反编译android APK

我们经常会在如下的情况使用反编译

1、看到别人应用中的酷炫功能，想知道是如何实现的

2、别人应用的素材排版好漂亮，想套用模仿

百度一下就已经有一大堆反编译的教程了，我还是坚持学习记录一下。

Android导出的APK其实与普通的压缩包没啥区别，我们随意用一个压缩工具打开，我这里用的是WinRAR，即可看到APK的庐山真面目

其中，classes.dex即为整个APK所用到的类。

.dex文件简介

.dex文件是虚拟机可执行格式（Dalvik Executable (.dex/.odex) format），是专门用来给ART(Android runtime

)执行的。具体参考地址http://source.android.com/devices/tech/dalvik/

想要查看.dex文件的内容，就必须用到一个工具---dex2jar，地址https://code.google.com/p/dex2jar/

dex2jar使用方法（转载自官方）：

1、下载dex2jar最新版http://code.google.com/p/dex2jar/downloads/list

2、解压dex2jar-version.zip文件到一个目录. 比方说 /home/panxiaobo/, C:\

unzip -x dex2jar-version.zip -d /home/panxiaobo

3、使用 dex2jar 来生成 .jar 文件. dex2jar会在工作目录下生成一个someApk-dex2jar.jar文件.

linux sh /home/panxiaobo/dex2jar-version/d2j-dex2jar.sh /home/panxiaobo/someApk.apk

windows C:\dex2jar-version\d2j-dex2jar.bat someApk.apk

4、使用反编译工具获取查看源代码

jd-gui

就这么简单

资源文件反编译

对于图片素材，直接解压APK，在res-》drawable里面，几乎可以直接查看使用。

对于排版XML文件，全部都是乱码，这个时候我们要使用到android-apktool，地址https://code.google.com/p/android-apktool/

android-apktool简介

官方提供的一个逆向工具，最主要还是用来解析资源文件，因为dex2jar已经解决了反编译成jar的问题。

它能够解析APK中资源文件接近到原始状态 (including resources.arsc, XMLs and 9.png files)，并且能够重建他们（破解的时候用到）。

android-apktool安装方法

Quick Check

Apktool 2.x (Versions after 1.5.2)

Is Java 1.7 installed?
Does executing java -version on command line / command prompt return 1.7?
If not, please install Java 7 and make it the default.

Apktool 1.x (Versions prior to 1.5.2)

Is Java 1.6 or higher installed?
Does executing java -version on command line / command prompt return 1.6 or above?
If not, please install Java 6 or Java 7.

Installation for Apktool 2.x

Windows:

Download Windows wrapper script (Right click, Save Link As apktool.bat)
Download apktool-2 (find newest here)
Rename downloaded jar to apktool.jar
Move both files (apktool.jar & apktool.bat) to your Windows directory (Usually C://Windows)
If you do not have access to C://Windows, you may place the two files anywhere then add that directory to your Environment Variables System PATH variable.
Try running apktool via command prompt

Linux:

Download Linux wrapper script (Right click, Save Link As apktool)
Download apktool-2 (find newest here)
Rename downloaded jar to apktool.jar
Move both files (apktool.jar & apktool) to /usr/local/bin (root needed)
Make sure both files are executable (chmod +x)
Try running apktool via cli

Mac OS X:

Download Mac wrapper script (Right click, Save Link As apktool)
Download apktool-2 (find newest here)
Rename downloaded jar to apktool.jar
Move both files (apktool.jar & apktool) to /usr/local/bin (root needed)
Make sure both files are executable (chmod +x)
Try running apktool via cli

Note - Wrapper scripts are not needed, but helpful so you don't have to type java -jar apktool.jar over and over.

来源： <https://code.google.com/p/android-apktool/wiki/Install>

android-apktool参数介绍

Confused about some of the commands Apktool can do?

Utility Options

-version, --version

Outputs current version. (Ex: 1.5.2)

-v, --verbose

Verbose output. Needed before all other commands.

-q, --quiet

Quiets output. Needed before all other commands.

-advance, --advanced

Prints advance options

Decompile Options

--api <API>

The numeric api-level of the smali files to generate (eg 14 for ICS).

-b, --no-debug-info

Prevents baksmali from writing out debug info (.local, .param, .line, etc). Preferred to use if you are comparing smali from the same APK of different versions. The line numbers and debug will change among versions, which can make DIFF reports a pain.

-d, --debug

Decodes in Debug Mode. Check SmaliDebugging

--debug-line-prefix <prefix>

Smali line prefix when decoding in debug mode. Default "a=0;//"

-f, --force

Force delete destination directory. Use if trying to decompile to a folder that already exists.

--keep-broken-res

If there is an error like "Invalid Config Flags Detected. Dropping Resources...". This means that APK has a different structure then Apktool can handle. This might be a newer Android version or a random APK that doesn't match standards. Running this will allow the decode, but then you have to manually fix the folders with -ERR in them.

-m, --match-original

Keeps files closest as possible to original. Prevents rebuilding, used for analysis"

-o, --output <dir>

The name of the folder that gets written.

-p, --frame-path <dir>

The location where framework files are loaded from / placed.

-r, --no-res

This will prevent the decompile of resources. This keeps the resources.arsc intact without any decompile. If only editing Java (smali) then this is the recommend for faster decompile & rebuild.

-s, --no src

This will prevent the decompile of the java source. This keeps the APK classes.dex file and simply moves it during re-compile. If your only editing the resources. This is recommended for faster decompile & rebuild.

-t, --frame-tag <tag>

Uses framework files tagged by <tag>.

How to Decompile?

Prior to Decompile, you must have frameworks installed. Please read this wiki: FrameworkFiles for more information. Once complete run

apktool d name_of_apk.apk

With any configurations noted above.

Recompile Options

-a, --aapt <file>

Loads aapt from the specified file location, instead of relying on path. Falls back to PATH loading, if no file found.

-c, --copy-original

Copies original AndroidManifest.xml and META-INF folder into built apk.

-d, --debug

Builds in Debug Mode, see SmaliDebugging

-f, --force-all

This overwrites an existing file during rebuild.

-o, --output <dir>

The name of the folder that gets written.

-p, --frame-path <dir>

The location where framework files are loaded from / placed.

How to Recompile?

Prior to Recompile, you must have a decompiled application installed. Once complete run

apktool b folder_of_decoded_apk

With any configurations noted above.

来自为知笔记(Wiz)

工具打包下载~附件列表

反编译android_APK_Attachments.zip