar to transform the dex file in to a .class file, and then use a jar decompiler (such as the free jd-gui) to plain text java. The process is far from optimal, though, and it won't generate working code, but it's decent enough to be able to read it.

dex2jar: https://github.com/pxb1988/dex2jar

jd-gui: http://jd.benow.ca/

Edit: I knew there was somewhere here in SO a question with very similar answers... decompiling DEX into Java sourcecode


Related Topics

How to Hide Android Soft Keyboard on Edittext

How to Install Android Market App on the Emulator

Why Is My Android Emulator Keyboard in Chinese Character Mode

When Switch Fragment with Swiperefreshlayout During Refreshing, Fragment Freezes But Actually Still Work

How to Add an Image File into JSON Object

Android: Application-Wide Font-Size Preference

Get All Child Views Inside Linearlayout at Once

Extending Relativelayout, and Overriding Dispatchdraw() to Create a Zoomable Viewgroup

Running a Native Library on Android L. Error: Only Position Independent Executables (Pie) Are Supported

Determine When a Viewpager Changes Pages

Remove Vertical Padding from Horizontal Progressbar

Getting "Debuggable" Value of Androidmanifest from Code

How to Import Eclipse Project to Android Studio

Rotate View Hierarchy 90 Degrees

How to Restart Adb Manually from Android Studio

Mapview Inside a Scrollview

Android, How to Create Option Menu

Restrict Edittext to Single Line


Leave a reply



Submit