一、dex文件轉(zhuǎn)為jar文件
1.第一篇
Android 反編譯資料整理
Made by 李文棟 rayleeya@gmail.com
2010-12-13 Monday 于北京
一、反編譯流程圖
準(zhǔn)備工作
假設(shè)我的工作目錄為 $AndroidDecompile,首先要將system.img中(或者說從源碼中編譯好的)幾個(gè)重要的odex文件拷貝到工作目錄中,他們是:core.odex, ext.odex, framework.odex, android.policy.odex, services.odex(也可以放在別的目錄,通過設(shè)置BOOTCLASSPATH指定,默認(rèn)就是當(dāng)前目錄,關(guān)于BOOTCLASSPATH請(qǐng)參考baksmali的幫助信息)。
下載以下工具到 $AndroidDecompile中:
Baksmali :
http://code.google.com/p/smali/downloads/list
Smali :
http://code.google.com/p/smali/downloads/list
Dex2jar :
http://code.google.com/p/dex2jar/downloads/list
JD-GUI (Java Decompile GUI) :
http://java.decompiler.free.fr/?q=jdgui<!--[if !supportNestedAnchors]--><!--[endif]-->
AutoSign :
http://d.download.csdn.net/down/2768910/fjfdszj
Apktool
http://code.google.com/p/android-apktool/downloads/list
假設(shè)我們有一個(gè)應(yīng)用,它的類文件編譯后被單獨(dú)拿了出來,即有兩個(gè)文件app.apk和app.odex,把他們放在$AndroidDecompile下。
1. 使用 baksmali.jar 將 odex 文件分解為 smali 文件
$ java –jar baksmali-1.2.5.jar –x app.odex
如果成功的話,會(huì)在 $AndroidDecompile下生成一個(gè) out目錄,里面是一些以“.smali”為后綴名的文件,在此不深究這些文件的作用。
2. 使用 smali.jar將 out/目錄下的smali文件轉(zhuǎn)換為 classes.dex
$ java -Xmx512M –jar smali-1.2.5.jar out –o classes.dex
classes.dex便是Dalvik VM所使用的編譯后的類文件格式,在正常的apk文件里都會(huì)有。
3. 使用 dex2jar將classes.dex反編譯為jar文件
將下載后的dex2jar壓縮包解壓后,里面會(huì)有dex2jar.sh(和dex2jar.bat)文件,假如classes.dex文件與dex2jar.sh在同一目錄下,使用以下方式將classes.dex反編譯為jar文件:
$dex2jar.sh classes.dex
如果執(zhí)行成功,則會(huì)在當(dāng)前目錄下生成反編譯后的文件classes.dex.dex2jar.jar。
dex2jar即可以操作dex文件,也可以直接操作apk文件,它的使用規(guī)則為:
dex2jar file1.dexORapk file2.dexORapk ...
4. 使用JD-GUI查看反編譯后的jar文件
JD-GUI是一個(gè)可視化的Java反編譯代碼查看器,它可以實(shí)時(shí)的將class文件反編譯成java文件進(jìn)行查看。解壓下載的jd-gui文件,執(zhí)行目錄中的jd-gui可執(zhí)行文件啟動(dòng),然后加載上一步中反編譯好的classes.dex.dex2jar.jar文件即可。
5. 將從odex反編譯后的classes.dex與其他資源文件重新打包成一個(gè)完整的apk
以上我們假設(shè)的情況是應(yīng)用程序編譯后的類文件從apk文件中被剝離出來,下面要做的是如何將上述步驟中得到的classes.dex與apk中的其他文件重新打包成一個(gè)可用的apk。
首先將反編譯后的classes.dex和原先的app.apk(不含classes.dex)重新壓縮成一個(gè)完整的app.apk(apk文件可用壓縮工具打開),也就是說將classes.dex放進(jìn)app.apk中。
將下載的AutoSign文件解壓,可以看到有signapk.jar(還有個(gè)Sign.bat)文件,執(zhí)行以下命令給app.apk文件簽名,就可以生成一個(gè)可以運(yùn)行的apk文件了。
$ java -jar signapk.jar testkey.x509.pem testkey.pk8 app.apk app_signed.apk
6. apktool的使用
網(wǎng)上還有個(gè)工具是apktool,可以對(duì)apk進(jìn)行解析,反編譯資源文件,并將類文件解析成smali文件;同時(shí)還可以將解析后的文件重新打包成apk。功能和以上介紹的幾個(gè)工具類似,它的使用方法如下:
apktool d app.apk and 反編譯 app.apk到文件夾and
apktool b app 從文件夾app重建APK,輸出到ABC\dist\out.apk
具體的使用方法在此不再贅述,請(qǐng)參考官方網(wǎng)站,或者:
http://www.geeka.net/2010/05/apktool-decode-android-google-code/
7. 我的 $AndroidDecompile目錄下的文件的截圖
三、一些工具的幫助信息
1. baksmali 的幫助信息
usage: java -jar baksmali.jar [options] <dex-file>
disassembles and/or dumps a dex file
-?,--help Prints the help message then exits.
