Decompiling Dex into Java Sourcecode

decompiling DEX into Java sourcecode

It's easy

Get these tools:

1. dex2jar to translate dex files to jar files

2. jd-gui to view the java files in the jar

The source code is quite readable as dex2jar makes some optimizations.

Procedure:

And here's the procedure on how to decompile:

Step 1:

Convert classes.dex in test_apk-debug.apk to test_apk-debug_dex2jar.jar

d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk
d2j-dex2jar.sh -f -o output_jar.jar dex_to_decompile.dex

Note 1: In the Windows machines all the .sh scripts are replaced by .bat scripts

Note 2: On linux/mac don't forget about sh or bash. The full command should be:

sh d2j-dex2jar.sh -f -o output_jar.jar apk_to_decompile.apk 

Note 3: Also, remember to add execute permission to dex2jar-X.X directory e.g. sudo chmod -R +x dex2jar-2.0

dex2jar documentation

Step 2:

Open the jar in JD-GUI

Decompiling obfuscated Android dex/jar files into Java source code

There isn't any magical tool that will refactor all your obfuscated code into something meaningful and "clean". Obfuscated code is obfuscated: deal with it.

You can however save the obfuscated source code, create a project with your prefered ide (that support refactor) and manually analize functions and variables and refactor them to something meaninful. This require a lot of time, but eventually you will obtain an almost clean source code.

How can I programmatically decompile dex files within Android?

You can browse the sourcecode of the ShowJava application here. It looks like he is using the the Dex2Jar tool. The decompilation starts in a BackgroundService and all the magic happens in some special Jar classes. I do not know if this code comes from a library or if all this code is created by him. Look at the ExtractJar and the DecompileJar method than it shouldn't be to hard to understand what's going on.

How to decompile an APK or DEX file on Android platform?

You need Three Tools to decompile an APK file.

1. Dex2jar - Tools to work with android .dex and java .class files

2. ApkTool - A tool for reverse engineering Android apk files

3. JD-GUI - Java Decompiler is a tools to decompile and analyze Java 5 “byte code” and the later versions.

for more how-to-use-dextojar. Hope this will help You and all! :)

Decompile .smali files on an APK

No, APK Manager decompiles the .dex file into .smali and binary .xml to human readable xml.

The sequence (based on APK Manager 4.9) is 22 to select the package, and then 9 to decompile it. If you press 1 instead of 9, then you will just unpack it (useful only if you want to exchange .png images).

There is no tool available to decompile back to .java files and most probably it won't be any. There is an alternative, which is using dex2jar to transform the dex file in to a .class file, and then use a jar decompiler (such as the free jd-gui) to plain text java. The process is far from optimal, though, and it won't generate working code, but it's decent enough to be able to read it.

dex2jar: https://github.com/pxb1988/dex2jar

jd-gui: http://jd.benow.ca/

Edit: I knew there was somewhere here in SO a question with very similar answers... decompiling DEX into Java sourcecode

Is it possible to analyze dex file directly with mobsf?

I would try to use dex2jar tool for this purpose. Convert your apk to jar and then analyze it with MobSF. MobSF should work with jar files since this is an archive. I am not sure if it will show the stable behavior, but it can be an option.

As far as I know MobSF also have this package within it's source code, so did you try to load this APK directly to MobSF without changing anything? I think it might work.

Also you can use JADX tool for manual source code analyzing. It should restore the source code from the DEX binaries.

Also observe this issue. MobSF developer suggests to use enjarify instead of dex2jar (2nd answer) and sends the link which explains how to do it.

---

Related Topics