Android decompile apktool,dex2jar and JD GUI use and one click decompile view apk

In practical application, decompilation has the following purposes:

1. Test the security of the application.
This is undoubtedly the most important, but it is very difficult and needs to be done by people specializing in safety.
2. Decompile other apk s
You can get other resource files. If you want to crack the code, it will be more difficult.
3. Confusion viewing effect
There is also a confusion to see if there is any effect, or there is a problem with the confusion.

The usual usage is to generate the apk of release version through AS, and then decompile it through apktool to obtain the resource file. Convert classes.dex (possibly multiple) to classes.jar through dex2 jar. Then open the jar file through JD GUI to view the decompiled source code.

However, this process is relatively free, and some steps can be completed automatically. These can all be concatenated by writing automatic scripts.

0. Purpose

The main purpose of this blog is actual combat. During Android development, sometimes we need to decompile and view the decompiled source code. The purpose of this blog is to automate this process.
Let's do an analysis first.
Step 1: locate the apk file to be processed
Generally, we generate a signed release apk. The default directory is app/release/app-release.apk.
The general path is unlikely to change, but the apk name may change, usually with a date.
For example: app/release/app-release-1970-01-01.apk

Step 2: generate decompile file to build directory
For the convenience of viewing, we don't want the decompiled files we generated to be scattered everywhere.
We default to a directory like app/build/decompile/app-release-1970-01-01.
Step 3: check the decompiled jar source code
Call JD GUI to view the decompiled jar source code

Next, we will introduce the use of these three decompilers for this purpose. In fact, these three tools are very simple to use. Automated execution saves time.

1. Download

All three tools are open source and free.
apktool: the main decompile tool. It can decompile apk packages, but not dex files.
dex2jar: it is used to decompile dex
JD GUI: java source code viewing tool, which is used to directly view the java source code of the jar package.

apktool:https://ibotpeaches.github.io/Apktool/
dex2jar:https://github.com/pxb1988/dex2jar
jd-gui:https://github.com/java-decompiler/jd-gui/releases

2. Use

2.1 use of apktool

Executing the following command will decompile

java -jar apktool.jar d pathTo/app-release.apk -o pathTo/outputPath


The generated directory is like this. Here we are mainly concerned with two directories
res Directory:
One is the res directory, which contains our resource files, usually stealing other people's icons.
smali Directory:
There is also a smali file, which is full of files ending in. smali. This is actually our source code. But it's a bytecode called smali. Of course, we can't understand it. At this time, we can convert it into jar through dex2 jar tool. It will be introduced later.

One key code implementation

Execute apktool.jar by calling shell command or cmd command through java. Because the jar file is cross platform, the command code is the same.
The following code only implements the most basic commands of apktool.

  

   /**
     * Call apktool
     */
    public static void doApkTool() {
        try {
            File file=new File("app/build/decompile");
            if (file.exists()){
                FileUtils.deleteDirectory(file);
            }
            String[] cmd = {"sh", "-c", "java -jar " + apktool + " d " + sourceApk + " -o "+outPath};
            Process p = Runtime.getRuntime().exec(cmd);//Create an instance process and execute command line code
            p.waitFor();
            p.destroy();
        } catch (Exception e) {
            e.printStackTrace();
        }

    }

Variables used:

 /**
     * Decompile tool directory
     */
    private static String toolsHome = "/home/xzh/Android/tools/";
    /**
     * apktool.jar It is mainly used to decompile and generate smill files
     */
    private static String apktool = toolsHome + "apktool.jar";
    /**
     * Used to view the source code of the decompiled jar package
     */
    private static String jdGui = toolsHome + "jd-gui.jar";
    /**
     * dex2jar Tool for converting. dex into. jar files, but the official website recommends that you directly generate. jar files from apk
     */
    private static String dex2jar=toolsHome+"dex2jar/d2j-dex2jar.sh";

    /**
     * ----------------------------------The following three variables need to be configured-----------------------------------------------------
     */

    /**
     *  Generally, this name is dated and can be used as the name of the decompression package
     */
    private static String apkName = "app-release.apk";

    /**
     * Apk package that needs to be decompiled
     */
    private static String sourceApk = "app/release/" + apkName;
    /**
     * Decompile file generation location
     */
    private static String outPath = "app/build/decompile/"+ apkName.replace(".apk","");

 /**
     * Decompile tool directory
     */
    private static String toolsHome = "/home/xzh/Android/tools/";
    /**
     * apktool.jar It is mainly used to decompile and generate smill files
     */
    private static String apktool = toolsHome + "apktool.jar";
    /**
     * Used to view the source code of the decompiled jar package
     */
    private static String jdGui = toolsHome + "jd-gui.jar";
    /**
     * dex2jar Tool for converting. dex into. jar files, but the official website recommends that you directly generate. jar files from apk
     */
    private static String dex2jar=toolsHome+"dex2jar/d2j-dex2jar.sh";

    /**
     * ----------------------------------The following three variables need to be configured-----------------------------------------------------
     */

    /**
     *  Generally, this name is dated and can be used as the name of the decompression package
     */
    private static String apkName = "app-release.apk";

    /**
     * Apk package that needs to be decompiled
     */
    private static String sourceApk = "app/release/" + apkName;
    /**
     * Decompile file generation location
     */
    private static String outPath = "app/build/decompile/"+ apkName.replace(".apk","");


These files will be generated without accident. Of course, apktool also has the function of packaging files, but this is not important. We focus on realizing the purpose of the beginning. Other functions – just check help, which is very simple. Our goal is to generate jar files. You can convert smali into jar through the dex2 jar tool. Or convert classes.dex to jar. However, we did not find the classes.dex file here. Because the classes.dex file can only be obtained by directly decompressing apk.

Through direct decompression, you can actually get a directory similar to that decompiled through apktool. And there is a classes.dex file. Many online tutorials are about this direct decompression. However, if we just want to see the decompiled jar file. You don't need this apktool tool at all, and you don't need to decompress it. Dex2 jars can generate decompiled jars directly.

Tags: Android

Posted on Wed, 13 Oct 2021 13:44:38 -0400 by Schlo_50