decompiling DEX into Java sourcecode
It's easy
Get these tools:
dex2jar to translate dex files to jar files
jd-gui to view the java files in the jar
The source code is quite readable as dex2jar makes some optimizations.
Procedure:
And here's the procedure on how to decompile:
Step 1:
Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar
d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex
Note 1: In the Windows machines all the
.sh
scripts are replaced by.bat
scripts
Note 2: On linux/mac don't forget about
sh
orbash
. The full command should be:
sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
Note 3: Also, remember to add execute permission to
dex2jar-X.X
directory e.g.sudo chmod -R +x dex2jar-2.0
dex2jar documentation
Step 2:
Open the jar in JD-GUI
Decompiling obfuscated Android dex/jar files into Java source code
There isn't any magical tool that will refactor all your obfuscated code into something meaningful and "clean". Obfuscated code is obfuscated: deal with it.
You can however save the obfuscated source code, create a project with your prefered ide (that support refactor) and manually analize functions and variables and refactor them to something meaninful. This require a lot of time, but eventually you will obtain an almost clean source code.
How can I programmatically decompile dex files within Android?
You can browse the sourcecode of the ShowJava application here. It looks like he is using the the Dex2Jar tool. The decompilation starts in a BackgroundService and all the magic happens in some special Jar classes. I do not know if this code comes from a library or if all this code is created by him. Look at the ExtractJar and the DecompileJar method than it shouldn't be to hard to understand what's going on.
How to decompile an APK or DEX file on Android platform?
You need Three Tools to decompile an APK
file.
Dex2jar - Tools to work with android .dex and java .class files
ApkTool - A tool for reverse engineering Android apk files
JD-GUI - Java Decompiler is a tools to decompile and analyze Java 5 “byte code” and the later versions.
for more how-to-use-dextojar. Hope this will help You and all! :)
Decompile .smali files on an APK
No, APK Manager decompiles the .dex
file into .smali
and binary .xml
to human readable xml.
The sequence (based on APK Manager 4.9) is 22 to select the package, and then 9 to decompile it. If you press 1 instead of 9, then you will just unpack it (useful only if you want to exchange .png images).
There is no tool available to decompile back to .java
files and most probably it won't be any. There is an alternative, which is using dex2jar to transform the dex file in to a .class
file, and then use a jar decompiler (such as the free jd-gui) to plain text java. The process is far from optimal, though, and it won't generate working code, but it's decent enough to be able to read it.
dex2jar: https://github.com/pxb1988/dex2jar
jd-gui: http://jd.benow.ca/
Edit: I knew there was somewhere here in SO a question with very similar answers... decompiling DEX into Java sourcecode
Is it possible to analyze dex file directly with mobsf?
I would try to use dex2jar tool for this purpose. Convert your apk to jar and then analyze it with MobSF. MobSF should work with jar files since this is an archive. I am not sure if it will show the stable behavior, but it can be an option.
As far as I know MobSF also have this package within it's source code, so did you try to load this APK directly to MobSF without changing anything? I think it might work.
Also you can use JADX tool for manual source code analyzing. It should restore the source code from the DEX binaries.
Also observe this issue. MobSF developer suggests to use enjarify instead of dex2jar (2nd answer) and sends the link which explains how to do it.
Related Topics
Firebase Ui Authentication With Google Fails With Message (Code:10 Message:10)
How to Declare a Variable in Gradle Usable in Java
Android 5.0 - Add Header/Footer to a Recyclerview
Selenium: How to Stop Geckodriver Process Impacting Pc Memory, Without Calling Driver.Quit()
Why Does My Arraylist Contain N Copies of the Last Item Added to the List
Convert a String Representation of a Hex Dump to a Byte Array Using Java
Error Java.Lang.Outofmemoryerror: Gc Overhead Limit Exceeded
Create Instance of Generic Type in Java
How to Set Environment Variables from Java
Xss Prevention in Jsp/Servlet Web Application
How to Get the Download Url from Firebase Storage
How to Set Httpresponse Timeout For Android in Java
How to Ping External Ip from Java Android
What Is a Nullpointerexception, and How to Fix It
Difference Between == and Equals() in Java
What Is the Volatile Keyword Useful For
How Does Java Handle Integer Underflows and Overflows and How Would You Check For It