-b,--no-debug-info Specify twice for debug options
don't write out debug info (.local,
.param, .line, etc.)
-c,--bootclasspath <BOOTCLASSPATH> The bootclasspath jars to use, for
analysis. Defaults to
core.jar:ext.jar:framework.jar:andro
id.policy.jar:services.jar. If the
value begins with a :, it will be
appended to the default
bootclasspath instead of replacing it
-d,--bootclasspath-dir <DIR> The base folder to look for the
bootclasspath files in. Defaults to
the current directory
-f,--code-offsets Add comments to the disassembly
containing the code offset for each address
-l,--use-locals Output the .locals directive with
the number of non-parameter
registers, rather than the .register
-o,--output <DIR> Directive with the total number of register
the directory where the disassembled
files will be placed. The default is out
-p,--no-parameter-registers Use the v<n> syntax instead of the
p<n> syntax for registers mapped to
method parameters
-r,--register-info <REGISTER_INFO_TYPES> Print the specificed type(s) of
register information for each
instruction. "ARGS,DEST" is the
default if no types are specified.
Valid values are:
ALL: all pre- and post-instruction registers.
ALLPRE: all pre-instruction registers
ALLPOST: all post-instruction registers
ARGS: any pre-instruction registers
used as arguments to the instruction
DEST: the post-instruction
destination register, if any
MERGE: Any pre-instruction register
has been merged from more than 1
different post-instruction register
from its predecessors
FULLMERGE: For each register that
would be printed by MERGE, also show
the incoming register types that
were merged
-s,--sequential-labels Create label names using a
sequential numbering scheme per
label type, rather than using the
bytecode address
-v,--version Prints the version then exits
-x,--deodex Deodex the given odex file. This
option is ignored if the input file
is not an odex file
2. smali 的幫助信息
usage: java -jar smali.jar [options] [--] [<smali-file>|folder]*
assembles a set of smali files into a dex file
-?,--help prints the help message then exits. Specify twice for
debug options
-o,--output <FILE> the name of the dex file that will be written. The default
is out.dex
-v,--version prints the version then exits
3. auto-sign 的幫助信息
SignApk.jar is a tool included with the Android platform source bundle.
testkey.pk8 is the private key that is compatible with the recovery image included in this zip file
testkey.x509.pem is the corresponding certificate/public key
Usage:
java -jar signapk.jar testkey.x509.pem testkey.pk8 update.zip update_signed.zip
4. apktool 的幫助信息
Apktool v1.3.2 - a tool for reengineering Android apk files
Copyright 2010 Ryszard Wi?niewski <brut.alll@gmail.com>
Apache License 2.0 (http://www.apache.org/licenses/LICENSE-2.0)
Usage: apktool [-v|--verbose] COMMAND [...]
COMMANDs are:
d[ecode] [OPTS] <file.apk> [<dir>]
Decode <file.apk> to <dir>.
OPTS:
-s, --no-src
Do not decode sources.
-r, --no-res
Do not decode resources.
-d, --debug
Decode in debug mode. Check project page for more info.
-f, --force
Force delete destination directory.
-t <tag>, --frame-tag <tag>
Try to use framework files tagged by <tag>.
--keep-broken-res
Use if there was an error and some resources were dropped, e.g.:
"Invalid config flags detected. Dropping resources", but you
want to decode them anyway, even with errors. You will have to
fix them manually before building.
b[uild] [OPTS] [<app_path>] [<out_file>]
Build an apk from already decoded application located in <app_path>.
It will automatically detect, whether files was changed and perform
needed steps only.
If you omit <app_path> then current directory will be used.
If you omit <out_file> then <app_path>/dist/<name_of_original.apk>
will be used.
OPTS:
-f, --force-all
Skip changes detection and build all files.
-d, --debug
Build in debug mode. Check project page for more info.
if|install-framework <framework.apk> [<tag>]
Install framework file to your system.
For additional info, see: http://code.google.com/p/android-apktool/
四、參考資料
1. Smali
http://code.google.com/p/smali/
http://www.geeka.net/2010/05/android-apk-odex-classes-dex/
2. ApkTool
http://code.google.com/p/android-apktool/
http://www.geeka.net/2010/05/apktool-decode-android-google-code/
二、jar文件轉(zhuǎn)為dex文件
1.第一篇
可以通過dx工具將jar包中所有的類打包編譯為一個(gè)名為classes.dex的文件,然后通過aapt工具將classes.dex文件重新添加到你的jar包中。命令格式為dx --dex --output=classes.dex destination.jar
aapt add destionation.jar classes.dex。這兩個(gè)工具都在android sdk目錄中的platform/tools目錄中,可提前將目錄加到環(huán)境變量中,方便執(zhí)行。另外這兩個(gè)命令其實(shí)是個(gè)腳本文件,在linux下執(zhí)行的時(shí)候別忘了加上路徑,如:./dx or ./aapt,否則提示無法找到命令,或者將tools加入環(huán)境變量,就可以不用加路徑標(biāo)識(shí)了。具體的dx工具使用參數(shù)可在linux的命令行終端下輸入dx查詢。
聯(lián)系客服